From 039d1b7f9920fd371feb79805af752ce56447c44 Mon Sep 17 00:00:00 2001 From: James Houlahan Date: Wed, 2 Nov 2022 14:23:55 +0100 Subject: [PATCH] GODT-2023: Revert to v2 bridge password encoming format v2 used base64.RawURLEncoding rather than hex to encode the bridge password. We should use that in v3 as well. --- internal/user/types.go | 21 +++++++++++---------- internal/user/user.go | 4 ++-- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/internal/user/types.go b/internal/user/types.go index fc22acaf..fc43d16b 100644 --- a/internal/user/types.go +++ b/internal/user/types.go @@ -18,7 +18,7 @@ package user import ( - "encoding/hex" + "encoding/base64" "fmt" "reflect" "strings" @@ -58,24 +58,25 @@ func groupBy[Key comparable, Value any](items []Value, key func(Value) Key) map[ return groups } -// hexEncode returns the hexadecimal encoding of the given byte slice. -func hexEncode(b []byte) []byte { - enc := make([]byte, hex.EncodedLen(len(b))) +// b64Encode returns the base64 encoding of the given byte slice. +func b64Encode(b []byte) []byte { + enc := make([]byte, base64.RawURLEncoding.EncodedLen(len(b))) - hex.Encode(enc, b) + base64.RawURLEncoding.Encode(enc, b) return enc } -// hexDecode returns the bytes represented by the hexadecimal encoding of the given byte slice. -func hexDecode(b []byte) ([]byte, error) { - dec := make([]byte, hex.DecodedLen(len(b))) +// b64Decode returns the bytes represented by the base64 encoding of the given byte slice. +func b64Decode(b []byte) ([]byte, error) { + dec := make([]byte, base64.RawURLEncoding.DecodedLen(len(b))) - if _, err := hex.Decode(dec, b); err != nil { + n, err := base64.RawURLEncoding.Decode(dec, b) + if err != nil { return nil, err } - return dec, nil + return dec[:n], nil } // getAddrID returns the address ID for the given email address. diff --git a/internal/user/user.go b/internal/user/user.go index e3d98624..3ae7d8e5 100644 --- a/internal/user/user.go +++ b/internal/user/user.go @@ -351,7 +351,7 @@ func (user *User) GluonKey() []byte { // BridgePass returns the user's bridge password, used for authentication over SMTP and IMAP. func (user *User) BridgePass() []byte { - return hexEncode(user.vault.BridgePass()) + return b64Encode(user.vault.BridgePass()) } // UsedSpace returns the total space used by the user on the API. @@ -526,7 +526,7 @@ func (user *User) SendMail(authID string, from string, to []string, r io.Reader) // CheckAuth returns whether the given email and password can be used to authenticate over IMAP or SMTP with this user. // It returns the address ID of the authenticated address. func (user *User) CheckAuth(email string, password []byte) (string, error) { - dec, err := hexDecode(password) + dec, err := b64Decode(password) if err != nil { return "", fmt.Errorf("failed to decode password: %w", err) }