aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authordec05eba <dec05eba@protonmail.com>2018-02-14 22:18:48 +0100
committerdec05eba <dec05eba@protonmail.com>2020-08-18 23:25:12 +0200
commit40d94ad83f74753b71f33b58be8664bb21200219 (patch)
tree7ebe59b3e9a8872cf4c3c49f14f564827810a1e3 /src
parent7d9b97b437252df8a481816d50b0fa8587fa69c9 (diff)
Sign messages/verify message signatures
Diffstat (limited to 'src')
-rw-r--r--src/Database.cpp39
-rw-r--r--src/Signature.cpp19
2 files changed, 41 insertions, 17 deletions
diff --git a/src/Database.cpp b/src/Database.cpp
index e3b9f3d..90e83c1 100644
--- a/src/Database.cpp
+++ b/src/Database.cpp
@@ -85,18 +85,21 @@ namespace odhtdb
node.listen(ADD_DATA_HASH, bind(&Database::listenAddData, this, _1));
}
- void Database::create(const Key &key, Group *primaryAdminGroup)
+ void Database::create(LocalUser *owner, const Key &key)
{
+ Group *primaryAdminGroup = new Group("admin");
+ primaryAdminGroup->addUser(owner);
// TODO: Append fractions to get real microseconds time
u64 timeMicroseconds = ((u64)getSyncedTimestampUtc().seconds) * 1000000ull;
stagedCreateObjects.emplace_back(StagedCreateObject(key, primaryAdminGroup, timeMicroseconds));
}
- void Database::add(const Key &key, DataView data, LocalUser *creator)
+ void Database::add(LocalUser *owner, const Key &key, DataView data)
{
+ unique_ptr<string> signedData = make_unique<string>(owner->getPrivateKey().sign(data));
// TODO: Append fractions to get real microseconds time
u64 timeMicroseconds = ((u64)getSyncedTimestampUtc().seconds) * 1000000ull;
- stagedAddObjects.emplace_back(StagedAddObject(key, data, timeMicroseconds, creator->getPublicKey()));
+ stagedAddObjects.emplace_back(StagedAddObject(key, move(signedData), timeMicroseconds, owner->getPublicKey()));
}
void Database::commit()
@@ -108,6 +111,7 @@ namespace odhtdb
for(StagedCreateObject &stagedObject : stagedCreateObjects)
{
commitStagedCreateObject(stagedObject);
+ delete stagedObject.primaryAdminGroup;
}
stagedCreateObjects.clear();
@@ -177,9 +181,9 @@ namespace odhtdb
serializer.add(stagedObject.key.hashedKey.data(), OPENDHT_INFOHASH_LEN);
serializer.add(stagedObject.timestamp);
serializer.add((u8*)stagedObject.creatorPublicKey.getData(), PUBLIC_KEY_NUM_BYTES);
- assert(stagedObject.data.size < 0xFFFF - 120);
- serializer.add((u16)stagedObject.data.size);
- serializer.add((u8*)stagedObject.data.data, stagedObject.data.size);
+ assert(stagedObject.data->size() < 0xFFFF - 120);
+ serializer.add((u16)stagedObject.data->size());
+ serializer.add((u8*)stagedObject.data->data(), stagedObject.data->size());
// TODO: Verify if serializer buffer needs to survive longer than this scope
Value addDataValue(serializer.getBuffer().data(), serializer.getBuffer().size());
@@ -262,11 +266,15 @@ namespace odhtdb
Signature::PublicKey creatorPublicKey(creatorPublicKeyRaw, PUBLIC_KEY_NUM_BYTES);
u16 dataSize = deserializer.extract<u16>();
- char *data = (char*)malloc(dataSize);
- if(!data)
- throw sibs::DeserializeException("Failed to allocate memory for add request");
- result.data.data = data;
- result.data.size = dataSize;
+ if(dataSize < SIGNED_HASH_SIZE)
+ throw sibs::DeserializeException("Signed data is too small");
+
+ string signedData;
+ signedData.resize(dataSize);
+ deserializer.extract((u8*)&signedData[0], dataSize);
+ result.data = make_unique<string>();
+ result.data->resize(dataSize);
+ result.data = make_unique<string>(creatorPublicKey.unsign(DataView((void*)signedData.data(), signedData.size())));
return result;
}
@@ -279,7 +287,6 @@ namespace odhtdb
// TODO: Verify createObject timestamp is not in the future
StagedCreateObject createObject = deserializeCreateRequest(value);
databaseStorage.createStorage(createObject.key, { createObject.primaryAdminGroup }, createObject.timestamp);
- //delete createObject.primaryAdminGroup;
}
catch (sibs::DeserializeException &e)
{
@@ -299,8 +306,8 @@ namespace odhtdb
{
// TODO: Verify createObject timestamp is not in the future
StagedAddObject addObject = deserializeAddRequest(value);
- databaseStorage.appendStorage(addObject.key, addObject.data, addObject.timestamp, addObject.creatorPublicKey);
- //free(addObject.data.data);
+ DataView data((void*)addObject.data->data(), addObject.data->size());
+ databaseStorage.appendStorage(addObject.key, data, addObject.timestamp, addObject.creatorPublicKey);
}
catch (sibs::DeserializeException &e)
{
@@ -310,6 +317,10 @@ namespace odhtdb
{
fprintf(stderr, "Warning: Failed to deserialize 'add' request: %s\n", e.what());
}
+ catch (UnsignException &e)
+ {
+ fprintf(stderr, "Warning: Failed to deserialize 'add' request: %s\n", e.what());
+ }
return true;
}
}
diff --git a/src/Signature.cpp b/src/Signature.cpp
index 946d754..8d3654d 100644
--- a/src/Signature.cpp
+++ b/src/Signature.cpp
@@ -35,6 +35,19 @@ namespace odhtdb
return *this;
}
+ string PublicKey::unsign(const DataView &signedMessage) const
+ {
+ if(signedMessage.size < SIGNED_HASH_SIZE)
+ throw UnsignInvalidSizeException("Signed message is too small (corrupt or malicious signed message)");
+
+ string result;
+ result.resize(signedMessage.size - SIGNED_HASH_SIZE);
+ if(crypto_sign_ed25519_open((unsigned char*)&result[0], nullptr, (const unsigned char*)signedMessage.data, signedMessage.size, (unsigned char*)data) != 0)
+ throw UnsignWrongKeyException("Message was not signed with matching private key");
+
+ return result;
+ }
+
string PublicKey::toString() const
{
string result;
@@ -67,13 +80,13 @@ namespace odhtdb
return *this;
}
- string PrivateKey::sign(const string &dataToSign) const
+ string PrivateKey::sign(const DataView &dataToSign) const
{
string result;
- result.resize(crypto_sign_ed25519_BYTES + dataToSign.size());
+ result.resize(crypto_sign_ed25519_BYTES + dataToSign.size);
unsigned long long resultSize;
- if(crypto_sign_ed25519((unsigned char*)&result[0], &resultSize, (unsigned char*)dataToSign.data(), dataToSign.size(), (unsigned char*)data) != 0)
+ if(crypto_sign_ed25519((unsigned char*)&result[0], &resultSize, (unsigned char*)dataToSign.data, dataToSign.size, (unsigned char*)data) != 0)
throw DataSignException("Failed to sign data. Is private key invalid?");
if(resultSize != result.size())