mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2024-12-20 05:28:01 +00:00
Rename ECC key and signature size defines to be generic.
This commit is contained in:
Adam Ierymenko
parent
b2d71f900a
commit
7647c8e8d1
3
.clangd
3
.clangd
@ -4,3 +4,6 @@ CompileFlags:
|
||||
- "-I../ext"
|
||||
- "-I../ext/prometheus-cpp-lite-1.0/core/include"
|
||||
- "-I../ext/prometheus-cpp-lite-1.0/simpleapi/include"
|
||||
- "-I./ext"
|
||||
- "-I./ext/prometheus-cpp-lite-1.0/core/include"
|
||||
- "-I./ext/prometheus-cpp-lite-1.0/simpleapi/include"
|
||||
|
||||
@ -18,9 +18,9 @@
|
||||
|
||||
namespace ZeroTier {
|
||||
|
||||
#define ZT_C25519_PUBLIC_KEY_LEN 64
|
||||
#define ZT_C25519_PRIVATE_KEY_LEN 64
|
||||
#define ZT_C25519_SIGNATURE_LEN 96
|
||||
#define ZT_ECC_PUBLIC_KEY_SET_LEN 64
|
||||
#define ZT_ECC_PRIVATE_KEY_SET_LEN 64
|
||||
#define ZT_ECC_SIGNATURE_LEN 96
|
||||
|
||||
/**
|
||||
* A combined Curve25519 ECDH and Ed25519 signature engine
|
||||
@ -28,9 +28,9 @@ namespace ZeroTier {
|
||||
class C25519
|
||||
{
|
||||
public:
|
||||
struct Public { uint8_t data[ZT_C25519_PUBLIC_KEY_LEN]; };
|
||||
struct Private { uint8_t data[ZT_C25519_PRIVATE_KEY_LEN]; };
|
||||
struct Signature { uint8_t data[ZT_C25519_SIGNATURE_LEN]; };
|
||||
struct Public { uint8_t data[ZT_ECC_PUBLIC_KEY_SET_LEN]; };
|
||||
struct Private { uint8_t data[ZT_ECC_PRIVATE_KEY_SET_LEN]; };
|
||||
struct Signature { uint8_t data[ZT_ECC_SIGNATURE_LEN]; };
|
||||
struct Pair { Public pub; Private priv; };
|
||||
|
||||
/**
|
||||
@ -39,7 +39,7 @@ public:
|
||||
static inline Pair generate()
|
||||
{
|
||||
Pair kp;
|
||||
Utils::getSecureRandom(kp.priv.data,ZT_C25519_PRIVATE_KEY_LEN);
|
||||
Utils::getSecureRandom(kp.priv.data,ZT_ECC_PRIVATE_KEY_SET_LEN);
|
||||
_calcPubDH(kp);
|
||||
_calcPubED(kp);
|
||||
return kp;
|
||||
@ -63,7 +63,7 @@ public:
|
||||
{
|
||||
Pair kp;
|
||||
void *const priv = (void *)kp.priv.data;
|
||||
Utils::getSecureRandom(priv,ZT_C25519_PRIVATE_KEY_LEN);
|
||||
Utils::getSecureRandom(priv,ZT_ECC_PRIVATE_KEY_SET_LEN);
|
||||
_calcPubED(kp); // do Ed25519 key -- bytes 32-63 of pub and priv
|
||||
do {
|
||||
++(((uint64_t *)priv)[1]);
|
||||
|
||||
@ -402,8 +402,8 @@ public:
|
||||
_custody[i].to.appendTo(b);
|
||||
_custody[i].from.appendTo(b);
|
||||
b.append((uint8_t)1); // 1 == Ed25519 signature
|
||||
b.append((uint16_t)ZT_C25519_SIGNATURE_LEN); // length of signature
|
||||
b.append(_custody[i].signature.data,ZT_C25519_SIGNATURE_LEN);
|
||||
b.append((uint16_t)ZT_ECC_SIGNATURE_LEN); // length of signature
|
||||
b.append(_custody[i].signature.data,ZT_ECC_SIGNATURE_LEN);
|
||||
} else {
|
||||
b.append((unsigned char)0,ZT_ADDRESS_LENGTH); // zero 'to' terminates chain
|
||||
break;
|
||||
@ -458,12 +458,12 @@ public:
|
||||
_custody[i].from.setTo(b.field(p,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH);
|
||||
p += ZT_ADDRESS_LENGTH;
|
||||
if (b[p++] == 1) {
|
||||
if (b.template at<uint16_t>(p) != ZT_C25519_SIGNATURE_LEN) {
|
||||
