Merge pull request #29 from muzzammilshahid/fix-cra-secret

Don't decode secret to hex and base64
xconnio · Jul 29, 2024 · ae0b5b0 · ae0b5b0
2 parents d58d2b3 + 14088ef
commit ae0b5b0
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 13 deletions.
diff --git a/cmd/wampproto/main.go b/cmd/wampproto/main.go
@@ -448,10 +448,7 @@ func Run(args []string) (string, error) {
 		return wampprotocli.FormatOutputBytes(*c.output, derivedKey)
 
 	case c.signCRAChallenge.FullCommand():
-		craKey, err := wampprotocli.DecodeHexOrBase64(*c.craKey)
-		if err != nil {
-			craKey = []byte(*c.craKey)
-		}
+		var craKeyBytes = []byte(*c.craKey)
 
 		var craChallenge = *c.craChallenge
 		craChallengeBytes, err := wampprotocli.DecodeHexOrBase64(craChallenge)
@@ -460,18 +457,15 @@ func Run(args []string) (string, error) {
 		}
 
 		if *c.output == wampprotocli.RawFormat {
-			return auth.SignCRAChallenge(craChallenge, craKey), nil
+			return auth.SignCRAChallenge(craChallenge, craKeyBytes), nil
 		}
 
-		signedChallenge := auth.SignCRAChallengeBytes(craChallenge, craKey)
+		signedChallenge := auth.SignCRAChallengeBytes(craChallenge, craKeyBytes)
 
 		return wampprotocli.FormatOutputBytes(*c.output, signedChallenge)
 
 	case c.verifyCRASignature.FullCommand():
-		craKey, err := wampprotocli.DecodeHexOrBase64(*c.verifyCRAKey)
-		if err != nil {
-			craKey = []byte(*c.verifyCRAKey)
-		}
+		var craKeyBytes = []byte(*c.verifyCRAKey)
 
 		var craChallenge = *c.verifyCRAChallenge
 		craChallengeBytes, err := wampprotocli.DecodeHexOrBase64(craChallenge)
@@ -481,7 +475,7 @@ func Run(args []string) (string, error) {
 
 		craSignature := wampprotocli.EnsureBase64(*c.verifyCRASign)
 
-		isVerified := auth.VerifyCRASignature(craSignature, craChallenge, craKey)
+		isVerified := auth.VerifyCRASignature(craSignature, craChallenge, craKeyBytes)
 		if !isVerified {
 			return "", fmt.Errorf("signature verification failed")
 		}

diff --git a/cmd/wampproto/main_test.go b/cmd/wampproto/main_test.go
@@ -319,9 +319,9 @@ func TestSignCRAChallenge(t *testing.T) {
 
 func TestVerifyCRASignature(t *testing.T) {
 	const (
-		testCRAKey    = "6339432b4a757771534b667448736141457530754f70337a4a50512f705070477649456677596730726e773d"
+		testCRAKey    = "test"
 		testChallenge = "foobar"
-		testSignature = "AQRrWsTRCROp7o4UUOZPFIa8v3uror6AWSdQ2PaR5jU="
+		testSignature = "8ad86238123bb29fcca4c6fd117831be6d609ae7dc42f153fa047321489277b0"
 	)
 
 	var command = fmt.Sprintf("wampproto auth cra verify-signature %s %s %s", testChallenge, testSignature, testCRAKey)