Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-08-01 18:56:23 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

separated RsTlvSecurityKey into two incompatible classes to enforce the correct usage of private vs. public keys

Browse source
This commit is contained in:
csoler 2016-06-02 23:47:57 -04:00
parent cbef01451c
commit 590be092e5
26 changed files with 600 additions and 351 deletions
Download patch file Download diff file Expand all files Collapse all files

87
libretroshare/src/services/p3idservice.cc
View file

@ -447,7 +447,10 @@ bool p3IdService:: getIdDetails(const RsGxsId &id, RsIdentityDetails &details)
{
RsStackMutex stack(mIdMtx); /********** STACK LOCKED MTX ******/
RsGxsIdCache data;
{
RsGxsIdCache<RsTlvPublicRSAKey> data;
if (mPublicKeyCache.fetch(id, data))
{
details = data.details;
@ -464,7 +467,10 @@ bool p3IdService:: getIdDetails(const RsGxsId &id, RsIdentityDetails &details)
return true;
}
}
RsGxsIdCache<RsTlvPrivateRSAKey> data;
/* try private cache too */
if (mPrivateKeyCache.fetch(id, data))
{
@ -604,12 +610,13 @@ bool p3IdService::getRecognTagRequest(const RsGxsId &id, const std::string &comm
return false;
}
RsTlvSecurityKey key;
RsTlvPrivateRSAKey key;
std::string nickname;
{
RsStackMutex stack(mIdMtx); /********** STACK LOCKED MTX ******/
RsGxsIdCache data;
RsGxsIdCache<RsTlvPrivateRSAKey> data;
if (!mPrivateKeyCache.fetch(id, data))
{
#ifdef DEBUG_RECOGN
@ -669,11 +676,12 @@ bool p3IdService::isPendingNetworkRequest(const RsGxsId& gxsId)
return false;
}
bool p3IdService::getKey(const RsGxsId &id, RsTlvSecurityKey &key)
bool p3IdService::getKey(const RsGxsId &id, RsTlvPublicRSAKey &key)
{
{
RsStackMutex stack(mIdMtx); /********** STACK LOCKED MTX ******/
RsGxsIdCache data;
RsGxsIdCache<RsTlvPublicRSAKey> data;
if (mPublicKeyCache.fetch(id, data))
{
key = data.pubkey;
@ -695,11 +703,12 @@ bool p3IdService::requestPrivateKey(const RsGxsId &id)
return cache_request_load(id);
}
bool p3IdService::getPrivateKey(const RsGxsId &id, RsTlvSecurityKey &key)
bool p3IdService::getPrivateKey(const RsGxsId &id, RsTlvPrivateRSAKey &key)
{
{
RsStackMutex stack(mIdMtx); /********** STACK LOCKED MTX ******/
RsGxsIdCache data;
RsGxsIdCache<RsTlvPrivateRSAKey> data;
if (mPrivateKeyCache.fetch(id, data))
{
key = data.pubkey;
@ -716,10 +725,7 @@ bool p3IdService::getPrivateKey(const RsGxsId &id, RsTlvSecurityKey &key)
bool p3IdService::signData(const uint8_t *data,uint32_t data_size,const RsGxsId& own_gxs_id,RsTlvKeySignature& signature,uint32_t& error_status)
{
//RsIdentityDetails details ;
RsTlvSecurityKey signature_key ;
//getIdDetails(own_gxs_id,details);
RsTlvPrivateRSAKey signature_key ;
int i ;
for(i=0;i<6;++i)
@ -758,7 +764,7 @@ bool p3IdService::validateData(const uint8_t *data,uint32_t data_size,const RsTl
{
// RsIdentityDetails details ;
// getIdDetails(signature.keyId,details);
RsTlvSecurityKey signature_key ;
RsTlvPublicRSAKey signature_key ;
for(int i=0;i< (force_load?6:1);++i)
if(!getKey(signature.keyId,signature_key) || signature_key.keyData.bin_data == NULL)
@ -793,7 +799,7 @@ bool p3IdService::validateData(const uint8_t *data,uint32_t data_size,const RsTl
}
bool p3IdService::encryptData(const uint8_t *decrypted_data,uint32_t decrypted_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& error_status)
{
RsTlvSecurityKey encryption_key ;
RsTlvPublicRSAKey encryption_key ;
// get the key, and let the cache find it.
for(int i=0;i<(force_load?6:1);++i)