if (b.template at<uint16_t>(p) != ZT_ECC_SIGNATURE_LEN) {
|
||||
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_INVALID_CRYPTOGRAPHIC_TOKEN;
|
||||
}
|
||||
p += 2;
|
||||
memcpy(_custody[i].signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN);
|
||||
p += ZT_C25519_SIGNATURE_LEN;
|
||||
memcpy(_custody[i].signature.data,b.field(p,ZT_ECC_SIGNATURE_LEN),ZT_ECC_SIGNATURE_LEN);
|
||||
p += ZT_ECC_SIGNATURE_LEN;
|
||||
} else {
|
||||
p += 2 + b.template at<uint16_t>(p);
|
||||
}
|
||||
|
||||
@ -12,6 +12,7 @@
|
||||
/****/
|
||||
|
||||
#include "CertificateOfMembership.hpp"
|
||||
#include "C25519.hpp"
|
||||
#include "RuntimeEnvironment.hpp"
|
||||
#include "Topology.hpp"
|
||||
#include "Switch.hpp"
|
||||
@ -43,7 +44,7 @@ CertificateOfMembership::CertificateOfMembership(uint64_t timestamp,uint64_t tim
|
||||
}
|
||||
|
||||
_qualifierCount = 7;
|
||||
memset(_signature.data,0,ZT_C25519_SIGNATURE_LEN);
|
||||
memset(_signature.data,0,ZT_ECC_SIGNATURE_LEN);
|
||||
}
|
||||
|
||||
bool CertificateOfMembership::agreesWith(const CertificateOfMembership &other, const Identity &otherIdentity) const
|
||||
|
||||
@ -230,7 +230,7 @@ public:
|
||||
}
|
||||
_signedBy.appendTo(b);
|
||||
if (_signedBy) {
|
||||
b.append(_signature.data,ZT_C25519_SIGNATURE_LEN);
|
||||
b.append(_signature.data,ZT_ECC_SIGNATURE_LEN);
|
||||
}
|
||||
}
|
||||
|
||||
@ -271,8 +271,8 @@ public:
|
||||
p += ZT_ADDRESS_LENGTH;
|
||||
|
||||
if (_signedBy) {
|
||||
memcpy(_signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN);
|
||||
p += ZT_C25519_SIGNATURE_LEN;
|
||||
memcpy(_signature.data,b.field(p,ZT_ECC_SIGNATURE_LEN),ZT_ECC_SIGNATURE_LEN);
|
||||
p += ZT_ECC_SIGNATURE_LEN;
|
||||
}
|
||||
|
||||
return (p - startAt);
|
||||
@ -293,7 +293,7 @@ public:
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return (memcmp(_signature.data,c._signature.data,ZT_C25519_SIGNATURE_LEN) == 0);
|
||||
return (memcmp(_signature.data,c._signature.data,ZT_ECC_SIGNATURE_LEN) == 0);
|
||||
}
|
||||
inline bool operator!=(const CertificateOfMembership &c) const { return (!(*this == c)); }
|
||||
|
||||
|
||||
@ -166,8 +166,8 @@ public:
|
||||
_signedBy.appendTo(b);
|
||||
if (!forSign) {
|
||||
b.append((uint8_t)1); // 1 == Ed25519
|
||||
b.append((uint16_t)ZT_C25519_SIGNATURE_LEN); // length of signature
|
||||
b.append(_signature.data,ZT_C25519_SIGNATURE_LEN);
|
||||
b.append((uint16_t)ZT_ECC_SIGNATURE_LEN); // length of signature
|
||||
b.append(_signature.data,ZT_ECC_SIGNATURE_LEN);
|
||||
}
|
||||
|
||||
b.append((uint16_t)0); // length of additional fields, currently 0
|
||||
@ -207,12 +207,12 @@ public:
|
||||
_signedBy.setTo(b.field(p,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH);
|
||||
p += ZT_ADDRESS_LENGTH;
|
||||
if (b[p++] == 1) {
|
||||
if (b.template at<uint16_t>(p) != ZT_C25519_SIGNATURE_LEN) {
|
||||
if (b.template at<uint16_t>(p) != ZT_ECC_SIGNATURE_LEN) {
|
||||
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_INVALID_CRYPTOGRAPHIC_TOKEN;
|
