Don't decode secret to hex and base64

xconnio · Jul 3, 2024 · 5bd5b45 · 5bd5b45
1 parent f1d6e4a
commit 5bd5b45
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 12 deletions.
diff --git a/cmd/wampproto/main.go b/cmd/wampproto/main.go
@@ -444,10 +444,7 @@ func Run(args []string) (string, error) {
 		return wampprotocli.FormatOutputBytes(*c.output, derivedKey)
 
 	case c.signCRAChallenge.FullCommand():
-		craKey, err := wampprotocli.DecodeHexOrBase64(*c.craKey)
-		if err != nil {
-			craKey = []byte(*c.craKey)
-		}
+		var craKeyBytes = []byte(*c.verifyCRAKey)
 
 		var craChallenge = *c.craChallenge
 		craChallengeBytes, err := wampprotocli.DecodeHexOrBase64(craChallenge)
@@ -456,18 +453,15 @@ func Run(args []string) (string, error) {
 		}
 
 		if *c.output == wampprotocli.RawFormat {
-			return auth.SignCRAChallenge(craChallenge, craKey), nil
+			return auth.SignCRAChallenge(craChallenge, craKeyBytes), nil
 		}
 
-		signedChallenge := auth.SignCRAChallengeBytes(craChallenge, craKey)
+		signedChallenge := auth.SignCRAChallengeBytes(craChallenge, craKeyBytes)
 
 		return wampprotocli.FormatOutputBytes(*c.output, signedChallenge)
 
 	case c.verifyCRASignature.FullCommand():
-		craKey, err := wampprotocli.DecodeHexOrBase64(*c.verifyCRAKey)
-		if err != nil {
-			craKey = []byte(*c.verifyCRAKey)
-		}
+		var craKeyBytes = []byte(*c.verifyCRAKey)
 
 		var craChallenge = *c.verifyCRAChallenge
 		craChallengeBytes, err := wampprotocli.DecodeHexOrBase64(craChallenge)
@@ -477,7 +471,7 @@ func Run(args []string) (string, error) {
 
 		craSignature := wampprotocli.EnsureBase64(*c.verifyCRASign)
 
-		isVerified := auth.VerifyCRASignature(craSignature, craChallenge, craKey)
+		isVerified := auth.VerifyCRASignature(craSignature, craChallenge, craKeyBytes)
 		if !isVerified {
 			return "", fmt.Errorf("signature verification failed")
 		}

diff --git a/cmd/wampproto/main_test.go b/cmd/wampproto/main_test.go
@@ -319,7 +319,7 @@ func TestSignCRAChallenge(t *testing.T) {
 
 func TestVerifyCRASignature(t *testing.T) {
 	const (
-		testCRAKey    = "6339432b4a757771534b667448736141457530754f70337a4a50512f705070477649456677596730726e773d"
+		testCRAKey    = "c9C+JuwqSKftHsaAEu0uOp3zJPQ/pPpGvIEfwYg0rnw="
 		testChallenge = "foobar"
 		testSignature = "AQRrWsTRCROp7o4UUOZPFIa8v3uror6AWSdQ2PaR5jU="
 	)