fix: do not decode the signature in the plain key from base64

As it looks like it already comes decoded.

Signed-off-by: Artem Chernyshev <[email protected]>

Author: Unix4ever

pkg/plain/ecdsa.go

@@ -46,19 +46,14 @@ func (p *EcdsaKey) ID() string {
 func (p *EcdsaKey) Verify(data, signature []byte) error {
 	hash := sha256.Sum256(data)
 
-	sigBytes, err := base64.StdEncoding.DecodeString(string(signature))
-	if err != nil {
-		return errors.New("missing valid signature")
-	}
-
-	if len(sigBytes)%2 != 0 {
+	if len(signature)%2 != 0 {
 		return errors.New("missing valid signature")
 	}
 
-	half := len(sigBytes) / 2
+	half := len(signature) / 2
 
-	r := new(big.Int).SetBytes(sigBytes[:half])
-	s := new(big.Int).SetBytes(sigBytes[half:])
+	r := new(big.Int).SetBytes(signature[:half])
+	s := new(big.Int).SetBytes(signature[half:])
 
 	if !ecdsa.Verify(p.key, hash[:], r, s) {
 		return errors.New("missing valid signature")

pkg/plain/plain_test.go

@@ -5,6 +5,7 @@
 package plain_test
 
 import (
+	"encoding/base64"
 	"testing"
 
 	"github.com/stretchr/testify/require"
@@ -24,7 +25,11 @@ func TestECDSASignature(t *testing.T) {
 
 	require.NoError(t, err)
 
-	require.NoError(t, key.Verify([]byte("hi there"), []byte(signature)))
+	signatureBytes, err := base64.StdEncoding.DecodeString(signature)
 
-	require.ErrorContains(t, key.Verify([]byte("hi there?"), []byte(signature)), "missing valid signature")
+	require.NoError(t, err)
+
+	require.NoError(t, key.Verify([]byte("hi there"), signatureBytes))
+
+	require.ErrorContains(t, key.Verify([]byte("hi there?"), signatureBytes), "missing valid signature")
 }