Use std::vector for internal representation

Author: svedi

include/cryptolens/RawLicenseKey.hpp

@@ -54,19 +54,21 @@ class RawLicenseKey {
   {
     if (e) { return nullopt; }
 
-    optional<std::string> decoded = ::cryptolens_io::v20190401::internal::b64_decode(base64_license);
+    optional<std::vector<unsigned char>> decoded = ::cryptolens_io::v20190401::internal::b64_decode(base64_license);
 
     if (!decoded) {
       e.set(api::main(), errors::Subsystem::Base64);
       return nullopt;
     }
 
     if (verifier.verify_message(e, *decoded, signature)) {
+      std::string decoded_string(decoded->begin(), decoded->end());
+
       return make_optional(
         RawLicenseKey
           ( std::move(base64_license)
           , std::move(signature)
-          , std::move(*decoded)
+          , std::move(decoded_string)
           )
         );
     } else {

include/cryptolens/SignatureVerifier_BearSSL.hpp

@@ -36,7 +36,7 @@ class SignatureVerifier_BearSSL
   void set_modulus_base64(basic_Error & e, std::string const& modulus_base64);
   void set_exponent_base64(basic_Error & e, std::string const& exponent_base64);
 
-  bool verify_message(basic_Error & e, std::string const& message, std::string const& signature_base64) const;
+  bool verify_message(basic_Error & e, std::vector<unsigned char> const& message, std::string const& signature_base64) const;
 
 private:
   br_rsa_public_key pk_;

include/cryptolens/SignatureVerifier_CryptoAPI.hpp

@@ -40,7 +40,8 @@ class SignatureVerifier_CryptoAPI
 
   void set_modulus_base64(basic_Error & e, std::string const& modulus_base64);
   void set_exponent_base64(basic_Error & e, std::string const& exponent_base64) {}
-  bool verify_message(basic_Error & e, std::string const& message, std::string const& signature_base64) const;
+
+  bool verify_message(basic_Error & e, std::vector<unsigned char> const& message, std::string const& signature_base64) const;
 private:
   HCRYPTPROV hProv_;
   HCRYPTKEY hPubKey_;

include/cryptolens/SignatureVerifier_OpenSSL.hpp

@@ -40,7 +40,7 @@ class SignatureVerifier_OpenSSL
   void set_modulus_base64(basic_Error & e, std::string const& modulus_base64);
   void set_exponent_base64(basic_Error & e, std::string const& exponent_base64);
 
-  bool verify_message(basic_Error & e, std::string const& message, std::string const& signature_base64) const;
+  bool verify_message(basic_Error & e, std::vector<unsigned char> const& message, std::string const& signature_base64) const;
 
 private:
   RSA * rsa;

include/cryptolens/SignatureVerifier_OpenSSL3.hpp

@@ -39,7 +39,7 @@ class SignatureVerifier_OpenSSL3
   void set_modulus_base64(basic_Error & e, std::string const& modulus_base64);
   void set_exponent_base64(basic_Error & e, std::string const& exponent_base64);
 
-  bool verify_message(basic_Error & e, std::string const& message, std::string const& signature_base64) const;
+  bool verify_message(basic_Error & e, std::vector<unsigned char> const& message, std::string const& signature_base64) const;
 
 private:
   EVP_PKEY *pkey_;

include/cryptolens/SignatureVerifier_v20190401_to_v20180502.hpp

@@ -116,7 +116,9 @@ const
     return false;
   }
 
-  return verifier_.verify_message(e, message, signature_base64);
+  std::vector<unsigned char> message_vec(message.cbegin(), message.cend());
+
+  return verifier_.verify_message(e, message_vec, signature_base64);
 }
 
 } // namespace internal

include/cryptolens/base64.hpp

@@ -1,6 +1,7 @@
 #pragma once
 
 #include <string>
+#include <vector>
 
 #include "imports/std/optional"
 
@@ -16,7 +17,7 @@ namespace internal {
 int
 b64_pton(char const *src, unsigned char *target, size_t targsize);
 
-optional<std::string>
+optional<std::vector<unsigned char>>
 b64_decode(std::string const& b64);
 
