| 219 | } |
| 220 | |
| 221 | func (vr *VerifyRequest) Verify(ctx context.Context) (info VerifiedSignature, err error) { |
| 222 | if vr.Err != nil { |
| 223 | return VerifiedSignature{}, vr.Err |
| 224 | } |
| 225 | defer func() { |
| 226 | if err != nil { |
| 227 | // Don't allow callers to accidentally check this if it's not |
| 228 | // valid. |
| 229 | vr.PayloadMap = nil |
| 230 | if vr.Err == nil { |
| 231 | // The other functions should have filled this in |
| 232 | // already, but just in case: |
| 233 | vr.Err = err |
| 234 | } |
| 235 | } |
| 236 | }() |
| 237 | |
| 238 | if !vr.ParseSigMap() { |
| 239 | return VerifiedSignature{}, errors.New("parsing signature map failed") |
| 240 | } |
| 241 | if !vr.ParsePayloadMap() { |
| 242 | return VerifiedSignature{}, errors.New("parsing payload map failed") |
| 243 | } |
| 244 | if err := vr.FindAndParsePublicKeyBlob(ctx); err != nil { |
| 245 | return VerifiedSignature{}, err |
| 246 | } |
| 247 | if !vr.VerifySignature() { |
| 248 | return VerifiedSignature{}, errors.New("signature verification failed") |
| 249 | } |
| 250 | |
| 251 | return VerifiedSignature{ |
| 252 | // ... |
| 253 | }, nil |
| 254 | } |