Bech32m encode HPKE PublicKey, OhttpKeys

Bech32m has a human-readable prefix, checksum, creates smaller
QR codes, and is already available in rust-bitcoin.

It's a much better encoding scheme than base64 for bip21 uri params.

Author: DanGould

Cargo.lock

@@ -18,6 +18,7 @@ danger-local-https = ["hyper-rustls", "rustls"]
 
 [dependencies]
 anyhow = "1.0.71"
+bech32 = "0.11.0"
 bitcoin = { version = "0.30.0", features = ["base64"] }
 bhttp = { version = "0.4.0", features = ["http"] }
 futures = "0.3.17"

payjoin-directory/Cargo.toml

@@ -3,7 +3,6 @@ use std::sync::Arc;
 use std::time::Duration;
 
 use anyhow::Result;
-use bitcoin::{self, base64};
 use hyper::header::{HeaderValue, ACCESS_CONTROL_ALLOW_ORIGIN, CONTENT_TYPE};
 use hyper::server::conn::AddrIncoming;
 use hyper::server::Builder;
@@ -101,12 +100,11 @@ fn init_ohttp() -> Result<ohttp::Server> {
 
     // create or read from file
     let server_config = ohttp::KeyConfig::new(KEY_ID, KEM, Vec::from(SYMMETRIC))?;
-    let encoded_config = server_config.encode()?;
-    let b64_config = base64::encode_config(
-        encoded_config,
-        base64::Config::new(base64::CharacterSet::UrlSafe, false),
-    );
-    info!("ohttp-keys server config base64 UrlSafe: {:?}", b64_config);
+    let encoded_config = bech32::encode::<bech32::Bech32m>(
+        bech32::Hrp::parse("oh").unwrap(),
+        &server_config.encode()?,
+    )?;
+    info!("ohttp-keys server config encoded: {:?}", encoded_config);
     Ok(ohttp::Server::new(server_config)?)
 }
 
@@ -242,13 +240,12 @@ impl From<hyper::http::Error> for HandlerError {
 }
 
 async fn post_enroll(body: Body) -> Result<Response<Body>, HandlerError> {
-    let b64_config = base64::Config::new(base64::CharacterSet::UrlSafe, false);
     let bytes =
         hyper::body::to_bytes(body).await.map_err(|e| HandlerError::BadRequest(e.into()))?;
-    let base64_id =
+    let encoded_pubkey =
         String::from_utf8(bytes.to_vec()).map_err(|e| HandlerError::BadRequest(e.into()))?;
-    let pubkey_bytes: Vec<u8> = base64::decode_config(base64_id, b64_config)
-        .map_err(|e| HandlerError::BadRequest(e.into()))?;
+    let (_hrp, pubkey_bytes) =
+        bech32::decode(&encoded_pubkey).map_err(|e| HandlerError::BadRequest(e.into()))?;
     let pubkey = bitcoin::secp256k1::PublicKey::from_slice(&pubkey_bytes)
         .map_err(|e| HandlerError::BadRequest(e.into()))?;
     tracing::info!("Enrolled valid pubkey: {:?}", pubkey);

payjoin-directory/src/lib.rs

@@ -18,9 +18,10 @@ exclude = ["tests"]
 send = []
 receive = ["rand"]
 base64 = ["bitcoin/base64"]
-v2 = ["bitcoin/rand-std", "bitcoin/serde", "chacha20poly1305", "ohttp", "bhttp", "serde"]
+v2 = ["bech32", "bitcoin/rand-std", "bitcoin/serde", "chacha20poly1305", "ohttp", "bhttp", "serde"]
 
 [dependencies]
+bech32 = { version = "0.11.0", optional = true }
 bitcoin = { version = "0.30.0", features = ["base64"] }
 bip21 = "0.3.1"
 chacha20poly1305 = { version = "0.10.1", optional = true }

payjoin/Cargo.toml

@@ -9,6 +9,7 @@ use url::Url;
 use super::{Error, InternalRequestError, RequestError, SelectionError};
 use crate::psbt::PsbtExt;
 use crate::receive::optional_parameters::Params;
+use crate::v2::encode_bech32_pubkey;
 use crate::OhttpKeys;
 
 /// Represents data that needs to be transmitted to the payjoin directory.
@@ -90,9 +91,7 @@ impl Enroller {
 }
 
 fn subdir_path_from_pubkey(pubkey: &bitcoin::secp256k1::PublicKey) -> String {
-    let pubkey = pubkey.serialize();
-    let b64_config = base64::Config::new(base64::CharacterSet::UrlSafe, false);
-    base64::encode_config(pubkey, b64_config)
+    encode_bech32_pubkey(&pubkey)
 }
 
