set idstrings async, validate sig on plaintext blocks before save, and change to returning unpadded key from API

This commit is contained in:
Kevin Froman 2019-09-06 17:22:33 -05:00
parent ddcb1e39e3
commit 50e2efee32
3 changed files with 35 additions and 8 deletions

View File

@ -18,6 +18,7 @@
along with this program. If not, see <https://www.gnu.org/licenses/>. along with this program. If not, see <https://www.gnu.org/licenses/>.
''' '''
from flask import Response, Blueprint, request, send_from_directory, abort from flask import Response, Blueprint, request, send_from_directory, abort
from httpapi import apiutils from httpapi import apiutils
import onionrcrypto, config import onionrcrypto, config
from netcontroller import NetController from netcontroller import NetController
@ -25,7 +26,8 @@ from serializeddata import SerializedData
from onionrutils import mnemonickeys from onionrutils import mnemonickeys
from onionrutils import bytesconverter from onionrutils import bytesconverter
pub_key = onionrcrypto.pub_key pub_key = onionrcrypto.pub_key.replace('=', '')
class PrivateEndpoints: class PrivateEndpoints:
def __init__(self, client_api): def __init__(self, client_api):
private_endpoints_bp = Blueprint('privateendpoints', __name__) private_endpoints_bp = Blueprint('privateendpoints', __name__)

View File

@ -76,6 +76,16 @@ def validate_metadata(metadata, block_data) -> bool:
except AssertionError: except AssertionError:
logger.warn('Invalid encryption mode') logger.warn('Invalid encryption mode')
break break
elif i == 'sig':
try:
metadata['encryptType']
except KeyError:
signer = metadata['signer']
sig = metadata['sig']
encodedMeta = bytesconverter.str_to_bytes(metadata['meta'])
encodedBlock = bytesconverter.str_to_bytes(block_data)
if not onionrcrypto.signing.ed_verify(encodedMeta + encodedBlock[1:], signer, sig):
break
else: else:
# if metadata loop gets no errors, it does not break, therefore metadata is valid # if metadata loop gets no errors, it does not break, therefore metadata is valid
# make sure we do not have another block with the same data content (prevent data duplication and replay attacks) # make sure we do not have another block with the same data content (prevent data duplication and replay attacks)

View File

@ -19,8 +19,16 @@
webpass = document.location.hash.replace('#', '') webpass = document.location.hash.replace('#', '')
nowebpass = false nowebpass = false
myPub = ""
myPub = httpGet('/getHumanReadable') fetch('/getActivePubkey', {
headers: {
"token": webpass
}})
.then((resp) => resp.text())
.then(function(resp) {
myPub = resp
})
function post_to_url(path, params) { function post_to_url(path, params) {
@ -95,15 +103,22 @@ for (var i = 0; i < document.getElementsByClassName('closeOverlay').length; i++)
} }
} }
var idStrings = document.getElementsByClassName('myPub') function setIdStrings(){
for (var i = 0; i < idStrings.length; i++){ if (myPub === ""){
if (idStrings[i].tagName.toLowerCase() == 'input'){ setTimeout(function(){setIdStrings()}, 700)
idStrings[i].value = myPub return
} }
else{ var idStrings = document.getElementsByClassName('myPub')
idStrings[i].innerText = myPub for (var i = 0; i < idStrings.length; i++){
if (idStrings[i].tagName.toLowerCase() == 'input'){
idStrings[i].value = myPub
}
else{
idStrings[i].innerText = myPub
}
} }
} }
setIdStrings()
/* Copy public ID on homepage */ /* Copy public ID on homepage */
if (typeof myPubCopy != "undefined"){ if (typeof myPubCopy != "undefined"){