Second stage in abstracting GXS identities usage cases (almost done)

2025-06-19 11:54:22 -04:00 · 2017-01-02 23:53:39 +01:00 · 2017-01-02 23:53:39 +01:00 · a9670a569a
commit a9670a569a
parent 17fc89e3c0
10 changed files with 64 additions and 56 deletions
--- a/libretroshare/src/chat/distributedchat.cc
+++ b/libretroshare/src/chat/distributedchat.cc
@ -237,8 +237,9 @@ bool DistributedChatService::checkSignature(RsChatLobbyBouncingObject *obj,const
    }
    uint32_t error_status ;
    RsIdentityUsage use_info(RS_SERVICE_TYPE_CHAT,RsIdentityUsage::CHAT_LOBBY_MSG_VALIDATION,RsGxsGroupId(),RsGxsMessageId(),obj->lobby_id) ;
-    if(!mGixs->validateData(memory,obj->signed_serial_size(),obj->signature,false,"Chat lobby "+RsUtil::NumberToString(obj->lobby_id,true),error_status))
+    if(!mGixs->validateData(memory,obj->signed_serial_size(),obj->signature,false,use_info,error_status))
    {
 	    bool res = false ;
--- a/libretroshare/src/grouter/p3grouter.cc
+++ b/libretroshare/src/grouter/p3grouter.cc
@ -1555,7 +1555,7 @@ void p3GRouter::handleIncomingReceiptItem(RsGRouterSignedReceiptItem *receipt_it
        uint32_t error_status ;
-        if(! verifySignedDataItem(receipt_item,"GRouter incoming receipt item",error_status))
+        if(! verifySignedDataItem(receipt_item,RsIdentityUsage::GLOBAL_ROUTER_SIGNATURE_CHECK,error_status))
            if( (it->second.routing_flags & GRouterRoutingInfo::ROUTING_FLAGS_IS_ORIGIN) || (error_status !=  RsGixs::RS_GIXS_ERROR_KEY_NOT_AVAILABLE))
 	    {
 		    std::cerr << "  checking receipt signature : FAILED. Receipt is dropped. Error status=" << error_status << std::endl;
@ -1711,7 +1711,7 @@ void p3GRouter::handleIncomingDataItem(RsGRouterGenericDataItem *data_item)
 #endif
        uint32_t error_status ;
-        if(!verifySignedDataItem(data_item,"Incoming distant message",error_status))	// we should get proper flags out of this
+        if(!verifySignedDataItem(data_item,RsIdentityUsage::GLOBAL_ROUTER_SIGNATURE_CHECK,error_status))	// we should get proper flags out of this
        {
            std::cerr << "    verifying item signature: FAILED! Droping that item" ;
            std::cerr << "    You probably received a message from a person you don't have key." << std::endl;
@ -1980,7 +1980,7 @@ bool p3GRouter::signDataItem(RsGRouterAbstractMsgItem *item,const RsGxsId& signi
        return false ;
    }
 }
-bool p3GRouter::verifySignedDataItem(RsGRouterAbstractMsgItem *item,const std::string& info,uint32_t& error_status)
+bool p3GRouter::verifySignedDataItem(RsGRouterAbstractMsgItem *item,const RsIdentityUsage::UsageCode& info,uint32_t& error_status)
 {
    try
    {
@ -1999,7 +1999,9 @@ bool p3GRouter::verifySignedDataItem(RsGRouterAbstractMsgItem *item,const std::s
        if(!item->serialise_signed_data(data,data_size))
            throw std::runtime_error("Cannot serialise signed data.") ;
-        if(!mGixs->validateData(data,data_size,item->signature,true,info, error_status))
+        RsIdentityUsage use(RS_SERVICE_TYPE_GROUTER,info) ;
        if(!mGixs->validateData(data,data_size,item->signature,true,use, error_status))
        {
            switch(error_status)
            {
@ -2010,7 +2012,7 @@ bool p3GRouter::verifySignedDataItem(RsGRouterAbstractMsgItem *item,const std::s
                			std::cerr << "(EE) Key for GXS Id " << item->signature.keyId << " is not available. Cannot verify. Asking key to peer " << item->PeerId() << std::endl;
-                			mGixs->requestKey(item->signature.keyId,peer_ids,info) ;   // request the key around
+                			mGixs->requestKey(item->signature.keyId,peer_ids,use) ;   // request the key around
            			}
                                        break ;
                case RsGixs::RS_GIXS_ERROR_SIGNATURE_MISMATCH: std::cerr << "(EE) Signature mismatch. Spoofing/Corrupted/MITM?." << std::endl;
@ -2116,7 +2118,7 @@ bool p3GRouter::sendData(const RsGxsId& destination,const GRouterServiceId& clie
    // Verify the signature. If that fails, there's a bug somewhere!!
