crates/oxidetalis/src/middlewares/signature.rs

@@ -71,11 +71,10 @@ pub async fn signature_check(
     };
 
     if !utils::is_valid_nonce(&signature, &depot.nonce_cache()).await
-        || !utils::is_valid_signature(
+        || !depot.config().server.private_key.verify(
-            &sender_public_key,
-            &depot.config().server.private_key,
-            &signature,
             data.as_bytes(),
+            &signature,
+            &sender_public_key,
         )
     {
         write_err("Invalid signature", UNAUTHORIZED);

crates/oxidetalis/src/utils.rs

@@ -22,8 +22,7 @@ use chrono::Utc;
 use logcall::logcall;
 use oxidetalis_config::Postgres;
 use oxidetalis_core::{
-    cipher::K256Secret,
+    types::{PublicKey, Signature},
-    types::{PrivateKey, PublicKey, Signature},
     PUBLIC_KEY_HEADER,
     SIGNATURE_HEADER,
 };
@@ -50,16 +49,6 @@ pub(crate) async fn is_valid_nonce(signature: &Signature, nonce_cache: &NonceCac
     new_timestamp && unused_nonce
 }
 
-/// Returns true if the given signature is valid.
-pub(crate) fn is_valid_signature(
-    signer: &PublicKey,
-    private_key: &PrivateKey,
-    signature: &Signature,
-    data: &[u8],
-) -> bool {
-    K256Secret::from_privkey(private_key).verify(data, signature, signer)
-}
-
 /// Extract the sender public key from the request
 ///
 /// Returns the public key of the sender extracted from the request, or the