From 814717a76feae752b811693f6a9bfaa81c57c756 Mon Sep 17 00:00:00 2001 From: Matthew Rich Date: Wed, 17 Apr 2024 22:02:11 -0700 Subject: [PATCH] add signature verification --- internal/signature/ident.go | 55 +++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 internal/signature/ident.go diff --git a/internal/signature/ident.go b/internal/signature/ident.go new file mode 100644 index 0000000..84edd54 --- /dev/null +++ b/internal/signature/ident.go @@ -0,0 +1,55 @@ +// Copyright 2024 Matthew Rich . All rights reserved. + +package signature + +import ( + "crypto" + "crypto/rand" + "crypto/rsa" + "crypto/sha256" + "crypto/x509" + "encoding/pem" + "fmt" + "os" +) + +var ErrInvalidSignature error = errors.New("Invalid signature") + +type Ident struct { + authorized []string + publicKey *rsa.PublicKey + privateKey *rsa.PrivateKey +} + +func NewIdent() *Ident { + i := &Ident{} + i.authorized = []string{ "*" } + i.Generate() + return i +} + +func (i *Ident) Generate() error { + var err error + i.privateKey, err = rsa.GenerateKey(rand.Reader, 2048) + i.publicKey = &privateKey.PublicKey + return err +} + +func (i *Ident) Sign(data []byte) ([]byte, error) { + checksum := sha256.Sum256(data) + sig, e := rsa.SignPKCS1v15(rand.Reader, i.privateKey, crypto.SHA256, checksum[:]) + if e != nil { + return e + } + return sig, e +} + +func (i *Ident) Verify(data []byte, signature []byte) error { + checksum := sha256.Sum256(data) + return rsa.VerifyPKCS1v15(i.publicKey, crypto.SHA256, checksum[:], signature) +} + +func (i *Ident) VerifySum(checksum []byte, signature []byte) error { + return rsa.VerifyPKCS1v15(i.publicKey, crypto.SHA256, checksum[:], signature) +} +