 	uint32_t error_status;
-    if(!verifySignedDataItem(data_item,"GRouter own signature check for outgoing msg",error_status))
+    if(!verifySignedDataItem(data_item,RsIdentityUsage::GLOBAL_ROUTER_SIGNATURE_CREATION,error_status))
    {
        std::cerr << "Cannot verify data item that was just signed. Some error occured!" << std::endl;
 	delete data_item;
--- a/libretroshare/src/grouter/p3grouter.h
+++ b/libretroshare/src/grouter/p3grouter.h
@ -32,6 +32,7 @@
 #include "retroshare/rsgrouter.h"
 #include "retroshare/rstypes.h"
 #include "retroshare/rstypes.h"
 #include "retroshare/rsidentity.h"
 #include "turtle/turtleclientservice.h"
 #include "services/p3service.h"
@ -254,7 +255,7 @@ private:
    // signs an item with the given key.
    bool signDataItem(RsGRouterAbstractMsgItem *item,const RsGxsId& id) ;
-    bool verifySignedDataItem(RsGRouterAbstractMsgItem *item, const std::string &info, uint32_t &error_status) ;
+    bool verifySignedDataItem(RsGRouterAbstractMsgItem *item, const RsIdentityUsage::UsageCode &info, uint32_t &error_status) ;
    bool encryptDataItem(RsGRouterGenericDataItem *item,const RsGxsId& destination_key) ;
    bool decryptDataItem(RsGRouterGenericDataItem *item) ;
--- a/libretroshare/src/gxs/rsgenexchange.cc
+++ b/libretroshare/src/gxs/rsgenexchange.cc
@ -904,7 +904,7 @@ int RsGenExchange::validateMsg(RsNxsMsg *msg, const uint32_t& grpFlag, const uin
            {
                std::list<RsPeerId> peers;
                peers.push_back(msg->PeerId());
-                mGixs->requestKey(metaData.mAuthorId, peers,"Validation of author signature, service: " + rsServiceControl->getServiceName(serviceFullType()) + ". Grp="+metaData.mGroupId.toStdString()+", msg="+metaData.mMsgId.toStdString());
+                mGixs->requestKey(metaData.mAuthorId, peers, RsIdentityUsage(serviceType(),RsIdentityUsage::MESSAGE_AUTHOR_SIGNATURE_VALIDATION,metaData.mGroupId,metaData.mMsgId));
 #ifdef GEN_EXCH_DEBUG
                std::cerr << ", Key missing. Retry later." << std::endl;
@ -999,7 +999,7 @@ int RsGenExchange::validateGrp(RsNxsGrp* grp)
 #endif
 			    std::list<RsPeerId> peers;
 			    peers.push_back(grp->PeerId());
-			    mGixs->requestKey(metaData.mAuthorId, peers,"Group author signature validation. GrpId=" + metaData.mGroupId.toStdString());
+			    mGixs->requestKey(metaData.mAuthorId, peers,RsIdentityUsage(mServType,RsIdentityUsage::GROUP_AUTHOR_SIGNATURE_VALIDATION,metaData.mGroupId));
 			    return VALIDATE_FAIL_TRY_LATER;
 		    }
 	    }
--- a/libretroshare/src/gxs/rsgixs.h
+++ b/libretroshare/src/gxs/rsgixs.h
@ -117,7 +117,7 @@ public:
     */
    virtual bool signData(const uint8_t *data,uint32_t data_size,const RsGxsId& signer_id,RsTlvKeySignature& signature,uint32_t& signing_error) = 0 ;
