// verify the signature on this token, optionally using key loaded in this exchange lob_t jwt_verify(lob_t token, e3x_exchange_t x) { size_t hlen, clen; char *encoded; uint8_t err; lob_t payload = lob_linked(token); if(!token || !payload) return LOG("bad args"); // generate the temporary encoded data clen = base64_encode_length(payload->head_len); hlen = base64_encode_length(token->head_len); encoded = (char*)malloc(hlen+1+clen); hlen = base64_encoder(token->head,token->head_len,encoded); encoded[hlen] = '.'; clen = base64_encoder(payload->head,payload->head_len,encoded+hlen+1); // do the validation err = e3x_exchange_validate(x, token, payload, (uint8_t*)encoded, hlen+1+clen); free(encoded); if(err) { LOG("validate failed: %d",err); return NULL; } return token; }
char *zio_json_encode (void *data, int len, bool eof) { char *json_str = NULL; char *s_data = NULL; json_t *o = NULL; int s_len; s_len = base64_encode_length (len); s_data = calloc (1, s_len); if (!s_data) { errno = ENOMEM; goto error; } if (base64_encode_block (s_data, &s_len, data, len) < 0) { errno = EINVAL; goto error; } if (!(o = json_pack ("{s:b s:s}", "eof", eof, "data", s_data))) { errno = ENOMEM; goto error; } if (!(json_str = json_dumps (o, 0))) { errno = ENOMEM; goto error; } free (s_data); json_decref (o); return json_str; error: free (s_data); json_decref (o); return NULL; }
int main(int argc, char **argv) { char *eout = malloc(base64_encode_length(7)); uint8_t *dout = malloc(base64_decode_length(8)); size_t len; len = base64_encoder((const uint8_t *)"foobar", 6, eout); fail_unless(len == 8); fail_unless(strcmp(eout,"Zm9vYmFy") == 0); len = base64_decoder(eout,0,dout); fail_unless(len == 6); fail_unless(strncmp((char*)dout,"foobar",6) == 0); char bfix[] = "eyJzdWIiOjEyMzQ1Njc4OTAsIm5hbWUiOiJKb2huIERvZSIsImFkbWluIjp0cnVlfQ"; char jfix[] = "{\"sub\":1234567890,\"name\":\"John Doe\",\"admin\":true}"; char *jtest = malloc(base64_decode_length(strlen(bfix))); len = base64_decoder(bfix,0,(uint8_t*)jtest); fail_unless(len == strlen(jfix)); fail_unless(strcmp(jtest,jfix) == 0); char *btest = malloc(base64_encode_length(strlen(jfix))); len = base64_encoder((uint8_t*)jfix,strlen(jfix),btest); // printf("len %d %d %s",len,strlen(bfix),btest); fail_unless(len == strlen(bfix)); fail_unless(strncmp(btest,bfix,len) == 0); e3x_init(NULL); // random seed uint8_t *rand = malloc(32); char *rtest = malloc(base64_encode_length(32)); uint8_t *rand2 = malloc(32); char *rtest2 = malloc(base64_encode_length(32)); int i; for(i = 1;i<=32;i++) { e3x_rand(rand, i); e3x_rand(rand2, i); base64_encoder(rand,i,rtest); base64_decoder(rtest,0,rand2); base64_encoder(rand2,i,rtest2); // printf("%s\n%s\n",rtest,rtest2); fail_unless(memcmp(rand,rand2,i) == 0); } return 0; }
static int _common_encode(lua_State *L, EncodeFunc_t encode) { size_t len; const char *str = lua64_tolstring(L, 1, &len); size_t dlen = base64_encode_length(len); luaL_Buffer b; char *dst = luaL_buffinitsize(L, &b, dlen); encode(str, len, dst); luaL_pushresultsize(&b, dlen); return 1; }
static int _scheme_encode(lua_State *L) { struct base64_scheme *sch = lua64_touserdata(L, 1); size_t len; const char *str = lua64_tolstring(L, 2, &len); size_t dlen = base64_encode_length(len); luaL_Buffer b; char *dst = luaL_buffinitsize(L, &b, dlen); base64_scheme_encode(sch, str, len, dst); luaL_pushresultsize(&b, dlen); return 1; }
// returns the base64 encoded token from a packet char *jwt_encode(lob_t token) { lob_t claims = jwt_claims(token); if(!claims) return LOG_WARN("no claims"); size_t slen = base64_encode_length(claims->body_len); size_t clen = base64_encode_length(claims->head_len); size_t hlen = base64_encode_length(token->head_len); char *encoded; if(!(encoded = malloc(hlen+1+clen+1+slen+1))) return LOG_WARN("OOM"); // append all the base64 encoding hlen = base64_encoder(token->head,token->head_len,encoded); encoded[hlen] = '.'; clen = base64_encoder(claims->head,claims->head_len,encoded+hlen+1); encoded[hlen+1+clen] = '.'; slen = base64_encoder(claims->body,claims->body_len,encoded+hlen+1+clen+1); encoded[hlen+1+clen+1+slen] = 0; return encoded; }
json_object *base64_json_encode (uint8_t *dat, int len) { char *buf; int dstlen; json_object *o; int size = base64_encode_length (len); buf = xzmalloc (size); (void) base64_encode_block (buf, &dstlen, dat, len); if (!(o = json_object_new_string (buf))) oom (); free (buf); return o; }
// returns the base64 encoded token from a packet (return is cached/freed inside token) char *jwt_encode(lob_t token) { size_t hlen, clen, slen; char *encoded; lob_t payload = lob_linked(token); if(!payload) return NULL; // allocates space in the token body slen = base64_encode_length(payload->body_len); clen = base64_encode_length(payload->head_len); hlen = base64_encode_length(token->head_len); encoded = (char*)lob_body(token,NULL,hlen+1+clen+1+slen+1); // append all the base64 encoding hlen = base64_encoder(token->head,token->head_len,encoded); encoded[hlen] = '.'; clen = base64_encoder(payload->head,payload->head_len,encoded+hlen+1); encoded[hlen+1+clen] = '.'; slen = base64_encoder(payload->body,payload->body_len,encoded+hlen+1+clen+1); encoded[hlen+1+clen+1+slen] = 0; return encoded; }
// sign this token, adds signature to the claims body lob_t jwt_sign(lob_t token, e3x_self_t self) { size_t hlen, clen; char *encoded; lob_t payload = lob_linked(token); if(!token || !payload) return LOG("bad args"); // allocates space in the payload body for the encoded data to be signed clen = base64_encode_length(payload->head_len); hlen = base64_encode_length(token->head_len); encoded = (char*)lob_body(payload,NULL,hlen+1+clen); hlen = base64_encoder(token->head,token->head_len,encoded); encoded[hlen] = '.'; clen = base64_encoder(payload->head,payload->head_len,encoded+hlen+1); // e3x returns packet w/ signature if(!e3x_self_sign(self, token, payload->body, hlen+1+clen)) return LOG("signing failed"); // copy sig to payload lob_body(payload,token->body,token->body_len); return token; }