Remove dependency on base64c. Use libsodium's. Also consolidate the calls, as the usage is quite special.

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@4175 ed5197a5-7fde-0310-b194-c3ffbd925b24
2023-02-14 03:15:24 +00:00
parent fa87462405
commit 1f77df7a90
26 changed files with 43 additions and 771 deletions
--- a/src/ssb.c
+++ b/src/ssb.c
@ -8,7 +8,6 @@
 #include "util.js.h"

 #include <assert.h>
-#include <base64c.h>
 #include <quickjs.h>
 #include <sodium/crypto_auth.h>
 #include <sodium/crypto_box.h>
@ -884,7 +883,7 @@ void tf_ssb_calculate_message_id(JSContext* context, JSValue message, char* out_
 	crypto_hash_sha256(id, (uint8_t*)latin1, latin1_len);

 	char id_base64[k_id_base64_len];
-	base64c_encode(id, sizeof(id), (uint8_t*)id_base64, sizeof(id_base64));
+	tf_base64_encode(id, sizeof(id), id_base64, sizeof(id_base64));

 	snprintf(out_id, out_id_size, "%%%s.sha256", id_base64);

@ -932,11 +931,11 @@ static bool _tf_ssb_verify_and_strip_signature_internal(JSContext* context, JSVa
 	const char* type = strstr(author_id, ".ed25519");

 	uint8_t publickey[crypto_box_PUBLICKEYBYTES];
-	int r = base64c_decode((const uint8_t*)author_id, type - author_id, publickey, sizeof(publickey));
+	int r = tf_base64_decode(author_id, type - author_id, publickey, sizeof(publickey));
 	if (r != -1)
 	{
 		uint8_t binsig[crypto_sign_BYTES];
-		r = base64c_decode((const uint8_t*)str, sigkind - str, binsig, sizeof(binsig));
+		r = tf_base64_decode(str, sigkind - str, binsig, sizeof(binsig));
 		if (r != -1)
 		{
 			r = crypto_sign_verify_detached(binsig, (const uint8_t*)sigstr, strlen(sigstr), publickey);
@ -1028,7 +1027,7 @@ void tf_ssb_send_close(tf_ssb_t* ssb)
 bool tf_ssb_id_bin_to_str(char* str, size_t str_size, const uint8_t* bin)
 {
 	char buffer[k_id_base64_len - 9];
-	base64c_encode(bin, crypto_sign_PUBLICKEYBYTES, (uint8_t*)buffer, sizeof(buffer));
+	tf_base64_encode(bin, crypto_sign_PUBLICKEYBYTES, buffer, sizeof(buffer));
 	return snprintf(str, str_size, "@%s.ed25519", buffer) < (int)str_size;
 }

@ -1036,7 +1035,7 @@ bool tf_ssb_id_str_to_bin(uint8_t* bin, const char* str)
 {
 	const char* author_id = str && *str == '@' ? str + 1 : str;
 	const char* type = strstr(str, ".ed25519");
-	return base64c_decode((const uint8_t*)author_id, type - author_id, bin, crypto_box_PUBLICKEYBYTES) != 0;
+	return tf_base64_decode(author_id, type - author_id, bin, crypto_box_PUBLICKEYBYTES) != 0;
 }

 static void _tf_ssb_notify_connections_changed(tf_ssb_t* ssb, tf_ssb_change_t change, tf_ssb_connection_t* connection)
@ -1685,7 +1684,7 @@ void tf_ssb_append_message_with_keys(tf_ssb_t* ssb, const char* author, const ui
 	JS_FreeValue(context, jsonval);

 	char signature_base64[crypto_sign_BYTES * 2];
-	base64c_encode(signature, sizeof(signature), (uint8_t*)signature_base64, sizeof(signature_base64));
+	tf_base64_encode(signature, sizeof(signature), signature_base64, sizeof(signature_base64));
 	strcat(signature_base64, ".sig.ed25519");
 	JSValue sigstr = JS_NewString(context, signature_base64);
 	JS_SetPropertyStr(context, root, "signature", sigstr);
@ -2170,11 +2169,11 @@ void tf_ssb_generate_keys_buffer(char* out_public, size_t public_size, char* out
 	uint8_t private[crypto_sign_SECRETKEYBYTES];
 	crypto_sign_ed25519_keypair(public, private);

-	uint8_t buffer[512];
-	base64c_encode(public, sizeof(public), buffer, sizeof(buffer));
+	char buffer[512];
+	tf_base64_encode(public, sizeof(public), buffer, sizeof(buffer));
 	snprintf(out_public, public_size, "%s.ed25519", buffer);

-	base64c_encode(private, sizeof(private), buffer, sizeof(buffer));
+	tf_base64_encode(private, sizeof(private), buffer, sizeof(buffer));
 	snprintf(out_private, private_size, "%s.ed25519", buffer);
 }

