ZeroTierOne/node/CertificateOfMembership.cpp

/*
 * Copyright (c)2019 ZeroTier, Inc.
 *
 * Use of this software is governed by the Business Source License included
 * in the LICENSE.TXT file in the project's root directory.
 *
 * Change Date: 2025-01-01
 *
 * On the date above, in accordance with the Business Source License, use
 * of this software will be governed by version 2.0 of the Apache License.
 */
/****/

#include "CertificateOfMembership.hpp"
#include "RuntimeEnvironment.hpp"
#include "Topology.hpp"
#include "Switch.hpp"
#include "Network.hpp"
#include "Node.hpp"

namespace ZeroTier {

CertificateOfMembership::CertificateOfMembership(uint64_t timestamp,uint64_t timestampMaxDelta,uint64_t nwid,const Identity &issuedTo)
{
	_qualifiers[0].id = COM_RESERVED_ID_TIMESTAMP;
	_qualifiers[0].value = timestamp;
	_qualifiers[0].maxDelta = timestampMaxDelta;
	_qualifiers[1].id = COM_RESERVED_ID_NETWORK_ID;
	_qualifiers[1].value = nwid;
	_qualifiers[1].maxDelta = 0;
	_qualifiers[2].id = COM_RESERVED_ID_ISSUED_TO;
	_qualifiers[2].value = issuedTo.address().toInt();
	_qualifiers[2].maxDelta = 0xffffffffffffffffULL;

	// Include hash of full identity public key in COM for hardening purposes. Pack it in
	// using the original COM format. Format may be revised in the future to make this cleaner.
	uint64_t idHash[4];
	issuedTo.keyFingerprint(idHash);
	for(unsigned long i=0;i<4;++i) {
		_qualifiers[i + 3].id = (uint64_t)(i + 3);
		_qualifiers[i + 3].value = Utils::ntoh(idHash[i]);
		_qualifiers[i + 3].maxDelta = 0xffffffffffffffffULL;
	}

	_qualifierCount = 7;
	memset(_signature.data,0,ZT_C25519_SIGNATURE_LEN);
}

bool CertificateOfMembership::agreesWith(const CertificateOfMembership &other, const Identity &otherIdentity) const
{
	if ((_qualifierCount == 0)||(other._qualifierCount == 0))
		return false;

	std::map< uint64_t, uint64_t > otherFields;
	for(unsigned int i=0;i<other._qualifierCount;++i)
		otherFields[other._qualifiers[i].id] = other._qualifiers[i].value;

	bool fullIdentityVerification = false;
	for(unsigned int i=0;i<_qualifierCount;++i) {
		const uint64_t qid = _qualifiers[i].id;
		if ((qid >= 3)&&(qid <= 6))
			fullIdentityVerification = true;
		std::map< uint64_t, uint64_t >::iterator otherQ(otherFields.find(qid));
		if (otherQ == otherFields.end())
			return false;
		const uint64_t a = _qualifiers[i].value;
		const uint64_t b = otherQ->second;
		if (((a >= b) ? (a - b) : (b - a)) > _qualifiers[i].maxDelta)
			return false;
	}

	// If this COM has a full hash of its identity, assume the other must have this as well.
	// Otherwise we are on a controller that does not incorporate these.
	if (fullIdentityVerification) {
		uint64_t idHash[6];
		otherIdentity.keyFingerprint(idHash);
		for(unsigned long i=0;i<4;++i) {
			std::map< uint64_t, uint64_t >::iterator otherQ(otherFields.find((uint64_t)(i + 3)));
			if (otherQ == otherFields.end())
				return false;
			if (otherQ->second != Utils::ntoh(idHash[i]))
				return false;
		}
	}

	return true;
}

bool CertificateOfMembership::sign(const Identity &with)
{
	uint64_t buf[ZT_NETWORK_COM_MAX_QUALIFIERS * 3];
	unsigned int ptr = 0;
	for(unsigned int i=0;i<_qualifierCount;++i) {
		buf[ptr++] = Utils::hton(_qualifiers[i].id);
		buf[ptr++] = Utils::hton(_qualifiers[i].value);
		buf[ptr++] = Utils::hton(_qualifiers[i].maxDelta);
	}

	try {
		_signature = with.sign(buf,ptr * sizeof(uint64_t));
		_signedBy = with.address();
		return true;
	} catch ( ... ) {
		_signedBy.zero();
		return false;
	}
}

int CertificateOfMembership::verify(const RuntimeEnvironment *RR,void *tPtr) const
{
	if ((!_signedBy)||(_signedBy != Network::controllerFor(networkId()))||(_qualifierCount > ZT_NETWORK_COM_MAX_QUALIFIERS))
		return -1;

	const Identity id(RR->topology->getIdentity(tPtr,_signedBy));
	if (!id) {
		RR->sw->requestWhois(tPtr,RR->node->now(),_signedBy);
		return 1;
	}

	uint64_t buf[ZT_NETWORK_COM_MAX_QUALIFIERS * 3];
	unsigned int ptr = 0;
	for(unsigned int i=0;i<_qualifierCount;++i) {
		buf[ptr++] = Utils::hton(_qualifiers[i].id);
		buf[ptr++] = Utils::hton(_qualifiers[i].value);
		buf[ptr++] = Utils::hton(_qualifiers[i].maxDelta);
	}
	return (id.verify(buf,ptr * sizeof(uint64_t),_signature) ? 0 : -1);
}