 #[derive(Debug, Clone, PartialEq, Eq)]
@@ -261,10 +260,8 @@ impl Enrolled {
     }
 
     pub fn fallback_target(&self) -> String {
-        let pubkey = &self.s.public_key().serialize();
-        let b64_config = base64::Config::new(base64::CharacterSet::UrlSafe, false);
-        let pubkey_base64 = base64::encode_config(pubkey, b64_config);
-        format!("{}{}", &self.directory, pubkey_base64)
+        let subdirectory = encode_bech32_pubkey(&self.s.public_key());
+        format!("{}{}", &self.directory, subdirectory)
     }
 }
 

payjoin/src/receive/v2.rs

@@ -187,7 +187,7 @@ pub(crate) enum InternalCreateRequestError {
     #[cfg(feature = "v2")]
     OhttpEncapsulation(crate::v2::OhttpEncapsulationError),
     #[cfg(feature = "v2")]
-    SubdirectoryNotBase64(bitcoin::base64::DecodeError),
+    PubkeyEncoding,
     #[cfg(feature = "v2")]
     SubdirectoryInvalidPubkey(bitcoin::secp256k1::Error),
     #[cfg(feature = "v2")]
@@ -219,7 +219,7 @@ impl fmt::Display for CreateRequestError {
             #[cfg(feature = "v2")]
             OhttpEncapsulation(e) => write!(f, "v2 error: {}", e),
             #[cfg(feature = "v2")]
-            SubdirectoryNotBase64(e) => write!(f, "subdirectory is not valid base64 error: {}", e),
+            PubkeyEncoding => write!(f, "Bad public key encoding"),
             #[cfg(feature = "v2")]
             SubdirectoryInvalidPubkey(e) => write!(f, "subdirectory does not represent a valid pubkey: {}", e),
             #[cfg(feature = "v2")]
@@ -253,7 +253,7 @@ impl std::error::Error for CreateRequestError {
             #[cfg(feature = "v2")]
             OhttpEncapsulation(error) => Some(error),
             #[cfg(feature = "v2")]
-            SubdirectoryNotBase64(error) => Some(error),
+            PubkeyEncoding => None,
             #[cfg(feature = "v2")]
             SubdirectoryInvalidPubkey(error) => Some(error),
             #[cfg(feature = "v2")]

payjoin/src/send/error.rs

@@ -380,11 +380,10 @@ impl RequestContext {
             subdirectory = path_and_query;
         }
 
-        let b64_config =
-            bitcoin::base64::Config::new(bitcoin::base64::CharacterSet::UrlSafe, false);
-        let pubkey_bytes = bitcoin::base64::decode_config(subdirectory, b64_config)
-            .map_err(InternalCreateRequestError::SubdirectoryNotBase64)?;
-        Ok(bitcoin::secp256k1::PublicKey::from_slice(&pubkey_bytes)
+        let rs = crate::v2::decode_bech32_pubkey(&subdirectory)
+            .map_err(|_| InternalCreateRequestError::PubkeyEncoding)?;
+        log::debug!("rs: {:?}", rs.len());
+        Ok(bitcoin::secp256k1::PublicKey::from_slice(&rs)
             .map_err(InternalCreateRequestError::SubdirectoryInvalidPubkey)?)
     }
 }
@@ -398,12 +397,8 @@ impl Serialize for RequestContext {
         let mut state = serializer.serialize_struct("RequestContext", 8)?;
         state.serialize_field("psbt", &self.psbt.to_string())?;
         state.serialize_field("endpoint", &self.endpoint.as_str())?;
-        let ohttp_string = self.ohttp_keys.as_ref().map_or(Ok("".to_string()), |config| {
-            config
-                .encode()
-                .map_err(|e| serde::ser::Error::custom(format!("ohttp-keys encoding error: {}", e)))
-                .map(bitcoin::base64::encode)
-        })?;
+        let ohttp_string =
+            self.ohttp_keys.as_ref().map_or_else(|| "".to_string(), |keys| keys.to_string());
         state.serialize_field("ohttp_keys", &ohttp_string)?;
         state.serialize_field("disable_output_substitution", &self.disable_output_substitution)?;
         state.serialize_field(
@@ -474,17 +469,13 @@ impl<'de> Deserialize<'de> for RequestContext {
                                     .map_err(de::Error::custom)?,
                             ),
                         "ohttp_keys" => {
-                            let ohttp_base64: String = map.next_value()?;
-                            ohttp_keys = if ohttp_base64.is_empty() {
+                            let ohttp_encoded: String = map.next_value()?;
+                            ohttp_keys = if ohttp_encoded.is_empty() {
                                 None
                             } else {
                                 Some(
-                                    crate::v2::OhttpKeys::decode(
-                                        bitcoin::base64::decode(&ohttp_base64)
-                                            .map_err(de::Error::custom)?
-                                            .as_slice(),
-                                    )
-                                    .map_err(de::Error::custom)?,
+                                    crate::v2::OhttpKeys::from_str(&ohttp_encoded)
+                                        .map_err(de::Error::custom)?,
                                 )
                             };
                         }

