optionally sign public keys

auth.go

@@ -27,8 +27,10 @@ func AuthGetServerInfo(app *App) func(c echo.Context) error {
 	infoMap["SpecificationVersion"] = "2.13.34"
 	infoMap["ImplementationVersion"] = "0.1.0"
 	infoMap["ApplicationOwner"] = "TODO"
-	// TODO multiple public keys
+
+	if app.Config.SignPublicKeys {
 		infoMap["PublicKey"] = base64.StdEncoding.EncodeToString(publicKeyDer)
+	}
 
 	infoBlob, err := json.Marshal(infoMap)
 

config.go

@@ -65,6 +65,7 @@ type Config struct {
 	InstanceName               string
 	DataDirectory              string
 	ApplicationOwner           string
+	SignPublicKeys             bool
 	LogRequests                bool
 	HideListenAddress          bool
 	DefaultPreferredLanguage   string
@@ -87,6 +88,7 @@ func DefaultConfig() Config {
 		DataDirectory:            "/var/lib/drasl",
 		ApplicationOwner:         "Unmojang",
 		LogRequests:              true,
+		SignPublicKeys:           false,
 		DefaultPreferredLanguage: "en",
 		AllowHighResolutionSkins: false,
 		HideListenAddress: false,

front.go

@@ -29,8 +29,8 @@ Web front end for creating user accounts, changing passwords, skins, player name
 // Must be in a region of the skin that supports translucency
 const SKIN_WINDOW_X_MIN = 40
 const SKIN_WINDOW_X_MAX = 48
-const SKIN_WINDOW_Y_MIN = 8
+const SKIN_WINDOW_Y_MIN = 9
-const SKIN_WINDOW_Y_MAX = 10
+const SKIN_WINDOW_Y_MAX = 11
 
 // https://echo.labstack.com/guide/templates/
 // https://stackoverflow.com/questions/36617949/how-to-use-base-template-file-for-golang-html-template/69244593#69244593

services.go

@@ -260,6 +260,10 @@ func ServicesPlayerCertificates(app *App) func(c echo.Context) error {
 		}
 		expiresAtMilli := expiresAtTime.UnixMilli()
 
+		publicKeySignatureText := ""
+		publicKeySignatureV2Text := ""
+
+		if app.Config.SignPublicKeys {
 			// publicKeySignature, used in 1.19
 			// We don't just sign the public key itself---the signed data consists
 			// of expiresAt timestamp as a string, concatenated with the PEM(ish)
@@ -289,6 +293,7 @@ func ServicesPlayerCertificates(app *App) func(c echo.Context) error {
 			if err != nil {
 				return err
 			}
+			publicKeySignatureText = base64.StdEncoding.EncodeToString(publicKeySignature)
 
 			// publicKeySignatureV2, used in 1.19.1+
 			// Again, we don't just sign the public key, we need to
@@ -324,14 +329,16 @@ func ServicesPlayerCertificates(app *App) func(c echo.Context) error {
 			if err != nil {
 				return err
 			}
+			publicKeySignatureV2Text = base64.StdEncoding.EncodeToString(publicKeySignatureV2)
+		}
 
 		res := playerCertificatesResponse{
 			KeyPair: keyPair{
 				PrivateKey: string(keyPEM[:]),
 				PublicKey:  string(pubPEM[:]),
 			},
-			PublicKeySignature:   base64.StdEncoding.EncodeToString(publicKeySignature),
+			PublicKeySignature:   publicKeySignatureText,
-			PublicKeySignatureV2: base64.StdEncoding.EncodeToString(publicKeySignatureV2),
+			PublicKeySignatureV2: publicKeySignatureV2Text,
 			ExpiresAt:            expiresAt,
 			RefreshedAfter:       "2022-12-30T00:11:32.174783069Z",
 		}