Beispiel #1
0
// Verify returns true if the cryptographic signature sig.
func (k *Key) Verify(msg []byte, sig *Signature) bool {
	var pk *[ed25519.PublicKeySize]byte
	subtle.ConstantTimeCopy(1, pk[:32], k[:])
	// pk := [ed25519.PublicKeySize]byte(*k)
	s := [ed25519.SignatureSize]byte(*sig)
	return ed25519.Verify(pk, msg, &s)
}
Beispiel #2
0
func (s *Server) AuthHandler() http.Handler {
	handler := func(w http.ResponseWriter, r *http.Request) {
		/*
			Parse form data and handle error messages. Might not be the most visible to the end user.
		*/
		err := r.ParseForm()
		if err != nil {
			fmt.Println(err)
			return
		}

		message := r.FormValue("message")
		signature := r.FormValue("signature")
		publicKey := r.FormValue("publicKey")

		/*
			Decode publicKey and signature to a byte array using base64url package
		*/
		pubBytes, pubErr := base64url.Decode(publicKey)
		if pubErr != nil {
			fmt.Println(pubErr)
		}
		signBytes, signErr := base64url.Decode(signature)
		if signErr != nil {
			fmt.Println(signErr)
		}

		/*
			Change the byte array to an object with the correct sizes used by the ed25519 implementation
		*/
		var pk *[ed25519.PublicKeySize]byte
		pk = new([ed25519.PublicKeySize]byte)
		subtle.ConstantTimeCopy(1, pk[:32], pubBytes)
		var sig *[ed25519.SignatureSize]byte
		sig = new([ed25519.SignatureSize]byte)
		subtle.ConstantTimeCopy(1, sig[:64], signBytes)

		/*
			Verify the signature and return verified or not depending on the result.
		*/
		w.Header().Add("Content-Type", "text/html")
		if ed25519.Verify(pk, []byte(message), sig) {
			io.WriteString(w, "{result:true}Verified")
		} else {
			io.WriteString(w, "{result:false}Not Verified")
		}
	}
	return http.HandlerFunc(handler)
}