func checkOneKeyOneSig()

in sec/sign.go [350:378]

• 24 lines of code
• 6 McCabe index (conditional complexity)

func checkOneKeyOneSig(k PubSignKey, sig Sig, hash []byte) (bool, error) {
	keyHash, err := k.Hash()
	if err != nil {
		return false, err
	}

	if !bytes.Equal(keyHash, sig.KeyHash) {
		return false, nil
	}

	if k.Rsa != nil {
		opts := rsa.PSSOptions{
			SaltLength: rsa.PSSSaltLengthEqualsHash,
		}
		err := rsa.VerifyPSS(k.Rsa, crypto.SHA256, hash, sig.Data, &opts)
		return err == nil, nil
	}

	if k.Ec != nil {
		return false, errors.Errorf(
			"ecdsa signature verification not supported")
	}

	if k.Ed25519 != nil {
		return ed25519.Verify(k.Ed25519, hash, sig.Data), nil
	}

	return false, nil
}