mirror of
https://github.com/tailscale/tailscale.git
synced 2025-10-04 20:12:16 +02:00
e9dae5441e
I noticed this while modularizing clientupdate. With this in first, moving clientupdate to be modular removes a bunch more stuff from the minimal build + tsnet. Updates #17115 Change-Id: I44bd055fca65808633fd3a848b0bbc09b00ad4fa Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
37 lines
1.0 KiB
Go
37 lines
1.0 KiB
Go
// Copyright (c) Tailscale Inc & AUTHORS
|
|
// SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
//go:build !ts_omit_tailnetlock
|
|
|
|
package tka
|
|
|
|
import (
|
|
"crypto/ed25519"
|
|
"errors"
|
|
"fmt"
|
|
|
|
"github.com/hdevalence/ed25519consensus"
|
|
"tailscale.com/types/tkatype"
|
|
)
|
|
|
|
// signatureVerify returns a nil error if the signature is valid over the
|
|
// provided AUM BLAKE2s digest, using the given key.
|
|
func signatureVerify(s *tkatype.Signature, aumDigest tkatype.AUMSigHash, key Key) error {
|
|
// NOTE(tom): Even if we can compute the public from the KeyID,
|
|
// its possible for the KeyID to be attacker-controlled
|
|
// so we should use the public contained in the state machine.
|
|
switch key.Kind {
|
|
case Key25519:
|
|
if len(key.Public) != ed25519.PublicKeySize {
|
|
return fmt.Errorf("ed25519 key has wrong length: %d", len(key.Public))
|
|
}
|
|
if ed25519consensus.Verify(ed25519.PublicKey(key.Public), aumDigest[:], s.Signature) {
|
|
return nil
|
|
}
|
|
return errors.New("invalid signature")
|
|
|
|
default:
|
|
return fmt.Errorf("unhandled key type: %v", key.Kind)
|
|
}
|
|
}
|