||||
}
|
||||
p += 2;
|
||||
memcpy(_signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN);
|
||||
p += ZT_C25519_SIGNATURE_LEN;
|
||||
memcpy(_signature.data,b.field(p,ZT_ECC_SIGNATURE_LEN),ZT_ECC_SIGNATURE_LEN);
|
||||
p += ZT_ECC_SIGNATURE_LEN;
|
||||
} else {
|
||||
p += 2 + b.template at<uint16_t>(p);
|
||||
}
|
||||
|
||||
@ -16,6 +16,7 @@
|
||||
#include <string.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#include "C25519.hpp"
|
||||
#include "Constants.hpp"
|
||||
#include "Identity.hpp"
|
||||
#include "SHA512.hpp"
|
||||
@ -74,7 +75,7 @@ struct _Identity_generate_cond
|
||||
_Identity_generate_cond(unsigned char *sb,char *gm) : digest(sb),genmem(gm) {}
|
||||
inline bool operator()(const C25519::Pair &kp) const
|
||||
{
|
||||
_computeMemoryHardHash(kp.pub.data,ZT_C25519_PUBLIC_KEY_LEN,digest,genmem);
|
||||
_computeMemoryHardHash(kp.pub.data,ZT_ECC_PUBLIC_KEY_SET_LEN,digest,genmem);
|
||||
return (digest[0] < ZT_IDENTITY_GEN_HASHCASH_FIRST_BYTE_LESS_THAN);
|
||||
}
|
||||
unsigned char *digest;
|
||||
@ -109,7 +110,7 @@ bool Identity::locallyValidate() const
|
||||
|
||||
unsigned char digest[64];
|
||||
char *genmem = new char[ZT_IDENTITY_GEN_MEMORY];
|
||||
_computeMemoryHardHash(_publicKey.data,ZT_C25519_PUBLIC_KEY_LEN,digest,genmem);
|
||||
_computeMemoryHardHash(_publicKey.data,ZT_ECC_PUBLIC_KEY_SET_LEN,digest,genmem);
|
||||
delete [] genmem;
|
||||
|
||||
unsigned char addrb[5];
|
||||
@ -132,12 +133,12 @@ char *Identity::toString(bool includePrivate,char buf[ZT_IDENTITY_STRING_BUFFER_
|
||||
*(p++) = ':';
|
||||
*(p++) = '0';
|
||||
*(p++) = ':';
|
||||
Utils::hex(_publicKey.data,ZT_C25519_PUBLIC_KEY_LEN,p);
|
||||
p += ZT_C25519_PUBLIC_KEY_LEN * 2;
|
||||
Utils::hex(_publicKey.data,ZT_ECC_PUBLIC_KEY_SET_LEN,p);
|
||||
p += ZT_ECC_PUBLIC_KEY_SET_LEN * 2;
|
||||
if ((_privateKey)&&(includePrivate)) {
|
||||
*(p++) = ':';
|
||||
Utils::hex(_privateKey->data,ZT_C25519_PRIVATE_KEY_LEN,p);
|
||||
p += ZT_C25519_PRIVATE_KEY_LEN * 2;
|
||||
Utils::hex(_privateKey->data,ZT_ECC_PRIVATE_KEY_SET_LEN,p);
|
||||
p += ZT_ECC_PRIVATE_KEY_SET_LEN * 2;
|
||||
}
|
||||
*p = (char)0;
|
||||
return buf;
|
||||
@ -176,14 +177,14 @@ bool Identity::fromString(const char *str)
|
||||
}
|
||||
break;
|
||||
case 2:
|
||||
if (Utils::unhex(f,_publicKey.data,ZT_C25519_PUBLIC_KEY_LEN) != ZT_C25519_PUBLIC_KEY_LEN) {
|
||||
if (Utils::unhex(f,_publicKey.data,ZT_ECC_PUBLIC_KEY_SET_LEN) != ZT_ECC_PUBLIC_KEY_SET_LEN) {
|
||||
_address.zero();
|
||||
return false;
|
||||
}
|
||||
break;
|
||||
case 3:
|
||||
_privateKey = new C25519::Private();
|
||||
if (Utils::unhex(f,_privateKey->data,ZT_C25519_PRIVATE_KEY_LEN) != ZT_C25519_PRIVATE_KEY_LEN) {
|
||||
if (Utils::unhex(f,_privateKey->data,ZT_ECC_PRIVATE_KEY_SET_LEN) != ZT_ECC_PRIVATE_KEY_SET_LEN) {
|
||||
_address.zero();
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -113,14 +113,14 @@ public:
|
||||
|
||||
/**
|
||||
* Compute a SHA384 hash of this identity's address and public key(s).