-    virtual bool validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const std::string& info_string,uint32_t& signing_error) = 0 ;
+    virtual bool validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const RsIdentityUsage& info,uint32_t& signing_error) = 0 ;
    virtual bool encryptData(const uint8_t *clear_data,uint32_t clear_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& encryption_error) = 0 ;
    virtual bool decryptData(const uint8_t *encrypted_data,uint32_t encrypted_data_size,uint8_t *& clear_data,uint32_t& clear_data_size,const RsGxsId& encryption_key_id,uint32_t& encryption_error) = 0 ;
--- a/libretroshare/src/gxs/rsgxsutil.cc
+++ b/libretroshare/src/gxs/rsgxsutil.cc
@ -270,7 +270,7 @@ bool RsGxsIntegrityCheck::check()
 			    GXSUTIL_DEBUG() << "TimeStamping message authors' key ID " << msg->metaData->mAuthorId << " in message " << msg->msgId << ", group ID " << msg->grpId<< std::endl;
 #endif
 			    if(rsIdentity!=NULL && rsIdentity->overallReputationLevel(msg->metaData->mAuthorId) > RsReputations::REPUTATION_LOCALLY_NEGATIVE)
-				    used_gxs_ids.insert(std::make_pair(msg->metaData->mAuthorId,std::make_pair(msg->metaData->mGroupId,msg->metaData->mMsgId))) ;
+				    used_gxs_ids.insert(std::make_pair(msg->metaData->mAuthorId,RsIdentityUsage(mGenExchangeClient->serviceType(),RsIdentityUsage::MESSAGE_AUTHOR_KEEP_ALIVE,msg->metaData->mGroupId,msg->metaData->mMsgId))) ;
 		    }
 		    delete msg;
--- a/libretroshare/src/gxstunnel/p3gxstunnel.cc
+++ b/libretroshare/src/gxstunnel/p3gxstunnel.cc
@ -937,7 +937,7 @@ void p3GxsTunnelService::handleRecvDHPublicKey(RsGxsTunnelDHPublicKeyItem *item)
        std::cerr << "(SS) Signature was verified and it doesn't check! This is a security issue!" << std::endl;
        return ;
    }
-    mGixs->timeStampKey(item->signature.keyId,"Used to validate GXS tunnel DH half-key.") ;
+    mGixs->timeStampKey(item->signature.keyId,RsIdentityUsage(RS_SERVICE_TYPE_GXS_TUNNEL,RsIdentityUsage::GXS_TUNNEL_DH_SIGNATURE_CHECK));
 #ifdef DEBUG_GXS_TUNNEL
    std::cerr << "  Signature checks! Sender's ID = " << senders_id << std::endl;
--- a/libretroshare/src/retroshare/rsidentity.h
+++ b/libretroshare/src/retroshare/rsidentity.h
@ -162,39 +162,6 @@ class RsRecognTagDetails
 	bool is_pending;
 };
 class RsIdentityDetails
 {
 public:
    RsIdentityDetails()
            : mFlags(0), mLastUsageTS(0) { return; }
    RsGxsId mId;
    // identity details.
    std::string mNickname;
    uint32_t mFlags ;
    // PGP Stuff.
    RsPgpId mPgpId;
    // Recogn details.
    std::list<RsRecognTag> mRecognTags;
    // Cyril: Reputation details. At some point we might want to merge information
    // between the two into a single global score. Since the old reputation system
    // is not finished yet, I leave this in place. We should decide what to do with it.
