v4/interactions/verify.go

package interactions

import (
	"bytes"
	"crypto/ed25519"
	"encoding/hex"
	"errors"
	"fmt"
)

var (
	ErrMissingHeader = errors.New("interactions: missing verification headers")
	ErrSignatureSize = errors.New("interactions: signature length invalid")
	ErrNotVerifed    = errors.New("interactions: not verified")
)

func (i *Interactions) Verify(signature, timestamp string, body []byte) error {
	if signature == "" || timestamp == "" {
		return ErrMissingHeader
	}

	sig, err := hex.DecodeString(signature)
	if err != nil {
		return fmt.Errorf("interactions: signature failed to parse: %w", err)
	}

	if len(sig) != ed25519.SignatureSize || sig[63]&224 != 0 {
		return ErrSignatureSize
	}

	buf := bytes.Buffer{}
	buf.WriteString(timestamp)
	buf.Write(body)

	if !ed25519.Verify(i.PublicKey, buf.Bytes(), sig) {
		return ErrNotVerifed
	}

	return nil
}