|
||||
*
|
||||
*
|
||||
* @param sha384buf Buffer with 48 bytes of space to receive hash
|
||||
*/
|
||||
inline void publicKeyHash(void *sha384buf) const
|
||||
{
|
||||
uint8_t address[ZT_ADDRESS_LENGTH];
|
||||
_address.copyTo(address, ZT_ADDRESS_LENGTH);
|
||||
SHA384(sha384buf, address, ZT_ADDRESS_LENGTH, _publicKey.data, ZT_C25519_PUBLIC_KEY_LEN);
|
||||
SHA384(sha384buf, address, ZT_ADDRESS_LENGTH, _publicKey.data, ZT_ECC_PUBLIC_KEY_SET_LEN);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -132,7 +132,7 @@ public:
|
||||
inline bool sha512PrivateKey(void *sha) const
|
||||
{
|
||||
if (_privateKey) {
|
||||
SHA512(sha,_privateKey->data,ZT_C25519_PRIVATE_KEY_LEN);
|
||||
SHA512(sha,_privateKey->data,ZT_ECC_PRIVATE_KEY_SET_LEN);
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
@ -163,7 +163,7 @@ public:
|
||||
*/
|
||||
inline bool verify(const void *data,unsigned int len,const void *signature,unsigned int siglen) const
|
||||
{
|
||||
if (siglen != ZT_C25519_SIGNATURE_LEN) {
|
||||
if (siglen != ZT_ECC_SIGNATURE_LEN) {
|
||||
return false;
|
||||
}
|
||||
return C25519::verify(_publicKey,data,len,signature);
|
||||
@ -217,10 +217,10 @@ public:
|
||||
{
|
||||
_address.appendTo(b);
|
||||
b.append((uint8_t)0); // C25519/Ed25519 identity type
|
||||
b.append(_publicKey.data,ZT_C25519_PUBLIC_KEY_LEN);
|
||||
b.append(_publicKey.data,ZT_ECC_PUBLIC_KEY_SET_LEN);
|
||||
if ((_privateKey)&&(includePrivate)) {
|
||||
b.append((unsigned char)ZT_C25519_PRIVATE_KEY_LEN);
|
||||
b.append(_privateKey->data,ZT_C25519_PRIVATE_KEY_LEN);
|
||||
b.append((unsigned char)ZT_ECC_PRIVATE_KEY_SET_LEN);
|
||||
b.append(_privateKey->data,ZT_ECC_PRIVATE_KEY_SET_LEN);
|
||||
} else {
|
||||
b.append((unsigned char)0);
|
||||
}
|
||||
@ -253,17 +253,17 @@ public:
|
||||
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_INVALID_TYPE;
|
||||
}
|
||||
|
||||
memcpy(_publicKey.data,b.field(p,ZT_C25519_PUBLIC_KEY_LEN),ZT_C25519_PUBLIC_KEY_LEN);
|
||||
p += ZT_C25519_PUBLIC_KEY_LEN;
|
||||
memcpy(_publicKey.data,b.field(p,ZT_ECC_PUBLIC_KEY_SET_LEN),ZT_ECC_PUBLIC_KEY_SET_LEN);
|
||||
p += ZT_ECC_PUBLIC_KEY_SET_LEN;
|
||||
|
||||
unsigned int privateKeyLength = (unsigned int)b[p++];
|
||||
if (privateKeyLength) {
|
||||
if (privateKeyLength != ZT_C25519_PRIVATE_KEY_LEN) {
|
||||
if (privateKeyLength != ZT_ECC_PRIVATE_KEY_SET_LEN) {
|
||||
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_INVALID_CRYPTOGRAPHIC_TOKEN;
|
||||
}
|
||||
_privateKey = new C25519::Private();
|
||||
memcpy(_privateKey->data,b.field(p,ZT_C25519_PRIVATE_KEY_LEN),ZT_C25519_PRIVATE_KEY_LEN);
|
||||
p += ZT_C25519_PRIVATE_KEY_LEN;
|
||||
memcpy(_privateKey->data,b.field(p,ZT_ECC_PRIVATE_KEY_SET_LEN),ZT_ECC_PRIVATE_KEY_SET_LEN);
|
||||
