github.com/qri-io/qri@v0.10.1-0.20220104210721-c771715036cb/remote/registry/verify.go (about)

     1  package registry
     2  
     3  import (
     4  	"encoding/base64"
     5  	"fmt"
     6  
     7  	"github.com/qri-io/qri/auth/key"
     8  )
     9  
    10  // verify accepts base64 encoded keys & signatures to validate data
    11  func verify(b64PubKey, b64Signature string, data []byte) error {
    12  	pubkey, err := key.DecodeB64PubKey(b64PubKey)
    13  	if err != nil {
    14  		return fmt.Errorf("invalid publickey: %s", err.Error())
    15  	}
    16  
    17  	sigbytes, err := base64.StdEncoding.DecodeString(b64Signature)
    18  	if err != nil {
    19  		return fmt.Errorf("signature base64 encoding: %s", err.Error())
    20  	}
    21  
    22  	valid, err := pubkey.Verify(data, sigbytes)
    23  	if err != nil {
    24  		return fmt.Errorf("invalid signature: %s", err.Error())
    25  	}
    26  
    27  	if !valid {
    28  		return fmt.Errorf("mismatched signature")
    29  	}
    30  
    31  	return nil
    32  }