Skip to content

Commit 1fc6924

Browse files
sjanelsjanel
committed
Code review updates - Pass algo name with std::move from std::string, late std::string res return objects
1 parent 5b418af commit 1fc6924

File tree

2 files changed

+173
-180
lines changed

2 files changed

+173
-180
lines changed

include/jwt-cpp/jwt.h

+43-54
Original file line numberDiff line numberDiff line change
@@ -502,35 +502,33 @@ namespace jwt {
502502
ec.clear();
503503
auto certbio = make_mem_buf_bio(certstr);
504504
auto keybio = make_mem_buf_bio();
505-
std::string res;
506505
if (!certbio || !keybio) {
507506
ec = error::rsa_error::create_mem_bio_failed;
508-
return res;
507+
return {};
509508
}
510509

511510
std::unique_ptr<X509, decltype(&X509_free)> cert(
512511
PEM_read_bio_X509(certbio.get(), nullptr, nullptr, const_cast<char*>(pw.c_str())), X509_free);
513512
if (!cert) {
514513
ec = error::rsa_error::cert_load_failed;
515-
return res;
514+
return {};
516515
}
517516
std::unique_ptr<EVP_PKEY, decltype(&EVP_PKEY_free)> key(X509_get_pubkey(cert.get()), EVP_PKEY_free);
518517
if (!key) {
519518
ec = error::rsa_error::get_key_failed;
520-
return res;
519+
return {};
521520
}
522521
if (PEM_write_bio_PUBKEY(keybio.get(), key.get()) == 0) {
523522
ec = error::rsa_error::write_key_failed;
524-
return res;
523+
return {};
525524
}
526525
char* ptr = nullptr;
527526
auto len = BIO_get_mem_data(keybio.get(), &ptr);
528527
if (len <= 0 || ptr == nullptr) {
529528
ec = error::rsa_error::convert_to_pem_failed;
530-
return res;
529+
return {};
531530
}
532-
res.assign(ptr, static_cast<size_t>(len));
533-
return res;
531+
return {ptr, static_cast<size_t>(len)};
534532
}
535533

536534
/**
@@ -562,25 +560,23 @@ namespace jwt {
562560
d2i_X509(NULL, &c_str, static_cast<int>(cert_der_str.size())), X509_free);
563561
auto certbio = make_mem_buf_bio();
564562

565-
std::string res;
566563
if (!cert || !certbio) {
567564
ec = error::rsa_error::create_mem_bio_failed;
568-
return res;
565+
return {};
569566
}
570567

571568
if (!PEM_write_bio_X509(certbio.get(), cert.get())) {
572569
ec = error::rsa_error::write_cert_failed;
573-
return res;
570+
return {};
574571
}
575572

576573
char* ptr = nullptr;
577574
const auto len = BIO_get_mem_data(certbio.get(), &ptr);
578575
if (len <= 0 || ptr == nullptr) {
579576
ec = error::rsa_error::convert_to_pem_failed;
580-
return res;
577+
return {};
581578
}
582-
res.assign(ptr, static_cast<size_t>(len));
583-
return res;
579+
return {ptr, static_cast<size_t>(len)};
584580
}
585581