@ -2601,7 +2600,7 @@ static void _tf_ssb_send_broadcast(tf_ssb_t* ssb, struct sockaddr_in* address)
 	}

 	char fullid[k_id_base64_len];
-	base64c_encode(ssb->pub, sizeof(ssb->pub), (uint8_t*)fullid, sizeof(fullid));
+	tf_base64_encode(ssb->pub, sizeof(ssb->pub), fullid, sizeof(fullid));

 	char message[512];
 	snprintf(message, sizeof(message), "net:%s:%d~shs:%s", address_str, ntohs(((struct sockaddr_in*)&server_addr)->sin_port), fullid);
@ -2700,7 +2699,7 @@ static bool _tf_ssb_parse_broadcast(const char* in_broadcast, tf_ssb_broadcast_t
 	{
 		out_broadcast->addr.sin_family = AF_INET;
 		out_broadcast->addr.sin_port = htons((uint16_t)port);
-		int r = base64c_decode((const uint8_t*)public_key_str, strlen(public_key_str), out_broadcast->pub, crypto_sign_PUBLICKEYBYTES);
+		int r = tf_base64_decode(public_key_str, strlen(public_key_str), out_broadcast->pub, crypto_sign_PUBLICKEYBYTES);
 		return r != -1;
 	}
 	else if (strncmp(in_broadcast, "ws:", 3) == 0)
--- a/src/ssb.db.c
+++ b/src/ssb.db.c
@ -5,7 +5,6 @@
 #include "trace.h"
 #include "util.js.h"

-#include <base64c.h>
 #include <sodium/crypto_hash_sha256.h>
 #include <sodium/crypto_scalarmult.h>
 #include <sodium/crypto_scalarmult_curve25519.h>
@ -434,7 +433,7 @@ bool tf_ssb_db_blob_store(tf_ssb_t* ssb, const uint8_t* blob, size_t size, char*
 	crypto_hash_sha256(hash, blob, size);

 	char hash64[256];
-	base64c_encode(hash, sizeof(hash), (uint8_t*)hash64, sizeof(hash64));
+	tf_base64_encode(hash, sizeof(hash), hash64, sizeof(hash64));

 	char id[512];
 	snprintf(id, sizeof(id), "&%s.sha256", hash64);
@ -965,8 +964,8 @@ bool tf_ssb_db_identity_get_private_key(tf_ssb_t* ssb, const char* user, const c
 		{
 			if (sqlite3_step(statement) == SQLITE_ROW)
 			{
-				const uint8_t* key = sqlite3_column_text(statement, 0);
-				int r = base64c_decode(key, sqlite3_column_bytes(statement, 0) - strlen(".ed25519"), out_private_key, private_key_size);
+				const char* key = (const char*)sqlite3_column_text(statement, 0);
+				int r = tf_base64_decode(key, sqlite3_column_bytes(statement, 0) - strlen(".ed25519"), out_private_key, private_key_size);
 				success = r > 0;
 			}
 		}
@ -1140,7 +1139,7 @@ static void _test_private(sqlite3* db, const uint8_t* private_key)
 		while (sqlite3_step(statement) == SQLITE_ROW)
 		{
 			uint8_t buffer[8192];
-			int r = base64c_decode(sqlite3_column_text(statement, 0) + 1, sqlite3_column_bytes(statement, 0) - strlen("\".box\""), buffer, sizeof(buffer));
+			int r = tf_base64_decode((const char*)sqlite3_column_text(statement, 0) + 1, sqlite3_column_bytes(statement, 0) - strlen("\".box\""), buffer, sizeof(buffer));

 			if (r > 1)
 			{
@ -1195,7 +1194,7 @@ void tf_ssb_db_private(sqlite3* db)
 		{
 			uint8_t private_key[crypto_sign_SECRETKEYBYTES] = { 0 };
 			printf("-> %s\n", sqlite3_column_text(statement, 0));
-			int r = base64c_decode(sqlite3_column_text(statement, 1), sqlite3_column_bytes(statement, 1) - strlen(".ed25519"), private_key, sizeof(private_key));
+			int r = tf_base64_decode((const char*)sqlite3_column_text(statement, 1), sqlite3_column_bytes(statement, 1) - strlen(".ed25519"), private_key, sizeof(private_key));
 			if (r == sizeof(private_key))
 			{
 				uint8_t key[crypto_sign_SECRETKEYBYTES] = { 0 };
--- a/src/ssb.js.c
+++ b/src/ssb.js.c
@ -6,7 +6,6 @@
 #include "ssb.h"
 #include "util.js.h"

-#include <base64c.h>
 #include <sodium/crypto_hash_sha256.h>
 #include <sodium/crypto_sign.h>
 #include <string.h>
@ -960,7 +959,7 @@ static JSValue _tf_ssb_hmacsha256_sign(JSContext* context, JSValueConst this_val
 		if (crypto_sign_detached(signature, &siglen, (const uint8_t*)payload, payload_length, private_key) == 0)
 		{
 			char signature_base64[crypto_sign_BYTES * 2];
-			base64c_encode(signature, sizeof(signature), (uint8_t*)signature_base64, sizeof(signature_base64));
+			tf_base64_encode(signature, sizeof(signature), signature_base64, sizeof(signature_base64));
 			result = JS_NewString(context, signature_base64);
 		}
 	}
@ -995,10 +994,10 @@ static JSValue _tf_ssb_hmacsha256_verify(JSContext* context, JSValueConst this_v
 	}

