package encrypt import ( "crypto/ed25519" "crypto/x509" "encoding/pem" "errors" "fmt" ) type EncryptDeps struct { PublicKey string PrivateKey string SignSecret string } type Encrypt struct { publicKey string privateKey string signSecret string } func New(deps *EncryptDeps) *Encrypt { return &Encrypt{ publicKey: deps.PublicKey, privateKey: deps.PrivateKey, signSecret: deps.SignSecret, } } func (receiver *Encrypt) VerifySignature(signature []byte) (isValid bool, err error) { defer func() { if recovered := recover(); recovered != nil { err = fmt.Errorf("recovered verify error on of : %v", recovered) } }() block, _ := pem.Decode([]byte(receiver.publicKey)) if block == nil { return false, fmt.Errorf("public key block is nil") } rawPublicKey, err := x509.ParsePKIXPublicKey(block.Bytes) if err != nil { return false, fmt.Errorf("failed parse public key on of : %w", err) } publicKey, ok := rawPublicKey.(ed25519.PublicKey) if !ok { return false, errors.New("public key is not of type ed25519.PublicKey") } return ed25519.Verify(publicKey, []byte(receiver.signSecret), signature), nil } // TODO подумать над тем чтобы подпись генерилась каждый раз разгая func (receiver *Encrypt) SignCommonSecret() (signature []byte, err error) { defer func() { if recovered := recover(); recovered != nil { fmt.Printf("recovered sign error: \n%+v\n", receiver) err = fmt.Errorf("recovered sign error on of : %v", recovered) } }() block, _ := pem.Decode([]byte(receiver.privateKey)) if block == nil { return []byte{}, fmt.Errorf("failed decode private key %s on of : %w", receiver.privateKey, err) } rawPrivateKey, err := x509.ParsePKCS8PrivateKey(block.Bytes) if err != nil { return []byte{}, fmt.Errorf("failed parse private key on of : %w", err) } privateKey, ok := rawPrivateKey.(ed25519.PrivateKey) if !ok { return []byte{}, fmt.Errorf("failed convert to ed25519.PrivateKey on of : %w", err) } return ed25519.Sign(privateKey, []byte(receiver.signSecret)), nil }