diff --git a/src/httpd.js.c b/src/httpd.js.c index eae29beb..7bf9fcb8 100644 --- a/src/httpd.js.c +++ b/src/httpd.js.c @@ -1127,27 +1127,24 @@ static void _visit_auth_identity(const char* identity, void* user_data) } } -static const char* _make_session_jwt(tf_ssb_t* ssb, const char* name) +static bool _get_auth_private_key(tf_ssb_t* ssb, uint8_t* out_private_key) { char id[k_id_base64_len] = { 0 }; tf_ssb_db_identity_visit(ssb, ":auth", _visit_auth_identity, id); - if (!*id) + if (*id) { - uint8_t public_key[crypto_sign_PUBLICKEYBYTES]; - uint8_t private_key[crypto_sign_SECRETKEYBYTES]; - if (tf_ssb_db_identity_create(ssb, ":auth", public_key, private_key)) - { - tf_ssb_id_bin_to_str(id, sizeof(id), public_key); - } + return tf_ssb_db_identity_get_private_key(ssb, ":auth", id, out_private_key, crypto_sign_SECRETKEYBYTES); } - - if (!*id) + else { - return NULL; + return tf_ssb_db_identity_create(ssb, ":auth", out_private_key + crypto_sign_PUBLICKEYBYTES, out_private_key); } +} - uint8_t private_key[crypto_sign_SECRETKEYBYTES]; - if (!tf_ssb_db_identity_get_private_key(ssb, ":auth", id, private_key, sizeof(private_key))) +static const char* _make_session_jwt(tf_ssb_t* ssb, const char* name) +{ + uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 }; + if (!_get_auth_private_key(ssb, private_key)) { return NULL; } @@ -1174,6 +1171,7 @@ static const char* _make_session_jwt(tf_ssb_t* ssb, const char* name) uint8_t signature[crypto_sign_BYTES]; unsigned long long signature_length = 0; char signature_base64[256] = { 0 }; + if (crypto_sign_detached(signature, &signature_length, (const uint8_t*)payload_base64, strlen(payload_base64), private_key) == 0) { sodium_bin2base64(signature_base64, sizeof(signature_base64), signature, sizeof(signature), sodium_base64_VARIANT_URLSAFE_NO_PADDING); diff --git a/src/ssb.db.c b/src/ssb.db.c index 0a6dde1c..26858b82 100644 --- a/src/ssb.db.c +++ b/src/ssb.db.c @@ -1060,8 +1060,14 @@ bool tf_ssb_db_identity_create(tf_ssb_t* ssb, const char* user, uint8_t* out_pub tf_ssb_generate_keys_buffer(public, sizeof(public), private, sizeof(private)); if (tf_ssb_db_identity_add(ssb, user, public, private)) { - tf_ssb_id_str_to_bin(out_public_key, public); - tf_ssb_id_str_to_bin(out_private_key, private); + if (out_public_key) + { + tf_ssb_id_str_to_bin(out_public_key, public); + } + if (out_private_key) + { + tf_ssb_id_str_to_bin(out_private_key, private); + } return true; } }