payjoin/src/send/mod.rs

@@ -1,10 +1,14 @@
 use std::borrow::Cow;
 use std::convert::TryFrom;
+#[cfg(feature = "v2")]
+use std::str::FromStr;
 
 use bitcoin::address::{Error, NetworkChecked, NetworkUnchecked};
 use bitcoin::{Address, Amount, Network};
 use url::Url;
 
+#[cfg(feature = "v2")]
+use crate::v2::DecodeOhttpKeysError;
 #[cfg(feature = "v2")]
 use crate::OhttpKeys;
 
@@ -238,13 +242,10 @@ impl<'a> bip21::SerializeParams for &'a PayjoinExtras {
             ("pjos", if self.disable_output_substitution { "1" } else { "0" }.to_string()),
         ];
         #[cfg(feature = "v2")]
-        if let Some(ohttp_keys) = self.ohttp_keys.clone().and_then(|c| c.encode().ok()) {
-            let config =
-                bitcoin::base64::Config::new(bitcoin::base64::CharacterSet::UrlSafe, false);
-            let base64_ohttp_keys = bitcoin::base64::encode_config(ohttp_keys, config);
-            params.push(("ohttp", base64_ohttp_keys));
+        if let Some(ohttp) = self.ohttp_keys.clone().map(|ohttp_keys| ohttp_keys.to_string()) {
+            params.push(("ohttp", ohttp));
         } else {
-            log::warn!("Failed to encode ohttp config, ignoring");
+            log::warn!("No ohttp keys found, ignoring");
         }
         params.into_iter()
     }
@@ -266,13 +267,10 @@ impl<'a> bip21::de::DeserializationState<'a> for DeserializationState {
         match key {
             #[cfg(feature = "v2")]
             "ohttp" if self.ohttp.is_none() => {
-                let base64_config = Cow::try_from(value).map_err(InternalPjParseError::NotUtf8)?;
-                let config_bytes =
-                    bitcoin::base64::decode_config(&*base64_config, bitcoin::base64::URL_SAFE)
-                        .map_err(InternalPjParseError::NotBase64)?;
-                let config = OhttpKeys::decode(&config_bytes)
+                let ohttp_encoded = Cow::try_from(value).map_err(InternalPjParseError::NotUtf8)?;
+                let ohttp_keys = OhttpKeys::from_str(&ohttp_encoded)
                     .map_err(InternalPjParseError::DecodeOhttpKeys)?;
-                self.ohttp = Some(config);
+                self.ohttp = Some(ohttp_keys);
                 Ok(bip21::de::ParamKind::Known)
             }
             #[cfg(feature = "v2")]
@@ -332,8 +330,6 @@ impl std::fmt::Display for PjParseError {
             }
             InternalPjParseError::MissingEndpoint => write!(f, "Missing payjoin endpoint"),
             InternalPjParseError::NotUtf8(_) => write!(f, "Endpoint is not valid UTF-8"),
-            #[cfg(feature = "v2")]
-            InternalPjParseError::NotBase64(_) => write!(f, "ohttp config is not valid base64"),
             InternalPjParseError::BadEndpoint(_) => write!(f, "Endpoint is not valid"),
             #[cfg(feature = "v2")]
             InternalPjParseError::DecodeOhttpKeys(_) => write!(f, "ohttp config is not valid"),
@@ -350,11 +346,9 @@ enum InternalPjParseError {
     MultipleParams(&'static str),
     MissingEndpoint,
     NotUtf8(core::str::Utf8Error),
-    #[cfg(feature = "v2")]
-    NotBase64(bitcoin::base64::DecodeError),
     BadEndpoint(url::ParseError),
     #[cfg(feature = "v2")]
-    DecodeOhttpKeys(ohttp::Error),
+    DecodeOhttpKeys(DecodeOhttpKeysError),
     UnsecureEndpoint,
 }