Skip to content
Snippets Groups Projects
Select Git revision
  • 6a19110be49bea20a00dedaa69c43ce09fbe56fb
  • release default
  • 11-22-implement-kv-interface-defined-in-collectiveversionedkvgo
  • master protected
  • XX-4688/DbEncoding
  • hotfix/update
  • @XX-4682/Files
  • hotfix/XX-4655
  • dev protected
  • project/HavenNotifications
  • XX-4602/SilentMessageType
  • jono/npmTest
  • wasmTest2
  • XX-4461/FileUpload
  • XX-4505/blockuser
  • XX-4441
  • Jakub/Emoji-CI-Test
  • testing/websockets
  • fastReg
  • fast-registration
  • NewHostPool
  • v0.3.22
  • v0.3.21
  • v0.3.20
  • v0.3.18
  • v0.3.17
  • v0.3.16
  • v0.3.15
  • v0.3.14
  • v0.3.13
  • v0.3.12
  • v0.3.11
  • v0.3.10
  • v0.3.9
  • v0.3.8
  • v0.3.7
  • v0.3.6
  • v0.3.5
  • v0.3.4
  • 812b395df518ce096d01d5292596ca26f8fe92d9c4487ddfa515e190a51aa1a1
  • 76ba08e2dfa1798412a265404fa271840b52c035869111fce8e8cdb23a036a5a
41 results

localStorage_test.go

Blame
    • crypto.go 1.82 KiB 
    ////////////////////////////////////////////////////////////////////////////////
// Copyright © 2022 xx foundation                                             //
//                                                                            //
// Use of this source code is governed by a license that can be found in the  //
// LICENSE file.                                                              //
////////////////////////////////////////////////////////////////////////////////

package connect

import (
	"github.com/pkg/errors"
	"gitlab.com/xx_network/crypto/signature/rsa"
	"gitlab.com/xx_network/crypto/xx"
	"gitlab.com/xx_network/primitives/id"
	"io"
)

// Sign creates a signature authenticating an identity for a connection.
func sign(rng io.Reader, rsaPrivKey *rsa.PrivateKey,
	connectionFp []byte) ([]byte, error) {
	// The connection fingerprint (hashed) will be used as a nonce
	opts := rsa.NewDefaultOptions()
	h := opts.Hash.New()
	h.Write(connectionFp)
	nonce := h.Sum(nil)

	// Sign the connection fingerprint
	return rsa.Sign(rng, rsaPrivKey,
		opts.Hash, nonce, opts)

}

// Verify takes a signature for an authentication attempt
// and verifies the information.
func verify(partnerId *id.ID, partnerPubKey *rsa.PublicKey,
	signature, connectionFp, salt []byte) error {

	// Verify the partner's known ID against the information passed
	// along the wire
	partnerWireId, err := xx.NewID(partnerPubKey, salt, id.User)
	if err != nil {
		return err
	}

	if !partnerId.Cmp(partnerWireId) {
		return errors.New("Failed confirm partner's ID over the wire")
	}

	// Hash the connection fingerprint
	opts := rsa.NewDefaultOptions()
	h := opts.Hash.New()
	h.Write(connectionFp)
	nonce := h.Sum(nil)

	// Verify the signature
	err = rsa.Verify(partnerPubKey, opts.Hash, nonce, signature, opts)
	if err != nil {
		return err
	}

	return nil

}