[identity] fix format of ed25519 public key and signature

Summary: the public key and signature should be decoded to byte slices. Test Plan: tested two diffs later in stack when we verify signatures with the public key Reviewers: jon, bartek Reviewed By: bartek Subscribers: ashoat, tomek Differential Revision: https://phab.comm.dev/D8298
CommE2E · Jun 27, 2023 · b97e7a8 · b97e7a8
1 parent 3e9441b
commit b97e7a8
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 8 deletions.
diff --git a/services/identity/Cargo.lock b/services/identity/Cargo.lock
diff --git a/services/identity/Cargo.toml b/services/identity/Cargo.toml
@@ -33,6 +33,7 @@ serde = { version = "1.0.159", features = [ "derive" ] }
 serde_json = "1.0.95"
 moka = { version = "0.10", features = ["future"] }
 uuid = { version = "1.3", features = [ "v4" ] }
+base64 = "0.21.2"
 
 [build-dependencies]
 tonic-build = "0.9.1"
diff --git a/services/identity/src/reserved_users.rs b/services/identity/src/reserved_users.rs
@@ -1,5 +1,4 @@
-use std::str::FromStr;
-
+use base64::{engine::general_purpose, Engine as _};
 use chrono::{DateTime, Utc};
 use constant_time_eq::constant_time_eq;
 use ed25519_dalek::{PublicKey, Signature, Verifier};
@@ -9,6 +8,7 @@ use tonic::Status;
 use crate::config::CONFIG;
 
 #[derive(Deserialize)]
+#[serde(rename_all = "camelCase")]
 struct ReservedUsernameMessage {
   statement: String,
   username: String,
@@ -38,17 +38,24 @@ fn validate_message(
     return Err(Status::invalid_argument("message invalid"));
   }
 
-  let signature = Signature::from_str(keyserver_signature)
+  let signature_bytes = general_purpose::STANDARD_NO_PAD
+    .decode(keyserver_signature)
+    .map_err(|_| Status::invalid_argument("signature invalid"))?;
+
+  let signature = Signature::from_bytes(&signature_bytes)
     .map_err(|_| Status::invalid_argument("signature invalid"))?;
 
   let public_key_string = CONFIG
     .keyserver_public_key
     .clone()
     .ok_or(Status::failed_precondition("missing key"))?;
 
-  let public_key: PublicKey =
-    PublicKey::from_bytes(public_key_string.as_bytes())
-      .map_err(|_| Status::failed_precondition("malformed key"))?;
+  let public_key_bytes = general_purpose::STANDARD_NO_PAD
+    .decode(public_key_string)
+    .map_err(|_| Status::failed_precondition("malformed key"))?;
+
+  let public_key: PublicKey = PublicKey::from_bytes(&public_key_bytes)
+    .map_err(|_| Status::failed_precondition("malformed key"))?;
 
   public_key
     .verify(keyserver_message.as_bytes(), &signature)