oc-discovery/daemons/node/common/crypto.go

package common

import (
	"bytes"
	"encoding/base64"
	"errors"
	"fmt"
	"oc-discovery/conf"
	"oc-discovery/models"
	"os"

	"cloud.o-forge.io/core/oc-lib/models/peer"
	"github.com/libp2p/go-libp2p/core/crypto"
	"github.com/libp2p/go-libp2p/core/pnet"
)

func VerifyPeer(peers []*peer.Peer, event models.Event) error {
	if len(peers) == 0 {
		return errors.New("no peer found")
	}
	p := peers[0]
	if p.Relation == peer.BLACKLIST { // if peer is blacklisted... quit...
		return errors.New("peer is blacklisted")
	}
	pubKey, err := PubKeyFromString(p.PublicKey) // extract pubkey from pubkey str
	if err != nil {
		return errors.New("pubkey is malformed")
	}
	data, err := event.ToRawByte()
	if err != nil {
		return err
	} // extract byte from raw event excluding signature.
	if ok, _ := pubKey.Verify(data, event.Signature); !ok { // then verify if pubkey sign this message...
		return errors.New("check signature failed")
	}
	return nil
}

func Sign(priv crypto.PrivKey, data []byte) ([]byte, error) {
	return priv.Sign(data)
}

func Verify(pub crypto.PubKey, data, sig []byte) (bool, error) {
	return pub.Verify(data, sig)
}

func LoadKeyFromFile(isPublic bool) (crypto.PrivKey, error) {
	path := conf.GetConfig().PrivateKeyPath
	if isPublic {
		path = conf.GetConfig().PublicKeyPath
	}
	data, err := os.ReadFile(path)
	if err != nil {
		return nil, err
	}

	// Try to unmarshal as libp2p private key (supports ed25519, rsa, etc.)
	priv, err := crypto.UnmarshalPrivateKey(data)
	if err != nil {
		return nil, err
	}
	return priv, nil
}

func VerifyPubWithPriv() bool {
	priv, err := LoadKeyFromFile(false)
	if err != nil {
		fmt.Println(err)
		return false
	}
	pub, err := LoadKeyFromFile(true)
	if err != nil {
		fmt.Println(err)
		return false
	}
	return priv.GetPublic().Equals(pub)
}

func LoadPSKFromFile() (pnet.PSK, error) {
	path := conf.GetConfig().PSKPath
	data, err := os.ReadFile(path)
	if err != nil {
		return nil, err
	}
	// Try to unmarshal as libp2p private key (supports ed25519, rsa, etc.)
	psk, err := pnet.DecodeV1PSK(bytes.NewReader(data))
	if err != nil {
		return nil, err
	}
	return psk, nil
}

func PubKeyFromString(s string) (crypto.PubKey, error) {
	data, err := base64.StdEncoding.DecodeString(s)
	if err != nil {
		return nil, err
	}

	return crypto.UnmarshalPublicKey(data)
}
FULL OC-DISCOVERY LOGIC 2026-01-30 16:57:36 +01:00			`package common`
Daemons Search 2026-01-28 17:22:29 +01:00
			`import (`
			`"bytes"`
			`"encoding/base64"`
			`"errors"`
			`"fmt"`
			`"oc-discovery/conf"`
			`"oc-discovery/models"`
			`"os"`

			`"cloud.o-forge.io/core/oc-lib/models/peer"`
			`"github.com/libp2p/go-libp2p/core/crypto"`
			`"github.com/libp2p/go-libp2p/core/pnet"`
			`)`

			`func VerifyPeer(peers []*peer.Peer, event models.Event) error {`
			`if len(peers) == 0 {`
			`return errors.New("no peer found")`
			`}`
			`p := peers[0]`
			`if p.Relation == peer.BLACKLIST { // if peer is blacklisted... quit...`
			`return errors.New("peer is blacklisted")`
			`}`
			`pubKey, err := PubKeyFromString(p.PublicKey) // extract pubkey from pubkey str`
			`if err != nil {`
			`return errors.New("pubkey is malformed")`
			`}`
			`data, err := event.ToRawByte()`
			`if err != nil {`
			`return err`
			`} // extract byte from raw event excluding signature.`
			`if ok, _ := pubKey.Verify(data, event.Signature); !ok { // then verify if pubkey sign this message...`
			`return errors.New("check signature failed")`
			`}`
			`return nil`
			`}`

			`func Sign(priv crypto.PrivKey, data []byte) ([]byte, error) {`
			`return priv.Sign(data)`
			`}`

			`func Verify(pub crypto.PubKey, data, sig []byte) (bool, error) {`
			`return pub.Verify(data, sig)`
			`}`

			`func LoadKeyFromFile(isPublic bool) (crypto.PrivKey, error) {`
			`path := conf.GetConfig().PrivateKeyPath`
			`if isPublic {`
			`path = conf.GetConfig().PublicKeyPath`
			`}`
			`data, err := os.ReadFile(path)`
			`if err != nil {`
			`return nil, err`
			`}`

			`// Try to unmarshal as libp2p private key (supports ed25519, rsa, etc.)`
			`priv, err := crypto.UnmarshalPrivateKey(data)`
			`if err != nil {`
			`return nil, err`
			`}`
			`return priv, nil`
			`}`

			`func VerifyPubWithPriv() bool {`
			`priv, err := LoadKeyFromFile(false)`
			`if err != nil {`
			`fmt.Println(err)`
			`return false`
			`}`
			`pub, err := LoadKeyFromFile(true)`
			`if err != nil {`
			`fmt.Println(err)`
			`return false`
			`}`
			`return priv.GetPublic().Equals(pub)`
			`}`

			`func LoadPSKFromFile() (pnet.PSK, error) {`
			`path := conf.GetConfig().PSKPath`
			`data, err := os.ReadFile(path)`
			`if err != nil {`
			`return nil, err`
			`}`
			`// Try to unmarshal as libp2p private key (supports ed25519, rsa, etc.)`
			`psk, err := pnet.DecodeV1PSK(bytes.NewReader(data))`
			`if err != nil {`
			`return nil, err`
			`}`
			`return psk, nil`
			`}`

			`func PubKeyFromString(s string) (crypto.PubKey, error) {`
			`data, err := base64.StdEncoding.DecodeString(s)`
			`if err != nil {`
			`return nil, err`
			`}`

			`return crypto.UnmarshalPublicKey(data)`
			`}`