update: remove un-needed base64 in more places

main
_ 2021-01-18 22:23:38 +00:00
parent 7ed3ab27d3
commit dd6ddbcd80
2 changed files with 16 additions and 35 deletions

View File

@ -39,12 +39,15 @@ public:
return pk; return pk;
} }
string pub_to_base64 () const { vector <uint8_t> pub_to_msgpack () const {
return base64_encode (pk); const json j = {
{"key", json::binary (pk)},
};
return json::to_msgpack (j);
} }
optional <ExpiringSignature> sign_base64 ( optional <ExpiringSignature> sign (
const string & payload_b64, const vector <uint8_t> & payload,
TimeRange tr TimeRange tr
) const { ) const {
try_sodium_init (); try_sodium_init ();
@ -56,7 +59,7 @@ public:
const json j { const json j {
{"not_before", tr.not_before}, {"not_before", tr.not_before},
{"not_after", tr.not_after}, {"not_after", tr.not_after},
{"payload_b64", payload_b64}, {"payload", json::binary (payload)},
}; };
const auto cert = json::to_msgpack (j); const auto cert = json::to_msgpack (j);
@ -74,12 +77,12 @@ public:
optional <ExpiringSignature> sign_key (const SigningKey & k, Instant now) const optional <ExpiringSignature> sign_key (const SigningKey & k, Instant now) const
{ {
return sign_base64 (k.pub_to_base64 (), TimeRange::from_start_and_dur (now, about_3_months)); return sign (k.pub_to_msgpack (), TimeRange::from_start_and_dur (now, about_3_months));
} }
optional <ExpiringSignature> sign_data (const vector <uint8_t> & v, Instant now) const optional <ExpiringSignature> sign_data (const vector <uint8_t> & v, Instant now) const
{ {
return sign_base64 (base64_encode (v), TimeRange::from_start_and_dur (now, about_1_week)); return sign (v, TimeRange::from_start_and_dur (now, about_1_week));
} }
}; };
@ -89,7 +92,7 @@ int happy_path () {
// We generate a root key and keep it somewhere safe // We generate a root key and keep it somewhere safe
// (offline, hopefully) // (offline, hopefully)
SigningKey root_key; SigningKey root_key;
cerr << "Root pub key " << root_key.pub_to_base64 () << endl; cerr << "Root pub key " << base64_encode (root_key.pubkey ()) << endl;
if (test_time () != 0) { if (test_time () != 0) {
return 1; return 1;
@ -97,7 +100,7 @@ int happy_path () {
// The server generates a signing key // The server generates a signing key
SigningKey signing_key; SigningKey signing_key;
cerr << "Signing key " << signing_key.pub_to_base64 () << endl; cerr << "Signing key " << base64_encode (signing_key.pubkey ()) << endl;
const auto now = Instant::now (); const auto now = Instant::now ();

View File

@ -47,8 +47,7 @@ namespace BareMinimumCrypto::Receiver {
return nullopt; return nullopt;
} }
const string payload_b64 = j ["payload_b64"]; const auto payload = j ["payload"].get_binary ();
const auto payload = std::move (*BareMinimumCrypto::base64_decode (payload_b64));
return payload; return payload;
} }
@ -66,29 +65,6 @@ namespace BareMinimumCrypto::Receiver {
} }
} }
optional <vector <uint8_t>> verify_cert_and_data (
const vector <uint8_t> & root_pubkey,
const ExpiringSignature & signed_cert,
const ExpiringSignature & signed_data,
Instant now
) {
auto subkey_opt = verify_signed_data (root_pubkey, signed_cert, now);
if (! subkey_opt) {
return nullopt;
}
const auto subkey = std::move (*subkey_opt);
return verify_signed_data (subkey, signed_data, now);
}
optional <vector <uint8_t>> verify_cert_and_data (
const vector <uint8_t> & root_pubkey,
const ExpiringSignature & signed_cert,
const ExpiringSignature & signed_data
) {
return verify_cert_and_data (root_pubkey, signed_cert, signed_data, Instant::now ());
}
optional <vector <uint8_t>> try_verify_cert_and_data ( optional <vector <uint8_t>> try_verify_cert_and_data (
const vector <uint8_t> & root_pubkey, const vector <uint8_t> & root_pubkey,
const vector <uint8_t> & msgpack, const vector <uint8_t> & msgpack,
@ -102,7 +78,9 @@ namespace BareMinimumCrypto::Receiver {
cert.cert = j ["cert"]["cert"].get_binary (); cert.cert = j ["cert"]["cert"].get_binary ();
auto subkey_opt = verify_signed_data (root_pubkey, cert, now); auto subkey_opt = verify_signed_data (root_pubkey, cert, now);
const auto subkey = std::move (*subkey_opt);
const auto subkey_obj = json::from_msgpack (std::move (*subkey_opt));
const auto subkey = subkey_obj ["key"].get_binary ();
ExpiringSignature data; ExpiringSignature data;