    RsReputations::ReputationInfo mReputation;
    // avatar
    RsGxsImage mAvatar ;
    // last usage
    time_t mLastUsageTS ;
    std::map<std::string,time_t> mUseCases ;
 };
 class RsIdOpinion
 {
 	public:
@ -224,10 +191,14 @@ public:
                   MESSAGE_AUTHOR_SIGNATURE_VALIDATION  = 0x06,
                   GROUP_AUTHOR_KEEP_ALIVE              = 0x07, // Identities are stamped regularly by crawlign the set of messages for all groups. That helps keepign the useful identities in hand.
                   MESSAGE_AUTHOR_KEEP_ALIVE            = 0x08, // Identities are stamped regularly by crawlign the set of messages for all groups. That helps keepign the useful identities in hand.
-                   CHAT_LOBBY_MSG_VALIDATION            = 0x09  // Chat lobby msgs are signed, so each time one comes, or a chat lobby event comes, a signature verificaiton happens.
+                   CHAT_LOBBY_MSG_VALIDATION            = 0x09, // Chat lobby msgs are signed, so each time one comes, or a chat lobby event comes, a signature verificaiton happens.
                   GLOBAL_ROUTER_SIGNATURE_CHECK        = 0x0a, // Global router message validation
                   GLOBAL_ROUTER_SIGNATURE_CREATION     = 0x0b, // Global router message signature
                   GXS_TUNNEL_DH_SIGNATURE_CHECK        = 0x0c, //
                   GXS_TUNNEL_DH_SIGNATURE_CREATION     = 0x0d  //
                 } ;
-    RsIdentityUsage(uint16_t service,const RsIdentityUsage::UsageCode& code,const RsGxsGroupId& gid,const RsGxsMessageId& mid=RsGxsMessageId(),uint64_t additional_id=0,const std::string& comment = std::string())
+    RsIdentityUsage(uint16_t service,const RsIdentityUsage::UsageCode& code,const RsGxsGroupId& gid=RsGxsGroupId(),const RsGxsMessageId& mid=RsGxsMessageId(),uint64_t additional_id=0,const std::string& comment = std::string())
    	: mServiceId(service), mUsageCode(code), mGrpId(gid), mMsgId(mid),mAdditionalId(additional_id),mComment(comment) {}
    uint16_t 		mServiceId;		// Id of the service using that identity
@ -239,6 +210,39 @@ public:
    std::string 	mComment ;		// additional comment to be used mainly for debugging, but not GUI display
 };
 class RsIdentityDetails
 {
 public:
    RsIdentityDetails()
            : mFlags(0), mLastUsageTS(0) { return; }
    RsGxsId mId;
    // identity details.
    std::string mNickname;
    uint32_t mFlags ;
    // PGP Stuff.
    RsPgpId mPgpId;
    // Recogn details.
    std::list<RsRecognTag> mRecognTags;
    // Cyril: Reputation details. At some point we might want to merge information
    // between the two into a single global score. Since the old reputation system
    // is not finished yet, I leave this in place. We should decide what to do with it.
    RsReputations::ReputationInfo mReputation;
    // avatar
    RsGxsImage mAvatar ;
    // last usage
    time_t mLastUsageTS ;
    std::map<RsIdentityUsage,time_t> mUseCases ;
 };
 class RsIdentity: public RsGxsIfaceHelper
--- a/libretroshare/src/services/p3idservice.cc
+++ b/libretroshare/src/services/p3idservice.cc
@ -287,10 +287,10 @@ void p3IdService::timeStampKey(const RsGxsId& gxs_id, const RsIdentityUsage& rea
    {
        // This is very costly, but normally the outerloop should never be rolled more than once.