p += ZT_ECC_PRIVATE_KEY_SET_LEN;
|
||||
}
|
||||
|
||||
return (p - startAt);
|
||||
@ -304,7 +304,7 @@ public:
|
||||
if (_privateKey) {
|
||||
pair.priv = *_privateKey;
|
||||
} else {
|
||||
memset(pair.priv.data,0,ZT_C25519_PRIVATE_KEY_LEN);
|
||||
memset(pair.priv.data,0,ZT_ECC_PRIVATE_KEY_SET_LEN);
|
||||
}
|
||||
return pair;
|
||||
}
|
||||
@ -314,8 +314,8 @@ public:
|
||||
*/
|
||||
inline operator bool() const { return (_address); }
|
||||
|
||||
inline bool operator==(const Identity &id) const { return ((_address == id._address)&&(memcmp(_publicKey.data,id._publicKey.data,ZT_C25519_PUBLIC_KEY_LEN) == 0)); }
|
||||
inline bool operator<(const Identity &id) const { return ((_address < id._address)||((_address == id._address)&&(memcmp(_publicKey.data,id._publicKey.data,ZT_C25519_PUBLIC_KEY_LEN) < 0))); }
|
||||
inline bool operator==(const Identity &id) const { return ((_address == id._address)&&(memcmp(_publicKey.data,id._publicKey.data,ZT_ECC_PUBLIC_KEY_SET_LEN) == 0)); }
|
||||
inline bool operator<(const Identity &id) const { return ((_address < id._address)||((_address == id._address)&&(memcmp(_publicKey.data,id._publicKey.data,ZT_ECC_PUBLIC_KEY_SET_LEN) < 0))); }
|
||||
inline bool operator!=(const Identity &id) const { return !(*this == id); }
|
||||
inline bool operator>(const Identity &id) const { return (id < *this); }
|
||||
inline bool operator<=(const Identity &id) const { return !(id < *this); }
|
||||
|
||||
@ -18,6 +18,7 @@
|
||||
|
||||
#include "../include/ZeroTierDebug.h"
|
||||
|
||||
#include "C25519.hpp"
|
||||
#include "Constants.hpp"
|
||||
#include "../version.h"
|
||||
#include "Network.hpp"
|
||||
@ -995,10 +996,10 @@ uint64_t Network::handleConfigChunk(void *tPtr,const uint64_t packetId,const Add
|
||||
if (((chunkIndex + chunkLen) > totalLength)||(totalLength >= ZT_NETWORKCONFIG_DICT_CAPACITY)) { // >= since we need room for a null at the end
|
||||
return 0;
|
||||
}
|
||||
if ((chunk[ptr] != 1)||(chunk.at<uint16_t>(ptr + 1) != ZT_C25519_SIGNATURE_LEN)) {
|
||||
if ((chunk[ptr] != 1)||(chunk.at<uint16_t>(ptr + 1) != ZT_ECC_SIGNATURE_LEN)) {
|
||||
return 0;
|
||||
}
|
||||
const uint8_t *sig = reinterpret_cast<const uint8_t *>(chunk.field(ptr + 3,ZT_C25519_SIGNATURE_LEN));
|
||||
const uint8_t *sig = reinterpret_cast<const uint8_t *>(chunk.field(ptr + 3,ZT_ECC_SIGNATURE_LEN));
|
||||
|
||||
// We can use the signature, which is unique per chunk, to get a per-chunk ID for local deduplication use
|
||||
for(unsigned int i=0;i<16;++i) {
|
||||
@ -1027,7 +1028,7 @@ uint64_t Network::handleConfigChunk(void *tPtr,const uint64_t packetId,const Add
|
||||
if (!controllerId) { // we should always have the controller identity by now, otherwise how would we have queried it the first time?