@ -823,7 +829,7 @@ bool p3IdService::encryptData(const uint8_t *decrypted_data,uint32_t decrypted_d
bool p3IdService::decryptData(const uint8_t *encrypted_data,uint32_t encrypted_data_size,uint8_t *& decrypted_data,uint32_t& decrypted_size,const RsGxsId& key_id,uint32_t& error_status)
{
RsTlvSecurityKey encryption_key ;
RsTlvPrivateRSAKey encryption_key ;
// Get the key, and let the cache find it. It's our own key, so we should be able to find it, even if it takes
// some seconds.
@ -882,7 +888,8 @@ bool p3IdService::getReputation(const RsGxsId &id, GixsReputation &rep)
/* this is the key part for accepting messages */
RsStackMutex stack(mIdMtx); /********** STACK LOCKED MTX ******/
RsGxsIdCache data;
RsGxsIdCache<RsTlvPublicRSAKey> data;
if (mPublicKeyCache.fetch(id, data))
{
rep.id = id;
@ -1635,42 +1642,6 @@ std::string SSGxsIdGroup::save() const
*
*/
RsGxsIdCache::RsGxsIdCache()
{
return;
}
RsGxsIdCache::RsGxsIdCache(const RsGxsIdGroupItem *item, const RsTlvSecurityKey &in_pkey, const std::list<RsRecognTag> &tagList)
{
// Save Keys.
pubkey = in_pkey;
// Save Time for ServiceString comparisions.
mPublishTs = item->meta.mPublishTs;
// Save RecognTags.
mRecognTags = tagList;
details.mAvatar.copy((uint8_t *) item->mImage.binData.bin_data, item->mImage.binData.bin_len);
// Fill in Details.
details.mNickname = item->meta.mGroupName;
details.mId = RsGxsId(item->meta.mGroupId);
#ifdef DEBUG_IDS
std::cerr << "RsGxsIdCache::RsGxsIdCache() for: " << details.mId;
std::cerr << std::endl;
#endif // DEBUG_IDS
details.mFlags = 0 ;
if(item->meta.mSubscribeFlags & GXS_SERV::GROUP_SUBSCRIBE_ADMIN) details.mFlags |= RS_IDENTITY_FLAGS_IS_OWN_ID;
if(item->meta.mGroupFlags & RSGXSID_GROUPFLAG_REALID) details.mFlags |= RS_IDENTITY_FLAGS_PGP_LINKED;
/* rest must be retrived from ServiceString */
updateServiceString(item->meta.mServiceString);
}
void RsGxsIdCache::updateServiceString(std::string serviceString)
{
details.mRecognTags.clear();
@ -1894,8 +1865,8 @@ bool p3IdService::cache_store(const RsGxsIdGroupItem *item)
/* extract key from keys */
RsTlvSecurityKeySet keySet;
RsTlvSecurityKey pubkey;
RsTlvSecurityKey fullkey;
RsTlvSecurityKey_deprecated pubkey;
RsTlvSecurityKey_deprecated fullkey;
bool pub_key_ok = false;
bool full_key_ok = false;
@ -1908,7 +1879,7 @@ bool p3IdService::cache_store(const RsGxsIdGroupItem *item)
return false;
}
std::map<RsGxsId, RsTlvSecurityKey>::iterator kit;
std::map<RsGxsId, RsTlvSecurityKey_deprecated>::iterator kit;
//std::cerr << "p3IdService::cache_store() KeySet is:";
//keySet.print(std::cerr, 10);
@ -2367,7 +2338,7 @@ bool p3IdService::cachetest_handlerequest(uint32_t token)
}
else
{
RsTlvSecurityKey seckey;
RsTlvSecurityKey_deprecated seckey;
if (getKey(*vit, seckey))
{
#ifdef DEBUG_IDS
@ -2399,7 +2370,7 @@ bool p3IdService::cachetest_handlerequest(uint32_t token)
}
else
{
RsTlvSecurityKey seckey;
RsTlvSecurityKey_deprecated seckey;
if (getPrivateKey(*vit, seckey))
{
// success!
@ -2541,10 +2512,10 @@ RsGenExchange::ServiceCreate_Return p3IdService::service_CreateGroup(RsGxsGrpIte
/********************* TEMP HACK UNTIL GXS FILLS IN GROUP_ID *****************/
// find private admin key
std::map<RsGxsId, RsTlvSecurityKey>::iterator mit = keySet.keys.begin();
std::map<RsGxsId, RsTlvSecurityKey_deprecated>::iterator mit = keySet.keys.begin();
for(; mit != keySet.keys.end(); ++mit)
{
RsTlvSecurityKey& pk = mit->second;
RsTlvSecurityKey_deprecated& pk = mit->second;
if(pk.keyFlags == (RSTLV_KEY_DISTRIB_ADMIN | RSTLV_KEY_TYPE_FULL))
{

