mirror of
https://github.com/servalproject/serval-dna.git
synced 2024-12-21 14:07:53 +00:00
Refactor manifest: change haveSecret to enum
This commit is contained in:
parent
9d54c629b2
commit
416b82b6c0
@ -1680,15 +1680,22 @@ int app_rhizome_extract(const struct cli_parsed *parsed, struct cli_context *con
|
|||||||
rhizome_extract_privatekey(m, NULL);
|
rhizome_extract_privatekey(m, NULL);
|
||||||
const char *blob_service = rhizome_manifest_get(m, "service", NULL, 0);
|
const char *blob_service = rhizome_manifest_get(m, "service", NULL, 0);
|
||||||
|
|
||||||
cli_field_name(context, "service", ":"); cli_put_string(context, blob_service, "\n");
|
cli_field_name(context, "service", ":");
|
||||||
cli_field_name(context, "manifestid", ":"); cli_put_string(context, alloca_tohex_rhizome_bid_t(bid), "\n");
|
cli_put_string(context, blob_service, "\n");
|
||||||
cli_field_name(context, "version", ":"); cli_put_long(context, m->version, "\n");
|
cli_field_name(context, "manifestid", ":");
|
||||||
cli_field_name(context, "inserttime", ":"); cli_put_long(context, m->inserttime, "\n");
|
cli_put_string(context, alloca_tohex_rhizome_bid_t(bid), "\n");
|
||||||
|
cli_field_name(context, "version", ":");
|
||||||
|
cli_put_long(context, m->version, "\n");
|
||||||
|
cli_field_name(context, "inserttime", ":");
|
||||||
|
cli_put_long(context, m->inserttime, "\n");
|
||||||
if (m->haveSecret) {
|
if (m->haveSecret) {
|
||||||
cli_field_name(context, ".author", ":"); cli_put_string(context, alloca_tohex_sid_t(m->author), "\n");
|
cli_field_name(context, ".author", ":");
|
||||||
|
cli_put_string(context, alloca_tohex_sid_t(m->author), "\n");
|
||||||
}
|
}
|
||||||
cli_field_name(context, ".readonly", ":"); cli_put_long(context, m->haveSecret?0:1, "\n");
|
cli_field_name(context, ".readonly", ":");
|
||||||
cli_field_name(context, "filesize", ":"); cli_put_long(context, m->fileLength, "\n");
|
cli_put_long(context, m->haveSecret?0:1, "\n");
|
||||||
|
cli_field_name(context, "filesize", ":");
|
||||||
|
cli_put_long(context, m->fileLength, "\n");
|
||||||
if (m->fileLength != 0) {
|
if (m->fileLength != 0) {
|
||||||
cli_field_name(context, "filehash", ":");
|
cli_field_name(context, "filehash", ":");
|
||||||
cli_put_string(context, alloca_tohex_rhizome_filehash_t(m->filehash), "\n");
|
cli_put_string(context, alloca_tohex_rhizome_filehash_t(m->filehash), "\n");
|
||||||
|
13
rhizome.h
13
rhizome.h
@ -118,9 +118,6 @@ extern time_ms_t rhizome_voice_timeout;
|
|||||||
|
|
||||||
#define RHIZOME_IDLE_TIMEOUT 20000
|
#define RHIZOME_IDLE_TIMEOUT 20000
|
||||||
|
|
||||||
#define EXISTING_BUNDLE_ID 1
|
|
||||||
#define NEW_BUNDLE_ID 2
|
|
||||||
|
|
||||||
typedef struct rhizome_signature {
|
typedef struct rhizome_signature {
|
||||||
unsigned char signature[crypto_sign_edwards25519sha512batch_BYTES
|
unsigned char signature[crypto_sign_edwards25519sha512batch_BYTES
|
||||||
+crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES+1];
|
+crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES+1];
|
||||||
@ -145,14 +142,14 @@ typedef struct rhizome_manifest {
|
|||||||
unsigned char manifestdata[MAX_MANIFEST_BYTES];
|
unsigned char manifestdata[MAX_MANIFEST_BYTES];
|
||||||
unsigned char manifesthash[crypto_hash_sha512_BYTES];
|
unsigned char manifesthash[crypto_hash_sha512_BYTES];
|
||||||
|
|
||||||
/* CryptoSign key pair for this manifest.
|
/* CryptoSign key pair for this manifest. The public key is the Bundle ID
|
||||||
The filename as distributed on Rhizome will be the public key
|
* (aka Manifest ID).
|
||||||
of this pair, thus ensuring that noone can tamper with a bundle
|
*/
|
||||||
except the creator. */
|
|
||||||
rhizome_bid_t cryptoSignPublic;
|
rhizome_bid_t cryptoSignPublic;
|
||||||
unsigned char cryptoSignSecret[crypto_sign_edwards25519sha512batch_SECRETKEYBYTES];
|
unsigned char cryptoSignSecret[crypto_sign_edwards25519sha512batch_SECRETKEYBYTES];
|
||||||
|
|
||||||
/* Whether we have the secret for this manifest on hand */
|
/* Whether we have the secret for this manifest on hand */
|
||||||
int haveSecret;
|
enum { SECRET_UNKNOWN = 0, EXISTING_BUNDLE_ID, NEW_BUNDLE_ID } haveSecret;
|
||||||
|
|
||||||
int var_count;
|
int var_count;
|
||||||
char *vars[MAX_MANIFEST_VARS];
|
char *vars[MAX_MANIFEST_VARS];
|
||||||
|
@ -230,7 +230,7 @@ int rhizome_find_secret(const sid_t *authorSidp, int *rs_len, const unsigned cha
|
|||||||
* which is used to look up the author's rhizome secret in the keyring.
