auth-data.c

   1 // SPDX-License-Identifier: GPL-2.0-or-later
   2 /*
   3  * Copyright (C) 2022 Felix Fietkau <nbd@nbd.name>
   4  */
   5 #include "edsign.h"
   6 #include "ed25519.h"
   7 #include "auth-data.h"
   8
   9 int unet_auth_data_validate(const uint8_t *key, const void *buf, size_t len,
  10                             uint64_t *timestamp, const char **json_data)
  11 {
  12         const struct unet_auth_hdr *hdr = buf;
  13         const struct unet_auth_data *data = net_data_auth_data_hdr(buf);
  14         struct edsign_verify_state vst;
  15
  16         if (len <= sizeof(*hdr) + sizeof(*data))
  17                 return -1;
  18
  19         len -= sizeof(*hdr);
  20
  21         if (hdr->magic != cpu_to_be32(UNET_AUTH_MAGIC) ||
  22             hdr->version != 0 || data->flags != 0 ||
  23             data->timestamp == 0)
  24                 return -1;
  25
  26         if (key && memcmp(data->pubkey, key, EDSIGN_PUBLIC_KEY_SIZE) != 0)
  27                 return -2;
  28
  29         edsign_verify_init(&vst, hdr->signature, data->pubkey);
  30         edsign_verify_add(&vst, data, len);
  31         if (!edsign_verify(&vst, hdr->signature, data->pubkey))
  32                 return -3;
  33
  34         if (((char *)data)[len - 1] != 0)
  35                 return -2;
  36
  37         if (timestamp)
  38                 *timestamp = be64_to_cpu(data->timestamp);
  39
  40         if (json_data)
  41                 *json_data = (const char *)(data + 1);
  42
  43         return 0;
  44 }