jwt-cpp icon indicating copy to clipboard operation
jwt-cpp copied to clipboard
verified publisher icon Thalhammer

Offer OpenSSL base64

Open Thalhammer opened this issue 5 years ago • 2 comments

We relly on openssl pretty heavily already, so why not use its base64 support instead of the one I originaly wrote myself. I originaly refused to use it, because it seems hard/complicated to use and I already had a header only implementation in a personal project which I just had to drop in.

However I recently found out there seems to be a way easier approach to use it now: https://stackoverflow.com/a/60580965/7992576

Might be worth checking out.

Thalhammer avatar Jul 18 '20 11:07 Thalhammer

The challenge with the OpenSSL API is that it only supports base64 not base64url

prince-chrismc avatar Jul 18 '20 15:07 prince-chrismc 

         std::unique_ptr<BIO, decltype(&BIO_free_all)> b64(BIO_new(BIO_f_base64()), BIO_free_all);
         BIO_set_flags(b64.get(), BIO_FLAGS_BASE64_NO_NL);
         if (!b64)
         {
            throw std::runtime_error("BIO_new failed");
         }

         std::unique_ptr<BIO, decltype(&BIO_free_all)> inputBio(BIO_new_mem_buf((void*)rawResponse.data(), -1), BIO_free_all);
         if (!inputBio)
         {
            throw std::runtime_error("Unable to access the CA cert buffer");
         }
         //https://github.com/facebook/proxygen/blob/6654e0df0c342649c03a45142ad555993877813d/proxygen/lib/utils/Base64.cpp
         inputBio.reset(BIO_push(b64.release(), inputBio.release()));
         BIO_set_flags(inputBio.get(), BIO_FLAGS_BASE64_NO_NL);
         BIO_read(inputBio.get(), (char*)decodedCA.data(), (int)rawResponse.length());

EVP looks nicer !

prince-chrismc avatar Jul 18 '20 20:07 prince-chrismc