- fixed a bug in distant message signature checking

- fixed delay problem in not getting uncached GXS Id keys by prior requesting details about the key - enabled signing by default in MessageComposer - implemented print() in RsTlvIdSet. git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@7373 b45a01b8-16f6-495d-af2f-9b41ad6348cc
2024-12-27 16:39:29 -05:00 · 2014-05-17 21:36:07 +00:00 · 2014-05-17 21:36:07 +00:00 · bfe872118b
commit bfe872118b
parent b56df2d045
3 changed files with 39 additions and 8 deletions
--- a/libretroshare/src/serialiser/rstlvidset.h
+++ b/libretroshare/src/serialiser/rstlvidset.h
@ -99,12 +99,16 @@ template<class ID_CLASS,uint32_t TLV_TYPE> class t_RsTlvIdSet: public RsTlvItem
 		}
 		virtual std::ostream &print(std::ostream &out, uint16_t /* indent */) const
 		{
-			std::cerr << __PRETTY_FUNCTION__ << ": not implemented" << std::endl;
+			for(typename std::list<ID_CLASS>::const_iterator it(ids.begin());it!=ids.end();++it)
+				out << (*it).toStdString() << ", " ;
+
 			return out ;
 		}
 		virtual std::ostream &printHex(std::ostream &out, uint16_t /* indent */) const /* SPECIAL One */
 		{
-			std::cerr << __PRETTY_FUNCTION__ << ": not implemented" << std::endl;
+			for(typename std::list<ID_CLASS>::const_iterator it(ids.begin());it!=ids.end();++it)
+				out << (*it).toStdString() << ", " ;
+
 			return out ;
 		}

--- a/libretroshare/src/services/p3msgservice.cc
+++ b/libretroshare/src/services/p3msgservice.cc
@ -60,7 +60,7 @@
 //#define MSG_DEBUG 1
 //#define DEBUG_DISTANT_MSG
 //#define DISABLE_DISTANT_MESSAGES 
-#define DEBUG_DISTANT_MSG
+//#define DEBUG_DISTANT_MSG

 const int msgservicezone = 54319;

@ -1751,8 +1751,11 @@ bool p3MsgService::createDistantMessage(const RsGxsId& destination_gxs_id,const

 #ifdef DEBUG_DISTANT_MSG
 			std::cerr << "  Appending signature." << std::endl;
-			std::cerr << "    size = : " << signature.signData.bin_len << std::endl;
-			std::cerr << "    hex  = : " << RsUtil::BinToHex((const char*)signature.signData.bin_data,std::min(50u,signature.signData.bin_len)) << "..." << std::endl;
+			std::cerr << "    data length: " << offset     << std::endl;
+			std::cerr << "    data hash  : " << RsDirUtil::sha1sum(data,offset) << std::endl;
+			std::cerr << "    sign size  : " << signature.signData.bin_len << std::endl;
+			std::cerr << "    sign hex   : " << RsUtil::BinToHex((const char*)signature.signData.bin_data,std::min(50u,signature.signData.bin_len)) << "..." << std::endl;
+			std::cerr << "    sign hash  : " << RsDirUtil::sha1sum((const uint8_t*)signature.signData.bin_data,signature.signData.bin_len) << std::endl;
 #endif
 			if(offset + signature.signData.bin_len + 5 + 1 >= total_data_size)
 				throw std::runtime_error("Conservative size is not enough! Can't serialise encrypted message.") ;
@ -1978,14 +1981,37 @@ bool p3MsgService::decryptMessage(const std::string& mId)
 			  signature.signData.bin_data = malloc(signature_size) ;
 			  memcpy(signature.signData.bin_data,&decrypted_data[offset],signature_size) ;

+#ifdef DEBUG_DISTANT_MSG
 			  std::cerr << "  Signature is present. Verifying it..." << std::endl;
+			  std::cerr << "    data length: " << size_of_signed_data     << std::endl;
+			  std::cerr << "    data hash  : " << RsDirUtil::sha1sum(decrypted_data,size_of_signed_data) << std::endl;
+			  std::cerr << "    Sign length: " << signature.signData.bin_len << std::endl;
+			  std::cerr << "    Sign hash  : " << RsDirUtil::sha1sum((const uint8_t*)signature.signData.bin_data,signature.signData.bin_len) << std::endl;
+			  std::cerr << "    Sign key id: " << signature.keyId << std::endl;
+#endif
 			  signature_present = true ;

 			  RsTlvSecurityKey signature_key ;

-			  if(!mIdService->getKey(senders_id,signature_key) || signature_key.keyData.bin_data == NULL)
-				  std::cerr << "(EE) No key for checking signature from " << senders_id << ", can't veryfy signature." << std::endl;
-			  else if(!GxsSecurity::validateSignature((char*)decrypted_data,offset,signature_key,signature))
+			  // We need to get the key of the sender, but if the key is not cached, we need to get it first. So we let
+			  // the system work for 2-3 seconds before giving up. Normally this would only cause a delay for uncached 
+			  // keys, which is rare. To force the system to cache the key, we first call for getIdDetails().
+			  //
+			  RsIdentityDetails details  ;
+			  mIdService->getIdDetails(senders_id,details);
+
+			  for(int i=0;i<6;++i)
+				  if(!mIdService->getKey(senders_id,signature_key) || signature_key.keyData.bin_data == NULL)
+				  {
+					  std::cerr << "  Cannot get key. Waiting for caching. try " << i << "/6" << std::endl;
+					  usleep(500000) ;	// sleep for 500 msec.
+				  }
+				  else
+					  break ;
+
+			  if(signature_key.keyData.bin_data == NULL)
+				  std::cerr << "(EE) No key for checking signature from " << senders_id << ", can't verify signature." << std::endl;
+			  else if(!GxsSecurity::validateSignature((char*)decrypted_data,size_of_signed_data,signature_key,signature))
 				  std::cerr << "(EE) Signature was verified and it doesn't check! This is a security issue!" << std::endl;
 			  else
 				  signature_ok = true ;
--- a/retroshare-gui/src/gui/msgs/MessageComposer.cpp
+++ b/retroshare-gui/src/gui/msgs/MessageComposer.cpp
@ -135,6 +135,7 @@ MessageComposer::MessageComposer(QWidget *parent, Qt::WindowFlags flags)
    setAttribute ( Qt::WA_DeleteOnClose, true );

    ui.hashBox->hide();
+	 ui.signMessage_CB->setChecked(true) ;

    // connect up the buttons.
    connect( ui.actionSend, SIGNAL( triggered (bool)), this, SLOT( sendMessage( ) ) );