/* * ZeroTier One - Network Virtualization Everywhere * Copyright (C) 2011-2015 ZeroTier, Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * -- * * ZeroTier may be used and distributed under the terms of the GPLv3, which * are available at: http://www.gnu.org/licenses/gpl-3.0.html * * If you would like to embed ZeroTier into a commercial application or * redistribute it in a modified binary form, please contact ZeroTier Networks * LLC. Start here: http://www.zerotier.com/ */ #include "Dictionary.hpp" #include "C25519.hpp" #include "Identity.hpp" #include "Utils.hpp" namespace ZeroTier { void Dictionary::fromString(const char *s,unsigned int maxlen) { clear(); bool escapeState = false; std::string keyBuf; std::string *element = &keyBuf; const char *end = s + maxlen; while ((*s)&&(s < end)) { if (escapeState) { escapeState = false; switch(*s) { case '0': element->push_back((char)0); break; case 'r': element->push_back('\r'); break; case 'n': element->push_back('\n'); break; default: element->push_back(*s); break; } } else { if (*s == '\\') { escapeState = true; } else if (*s == '=') { if (element == &keyBuf) element = &((*this)[keyBuf]); } else if ((*s == '\r')||(*s == '\n')) { if ((element == &keyBuf)&&(keyBuf.length() > 0)) (*this)[keyBuf]; keyBuf = ""; element = &keyBuf; } else element->push_back(*s); } ++s; } if ((element == &keyBuf)&&(keyBuf.length() > 0)) (*this)[keyBuf]; } bool Dictionary::sign(const Identity &id) { try { // Sign identity and timestamp fields too. If there's an existing // signature, _mkSigBuf() ignores it. char nows[32]; Utils::snprintf(nows,sizeof(nows),"%llx",(unsigned long long)Utils::now()); (*this)[ZT_DICTIONARY_SIGNATURE_IDENTITY] = id.toString(false); (*this)[ZT_DICTIONARY_SIGNATURE_TIMESTAMP] = nows; // Create a blob to hash and sign from fields in sorted order std::string buf; _mkSigBuf(buf); // Add signature field C25519::Signature sig(id.sign(buf.data(),(unsigned int)buf.length())); (*this)[ZT_DICTIONARY_SIGNATURE] = Utils::hex(sig.data,(unsigned int)sig.size()); return true; } catch ( ... ) { // Probably means identity has no secret key field removeSignature(); return false; } } bool Dictionary::verify(const Identity &id) const { try { std::string buf; _mkSigBuf(buf); const_iterator sig(find(ZT_DICTIONARY_SIGNATURE)); if (sig == end()) return false; std::string sigbin(Utils::unhex(sig->second)); return id.verify(buf.data(),(unsigned int)buf.length(),sigbin.data(),(unsigned int)sigbin.length()); } catch ( ... ) { return false; } } uint64_t Dictionary::signatureTimestamp() const { const_iterator ts(find(ZT_DICTIONARY_SIGNATURE_TIMESTAMP)); if (ts == end()) return 0; return Utils::hexStrToU64(ts->second.c_str()); } void Dictionary::_mkSigBuf(std::string &buf) const { unsigned long pairs = 0; for(const_iterator i(begin());i!=end();++i) { if (i->first != ZT_DICTIONARY_SIGNATURE) { buf.append(i->first); buf.push_back('='); buf.append(i->second); buf.push_back('\0'); ++pairs; } } buf.push_back((char)0xff); buf.push_back((char)((pairs >> 24) & 0xff)); // pad with number of key/value pairs at end buf.push_back((char)((pairs >> 16) & 0xff)); buf.push_back((char)((pairs >> 8) & 0xff)); buf.push_back((char)(pairs & 0xff)); } void Dictionary::_appendEsc(const char *data,unsigned int len,std::string &to) { for(unsigned int i=0;i