586582
/**
@@ -877,7 +873,7 @@ namespace jwt {
877873
#endif
878874
{
879875
std::string res(BN_num_bytes(bn), '\0');
880-
BN_bn2bin(bn, (unsigned char*)res.data()); // NOLINT(google-readability-casting) requires `const_cast`
876+
BN_bn2bin(bn, reinterpret_cast<unsigned char*>(&res[0]));
881877
return res;
882878
}
883879
/**
@@ -943,7 +939,8 @@ namespace jwt {
943939
* \param md Pointer to hash function
944940
* \param name Name of the algorithm
945941
*/
946-
hmacsha(string_view key, const EVP_MD* (*md)(), string_view name) : secret(key), md(md), alg_name(name) {}
942+
hmacsha(string_view key, const EVP_MD* (*md)(), std::string name)
943+
: secret(key), md(md), alg_name(std::move(name)) {}
947944
/**
948945
* Sign jwt data
949946
* \param data The data to sign
@@ -956,8 +953,7 @@ namespace jwt {
956953
auto len = static_cast<unsigned int>(res.size());
957954
if (HMAC(md(), secret.data(), static_cast<int>(secret.size()),
958955
reinterpret_cast<const unsigned char*>(data.data()), static_cast<int>(data.size()),
959-
(unsigned char*)res.data(), // NOLINT(google-readability-casting) requires `const_cast`
960-
&len) == nullptr) {
956+
reinterpret_cast<unsigned char*>(&res[0]), &len) == nullptr) {
961957
ec = error::signature_generation_error::hmac_failed;
962958
res.clear();
963959
return res;
@@ -1013,8 +1009,8 @@ namespace jwt {
10131009
* \param name Name of the algorithm
10141010
*/
10151011
rsa(string_view public_key, string_view private_key, const std::string& public_key_password,
1016-
const std::string& private_key_password, const EVP_MD* (*md)(), string_view name)
1017-
: md(md), alg_name(name) {
1012+
const std::string& private_key_password, const EVP_MD* (*md)(), std::string name)
1013+
: md(md), alg_name(std::move(name)) {
10181014
if (!private_key.empty()) {
10191015
pkey = helper::load_private_key_from_string(private_key, private_key_password);
10201016
} else if (!public_key.empty()) {
@@ -1031,22 +1027,21 @@ namespace jwt {
10311027
std::string sign(string_view data, std::error_code& ec) const {
10321028
ec.clear();
10331029
auto ctx = helper::make_evp_md_ctx();
1034-
std::string res;
10351030
if (!ctx) {
10361031
ec = error::signature_generation_error::create_context_failed;
1037-
return res;
1032+
return {};
10381033
}
10391034
if (!EVP_SignInit(ctx.get(), md())) {
10401035
ec = error::signature_generation_error::signinit_failed;
1041-
return res;
1036+
return {};
10421037
}
10431038
if (!EVP_SignUpdate(ctx.get(), data.data(), data.size())) {
10441039
ec = error::signature_generation_error::signupdate_failed;
1045-
return res;
1040+
return {};
10461041
}
1047-
res.assign(EVP_PKEY_size(pkey.get()), '\0');
1042+
std::string res(EVP_PKEY_size(pkey.get()), '\0');
10481043
unsigned int len = 0;
1049-
if (EVP_SignFinal(ctx.get(), (unsigned char*)res.data(), &len, pkey.get()) == 0) {
1044+
if (EVP_SignFinal(ctx.get(), reinterpret_cast<unsigned char*>(&res[0]), &len, pkey.get()) == 0) {
10501045
ec = error::signature_generation_error::signfinal_failed;
10511046
res.clear();
10521047
return res;
@@ -1113,8 +1108,8 @@ namespace jwt {
11131108
* \param siglen The bit length of the signature
11141109
*/
11151110
ecdsa(string_view public_key, string_view private_key, const std::string& public_key_password,
1116-
const std::string& private_key_password, const EVP_MD* (*md)(), string_view name, size_t siglen)
1117-
: md(md), alg_name(name), signature_length(siglen) {
1111+
const std::string& private_key_password, const EVP_MD* (*md)(), std::string name, size_t siglen)
1112+
: md(md), alg_name(std::move(name)), signature_length(siglen) {
11181113
if (!private_key.empty()) {
11191114
pkey = helper::load_private_ec_key_from_string(private_key, private_key_password);
11201115
check_private_key(pkey.get());
@@ -1140,27 +1135,26 @@ namespace jwt {
11401135
std::string sign(string_view data, std::error_code& ec) const {
11411136
ec.clear();
11421137
auto ctx = helper::make_evp_md_ctx();
1143-
std::string res;
11441138
if (!ctx) {
11451139
ec = error::signature_generation_error::create_context_failed;
1146-
return res;
1140+
return {};
11471141
}
11481142
if (!EVP_DigestSignInit(ctx.get(), nullptr, md(), nullptr, pkey.get())) {
11491143
ec = error::signature_generation_error::signinit_failed;
1150-
return res;
1144+
return {};
11511145
}
11521146
if (!EVP_DigestUpdate(ctx.get(), data.data(), data.size())) {
11531147
ec = error::signature_generation_error::digestupdate_failed;
1154-
return res;
1148+
return {};
11551149
}
11561150