 } // namespace internal

src/SignatureVerifier_BearSSL.cpp

@@ -85,7 +85,7 @@ SignatureVerifier_BearSSL::set_modulus_base64_(basic_Error & e, std::string cons
 {
   if (e) { return; }
 
-  optional<std::string> modulus = ::cryptolens_io::v20190401::internal::b64_decode(modulus_base64);
+  optional<std::vector<unsigned char>> modulus = ::cryptolens_io::v20190401::internal::b64_decode(modulus_base64);
   if (!modulus) { e.set(api::main(), errors::Subsystem::Base64); return; }
 
   if (pk_.n) { delete [] pk_.n; pk_.n = NULL; }
@@ -99,7 +99,7 @@ SignatureVerifier_BearSSL::set_modulus_base64_(basic_Error & e, std::string cons
     return;
   }
 
-  memcpy(pk_.n, modulus->c_str(), len);
+  memcpy(pk_.n, modulus->data(), len);
   pk_.nlen = len;
 }
 
@@ -108,7 +108,7 @@ SignatureVerifier_BearSSL::set_exponent_base64_(basic_Error & e, std::string con
 {
   if (e) { return; }
 
-  optional<std::string> exponent = ::cryptolens_io::v20190401::internal::b64_decode(exponent_base64);
+  optional<std::vector<unsigned char>> exponent = ::cryptolens_io::v20190401::internal::b64_decode(exponent_base64);
   if (!exponent) { e.set(api::main(), errors::Subsystem::Base64); return; }
 
   if (pk_.e) { delete [] pk_.e; pk_.e = NULL; }
@@ -122,7 +122,7 @@ SignatureVerifier_BearSSL::set_exponent_base64_(basic_Error & e, std::string con
     return;
   }
 
-  memcpy(pk_.e, exponent->c_str(), len);
+  memcpy(pk_.e, exponent->data(), len);
   pk_.elen = len;
 }
 
@@ -132,7 +132,7 @@ SignatureVerifier_BearSSL::set_exponent_base64_(basic_Error & e, std::string con
 bool
 SignatureVerifier_BearSSL::verify_message
   ( basic_Error & e
-  , std::string const& message
+  , std::vector<unsigned char> const& message
   , std::string const& signature_base64
   )
 const
@@ -144,14 +144,14 @@ const
 
   if (pk_.n == NULL || pk_.e == NULL) { e.set(api::main(), 7827, 0, 0); return false; }
 
-  optional<std::string> sig = ::cryptolens_io::v20190401::internal::b64_decode(signature_base64);
+  optional<std::vector<unsigned char>> sig = ::cryptolens_io::v20190401::internal::b64_decode(signature_base64);
   if (!sig) { e.set(api::main(), errors::Subsystem::Base64); return false; }
 
   br_sha256_init(&hash_context);
-  br_sha256_update(&hash_context, message.c_str(), message.size());
+  br_sha256_update(&hash_context, message.data(), message.size());
   br_sha256_out(&hash_context, hash_out);
 
-  int r = br_rsa_i62_pkcs1_vrfy((unsigned char *)sig->c_str(), sig->size(), BR_HASH_OID_SHA256, br_sha256_SIZE, &pk_, hash_out);
+  int r = br_rsa_i62_pkcs1_vrfy(sig->data(), sig->size(), BR_HASH_OID_SHA256, br_sha256_SIZE, &pk_, hash_out);
   if (!r) {
     api::main api;
     e.set(api, 1234, 2345);

src/SignatureVerifier_CryptoAPI.cpp

@@ -27,7 +27,7 @@ namespace cryptolens_io {
 namespace v20190401 {
 
 void
-verify(basic_Error & e, HCRYPTPROV hProv, HCRYPTKEY hPubKey, std::string const& message, std::string sig)
+verify(basic_Error & e, HCRYPTPROV hProv, HCRYPTKEY hPubKey, std::vector<unsigned char> const& message, std::vector<unsigned char> & sig)
 {
   using namespace errors;
   api::main api;
@@ -47,13 +47,13 @@ verify(basic_Error & e, HCRYPTPROV hProv, HCRYPTKEY hPubKey, std::string const&
     goto cleanup;
   }
 