|
||||
return 0;
|
||||
}
|
||||
if (!controllerId.verify(chunk.field(start,ptr - start),ptr - start,sig,ZT_C25519_SIGNATURE_LEN)) {
|
||||
if (!controllerId.verify(chunk.field(start,ptr - start),ptr - start,sig,ZT_ECC_SIGNATURE_LEN)) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -19,6 +19,7 @@
|
||||
|
||||
#include "../version.h"
|
||||
|
||||
#include "C25519.hpp"
|
||||
#include "Constants.hpp"
|
||||
#include "SharedPtr.hpp"
|
||||
#include "Node.hpp"
|
||||
@ -814,8 +815,8 @@ void Node::ncSendConfig(uint64_t nwid,uint64_t requestPacketId,const Address &de
|
||||
|
||||
C25519::Signature sig(RR->identity.sign(reinterpret_cast<const uint8_t *>(outp.data()) + sigStart,outp.size() - sigStart));
|
||||
outp.append((uint8_t)1);
|
||||
outp.append((uint16_t)ZT_C25519_SIGNATURE_LEN);
|
||||
outp.append(sig.data,ZT_C25519_SIGNATURE_LEN);
|
||||
outp.append((uint16_t)ZT_ECC_SIGNATURE_LEN);
|
||||
outp.append(sig.data,ZT_ECC_SIGNATURE_LEN);
|
||||
|
||||
outp.compress();
|
||||
RR->sw->send((void *)0,outp,true);
|
||||
|
||||
@ -135,8 +135,8 @@ public:
|
||||
|
||||
if (!forSign) {
|
||||
b.append((uint8_t)1); // 1 == Ed25519 signature
|
||||
b.append((uint16_t)ZT_C25519_SIGNATURE_LEN);
|
||||
b.append(_signature.data,ZT_C25519_SIGNATURE_LEN);
|
||||
b.append((uint16_t)ZT_ECC_SIGNATURE_LEN);
|
||||
b.append(_signature.data,ZT_ECC_SIGNATURE_LEN);
|
||||
}
|
||||
|
||||
// This is the size of any additional fields, currently 0.
|
||||
@ -173,10 +173,10 @@ public:
|
||||
_type = (Credential::Type)b[p++];
|
||||
|
||||
if (b[p++] == 1) {
|
||||
if (b.template at<uint16_t>(p) == ZT_C25519_SIGNATURE_LEN) {
|
||||
if (b.template at<uint16_t>(p) == ZT_ECC_SIGNATURE_LEN) {
|
||||
p += 2;
|
||||
memcpy(_signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN);
|
||||
p += ZT_C25519_SIGNATURE_LEN;
|
||||
memcpy(_signature.data,b.field(p,ZT_ECC_SIGNATURE_LEN),ZT_ECC_SIGNATURE_LEN);
|
||||
p += ZT_ECC_SIGNATURE_LEN;
|
||||
} else {
|
||||
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_INVALID_CRYPTOGRAPHIC_TOKEN;
|
||||
}
|
||||
|
||||
10
node/Tag.hpp
10
node/Tag.hpp
@ -129,8 +129,8 @@ public:
|
||||
_signedBy.appendTo(b);
|
||||
if (!forSign) {
|
||||
b.append((uint8_t)1); // 1 == Ed25519
|
||||
b.append((uint16_t)ZT_C25519_SIGNATURE_LEN); // length of signature
|
||||
b.append(_signature.data,ZT_C25519_SIGNATURE_LEN);
|
||||
b.append((uint16_t)ZT_ECC_SIGNATURE_LEN); // length of signature
|
||||
b.append(_signature.data,ZT_ECC_SIGNATURE_LEN);
|
||||
}
|
||||
|
||||
b.append((uint16_t)0); // length of additional fields, currently 0
|
||||
@ -162,12 +162,12 @@ public:
|
||||
_signedBy.setTo(b.field(p,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH);
|
||||
p += ZT_ADDRESS_LENGTH;
|
||||
if (b[p++] == 1) {
|
||||
if (b.template at<uint16_t>(p) != ZT_C25519_SIGNATURE_LEN) {
|
||||
if (b.template at<uint16_t>(p) != ZT_ECC_SIGNATURE_LEN) {
|
||||
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_INVALID_CRYPTOGRAPHIC_TOKEN;
|
||||
}
|
||||
p += 2;
|
||||
memcpy(_signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN);