 	uint8_t bin_public_key[crypto_sign_PUBLICKEYBYTES] = { 0 };
-	if (base64c_decode((const uint8_t*)public_key_start, public_key_end - public_key_start, bin_public_key, sizeof(bin_public_key)) > 0)
+	if (tf_base64_decode(public_key_start, public_key_end - public_key_start, bin_public_key, sizeof(bin_public_key)) > 0)
 	{
 		uint8_t bin_signature[crypto_sign_BYTES] = { 0 };
-		if (base64c_decode((const uint8_t*)signature, signature_length, bin_signature, sizeof(bin_signature)) > 0)
+		if (tf_base64_decode(signature, signature_length, bin_signature, sizeof(bin_signature)) > 0)
 		{
 			if (crypto_sign_verify_detached(bin_signature, (const uint8_t*)payload, payload_length, bin_public_key) == 0)
 			{
--- a/src/tests.c
+++ b/src/tests.c
@ -623,7 +623,9 @@ static void _test_b64(const tf_test_options_t* options)
 	fprintf(file,
 		"'use strict';\n"
 		"print(base64Encode('hello'));\n"
-		"if (base64Decode(base64Encode('hello')) !== 'hello') {\n"
+		"let x = base64Decode(base64Encode('hello'));\n"
+		"if (x !== 'hello') {\n"
+		"	print(x);\n"
 		"	exit(1);\n"
 		"}\n"
 		);
--- a/src/util.js.c
+++ b/src/util.js.c
@ -4,11 +4,11 @@
 #include "task.h"
 #include "trace.h"

-#include <base64c.h>
 #include <openssl/crypto.h>
 #include <openssl/sha.h>
 #include <picohttpparser.h>
 #include <quickjs-libc.h>
+#include <sodium/utils.h>
 #include <uv.h>

 #include <string.h>
@ -70,7 +70,7 @@ static JSValue _util_base64_encode(JSContext* context, JSValueConst this_val, in
 	if (array)
 	{
 		char* encoded = tf_malloc(length * 4);
-		int r = base64c_encode(array, length, (uint8_t*)encoded, length * 4);
+		int r = tf_base64_encode(array, length, encoded, length * 4);
 		if (r >= 0)
 		{
 			result = JS_NewStringLen(context, encoded, r);
@ -81,7 +81,7 @@ static JSValue _util_base64_encode(JSContext* context, JSValueConst this_val, in
 	{
 		const char* value = JS_ToCStringLen(context, &length, argv[0]);
 		char* encoded = tf_malloc(length * 4);
-		int r = base64c_encode((const uint8_t*)value, length, (uint8_t*)encoded, length * 4);
+		int r = tf_base64_encode((const uint8_t*)value, length, encoded, length * 4);
 		if (r >= 0)
 		{
 			result = JS_NewStringLen(context, encoded, r);
@ -97,12 +97,12 @@ static JSValue _util_base64_decode(JSContext* context, JSValueConst this_val, in
 	JSValue result = JS_UNDEFINED;
 	size_t length = 0;
 	const char* value = JS_ToCStringLen(context, &length, argv[0]);
-	char* encoded = tf_malloc(length);
+	uint8_t* encoded = tf_malloc(length);

-	int r = base64c_decode((const uint8_t*)value, length, (uint8_t*)encoded, length);
+	int r = tf_base64_decode(value, length, encoded, length);
 	if (r >= 0)
 	{
-		result = JS_NewStringLen(context, encoded, r);
+		result = JS_NewStringLen(context, (const char*)encoded, r);
 	}

 	tf_free(encoded);
@ -406,3 +406,14 @@ int tf_util_insert_index(const void* key, const void* base, size_t count, size_t
 	return lower;
 }

+size_t tf_base64_encode(const uint8_t* source, size_t source_length, char* out, size_t out_length)
+{
+	sodium_bin2base64(out, out_length, source, source_length, sodium_base64_VARIANT_ORIGINAL);
+	return sodium_base64_ENCODED_LEN(source_length, sodium_base64_VARIANT_ORIGINAL) - 1;
+}
+
+size_t tf_base64_decode(const char* source, size_t source_length, uint8_t* out, size_t out_length)
+{
+	size_t actual_length = 0;
+	return sodium_base642bin(out, out_length, source, source_length, NULL, &actual_length, NULL, sodium_base64_VARIANT_ORIGINAL) == 0 ? actual_length : 0;
+}
--- a/src/util.js.h
+++ b/src/util.js.h
@ -12,3 +12,6 @@ bool tf_util_report_error(JSContext* context, JSValue value);
 int tf_util_get_length(JSContext* context, JSValue value);
 int tf_util_insert_index(const void* key, const void* base, size_t count, size_t size, int (*compare)(const void*, const void*));
 JSValue tf_util_new_uint8_array(JSContext* context, const uint8_t* data, size_t size);
+
+size_t tf_base64_encode(const uint8_t* source, size_t source_length, char* out, size_t out_length);
+size_t tf_base64_decode(const char* source, size_t source_length, uint8_t* out, size_t out_length);