github.com/google/trillian-examples@v0.0.0-20240520080811-0d40d35cef0e/binary_transparency/firmware/devices/usbarmory/bootloader/crypto.go (about) 1 // https://github.com/usbarmory/armory-boot 2 // 3 // Copyright (c) F-Secure Corporation 4 // https://foundry.f-secure.com 5 // 6 // Use of this source code is governed by the license 7 // that can be found in the LICENSE file. 8 9 //go:build armory 10 // +build armory 11 12 package main 13 14 import ( 15 "bytes" 16 "crypto/sha256" 17 "encoding/hex" 18 "errors" 19 "fmt" 20 ) 21 22 func verifySignature(bin []byte, sig []byte, pubKey string) (err error) { 23 s, err := DecodeSignature(string(sig)) 24 25 if err != nil { 26 return fmt.Errorf("invalid signature, %v", err) 27 } 28 29 pub, err := NewPublicKey(pubKey) 30 31 if err != nil { 32 return fmt.Errorf("invalid public key, %v", err) 33 } 34 35 valid, err := pub.Verify(bin, s) 36 37 if err != nil { 38 return fmt.Errorf("invalid signature, %v", err) 39 } 40 41 if !valid { 42 return errors.New("invalid signature") 43 } 44 45 return 46 } 47 48 func verifyHash(bin []byte, s string) bool { 49 h := sha256.New() 50 h.Write(bin) 51 52 hash, err := hex.DecodeString(s) 53 54 if err != nil { 55 return false 56 } 57 58 return bytes.Equal(h.Sum(nil), hash) 59 }