58
libretroshare/src/services/p3idservice.h
View file

@ -32,6 +32,7 @@
#include "gxs/rsgixs.h" // Internal Interfaces.
#include "gxs/gxstokenqueue.h"
#include "serialiser/rsgxsiditems.h"
#include <map>
#include <string>
@ -189,20 +190,49 @@ virtual std::string save() const;
class RsGxsIdGroupItem;
class RsGxsIdCache
template<class KeyClass> class RsGxsIdCache
{
public:
RsGxsIdCache();
RsGxsIdCache(const RsGxsIdGroupItem *item, const RsTlvSecurityKey &in_pkey,
const std::list<RsRecognTag> &tagList);
public:
RsGxsIdCache();
void updateServiceString(std::string serviceString);
RsGxsIdCache(const RsGxsIdGroupItem *item, const KeyClass& in_pkey, const std::list<RsRecognTag> &tagList)
{
// Save Keys.
pubkey = in_pkey;
// Save Time for ServiceString comparisions.
mPublishTs = item->meta.mPublishTs;
time_t mPublishTs;
std::list<RsRecognTag> mRecognTags; // Only partially validated.
// Save RecognTags.
mRecognTags = tagList;
RsIdentityDetails details;
RsTlvSecurityKey pubkey;
details.mAvatar.copy((uint8_t *) item->mImage.binData.bin_data, item->mImage.binData.bin_len);
// Fill in Details.
details.mNickname = item->meta.mGroupName;
details.mId = RsGxsId(item->meta.mGroupId);
#ifdef DEBUG_IDS
std::cerr << "RsGxsIdCache::RsGxsIdCache() for: " << details.mId;
std::cerr << std::endl;
#endif // DEBUG_IDS
details.mFlags = 0 ;
if(item->meta.mSubscribeFlags & GXS_SERV::GROUP_SUBSCRIBE_ADMIN) details.mFlags |= RS_IDENTITY_FLAGS_IS_OWN_ID;
if(item->meta.mGroupFlags & RSGXSID_GROUPFLAG_REALID) details.mFlags |= RS_IDENTITY_FLAGS_PGP_LINKED;
/* rest must be retrived from ServiceString */
updateServiceString(item->meta.mServiceString);
}
void updateServiceString(std::string serviceString);
time_t mPublishTs;
std::list<RsRecognTag> mRecognTags; // Only partially validated.
RsIdentityDetails details;
#warning why the "pub" here??
KeyClass pubkey;
};
@ -286,8 +316,8 @@ virtual bool setAsRegularContact(const RsGxsId& id,bool is_a_contact) ;
virtual bool haveKey(const RsGxsId &id);
virtual bool havePrivateKey(const RsGxsId &id);
virtual bool getKey(const RsGxsId &id, RsTlvSecurityKey &key);
virtual bool getPrivateKey(const RsGxsId &id, RsTlvSecurityKey &key);
virtual bool getKey(const RsGxsId &id, RsTlvPublicRSAKey &key);
virtual bool getPrivateKey(const RsGxsId &id, RsTlvPrivateRSAKey &key);
virtual bool requestKey(const RsGxsId &id, const std::list<PeerId> &peers);
virtual bool requestPrivateKey(const RsGxsId &id);
@ -350,8 +380,8 @@ virtual void handle_event(uint32_t event_type, const std::string &elabel);
std::map<RsGxsId, std::list<RsPeerId> > mCacheLoad_ToCache, mPendingCache;
// Switching to RsMemCache for Key Caching.
RsMemCache<RsGxsId, RsGxsIdCache> mPublicKeyCache;
RsMemCache<RsGxsId, RsGxsIdCache> mPrivateKeyCache;
RsMemCache<RsGxsId, RsGxsIdCache<RsTlvPublicRSAKey> > mPublicKeyCache;
RsMemCache<RsGxsId, RsGxsIdCache<RsTlvPrivateRSAKey> > mPrivateKeyCache;
/************************************************************************
* Refreshing own Ids.