-  if (!CryptHashData(hHash, (const BYTE*)message.c_str(), (DWORD)message.size(), 0)) {
+  if (!CryptHashData(hHash, (const BYTE*)message.data(), (DWORD)message.size(), 0)) {
     DWORD code = GetLastError();
     e.set(api, Subsystem::SignatureVerifier, CRYPT_HASH_DATA_FAILED, code);
     goto cleanup;
   }
 
-  if (!CryptVerifySignature(hHash, (const BYTE*)sig.c_str(), (DWORD)sig.size(), hPubKey, NULL, 0)) {
+  if (!CryptVerifySignature(hHash, (const BYTE*)sig.data(), (DWORD)sig.size(), hPubKey, NULL, 0)) {
     DWORD code = GetLastError();
     e.set(api, Subsystem::SignatureVerifier, CRYPT_VERIFY_SIGNATURE_FAILED, code);
     goto cleanup;
@@ -123,7 +123,7 @@ SignatureVerifier_CryptoAPI::set_modulus_base64_(basic_Error & e, std::string co
     if (e) { return; }
   }
 
-  optional<std::string> modulus = internal::b64_decode(modulus_base64);
+  optional<std::vector<unsigned char>> modulus = internal::b64_decode(modulus_base64);
   if (!modulus) { e.set(api::main(), errors::Subsystem::Base64); return; }
 
   const size_t blobLen = sizeof(BLOBHEADER) + sizeof(RSAPUBKEY) + modulus->size();
@@ -147,7 +147,7 @@ SignatureVerifier_CryptoAPI::set_modulus_base64_(basic_Error & e, std::string co
   rsapubkey->pubexp = 65537;
 
   memcpy( pbKeyBlob.get() + sizeof(BLOBHEADER) + sizeof(RSAPUBKEY)
-        , (const char *)modulus->c_str()
+        , (const char *)modulus->data()
         , modulus->size()
         );
 
@@ -164,15 +164,15 @@ SignatureVerifier_CryptoAPI::set_modulus_base64_(basic_Error & e, std::string co
 bool
 SignatureVerifier_CryptoAPI::verify_message
   (basic_Error & e
-  , std::string const& message
+  , std::vector<unsigned char> const& message
   , std::string const& signature_base64
   )
   const
 {
   if (e) { return false; }
   if (!hProv_ || !hPubKey_) { e.set(api::main(), errors::Subsystem::SignatureVerifier, SIGNATURE_VERIFIER_UNINITIALIZED); return false; }
 
-  optional<std::string> sig = internal::b64_decode(signature_base64);
+  optional<std::vector<unsigned char>> sig = internal::b64_decode(signature_base64);
   if (!sig) { e.set(api::main(), errors::Subsystem::Base64); return false; }
 
   verify(e, hProv_, hPubKey_, message, *sig);

src/SignatureVerifier_OpenSSL.cpp

@@ -30,7 +30,7 @@ namespace cryptolens_io {
 namespace v20190401 {
 
 void
-verify(basic_Error & e, RSA * rsa, std::string const& message, std::string const& sig)
+verify(basic_Error & e, RSA * rsa, std::vector<unsigned char> const& message, std::vector<unsigned char> const& sig)
 {
   using namespace errors;
   api::main api;
@@ -61,10 +61,10 @@ verify(basic_Error & e, RSA * rsa, std::string const& message, std::string const
   r = EVP_DigestVerifyInit(ctx, NULL, EVP_sha256(), NULL, pkey);
   if (r != 1) { e.set(api, Subsystem::SignatureVerifier, DIGEST_VERIFY_INIT_FAILED); goto end; }
 
-  r = EVP_DigestVerifyUpdate(ctx, (unsigned char*)message.c_str(), message.size());
+  r = EVP_DigestVerifyUpdate(ctx, (unsigned char*)message.data(), message.size());
   if (r != 1) { e.set(api, Subsystem::SignatureVerifier, DIGEST_VERIFY_UPDATE_FAILED); goto end; }
 