} // namespace ZeroTier
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`/*`
Relicense: GPLv3 -> ZeroTier BSL 1.1 2019-08-23 16:23:39 +00:00			`* Copyright (c)2019 ZeroTier, Inc.`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`*`
Relicense: GPLv3 -> ZeroTier BSL 1.1 2019-08-23 16:23:39 +00:00			`* Use of this software is governed by the Business Source License included`
			`* in the LICENSE.TXT file in the project's root directory.`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`*`
BSL date bump 2020-08-20 19:51:39 +00:00			`* Change Date: 2025-01-01`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`*`
Relicense: GPLv3 -> ZeroTier BSL 1.1 2019-08-23 16:23:39 +00:00			`* On the date above, in accordance with the Business Source License, use`
			`* of this software will be governed by version 2.0 of the Apache License.`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`*/`
Relicense: GPLv3 -> ZeroTier BSL 1.1 2019-08-23 16:23:39 +00:00			`/****/`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00
			`#include "CertificateOfMembership.hpp"`
More work on tags and capabilities. 2016-08-04 16:02:35 +00:00			`#include "RuntimeEnvironment.hpp"`
			`#include "Topology.hpp"`
			`#include "Switch.hpp"`
. 2016-08-04 17:39:28 +00:00			`#include "Network.hpp"`
Clean up WHOIS code. 2017-08-23 23:42:17 +00:00			`#include "Node.hpp"`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00
			`namespace ZeroTier {`

Remove ancient controller support. # Conflicts: # RELEASE-NOTES.md 2021-09-20 22:38:29 +00:00			`CertificateOfMembership::CertificateOfMembership(uint64_t timestamp,uint64_t timestampMaxDelta,uint64_t nwid,const Identity &issuedTo)`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`{`
Remove ancient controller support. # Conflicts: # RELEASE-NOTES.md 2021-09-20 22:38:29 +00:00			`_qualifiers[0].id = COM_RESERVED_ID_TIMESTAMP;`
			`_qualifiers[0].value = timestamp;`
			`_qualifiers[0].maxDelta = timestampMaxDelta;`
			`_qualifiers[1].id = COM_RESERVED_ID_NETWORK_ID;`
			`_qualifiers[1].value = nwid;`
			`_qualifiers[1].maxDelta = 0;`
			`_qualifiers[2].id = COM_RESERVED_ID_ISSUED_TO;`
			`_qualifiers[2].value = issuedTo.address().toInt();`
			`_qualifiers[2].maxDelta = 0xffffffffffffffffULL;`

			`// Include hash of full identity public key in COM for hardening purposes. Pack it in`
			`// using the original COM format. Format may be revised in the future to make this cleaner.`
Use a faster method of fingerprinting identities. 2021-09-21 00:02:39 +00:00			`uint64_t idHash[4];`
			`issuedTo.keyFingerprint(idHash);`
Remove ancient controller support. # Conflicts: # RELEASE-NOTES.md 2021-09-20 22:38:29 +00:00			`for(unsigned long i=0;i<4;++i) {`
			`_qualifiers[i + 3].id = (uint64_t)(i + 3);`
			`_qualifiers[i + 3].value = Utils::ntoh(idHash[i]);`
			`_qualifiers[i + 3].maxDelta = 0xffffffffffffffffULL;`
NetworkConfig refactor part 1 2016-04-12 19:11:34 +00:00			`}`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00
Remove ancient controller support. # Conflicts: # RELEASE-NOTES.md 2021-09-20 22:38:29 +00:00			`_qualifierCount = 7;`
Clean up some old stuff. 2018-01-27 01:00:37 +00:00			`memset(_signature.data,0,ZT_C25519_SIGNATURE_LEN);`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`}`

Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring. 2021-09-20 22:26:49 +00:00			`bool CertificateOfMembership::agreesWith(const CertificateOfMembership &other, const Identity &otherIdentity) const`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`{`
. 2016-08-04 17:18:33 +00:00			`if ((_qualifierCount == 0)\|\|(other._qualifierCount == 0))`
			`return false;`

Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring. 2021-09-20 22:26:49 +00:00			`std::map< uint64_t, uint64_t > otherFields;`
			`for(unsigned int i=0;i<other._qualifierCount;++i)`
			`otherFields[other._qualifiers[i].id] = other._qualifiers[i].value;`