11571151
size_t len = 0;
11581152
if (!EVP_DigestSignFinal(ctx.get(), nullptr, &len)) {
11591153
ec = error::signature_generation_error::signfinal_failed;
1160-
return res;
1154+
return {};
11611155
}
1162-
res.assign(len, '\0');
1163-
if (!EVP_DigestSignFinal(ctx.get(), (unsigned char*)res.data(), &len)) {
1156+
std::string res(len, '\0');
1157+
if (!EVP_DigestSignFinal(ctx.get(), reinterpret_cast<unsigned char*>(&res[0]), &len)) {
11641158
ec = error::signature_generation_error::signfinal_failed;
11651159
res.clear();
11661160
return res;
@@ -1346,8 +1340,8 @@ namespace jwt {
13461340
* \param name Name of the algorithm
13471341
*/
13481342
eddsa(string_view public_key, string_view private_key, const std::string& public_key_password,
1349-
const std::string& private_key_password, string_view name)
1350-
: alg_name(name) {
1343+
const std::string& private_key_password, std::string name)
1344+
: alg_name(std::move(name)) {
13511345
if (!private_key.empty()) {
13521346
pkey = helper::load_private_key_from_string(private_key, private_key_password);
13531347
} else if (!public_key.empty()) {
@@ -1364,18 +1358,17 @@ namespace jwt {
13641358
std::string sign(string_view data, std::error_code& ec) const {
13651359
ec.clear();
13661360
auto ctx = helper::make_evp_md_ctx();
1367-
std::string res;
13681361
if (!ctx) {
13691362
ec = error::signature_generation_error::create_context_failed;
1370-
return res;
1363+
return {};
13711364
}
13721365
if (!EVP_DigestSignInit(ctx.get(), nullptr, nullptr, nullptr, pkey.get())) {
13731366
ec = error::signature_generation_error::signinit_failed;
1374-
return res;
1367+
return {};
13751368
}
13761369

13771370
size_t len = EVP_PKEY_size(pkey.get());
1378-
res.assign(len, '\0');
1371+
std::string res(len, '\0');
13791372

13801373
// LibreSSL is the special kid in the block, as it does not support EVP_DigestSign.
13811374
// OpenSSL on the otherhand does not support using EVP_DigestSignUpdate for eddsa, which is why we end up with this
@@ -1475,8 +1468,8 @@ namespace jwt {
14751468
* \param name Name of the algorithm
14761469
*/
14771470
pss(string_view public_key, string_view private_key, const std::string& public_key_password,
1478-
const std::string& private_key_password, const EVP_MD* (*md)(), string_view name)
1479-
: md(md), alg_name(name) {
1471+
const std::string& private_key_password, const EVP_MD* (*md)(), std::string name)
1472+
: md(md), alg_name(std::move(name)) {
14801473
if (!private_key.empty()) {
14811474
pkey = helper::load_private_key_from_string(private_key, private_key_password);
14821475
} else if (!public_key.empty()) {
@@ -1494,39 +1487,35 @@ namespace jwt {
14941487
std::string sign(string_view data, std::error_code& ec) const {
14951488
ec.clear();
14961489
auto md_ctx = helper::make_evp_md_ctx();
1497-
std::string res;
14981490
if (!md_ctx) {
14991491
ec = error::signature_generation_error::create_context_failed;
1500-
return res;
1492+
return {};
15011493
}
15021494
EVP_PKEY_CTX* ctx = nullptr;
15031495
if (EVP_DigestSignInit(md_ctx.get(), &ctx, md(), nullptr, pkey.get()) != 1) {
15041496
ec = error::signature_generation_error::signinit_failed;
1505-
return res;
1497+
return {};
15061498
}
15071499
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PSS_PADDING) <= 0) {
15081500
ec = error::signature_generation_error::rsa_padding_failed;
1509-
return res;
1501+
return {};
15101502
}
15111503
// wolfSSL does not require EVP_PKEY_CTX_set_rsa_pss_saltlen. The default behavior
15121504
// sets the salt length to the hash length. Unlike OpenSSL which exposes this functionality.
15131505
#ifndef LIBWOLFSSL_VERSION_HEX
15141506
if (EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, -1) <= 0) {
15151507
ec = error::signature_generation_error::set_rsa_pss_saltlen_failed;
1516-
return res;
1508+
return {};
15171509
}
15181510
#endif
15191511
if (EVP_DigestUpdate(md_ctx.get(), data.data(), data.size()) != 1) {
15201512
ec = error::signature_generation_error::digestupdate_failed;
1521-
return res;
1513+
return {};
15221514
}
15231515

15241516
size_t size = EVP_PKEY_size(pkey.get());
1525-
res.assign(size, 0x00);
1526-
if (EVP_DigestSignFinal(
1527-
md_ctx.get(),
1528-
(unsigned char*)res.data(), // NOLINT(google-readability-casting) requires `const_cast`
1529-
&size) <= 0) {
1517+
std::string res(size, '\0');
1518+
if (EVP_DigestSignFinal(md_ctx.get(), reinterpret_cast<unsigned char*>(&res[0]), &size) <= 0) {
15301519
ec = error::signature_generation_error::signfinal_failed;
15311520
res.clear();
15321521
return res;

0 commit comments

Comments
 (0)