kev/Onionr
1
0
Fork 0
Code Issues 24 Pull Requests Projects Releases 2 Wiki Activity

Adjusted trust signatures to sign the wot command

Browse Source
This commit is contained in:
Kevin F 2022-09-15 01:27:46 -05:00
parent 5bb43326e7
commit 05e04ef557
3 changed files with 36 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
static-data/default-plugins/wot/wot/blockprocessingevent.py
View File

@ -7,12 +7,12 @@ import msgpack
if TYPE_CHECKING: if TYPE_CHECKING:
from onionrblocks import Block from onionrblocks import Block
from .exceptions import InvalidWotBlock from exceptions import InvalidWotBlock
class WotCommand(IntEnum): class WotCommand(IntEnum):
TRUST = 1 TRUST = 1
UNTRUST = auto() REVOKE_TRUST = auto()
ANNOUNCE = auto() ANNOUNCE = auto()
REVOKE = auto() REVOKE = auto()

15
static-data/default-plugins/wot/wot/identity/processtrustsignature.py
View File

@ -4,22 +4,27 @@ import logger
from nacl.signing import VerifyKey from nacl.signing import VerifyKey
from getbykey import get_identity_by_key from getbykey import get_identity_by_key
from blockprocessingevent import WotCommand
def process_trust_signature(sig_payload: bytes): def process_trust_signature(sig_payload: bytes):
if len(sig_payload) != 128: if len(sig_payload) != 129:
logger.warn( logger.warn(
f'Signature size is invalid for a signed identity') f'Signature size is invalid for a signed identity')
# verify that this is a signature for a trust command
if sig_payload[0] != WotCommand.TRUST:
logger.warn(
f'Invalid command in signature')
# signer is first 32 bytes # signer is first 32 bytes
signer = VerifyKey(sig_payload[:32]) signer = VerifyKey(sig_payload[1:33])
# signed is next 32 bytes # signed is next 32 bytes
signed = sig_payload[32:64] signed = sig_payload[33:65]
# signature is last 64 bytes # signature is last 64 bytes
signature = sig_payload[64:] signature = sig_payload[65:]
# If bad signature, it raises nacl.exceptions.BadSignatureError # If bad signature, it raises nacl.exceptions.BadSignatureError
signer.verify(signed, signature) signer.verify(int.to_bytes(sig_payload[0], 1, 'big') + signed, signature)
# if good signature # if good signature
try: try:

36
tests/default-plugin-tests/wot/test_proccess_trust_signature.py
View File

@ -4,6 +4,7 @@ from time import sleep
from nacl.signing import SigningKey, VerifyKey from nacl.signing import SigningKey, VerifyKey
import nacl import nacl
import secrets import secrets
from enum import IntEnum, auto
import onionrblocks import onionrblocks
@ -20,8 +21,14 @@ import identity
from identityset import identities from identityset import identities
class TrustSignatureProcessing(unittest.TestCase): class WotCommand(IntEnum):
TRUST = 1
REVOKE_TRUST = auto()
ANNOUNCE = auto()
REVOKE = auto()
class TrustSignatureProcessing(unittest.TestCase):
def test_processing_trust_payload_without_announced_identity(self): def test_processing_trust_payload_without_announced_identity(self):
# reset identity set # reset identity set
identities.clear() identities.clear()
@ -31,8 +38,11 @@ class TrustSignatureProcessing(unittest.TestCase):
identities.add(identity.Identity(signing_key.verify_key, "test")) identities.add(identity.Identity(signing_key.verify_key, "test"))
trust_signature = signing_key.sign(fake_pubkey) wot_cmd = int(WotCommand.TRUST).to_bytes(1, 'big')
trust_signature_payload = bytes(signing_key.verify_key) + fake_pubkey + \
trust_signature = signing_key.sign(wot_cmd + fake_pubkey)
trust_signature_payload = wot_cmd + \
bytes(signing_key.verify_key) + fake_pubkey + \
trust_signature.signature trust_signature.signature
for iden in identities: for iden in identities:
@ -54,13 +64,15 @@ class TrustSignatureProcessing(unittest.TestCase):
identities.add(identity.Identity(signing_key.verify_key, "test")) identities.add(identity.Identity(signing_key.verify_key, "test"))
identities.add(identity.Identity(VerifyKey(fake_pubkey), "test2")) identities.add(identity.Identity(VerifyKey(fake_pubkey), "test2"))
trust_signature = signing_key.sign(fake_pubkey) wot_cmd = int(WotCommand.TRUST).to_bytes(1, 'big')
trust_signature_payload = bytes(signing_key.verify_key) + fake_pubkey + \
trust_signature.signature
trust_signature_payload = bytearray(trust_signature_payload)
trust_signature_payload[64] = 0
trust_signature_payload = bytes(trust_signature_payload)
trust_signature = signing_key.sign(wot_cmd + fake_pubkey)
trust_signature = bytearray(trust_signature.signature)
trust_signature[34] = 0
trust_signature = bytes(trust_signature)
trust_signature_payload = wot_cmd + bytes(signing_key.verify_key) + fake_pubkey + \
trust_signature
self.assertRaises( self.assertRaises(
nacl.exceptions.BadSignatureError, identity.process_trust_signature, trust_signature_payload) nacl.exceptions.BadSignatureError, identity.process_trust_signature, trust_signature_payload)
@ -84,9 +96,10 @@ class TrustSignatureProcessing(unittest.TestCase):
identities.add(identity.Identity(signing_key.verify_key, "test")) identities.add(identity.Identity(signing_key.verify_key, "test"))
identities.add(identity.Identity(VerifyKey(fake_pubkey), "test2")) identities.add(identity.Identity(VerifyKey(fake_pubkey), "test2"))
wot_cmd = int(WotCommand.TRUST).to_bytes(1, 'big')
trust_signature = signing_key.sign(fake_pubkey) trust_signature = signing_key.sign(wot_cmd + fake_pubkey)
trust_signature_payload = bytes(signing_key.verify_key) + fake_pubkey + \ trust_signature_payload = wot_cmd + bytes(signing_key.verify_key) + fake_pubkey + \
trust_signature.signature trust_signature.signature
identity.process_trust_signature(trust_signature_payload) identity.process_trust_signature(trust_signature_payload)
@ -104,7 +117,6 @@ class TrustSignatureProcessing(unittest.TestCase):
raise AssertionError("Signing identity not found") raise AssertionError("Signing identity not found")
unittest.main() unittest.main()