Beispiel #1
0
func (s *Server) AuthHandler() http.Handler {
	handler := func(w http.ResponseWriter, r *http.Request) {
		/*
			Parse form data and handle error messages. Might not be the most visible to the end user.
		*/
		err := r.ParseForm()
		if err != nil {
			fmt.Println(err)
			return
		}

		message := r.FormValue("message")
		signature := r.FormValue("signature")
		publicKey := r.FormValue("publicKey")

		/*
			Decode publicKey and signature to a byte array using base64url package
		*/
		pubBytes, pubErr := base64url.Decode(publicKey)
		if pubErr != nil {
			fmt.Println(pubErr)
		}
		signBytes, signErr := base64url.Decode(signature)
		if signErr != nil {
			fmt.Println(signErr)
		}

		/*
			Change the byte array to an object with the correct sizes used by the ed25519 implementation
		*/
		var pk *[ed25519.PublicKeySize]byte
		pk = new([ed25519.PublicKeySize]byte)
		subtle.ConstantTimeCopy(1, pk[:32], pubBytes)
		var sig *[ed25519.SignatureSize]byte
		sig = new([ed25519.SignatureSize]byte)
		subtle.ConstantTimeCopy(1, sig[:64], signBytes)

		/*
			Verify the signature and return verified or not depending on the result.
		*/
		w.Header().Add("Content-Type", "text/html")
		if ed25519.Verify(pk, []byte(message), sig) {
			io.WriteString(w, "{result:true}Verified")
		} else {
			io.WriteString(w, "{result:false}Not Verified")
		}
	}
	return http.HandlerFunc(handler)
}
/*
	Test base64url.Decode function using a hex encoded string corresponding to an Base64URLEncoded string.
	First we decode the Base64URLEncoded string checking the error condition so we have a correctly encoded string.
	Then we hex encode the result and check it against the corresponding hex encoded string.
*/
func TestDecode(t *testing.T) {
	resultBytes, err := base64url.Decode(Base64URLEncoded)
	if err != nil {
		t.Errorf("Could not decode Base64URLEncoded string: ", err)
	}
	hexEncodedBytes := make([]byte, len(resultBytes)*2)
	hex.Encode(hexEncodedBytes, resultBytes)
	resultStr := string(hexEncodedBytes)
	if HEXEncoded != resultStr {
		t.Errorf(HEXEncoded + " not equal with " + resultStr)
	}

	// Should error when an illegal character is encountered.
	resultBytes, err = base64url.Decode(Base64URLEncoded + "+")
	if err == nil {
		t.Errorf("Should throw error when an illegal character is encountered.")
	}
}