TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-10-27 11:41:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
98a0ccc18aa3e5894b1219f6f4322d400f37fa8d
tailscale/tka/verify.go

37 lines
1.0 KiB
Go
Raw Normal View History

tka: use ts_omit_tailnetlock in another spot, for ed25519consensus I noticed this while modularizing clientupdate. With this in first, moving clientupdate to be modular removes a bunch more stuff from the minimal build + tsnet. Updates #17115 Change-Id: I44bd055fca65808633fd3a848b0bbc09b00ad4fa Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2025-09-26 18:21:50 -07:00
// Copyright (c) Tailscale Inc & AUTHORS
// SPDX-License-Identifier: BSD-3-Clause
//go:build !ts_omit_tailnetlock
package tka
import (
"crypto/ed25519"
"errors"
"fmt"
"github.com/hdevalence/ed25519consensus"
"tailscale.com/types/tkatype"
)
// signatureVerify returns a nil error if the signature is valid over the
// provided AUM BLAKE2s digest, using the given key.
func signatureVerify(s *tkatype.Signature, aumDigest tkatype.AUMSigHash, key Key) error {
// NOTE(tom): Even if we can compute the public from the KeyID,
// its possible for the KeyID to be attacker-controlled
// so we should use the public contained in the state machine.
switch key.Kind {
case Key25519:
if len(key.Public) != ed25519.PublicKeySize {
return fmt.Errorf("ed25519 key has wrong length: %d", len(key.Public))
}
if ed25519consensus.Verify(ed25519.PublicKey(key.Public), aumDigest[:], s.Signature) {
return nil
}
return errors.New("invalid signature")
default:
return fmt.Errorf("unhandled key type: %v", key.Kind)
}
}
Reference in New Issue Copy Permalink