|
||||
p += ZT_C25519_SIGNATURE_LEN;
|
||||
memcpy(_signature.data,b.field(p,ZT_ECC_SIGNATURE_LEN),ZT_ECC_SIGNATURE_LEN);
|
||||
p += ZT_ECC_SIGNATURE_LEN;
|
||||
} else {
|
||||
p += 2 + b.template at<uint16_t>(p);
|
||||
}
|
||||
|
||||
@ -41,7 +41,7 @@
|
||||
/**
|
||||
* The (more than) maximum length of a serialized World
|
||||
*/
|
||||
#define ZT_WORLD_MAX_SERIALIZED_LENGTH (((1024 + (32 * ZT_WORLD_MAX_STABLE_ENDPOINTS_PER_ROOT)) * ZT_WORLD_MAX_ROOTS) + ZT_C25519_PUBLIC_KEY_LEN + ZT_C25519_SIGNATURE_LEN + 128)
|
||||
#define ZT_WORLD_MAX_SERIALIZED_LENGTH (((1024 + (32 * ZT_WORLD_MAX_STABLE_ENDPOINTS_PER_ROOT)) * ZT_WORLD_MAX_ROOTS) + ZT_ECC_PUBLIC_KEY_SET_LEN + ZT_ECC_SIGNATURE_LEN + 128)
|
||||
|
||||
/**
|
||||
* World ID for Earth
|
||||
@ -174,9 +174,9 @@ public:
|
||||
b.append((uint8_t)_type);
|
||||
b.append((uint64_t)_id);
|
||||
b.append((uint64_t)_ts);
|
||||
b.append(_updatesMustBeSignedBy.data,ZT_C25519_PUBLIC_KEY_LEN);
|
||||
b.append(_updatesMustBeSignedBy.data,ZT_ECC_PUBLIC_KEY_SET_LEN);
|
||||
if (!forSign) {
|
||||
b.append(_signature.data,ZT_C25519_SIGNATURE_LEN);
|
||||
b.append(_signature.data,ZT_ECC_SIGNATURE_LEN);
|
||||
}
|
||||
b.append((uint8_t)_roots.size());
|
||||
for(std::vector<Root>::const_iterator r(_roots.begin());r!=_roots.end();++r) {
|
||||
@ -220,10 +220,10 @@ public:
|
||||
p += 8;
|
||||
_ts = b.template at<uint64_t>(p);
|
||||
p += 8;
|
||||
memcpy(_updatesMustBeSignedBy.data,b.field(p,ZT_C25519_PUBLIC_KEY_LEN),ZT_C25519_PUBLIC_KEY_LEN);
|
||||
p += ZT_C25519_PUBLIC_KEY_LEN;
|
||||
memcpy(_signature.data,b.field(p,ZT_C25519_SIGNATURE_LEN),ZT_C25519_SIGNATURE_LEN);
|
||||
p += ZT_C25519_SIGNATURE_LEN;
|
||||
memcpy(_updatesMustBeSignedBy.data,b.field(p,ZT_ECC_PUBLIC_KEY_SET_LEN),ZT_ECC_PUBLIC_KEY_SET_LEN);
|
||||
p += ZT_ECC_PUBLIC_KEY_SET_LEN;
|
||||
memcpy(_signature.data,b.field(p,ZT_ECC_SIGNATURE_LEN),ZT_ECC_SIGNATURE_LEN);
|
||||
p += ZT_ECC_SIGNATURE_LEN;
|
||||
const unsigned int numRoots = (unsigned int)b[p++];
|
||||
if (numRoots > ZT_WORLD_MAX_ROOTS) {
|
||||
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_OVERFLOW;
|
||||
@ -248,7 +248,7 @@ public:
|
||||
return (p - startAt);
|
||||
}
|
||||
|
||||
inline bool operator==(const World &w) const { return ((_id == w._id)&&(_ts == w._ts)&&(memcmp(_updatesMustBeSignedBy.data,w._updatesMustBeSignedBy.data,ZT_C25519_PUBLIC_KEY_LEN) == 0)&&(memcmp(_signature.data,w._signature.data,ZT_C25519_SIGNATURE_LEN) == 0)&&(_roots == w._roots)&&(_type == w._type)); }
|
||||
inline bool operator==(const World &w) const { return ((_id == w._id)&&(_ts == w._ts)&&(memcmp(_updatesMustBeSignedBy.data,w._updatesMustBeSignedBy.data,ZT_ECC_PUBLIC_KEY_SET_LEN) == 0)&&(memcmp(_signature.data,w._signature.data,ZT_ECC_SIGNATURE_LEN) == 0)&&(_roots == w._roots)&&(_type == w._type)); }
|
||||
inline bool operator!=(const World &w) const { return (!(*this == w)); }
|
||||
|
||||
/**
|
||||
|
||||
13
one.cpp
13
one.cpp
@ -13,6 +13,7 @@
|
||||
|
||||
#ifndef _GNU_SOURCE
|
||||
#define _GNU_SOURCE
|
||||
#include "node/C25519.hpp"