			`bool fullIdentityVerification = false;`
			`for(unsigned int i=0;i<_qualifierCount;++i) {`
			`const uint64_t qid = _qualifiers[i].id;`
Remove ancient controller support. # Conflicts: # RELEASE-NOTES.md 2021-09-20 22:38:29 +00:00			`if ((qid >= 3)&&(qid <= 6))`
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring. 2021-09-20 22:26:49 +00:00			`fullIdentityVerification = true;`
Remove ancient controller support. # Conflicts: # RELEASE-NOTES.md 2021-09-20 22:38:29 +00:00			`std::map< uint64_t, uint64_t >::iterator otherQ(otherFields.find(qid));`
			`if (otherQ == otherFields.end())`
			`return false;`
			`const uint64_t a = _qualifiers[i].value;`
			`const uint64_t b = otherQ->second;`
			`if (((a >= b) ? (a - b) : (b - a)) > _qualifiers[i].maxDelta)`
			`return false;`
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring. 2021-09-20 22:26:49 +00:00			`}`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring. 2021-09-20 22:26:49 +00:00			`// If this COM has a full hash of its identity, assume the other must have this as well.`
			`// Otherwise we are on a controller that does not incorporate these.`
			`if (fullIdentityVerification) {`
			`uint64_t idHash[6];`
Use a faster method of fingerprinting identities. 2021-09-21 00:02:39 +00:00			`otherIdentity.keyFingerprint(idHash);`
Add a bit of hardening in the network certificate of membership by incorporating a full hash of the identity to which it is issued. This means the recipient need not depend entirely on the root verifying identities properly to make sure impersonation is not occurring. 2021-09-20 22:26:49 +00:00			`for(unsigned long i=0;i<4;++i) {`
			`std::map< uint64_t, uint64_t >::iterator otherQ(otherFields.find((uint64_t)(i + 3)));`
			`if (otherQ == otherFields.end())`
			`return false;`
			`if (otherQ->second != Utils::ntoh(idHash[i]))`
			`return false;`
			`}`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`}`

			`return true;`
			`}`

			`bool CertificateOfMembership::sign(const Identity &with)`
			`{`
More work on tags and capabilities. 2016-08-04 16:02:35 +00:00			`uint64_t buf[ZT_NETWORK_COM_MAX_QUALIFIERS * 3];`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`unsigned int ptr = 0;`
NetworkConfig refactor part 1 2016-04-12 19:11:34 +00:00			`for(unsigned int i=0;i<_qualifierCount;++i) {`
			`buf[ptr++] = Utils::hton(_qualifiers[i].id);`
			`buf[ptr++] = Utils::hton(_qualifiers[i].value);`
			`buf[ptr++] = Utils::hton(_qualifiers[i].maxDelta);`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`}`

			`try {`
			`_signature = with.sign(buf,ptr * sizeof(uint64_t));`
			`_signedBy = with.address();`
			`return true;`
			`} catch ( ... ) {`
			`_signedBy.zero();`
			`return false;`
			`}`
			`}`

Add thread PTR that gets passed through the entire ZT core call stack and then passed to handler functions resulting from a call. 2017-03-28 00:03:17 +00:00			`int CertificateOfMembership::verify(const RuntimeEnvironment RR,void tPtr) const`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`{`
. 2016-08-04 17:39:28 +00:00			`if ((!_signedBy)\|\|(_signedBy != Network::controllerFor(networkId()))\|\|(_qualifierCount > ZT_NETWORK_COM_MAX_QUALIFIERS))`
More work on tags and capabilities. 2016-08-04 16:02:35 +00:00			`return -1;`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00
Add thread PTR that gets passed through the entire ZT core call stack and then passed to handler functions resulting from a call. 2017-03-28 00:03:17 +00:00			`const Identity id(RR->topology->getIdentity(tPtr,_signedBy));`
More work on tags and capabilities. 2016-08-04 16:02:35 +00:00			`if (!id) {`
Clean up WHOIS code. 2017-08-23 23:42:17 +00:00			`RR->sw->requestWhois(tPtr,RR->node->now(),_signedBy);`
More work on tags and capabilities. 2016-08-04 16:02:35 +00:00			`return 1;`
			`}`

			`uint64_t buf[ZT_NETWORK_COM_MAX_QUALIFIERS * 3];`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`unsigned int ptr = 0;`
NetworkConfig refactor part 1 2016-04-12 19:11:34 +00:00			`for(unsigned int i=0;i<_qualifierCount;++i) {`
			`buf[ptr++] = Utils::hton(_qualifiers[i].id);`
			`buf[ptr++] = Utils::hton(_qualifiers[i].value);`
			`buf[ptr++] = Utils::hton(_qualifiers[i].maxDelta);`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`}`
More work on tags and capabilities. 2016-08-04 16:02:35 +00:00			`return (id.verify(buf,ptr * sizeof(uint64_t),_signature) ? 0 : -1);`
Break out certificate of membership into its own class. 2013-10-07 19:29:03 +00:00			`}`

			`} // namespace ZeroTier`