From 34190b8764ec54ebaf7a82532b54e976decdc99f Mon Sep 17 00:00:00 2001
From: siddharth ravikumar <s@ricketyspace.net>
Date: Sat, 8 Nov 2025 13:24:32 -0500
Subject: lib: add `RSAPub.LazyVerify`

---
 lib/rsa.go | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

(limited to 'lib')

diff --git a/lib/rsa.go b/lib/rsa.go
index 314e8bb..7c6b2fb 100644
--- a/lib/rsa.go
+++ b/lib/rsa.go
@@ -140,6 +140,56 @@ func (r *RSAPub) Encrypt(msg []byte) []byte {
 	return c.Bytes()
 }
 
+// LazyVerify verifies the RSA signature sig with the given message
+// msg.
+//
+// Returns true if the verification is successful; false otherwise.
+func (r *RSAPub) LazyVerify(msg, sig []byte) bool {
+	// Hash message using md4.
+	var (
+		dgst Md4    = Md4{}
+		vd   []byte // Data to verify signature with.
+	)
+	dgst.Init([]uint32{})
+	dgst.Message(msg)
+	vd = dgst.Hash()
+
+	var (
+		y  *big.Int // Signature as in integer.
+		x  *big.Int // Encryption block as an integer.
+		eb []byte   // Encryption block.
+	)
+
+	// Convert signature to integer.
+	y = new(big.Int).SetBytes(sig)
+
+	// Get encryption block.
+	x = new(big.Int).Exp(y, r.e, r.n)
+	eb = x.Bytes()
+
+	if eb[0] != 0x01 {
+		return false
+	}
+	if eb[1] != 0xFF {
+		return false
+	}
+	var (
+		ffd bool
+		lb  byte = eb[0]
+		d   []byte
+	)
+	for _, b := range eb[1:] {
+		if ffd {
+			d = append(d, b)
+		}
+		if lb == 0xFF && b == 0x00 {
+			ffd = true
+		}
+		lb = b
+	}
+	return BytesEqual(vd, d[:len(vd)])
+}
+
 func (r *RSAPub) E() *big.Int {
 	return r.e
 }
-- 
cgit v1.2.3