From dd6ddbcd80ceacaec6f4c51bed50ecd18318ef84 Mon Sep 17 00:00:00 2001 From: _ <> Date: Mon, 18 Jan 2021 22:23:38 +0000 Subject: [PATCH] :heavy_minus_sign: update: remove un-needed base64 in more places --- bare_minimum_crypto/cpp/bmc_test.cpp | 21 ++++++++++--------- bare_minimum_crypto/cpp/receiver.cpp | 30 ++++------------------------ 2 files changed, 16 insertions(+), 35 deletions(-) diff --git a/bare_minimum_crypto/cpp/bmc_test.cpp b/bare_minimum_crypto/cpp/bmc_test.cpp index a624280..15cdeaf 100644 --- a/bare_minimum_crypto/cpp/bmc_test.cpp +++ b/bare_minimum_crypto/cpp/bmc_test.cpp @@ -39,12 +39,15 @@ public: return pk; } - string pub_to_base64 () const { - return base64_encode (pk); + vector pub_to_msgpack () const { + const json j = { + {"key", json::binary (pk)}, + }; + return json::to_msgpack (j); } - optional sign_base64 ( - const string & payload_b64, + optional sign ( + const vector & payload, TimeRange tr ) const { try_sodium_init (); @@ -56,7 +59,7 @@ public: const json j { {"not_before", tr.not_before}, {"not_after", tr.not_after}, - {"payload_b64", payload_b64}, + {"payload", json::binary (payload)}, }; const auto cert = json::to_msgpack (j); @@ -74,12 +77,12 @@ public: optional sign_key (const SigningKey & k, Instant now) const { - return sign_base64 (k.pub_to_base64 (), TimeRange::from_start_and_dur (now, about_3_months)); + return sign (k.pub_to_msgpack (), TimeRange::from_start_and_dur (now, about_3_months)); } optional sign_data (const vector & v, Instant now) const { - return sign_base64 (base64_encode (v), TimeRange::from_start_and_dur (now, about_1_week)); + return sign (v, TimeRange::from_start_and_dur (now, about_1_week)); } }; @@ -89,7 +92,7 @@ int happy_path () { // We generate a root key and keep it somewhere safe // (offline, hopefully) SigningKey root_key; - cerr << "Root pub key " << root_key.pub_to_base64 () << endl; + cerr << "Root pub key " << base64_encode (root_key.pubkey ()) << endl; if (test_time () != 0) { return 1; @@ -97,7 +100,7 @@ int happy_path () { // The server generates a signing key SigningKey signing_key; - cerr << "Signing key " << signing_key.pub_to_base64 () << endl; + cerr << "Signing key " << base64_encode (signing_key.pubkey ()) << endl; const auto now = Instant::now (); diff --git a/bare_minimum_crypto/cpp/receiver.cpp b/bare_minimum_crypto/cpp/receiver.cpp index 7c066ca..ee367d3 100644 --- a/bare_minimum_crypto/cpp/receiver.cpp +++ b/bare_minimum_crypto/cpp/receiver.cpp @@ -47,8 +47,7 @@ namespace BareMinimumCrypto::Receiver { return nullopt; } - const string payload_b64 = j ["payload_b64"]; - const auto payload = std::move (*BareMinimumCrypto::base64_decode (payload_b64)); + const auto payload = j ["payload"].get_binary (); return payload; } @@ -66,29 +65,6 @@ namespace BareMinimumCrypto::Receiver { } } - optional > verify_cert_and_data ( - const vector & root_pubkey, - const ExpiringSignature & signed_cert, - const ExpiringSignature & signed_data, - Instant now - ) { - auto subkey_opt = verify_signed_data (root_pubkey, signed_cert, now); - if (! subkey_opt) { - return nullopt; - } - const auto subkey = std::move (*subkey_opt); - - return verify_signed_data (subkey, signed_data, now); - } - - optional > verify_cert_and_data ( - const vector & root_pubkey, - const ExpiringSignature & signed_cert, - const ExpiringSignature & signed_data - ) { - return verify_cert_and_data (root_pubkey, signed_cert, signed_data, Instant::now ()); - } - optional > try_verify_cert_and_data ( const vector & root_pubkey, const vector & msgpack, @@ -102,7 +78,9 @@ namespace BareMinimumCrypto::Receiver { cert.cert = j ["cert"]["cert"].get_binary (); auto subkey_opt = verify_signed_data (root_pubkey, cert, now); - const auto subkey = std::move (*subkey_opt); + + const auto subkey_obj = json::from_msgpack (std::move (*subkey_opt)); + const auto subkey = subkey_obj ["key"].get_binary (); ExpiringSignature data;