Fix hashed message verification

[hectorj2f]

Summary

When trying to time-stamp messages longer than 32 bytes, I realized the verification function was failing to verify the response and the input message hashes. I was seen the following error: Hashed messages don't match.

Then I had a look at the digitorus/timestamp implementation and I observed that messages longer than 32 bytes were timestamped without issues. So I had a look at our verification code and found a different way of validating the hashed messages than the one used in the timestamp code.

I changed the verify code function to follow the same approach, so we can validate the hashed message as done in digitorus/timestamp.

To reproduce the issue, you can simply change the example in our readme from myblob to blobblobblobblobblobblobblobblobblob, and you will get the failed hashed comparison using the verify cmd.

Release Note

fix: verify hashed messages

Documentation

[codecov-commenter]

Codecov Report

Merging #118 (2943ec5) into main (d9d08e5) will increase coverage by 1.17%.
The diff coverage is 66.66%.

@@            Coverage Diff             @@
##             main     #118      +/-   ##
==========================================
+ Coverage   50.21%   51.39%   +1.17%     
==========================================
  Files          14       14              
  Lines         687      683       -4     
==========================================
+ Hits          345      351       +6     
+ Misses        307      295      -12     
- Partials       35       37       +2     

Impacted Files	Coverage Δ
cmd/timestamp-cli/app/verify.go	20.23% <66.66%> (+7.73%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[hectorj2f]

@bobcallaway Thanks for the review

[haydentherapper]

Good catch, thanks for fixing! Looks like the root cause was reading into a buffer of size(sha256 hash) bytes