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
@ -1554,7 +1555,7 @@ static int idtool(int argc,char **argv)
|
||||
}
|
||||
C25519::Signature signature = id.sign(inf.data(),(unsigned int)inf.length());
|
||||
char hexbuf[1024];
|
||||
printf("%s",Utils::hex(signature.data,ZT_C25519_SIGNATURE_LEN,hexbuf));
|
||||
printf("%s",Utils::hex(signature.data,ZT_ECC_SIGNATURE_LEN,hexbuf));
|
||||
} else if (!strcmp(argv[1],"verify")) {
|
||||
if (argc < 5) {
|
||||
idtoolPrintHelp(stdout,argv[0]);
|
||||
@ -1608,8 +1609,8 @@ static int idtool(int argc,char **argv)
|
||||
nlohmann::json mj;
|
||||
mj["objtype"] = "world";
|
||||
mj["worldType"] = "moon";
|
||||
mj["updatesMustBeSignedBy"] = mj["signingKey"] = Utils::hex(kp.pub.data,ZT_C25519_PUBLIC_KEY_LEN,idtmp);
|
||||
mj["signingKey_SECRET"] = Utils::hex(kp.priv.data,ZT_C25519_PRIVATE_KEY_LEN,idtmp);
|
||||
mj["updatesMustBeSignedBy"] = mj["signingKey"] = Utils::hex(kp.pub.data,ZT_ECC_PUBLIC_KEY_SET_LEN,idtmp);
|
||||
mj["signingKey_SECRET"] = Utils::hex(kp.priv.data,ZT_ECC_PRIVATE_KEY_SET_LEN,idtmp);
|
||||
mj["id"] = id.address().toString(idtmp);
|
||||
nlohmann::json seedj;
|
||||
seedj["identity"] = id.toString(false,idtmp);
|
||||
@ -1648,9 +1649,9 @@ static int idtool(int argc,char **argv)
|
||||
|
||||
C25519::Pair signingKey;
|
||||
C25519::Public updatesMustBeSignedBy;
|
||||
Utils::unhex(OSUtils::jsonString(mj["signingKey"],"").c_str(),signingKey.pub.data,ZT_C25519_PUBLIC_KEY_LEN);
|
||||
Utils::unhex(OSUtils::jsonString(mj["signingKey_SECRET"],"").c_str(),signingKey.priv.data,ZT_C25519_PRIVATE_KEY_LEN);
|
||||
Utils::unhex(OSUtils::jsonString(mj["updatesMustBeSignedBy"],"").c_str(),updatesMustBeSignedBy.data,ZT_C25519_PUBLIC_KEY_LEN);
|
||||
Utils::unhex(OSUtils::jsonString(mj["signingKey"],"").c_str(),signingKey.pub.data,ZT_ECC_PUBLIC_KEY_SET_LEN);
|
||||
Utils::unhex(OSUtils::jsonString(mj["signingKey_SECRET"],"").c_str(),signingKey.priv.data,ZT_ECC_PRIVATE_KEY_SET_LEN);
|
||||
Utils::unhex(OSUtils::jsonString(mj["updatesMustBeSignedBy"],"").c_str(),updatesMustBeSignedBy.data,ZT_ECC_PUBLIC_KEY_SET_LEN);
|
||||
|
||||
std::vector<World::Root> roots;
|
||||
nlohmann::json &rootsj = mj["roots"];
|
||||
|
||||
@ -669,8 +669,8 @@ static void _moonToJson(nlohmann::json &mj,const World &world)
|
||||
OSUtils::ztsnprintf(tmp,sizeof(tmp),"%.16llx",world.id());
|
||||
mj["id"] = tmp;
|
||||
mj["timestamp"] = world.timestamp();
|
||||
mj["signature"] = Utils::hex(world.signature().data,ZT_C25519_SIGNATURE_LEN,tmp);
|
||||
mj["updatesMustBeSignedBy"] = Utils::hex(world.updatesMustBeSignedBy().data,ZT_C25519_PUBLIC_KEY_LEN,tmp);
|
||||
mj["signature"] = Utils::hex(world.signature().data,ZT_ECC_SIGNATURE_LEN,tmp);
|
||||
mj["updatesMustBeSignedBy"] = Utils::hex(world.updatesMustBeSignedBy().data,ZT_ECC_PUBLIC_KEY_SET_LEN,tmp);
|
||||
nlohmann::json ra = nlohmann::json::array();
|
||||
for(std::vector<World::Root>::const_iterator r(world.roots().begin());r!=world.roots().end();++r) {
|
||||
nlohmann::json rj;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user