-        std::map<std::string,time_t>::iterator best_it ;
+        std::map<RsIdentityUsage,time_t>::iterator best_it ;
        time_t best_time = now+1;
-        for(std::map<std::string,time_t>::iterator it(info.usage_map.begin());it!=info.usage_map.end();++it)
+        for(std::map<RsIdentityUsage,time_t>::iterator it(info.usage_map.begin());it!=info.usage_map.end();++it)
            if(it->second < best_time)
            {
                best_time = it->second ;
@ -788,7 +788,7 @@ static void mergeIds(std::map<RsGxsId,std::list<RsPeerId> >& idmap,const RsGxsId
        old_peers.push_back(*it) ;
 }
-bool p3IdService::requestKey(const RsGxsId &id, const std::list<RsPeerId>& peers,const RsIdentityUsage& info)
+bool p3IdService::requestKey(const RsGxsId &id, const std::list<RsPeerId>& peers,const RsIdentityUsage& use_info)
 {
    if(id.isNull())
    {
@ -834,7 +834,7 @@ bool p3IdService::requestKey(const RsGxsId &id, const std::list<RsPeerId>& peers
    }
    {
 		RS_STACK_MUTEX(mIdMtx); /********** STACK LOCKED MTX ******/
-		mKeysTS[id].usage_map["Requested to friends: "+info] = time(NULL) ;
+		mKeysTS[id].usage_map[use_info] = time(NULL) ;
    }
    return cache_request_load(id, peers);
@ -935,7 +935,7 @@ bool p3IdService::signData(const uint8_t *data,uint32_t data_size,const RsGxsId&
    timeStampKey(own_gxs_id,"Own GXS id") ;
    return true ;
 }
-bool p3IdService::validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const std::string& info_string,uint32_t& signing_error)
+bool p3IdService::validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const RsIdentityUsage& info,uint32_t& signing_error)
 {
    // RsIdentityDetails details ;
    // getIdDetails(signature.keyId,details);
@ -969,7 +969,7 @@ bool p3IdService::validateData(const uint8_t *data,uint32_t data_size,const RsTl
    }
    signing_error = RS_GIXS_ERROR_NO_ERROR ;
-    timeStampKey(signature.keyId,"Used in signature checking: "+info_string ) ;
+    timeStampKey(signature.keyId,info);
    return true ;
 }
 bool p3IdService::encryptData(const uint8_t *decrypted_data,uint32_t decrypted_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& error_status)
--- a/libretroshare/src/services/p3idservice.h
+++ b/libretroshare/src/services/p3idservice.h
@ -286,7 +286,7 @@ public:
 	virtual bool isOwnId(const RsGxsId& key_id) ;
 	virtual bool signData(const uint8_t *data,uint32_t data_size,const RsGxsId& signer_id,RsTlvKeySignature& signature,uint32_t& signing_error) ;
-	virtual bool validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const std::string& info_string,uint32_t& signing_error) ;
+	virtual bool validateData(const uint8_t *data, uint32_t data_size, const RsTlvKeySignature& signature, bool force_load, const RsIdentityUsage &info, uint32_t& signing_error) ;
 	virtual bool encryptData(const uint8_t *decrypted_data,uint32_t decrypted_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& encryption_error) ;
 	virtual bool decryptData(const uint8_t *encrypted_data,uint32_t encrypted_data_size,uint8_t *& decrypted_data,uint32_t& decrypted_data_size,const RsGxsId& encryption_key_id,uint32_t& encryption_error) ;
@ -297,7 +297,7 @@ public:
 	virtual bool getKey(const RsGxsId &id, RsTlvPublicRSAKey &key);
 	virtual bool getPrivateKey(const RsGxsId &id, RsTlvPrivateRSAKey &key);
-    virtual bool requestKey(const RsGxsId &id, const std::list<RsPeerId> &peers, const RsIdentityUsage &info);
+    virtual bool requestKey(const RsGxsId &id, const std::list<RsPeerId> &peers, const RsIdentityUsage &use_info);
 	virtual bool requestPrivateKey(const RsGxsId &id);