-  r = EVP_DigestVerifyFinal(ctx, (unsigned char*)sig.c_str(), sig.size());
+  r = EVP_DigestVerifyFinal(ctx, (unsigned char*)sig.data(), sig.size());
   if (r != 1) { e.set(api, Subsystem::SignatureVerifier, DIGEST_VERIFY_FINAL_FAILED); goto end; }
 
 end:
@@ -164,19 +164,19 @@ SignatureVerifier_OpenSSL::set_modulus_base64_(basic_Error & e, std::string cons
   if (e) { return; }
   if (this->rsa == NULL) { e.set(api::main(), errors::Subsystem::SignatureVerifier, RSA_NULL); return; }
 
-  optional<std::string> modulus = ::cryptolens_io::v20190401::internal::b64_decode(modulus_base64);
+  optional<std::vector<unsigned char>> modulus = ::cryptolens_io::v20190401::internal::b64_decode(modulus_base64);
   if (!modulus) { e.set(api::main(), errors::Subsystem::Base64); return; }
 
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
-  BIGNUM * n = BN_bin2bn((unsigned char*)modulus->c_str(),  modulus->size(),  this->rsa->n);
+  BIGNUM * n = BN_bin2bn((unsigned char*)modulus->data(),  modulus->size(),  this->rsa->n);
   if (n == NULL) { e.set(api::main(), errors::Subsystem::SignatureVerifier, BN_BIN2BN_FAILED); return; }
 #else
   BIGNUM const* exp_current;
 
   // void return type
   RSA_get0_key(this->rsa, NULL, &exp_current, NULL);
 
-  BIGNUM * n = BN_bin2bn((unsigned char*)modulus->c_str(),  modulus->size(), NULL);
+  BIGNUM * n = BN_bin2bn((unsigned char*)modulus->data(),  modulus->size(), NULL);
   if (n == NULL) { e.set(api::main(), errors::Subsystem::SignatureVerifier, BN_BIN2BN_FAILED); return; }
 
   BIGNUM * exp;
@@ -201,19 +201,19 @@ SignatureVerifier_OpenSSL::set_exponent_base64_(basic_Error & e, std::string con
   if (e) { return; }
   if (this->rsa == NULL) { e.set(api::main(), errors::Subsystem::SignatureVerifier, RSA_NULL); return; }
 
-  optional<std::string> exponent = ::cryptolens_io::v20190401::internal::b64_decode(exponent_base64);
+  optional<std::vector<unsigned char>> exponent = ::cryptolens_io::v20190401::internal::b64_decode(exponent_base64);
   if (!exponent) { e.set(api::main(), errors::Subsystem::Base64); return; }
 
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
-  BIGNUM * exp = BN_bin2bn((unsigned char*)exponent->c_str(), exponent->size(), this->rsa->e);
+  BIGNUM * exp = BN_bin2bn(exponent->data(), exponent->size(), this->rsa->e);
   if (exp == NULL) { e.set(api::main(), errors::Subsystem::SignatureVerifier, BN_BIN2BN_FAILED); return; }
 #else
   BIGNUM const* n_current;
 
   // void return type
   RSA_get0_key(this->rsa, &n_current, NULL, NULL);
 
-  BIGNUM * exp = BN_bin2bn((unsigned char*)exponent->c_str(),  exponent->size(), NULL);
+  BIGNUM * exp = BN_bin2bn((unsigned char*)exponent->data(),  exponent->size(), NULL);
   if (exp == NULL) { e.set(api::main(), errors::Subsystem::SignatureVerifier, BN_NEW_FAILED); return; }
 
   BIGNUM * n;
@@ -238,15 +238,15 @@ SignatureVerifier_OpenSSL::set_exponent_base64_(basic_Error & e, std::string con
 bool
 SignatureVerifier_OpenSSL::verify_message
   ( basic_Error & e
-  , std::string const& message
+  , std::vector<unsigned char> const& message
   , std::string const& signature_base64
   )
 const
 {
   if (e) { return false; }
   if (this->rsa == NULL) { e.set(api::main(), errors::Subsystem::SignatureVerifier, RSA_NULL); return false; }
 
-  optional<std::string> sig = ::cryptolens_io::v20190401::internal::b64_decode(signature_base64);
+  optional<std::vector<unsigned char>> sig = ::cryptolens_io::v20190401::internal::b64_decode(signature_base64);
   if (!sig) { e.set(api::main(), errors::Subsystem::Base64); return false; }
 
   verify(e, this->rsa, message, *sig);