mirror of
https://github.com/muun/recovery.git
synced 2025-02-23 11:32:33 -05:00
56 lines
1.4 KiB
Go
56 lines
1.4 KiB
Go
|
package lnurl
|
||
|
|
|
||
|
|
import (
|
||
|
|
"encoding/hex"
|
||
|
|
"errors"
|
||
|
|
"net/url"
|
||
|
|
|
||
|
|
"github.com/btcsuite/btcd/btcec"
|
||
|
|
)
|
||
|
|
|
||
|
|
type LNURLAuthParams struct {
|
||
|
|
Tag string
|
||
|
|
K1 string
|
||
|
|
Callback string
|
||
|
|
Host string
|
||
|
|
}
|
||
|
|
|
||
|
|
func (_ LNURLAuthParams) LNURLKind() string { return "lnurl-auth" }
|
||
|
|
|
||
|
|
// VerifySignature takes the hex-encoded parameters passed to an lnurl-login endpoint and verifies
|
||
|
|
// the signature against the key and challenge.
|
||
|
|
func VerifySignature(k1, sig, key string) (ok bool, err error) {
|
||
|
|
bk1, err1 := hex.DecodeString(k1)
|
||
|
|
bsig, err2 := hex.DecodeString(sig)
|
||
|
|
bkey, err3 := hex.DecodeString(key)
|
||
|
|
if err1 != nil || err2 != nil || err3 != nil {
|
||
|
|
return false, errors.New("Failed to decode hex.")
|
||
|
|
}
|
||
|
|
|
||
|
|
pubkey, err := btcec.ParsePubKey(bkey, btcec.S256())
|
||
|
|
if err != nil {
|
||
|
|
return false, errors.New("Failed to parse pubkey: " + err.Error())
|
||
|
|
}
|
||
|
|
|
||
|
|
signature, err := btcec.ParseDERSignature(bsig, btcec.S256())
|
||
|
|
if err != nil {
|
||
|
|
return false, errors.New("Failed to parse signature: " + err.Error())
|
||
|
|
}
|
||
|
|
|
||
|
|
return signature.Verify(bk1, pubkey), nil
|
||
|
|
}
|
||
|
|
|
||
|
|
func HandleAuth(rawurl string, parsed *url.URL, query url.Values) (LNURLParams, error) {
|
||
|
|
k1 := query.Get("k1")
|
||
|
|
if _, err := hex.DecodeString(k1); err != nil || len(k1) != 64 {
|
||
|
|
return nil, errors.New("k1 is not a valid 32-byte hex-encoded string.")
|
||
|
|
}
|
||
|
|
|
||
|
|
return LNURLAuthParams{
|
||
|
|
Tag: "login",
|
||
|
|
K1: k1,
|
||
|
|
Callback: rawurl,
|
||
|
|
Host: parsed.Host,
|
||
|
|
}, nil
|
||
|
|
}
|