From 3fa1c6c420184ae96d5f33f36ba1aac4c1ee9e82 Mon Sep 17 00:00:00 2001
From: Cory McWilliams <cory@unprompted.com>
Date: Mon, 1 Apr 2024 12:53:00 -0400
Subject: [PATCH] Tidied up getting an auth key slightly.

---
 src/httpd.js.c | 24 +++++++++++-------------
 src/ssb.db.c   | 10 ++++++++--
 2 files changed, 19 insertions(+), 15 deletions(-)

diff --git a/src/httpd.js.c b/src/httpd.js.c
index eae29beb..7bf9fcb8 100644
--- a/src/httpd.js.c
+++ b/src/httpd.js.c
@@ -1127,27 +1127,24 @@ static void _visit_auth_identity(const char* identity, void* user_data)
 	}
 }
 
-static const char* _make_session_jwt(tf_ssb_t* ssb, const char* name)
+static bool _get_auth_private_key(tf_ssb_t* ssb, uint8_t* out_private_key)
 {
 	char id[k_id_base64_len] = { 0 };
 	tf_ssb_db_identity_visit(ssb, ":auth", _visit_auth_identity, id);
-	if (!*id)
+	if (*id)
 	{
-		uint8_t public_key[crypto_sign_PUBLICKEYBYTES];
-		uint8_t private_key[crypto_sign_SECRETKEYBYTES];
-		if (tf_ssb_db_identity_create(ssb, ":auth", public_key, private_key))
-		{
-			tf_ssb_id_bin_to_str(id, sizeof(id), public_key);
-		}
+		return tf_ssb_db_identity_get_private_key(ssb, ":auth", id, out_private_key, crypto_sign_SECRETKEYBYTES);
 	}
-
-	if (!*id)
+	else
 	{
-		return NULL;
+		return tf_ssb_db_identity_create(ssb, ":auth", out_private_key + crypto_sign_PUBLICKEYBYTES, out_private_key);
 	}
+}
 
-	uint8_t private_key[crypto_sign_SECRETKEYBYTES];
-	if (!tf_ssb_db_identity_get_private_key(ssb, ":auth", id, private_key, sizeof(private_key)))
+static const char* _make_session_jwt(tf_ssb_t* ssb, const char* name)
+{
+	uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 };
+	if (!_get_auth_private_key(ssb, private_key))
 	{
 		return NULL;
 	}
@@ -1174,6 +1171,7 @@ static const char* _make_session_jwt(tf_ssb_t* ssb, const char* name)
 	uint8_t signature[crypto_sign_BYTES];
 	unsigned long long signature_length = 0;
 	char signature_base64[256] = { 0 };
+
 	if (crypto_sign_detached(signature, &signature_length, (const uint8_t*)payload_base64, strlen(payload_base64), private_key) == 0)
 	{
 		sodium_bin2base64(signature_base64, sizeof(signature_base64), signature, sizeof(signature), sodium_base64_VARIANT_URLSAFE_NO_PADDING);
diff --git a/src/ssb.db.c b/src/ssb.db.c
index 0a6dde1c..26858b82 100644
--- a/src/ssb.db.c
+++ b/src/ssb.db.c
@@ -1060,8 +1060,14 @@ bool tf_ssb_db_identity_create(tf_ssb_t* ssb, const char* user, uint8_t* out_pub
 		tf_ssb_generate_keys_buffer(public, sizeof(public), private, sizeof(private));
 		if (tf_ssb_db_identity_add(ssb, user, public, private))
 		{
-			tf_ssb_id_str_to_bin(out_public_key, public);
-			tf_ssb_id_str_to_bin(out_private_key, private);
+			if (out_public_key)
+			{
+				tf_ssb_id_str_to_bin(out_public_key, public);
+			}
+			if (out_private_key)
+			{
+				tf_ssb_id_str_to_bin(out_private_key, private);
+			}
 			return true;
 		}
 	}