|
* which is used to look up the author's rhizome secret in the keyring.
|
||||||
*
|
*
|
||||||
* Returns 0 if a valid private key was extracted, with the private key in the manifest
|
* Returns 0 if a valid private key was extracted, with the private key in the manifest
|
||||||
* 'cryptoSignSecret' field and the 'haveSecret' field set to 1.
|
* 'cryptoSignSecret' field and the 'haveSecret' field set to EXISTING_BUNDLE_ID.
|
||||||
*
|
*
|
||||||
* Returns 1 if the manifest does not have a BK field.
|
* Returns 1 if the manifest does not have a BK field.
|
||||||
*
|
*
|
||||||
@ -287,11 +287,11 @@ int rhizome_extract_privatekey(rhizome_manifest *m, rhizome_bk_t *bsk)
|
|||||||
result=1;
|
result=1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (result == 0){
|
if (result == 0)
|
||||||
m->haveSecret=EXISTING_BUNDLE_ID;
|
m->haveSecret = EXISTING_BUNDLE_ID;
|
||||||
}else{
|
else {
|
||||||
memset(m->cryptoSignSecret, 0, sizeof m->cryptoSignSecret);
|
memset(m->cryptoSignSecret, 0, sizeof m->cryptoSignSecret);
|
||||||
m->haveSecret=0;
|
m->haveSecret = SECRET_UNKNOWN;
|
||||||
}
|
}
|
||||||
|
|
||||||
RETURN(result);
|
RETURN(result);
|
||||||
@ -326,7 +326,7 @@ int rhizome_extract_privatekey_required(rhizome_manifest *m, rhizome_bk_t *bsk)
|
|||||||
*
|
*
|
||||||
* Returns 0 if an identity is found with permission to alter the bundle, after setting the manifest
|
* Returns 0 if an identity is found with permission to alter the bundle, after setting the manifest
|
||||||
* 'author' field to the SID of the identity and the manifest 'cryptoSignSecret' field to the bundle
|
* 'author' field to the SID of the identity and the manifest 'cryptoSignSecret' field to the bundle
|
||||||
* secret key and the 'haveSecret' field to 1.
|
* secret key and the 'haveSecret' field to EXISTING_BUNDLE_ID.
|
||||||
*
|
*
|
||||||
* Returns 1 if no identity in the keyring is the author of this bundle.
|
* Returns 1 if no identity in the keyring is the author of this bundle.
|
||||||
*
|
*
|
||||||
@ -360,7 +360,7 @@ int rhizome_find_bundle_author(rhizome_manifest *m)
|
|||||||
const unsigned char *rs = keyring->contexts[cn]->identities[in]->keypairs[rkp]->private_key;
|
const unsigned char *rs = keyring->contexts[cn]->identities[in]->keypairs[rkp]->private_key;
|
||||||
|
|
||||||
if (!rhizome_bk2secret(m, &m->cryptoSignPublic, rs, rs_len, bkBytes, m->cryptoSignSecret)) {
|
if (!rhizome_bk2secret(m, &m->cryptoSignPublic, rs, rs_len, bkBytes, m->cryptoSignSecret)) {
|
||||||
m->haveSecret=EXISTING_BUNDLE_ID;
|
m->haveSecret = EXISTING_BUNDLE_ID;
|
||||||
if (cmp_sid_t(&m->author, authorSidp) != 0){
|
if (cmp_sid_t(&m->author, authorSidp) != 0){
|
||||||
m->author = *authorSidp;
|
m->author = *authorSidp;
|
||||||
if (config.debug.rhizome)
|
if (config.debug.rhizome)
|
||||||
@ -402,13 +402,13 @@ int rhizome_verify_bundle_privatekey(rhizome_manifest *m,
|
|||||||
for (i = 0;i < 32;++i)
|
for (i = 0;i < 32;++i)
|
||||||
if (pkin[i] != pk[i]) {
|
if (pkin[i] != pk[i]) {
|
||||||
if (m&&sk==m->cryptoSignSecret&&pkin==m->cryptoSignPublic.binary)
|
if (m&&sk==m->cryptoSignSecret&&pkin==m->cryptoSignPublic.binary)
|
||||||
m->haveSecret=0;
|
m->haveSecret = SECRET_UNKNOWN;
|
||||||
RETURN(-1);
|
RETURN(-1);
|
||||||
}
|
}
|
||||||
if (m&&sk==m->cryptoSignSecret&&pkin==m->cryptoSignPublic.binary) {
|
if (m&&sk==m->cryptoSignSecret&&pkin==m->cryptoSignPublic.binary) {
|
||||||
if (config.debug.rhizome)
|
if (config.debug.rhizome)
|
||||||
DEBUGF("We have the private key for this bundle.");
|
DEBUGF("We have the private key for this bundle.");
|
||||||
m->haveSecret=EXISTING_BUNDLE_ID;
|
m->haveSecret = EXISTING_BUNDLE_ID;
|
||||||
}
|
}
|
||||||
RETURN(0);
|
RETURN(0);
|
||||||
OUT();
|
OUT();
|
||||||
|
Loading…
Reference in New Issue
Block a user