Changed base64 to hex encoding.

src/usr/user_session_handler.cpp

@@ -3,7 +3,6 @@
 #include <boost/beast/core.hpp>
 #include <boost/beast/websocket.hpp>
 #include <boost/asio.hpp>
-#include <sodium.h>
 #include "../util.hpp"
 #include "../sock/socket_session.hpp"
 #include "../proc.hpp"
@@ -30,14 +29,14 @@ void user_session_handler::on_connect(sock::socket_session *session)
     // challenge we issued and later verifies the user's response with it.
 
     std::string msg;
-    std::string challengeb64;
-    usr::create_user_challenge(msg, challengeb64);
+    std::string challengehex;
+    usr::create_user_challenge(msg, challengehex);
 
     // We init the session unique id to associate with the challenge.
     session->init_uniqueid();
 
     // Create an entry in pending_challenges for later tracking upon challenge response.
-    usr::pending_challenges[session->uniqueid_] = challengeb64;
+    usr::pending_challenges[session->uniqueid_] = challengehex;
 
     session->send(std::move(msg));
 
@@ -58,20 +57,20 @@ void user_session_handler::on_message(sock::socket_session *session, std::string
         auto itr = usr::pending_challenges.find(session->uniqueid_);
         if (itr != usr::pending_challenges.end())
         {
-            std::string userpubkeyb64;
+            std::string userpubkeyhex;
             std::string_view original_challenge = itr->second;
-            if (usr::verify_user_challenge_response(userpubkeyb64, message, original_challenge) == 0)
+            if (usr::verify_user_challenge_response(userpubkeyhex, message, original_challenge) == 0)
             {
                 // Challenge singature verification successful.
 
-                // Decode b64 pubkey and get binary pubkey. We area only going to keep
+                // Decode hex pubkey and get binary pubkey. We area only going to keep
                 // the binary pubkey due to reduced memory footprint.
                 std::string userpubkey;
-                userpubkey.resize(crypto_sign_PUBLICKEYBYTES);
-                util::base64_decode(
+                userpubkey.resize(userpubkeyhex.length() / 2);
+                util::hex2bin(
                     reinterpret_cast<unsigned char *>(userpubkey.data()),
                     userpubkey.length(),
-                    userpubkeyb64);
+                    userpubkeyhex);
 
                 // Now check whether this user public key is duplicate.
                 if (usr::sessionids.count(userpubkey) == 0)
@@ -85,7 +84,7 @@ void user_session_handler::on_message(sock::socket_session *session, std::string
                     usr::pending_challenges.erase(session->uniqueid_);                // Remove the stored challenge
 
                     std::cout << "User connection " << session->uniqueid_ << " authenticated. Public key "
-                              << userpubkeyb64 << std::endl;
+                              << userpubkeyhex << std::endl;
                     return;
                 }
                 else

src/usr/usr.cpp

@@ -61,7 +61,7 @@ static const char *CHALLENGE_MSGTYPE = "public_challenge";
 // Message type for the user challenge response.
 static const char *CHALLENGE_RESP_MSGTYPE = "challenge_response";
 // Length of user random challenge bytes.
-static const int CHALLENGE_LEN = 16;
+static const size_t CHALLENGE_LEN = 16;
 
 /**
  * Initializes the usr subsystem. Must be called once during application startup.
@@ -93,20 +93,20 @@ void deinit()
  *            {
  *              "version": "<HP version>",
  *              "type": "public_challenge",
- *              "challenge": "<base64 challenge string>"
+ *              "challenge": "<hex challenge string>"
  *            }
- * @param challenge String reference to copy the generated base64 challenge string into.
+ * @param challenge String reference to copy the generated hex challenge string into.
  */
-void create_user_challenge(std::string &msg, std::string &challengeb64)
+void create_user_challenge(std::string &msg, std::string &challengehex)
 {
     //Use libsodium to generate the random challenge bytes.
     unsigned char challenge_bytes[CHALLENGE_LEN];
     randombytes_buf(challenge_bytes, CHALLENGE_LEN);
 
-    //We pass the b64 challenge string separately to the caller even though
+    //We pass the hex challenge string separately to the caller even though
     //we also include it in the challenge msg as well.
 
-    util::base64_encode(challengeb64, challenge_bytes, CHALLENGE_LEN);
+    util::bin2hex(challengehex, challenge_bytes, CHALLENGE_LEN);
 
     //Construct the challenge msg json.
     // We do not use RapidJson here in favour of performance because this is a simple json message.
@@ -118,7 +118,7 @@ void create_user_challenge(std::string &msg, std::string &challengeb64)
     msg.append("{\"version\":\"")
         .append(util::HP_VERSION)
         .append("\",\"type\":\"public_challenge\",\"challenge\":\"")
-        .append(challengeb64)
+        .append(challengehex)
         .append("\"}");
 }
 
@@ -126,19 +126,19 @@ void create_user_challenge(std::string &msg, std::string &challengeb64)
  * Verifies the user challenge response with the original challenge issued to the user
  * and the user public key contained in the response.
  * 
- * @param extracted_pubkeyb64 The base64 public key extracted from the response. 
+ * @param extracted_pubkeyhex The hex public key extracted from the response. 
  * @param response The response bytes to verify. This will be parsed as json.
  *                 Accepted response format:
  *                 {
  *                   "type": "challenge_response",
- *                   "challenge": "<original base64 challenge the user received>",
- *                   "sig": "<Base64 signature of the challenge>",
- *                   "pubkey": "<Base64 public key of the user>"
+ *                   "challenge": "<original hex challenge the user received>",
+ *                   "sig": "<hex signature of the challenge>",
+ *                   "pubkey": "<hex public key of the user>"
  *                 }
- * @param original_challenge The original base64 challenge string issued to the user.
+ * @param original_challenge The original hex challenge string issued to the user.
  * @return 0 if challenge response is verified. -1 if challenge not met or an error occurs.
  */
-int verify_user_challenge_response(std::string &extracted_pubkeyb64, std::string_view response, std::string_view original_challenge)
+int verify_user_challenge_response(std::string &extracted_pubkeyhex, std::string_view response, std::string_view original_challenge)
 {
     // We load response raw bytes into json document.
     rapidjson::Document d;
@@ -179,7 +179,7 @@ int verify_user_challenge_response(std::string &extracted_pubkeyb64, std::string
 
     // Verify the challenge signature. We do this last due to signature verification cost.
     std::string_view pubkeysv = util::getsv(d[CHALLENGE_RESP_PUBKEY]);
-    if (crypto::verify_b64(
+    if (crypto::verify_hex(
             original_challenge,
             util::getsv(d[CHALLENGE_RESP_SIG]),
             pubkeysv) != 0)
@@ -188,7 +188,7 @@ int verify_user_challenge_response(std::string &extracted_pubkeyb64, std::string
         return -1;
     }
 
-    extracted_pubkeyb64 = pubkeysv;
+    extracted_pubkeyhex = pubkeysv;
 
     return 0;
 }

src/usr/usr.hpp

@@ -60,9 +60,9 @@ int init();
 
 void deinit();
 
-void create_user_challenge(std::string &msg, std::string &challengeb64);
+void create_user_challenge(std::string &msg, std::string &challengehex);
 
-int verify_user_challenge_response(std::string &extracted_pubkeyb64, std::string_view response, std::string_view original_challenge);
+int verify_user_challenge_response(std::string &extracted_pubkeyhex, std::string_view response, std::string_view original_challenge);
 
 int add_user(sock::socket_session *session, const std::string &pubkey);