mirror of
https://github.com/DNSCrypt/dnscrypt-proxy.git
synced 2025-04-04 21:57:44 +03:00
Update deps
This commit is contained in:
Frank Denis
parent
fc0ff3b26a
commit
e2ada45598
44 changed files with 4888 additions and 3711 deletions
6
vendor/github.com/jedisct1/go-hpke-compact/README.md
generated
vendored
6
vendor/github.com/jedisct1/go-hpke-compact/README.md
generated
vendored
|
|
@ -77,7 +77,7 @@ Second parameter is optional associated data.
|
|||
A message can also be encrypted by the server for the client:
|
||||
|
||||
```go
|
||||
ciphertext, err := clientCtx.EncryptToClient([]byte("response"), nil)
|
||||
ciphertext, err := serverCtx.EncryptToClient([]byte("response"), nil)
|
||||
```
|
||||
|
||||
Nonces are automatically incremented, so it is safe to call this function multiple times within the same context.
|
||||
|
|
@ -89,7 +89,7 @@ Second parameter is optional associated data.
|
|||
The client can decrypt a ciphertext sent by the server:
|
||||
|
||||
```go
|
||||
decrypted, err := serverCtx.DecryptFromServer(ciphertext, nil)
|
||||
decrypted, err := clientCtx.DecryptFromServer(ciphertext, nil)
|
||||
```
|
||||
|
||||
Second parameter is optional associated data.
|
||||
|
|
@ -132,4 +132,4 @@ secret2, err := serverCtx.Export("description 2");
|
|||
cipher, err := suite.NewRawCipher(key)
|
||||
```
|
||||
|
||||
## That's it!
|
||||
## That's it!
|
||||
|
|
|
|||
13
vendor/github.com/jedisct1/go-minisign/minisign.go
generated
vendored
13
vendor/github.com/jedisct1/go-minisign/minisign.go
generated
vendored
|
|
@ -6,6 +6,7 @@ import (
|
|||
"io/ioutil"
|
||||
"strings"
|
||||
|
||||
"golang.org/x/crypto/blake2b"
|
||||
"golang.org/x/crypto/ed25519"
|
||||
)
|
||||
|
||||
|
|
@ -94,7 +95,12 @@ func (publicKey *PublicKey) Verify(bin []byte, signature Signature) (bool, error
|
|||
if publicKey.SignatureAlgorithm != signature.SignatureAlgorithm {
|
||||
return false, errors.New("Incompatible signature algorithm")
|
||||
}
|
||||
if signature.SignatureAlgorithm[0] != 0x45 || signature.SignatureAlgorithm[1] != 0x64 {
|
||||
prehashed := false
|
||||
if signature.SignatureAlgorithm[0] == 0x45 && signature.SignatureAlgorithm[1] == 0x64 {
|
||||
prehashed = false
|
||||
} else if signature.SignatureAlgorithm[0] == 0x45 && signature.SignatureAlgorithm[1] == 0x44 {
|
||||
prehashed = true
|
||||
} else {
|
||||
return false, errors.New("Unsupported signature algorithm")
|
||||
}
|
||||
if publicKey.KeyId != signature.KeyId {
|
||||
|
|
@ -103,6 +109,11 @@ func (publicKey *PublicKey) Verify(bin []byte, signature Signature) (bool, error
|
|||
if !strings.HasPrefix(signature.TrustedComment, "trusted comment: ") {
|
||||
return false, errors.New("Unexpected format for the trusted comment")
|
||||
}
|
||||
|
||||
if prehashed {
|
||||
h, _ := blake2b.New512(nil)
|
||||
bin = h.Sum(bin)
|
||||
}
|
||||
if !ed25519.Verify(ed25519.PublicKey(publicKey.PublicKey[:]), bin, signature.Signature[:]) {
|
||||
return false, errors.New("Invalid signature")
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue