Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2024-10-01 02:35:48 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #625 from csoler/v0.6-Reputations

Browse Source 
V0.6 reputations
This commit is contained in:
csoler 2017-01-04 23:06:42 +01:00 committed by GitHub
commit f0144fea97
16 changed files with 232 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
libretroshare/src/chat/distributedchat.cc
View File

@ -220,7 +220,7 @@ bool DistributedChatService::checkSignature(RsChatLobbyBouncingObject *obj,const
// network pre-request key to allow message authentication.
mGixs->requestKey(obj->signature.keyId,peer_list,"Needed for chat lobby "+RsUtil::NumberToString(obj->lobby_id,true));
mGixs->requestKey(obj->signature.keyId,peer_list,RsIdentityUsage(RS_SERVICE_TYPE_CHAT,RsIdentityUsage::CHAT_LOBBY_MSG_VALIDATION,RsGxsGroupId(),RsGxsMessageId(),obj->lobby_id));
uint32_t size = obj->signed_serial_size() ;
RsTemporaryMemory memory(size) ;
@ -237,8 +237,9 @@ bool DistributedChatService::checkSignature(RsChatLobbyBouncingObject *obj,const
}
uint32_t error_status ;
RsIdentityUsage use_info(RS_SERVICE_TYPE_CHAT,RsIdentityUsage::CHAT_LOBBY_MSG_VALIDATION,RsGxsGroupId(),RsGxsMessageId(),obj->lobby_id) ;
if(!mGixs->validateData(memory,obj->signed_serial_size(),obj->signature,false,"Chat lobby "+RsUtil::NumberToString(obj->lobby_id,true),error_status))
if(!mGixs->validateData(memory,obj->signed_serial_size(),obj->signature,false,use_info,error_status))
{
bool res = false ;

14
libretroshare/src/grouter/p3grouter.cc
View File

@ -1555,7 +1555,7 @@ void p3GRouter::handleIncomingReceiptItem(RsGRouterSignedReceiptItem *receipt_it
uint32_t error_status ;
if(! verifySignedDataItem(receipt_item,"GRouter incoming receipt item",error_status))
if(! verifySignedDataItem(receipt_item,RsIdentityUsage::GLOBAL_ROUTER_SIGNATURE_CHECK,error_status))
if( (it->second.routing_flags & GRouterRoutingInfo::ROUTING_FLAGS_IS_ORIGIN) || (error_status != RsGixs::RS_GIXS_ERROR_KEY_NOT_AVAILABLE))
{
std::cerr << " checking receipt signature : FAILED. Receipt is dropped. Error status=" << error_status << std::endl;
@ -1711,7 +1711,7 @@ void p3GRouter::handleIncomingDataItem(RsGRouterGenericDataItem *data_item)
#endif
uint32_t error_status ;
if(!verifySignedDataItem(data_item,"Incoming distant message",error_status)) // we should get proper flags out of this
if(!verifySignedDataItem(data_item,RsIdentityUsage::GLOBAL_ROUTER_SIGNATURE_CHECK,error_status)) // we should get proper flags out of this
{
std::cerr << " verifying item signature: FAILED! Droping that item" ;
std::cerr << " You probably received a message from a person you don't have key." << std::endl;
@ -1980,7 +1980,7 @@ bool p3GRouter::signDataItem(RsGRouterAbstractMsgItem *item,const RsGxsId& signi
return false ;
}
}
bool p3GRouter::verifySignedDataItem(RsGRouterAbstractMsgItem *item,const std::string& info,uint32_t& error_status)
bool p3GRouter::verifySignedDataItem(RsGRouterAbstractMsgItem *item,const RsIdentityUsage::UsageCode& info,uint32_t& error_status)
{
try
{
@ -1999,7 +1999,9 @@ bool p3GRouter::verifySignedDataItem(RsGRouterAbstractMsgItem *item,const std::s
if(!item->serialise_signed_data(data,data_size))
throw std::runtime_error("Cannot serialise signed data.") ;
if(!mGixs->validateData(data,data_size,item->signature,true,info, error_status))
RsIdentityUsage use(RS_SERVICE_TYPE_GROUTER,info) ;
if(!mGixs->validateData(data,data_size,item->signature,true,use, error_status))
{
switch(error_status)
{
@ -2010,7 +2012,7 @@ bool p3GRouter::verifySignedDataItem(RsGRouterAbstractMsgItem *item,const std::s
std::cerr << "(EE) Key for GXS Id " << item->signature.keyId << " is not available. Cannot verify. Asking key to peer " << item->PeerId() << std::endl;
mGixs->requestKey(item->signature.keyId,peer_ids,info) ; // request the key around
mGixs->requestKey(item->signature.keyId,peer_ids,use) ; // request the key around
}
break ;
case RsGixs::RS_GIXS_ERROR_SIGNATURE_MISMATCH: std::cerr << "(EE) Signature mismatch. Spoofing/Corrupted/MITM?." << std::endl;
@ -2116,7 +2118,7 @@ bool p3GRouter::sendData(const RsGxsId& destination,const GRouterServiceId& clie
// Verify the signature. If that fails, there's a bug somewhere!!
uint32_t error_status;
if(!verifySignedDataItem(data_item,"GRouter own signature check for outgoing msg",error_status))
if(!verifySignedDataItem(data_item,RsIdentityUsage::GLOBAL_ROUTER_SIGNATURE_CREATION,error_status))
{
std::cerr << "Cannot verify data item that was just signed. Some error occured!" << std::endl;
delete data_item;

3
libretroshare/src/grouter/p3grouter.h
View File

@ -32,6 +32,7 @@
#include "retroshare/rsgrouter.h"
#include "retroshare/rstypes.h"
#include "retroshare/rstypes.h"
#include "retroshare/rsidentity.h"
#include "turtle/turtleclientservice.h"
#include "services/p3service.h"
@ -254,7 +255,7 @@ private:
// signs an item with the given key.
bool signDataItem(RsGRouterAbstractMsgItem *item,const RsGxsId& id) ;
bool verifySignedDataItem(RsGRouterAbstractMsgItem *item, const std::string &info, uint32_t &error_status) ;
bool verifySignedDataItem(RsGRouterAbstractMsgItem *item, const RsIdentityUsage::UsageCode &info, uint32_t &error_status) ;
bool encryptDataItem(RsGRouterGenericDataItem *item,const RsGxsId& destination_key) ;
bool decryptDataItem(RsGRouterGenericDataItem *item) ;

14
libretroshare/src/gxs/rsgenexchange.cc
View File

@ -472,7 +472,7 @@ int RsGenExchange::createGroupSignatures(RsTlvKeySignatureSet& signSet, RsTlvBin
if(GxsSecurity::getSignature((char*)grpData.bin_data, grpData.bin_len, authorKey, sign))
{
id_ret = SIGN_SUCCESS;
mGixs->timeStampKey(grpMeta.mAuthorId,"Creation of group author signature for GrpId" + grpMeta.mGroupId.toStdString()) ;
mGixs->timeStampKey(grpMeta.mAuthorId,RsIdentityUsage(mServType,RsIdentityUsage::GROUP_AUTHOR_SIGNATURE_CREATION,grpMeta.mGroupId)) ;
signSet.keySignSet[INDEX_AUTHEN_IDENTITY] = sign;
}
else
@ -640,7 +640,7 @@ int RsGenExchange::createMsgSignatures(RsTlvKeySignatureSet& signSet, RsTlvBinar
if(GxsSecurity::getSignature((char*)msgData.bin_data, msgData.bin_len, authorKey, sign))
{
id_ret = SIGN_SUCCESS;
mGixs->timeStampKey(msgMeta.mAuthorId,"Creating author signature in group " + msgMeta.mGroupId.toStdString() + ", msg " + msgMeta.mMsgId.toStdString()) ;
mGixs->timeStampKey(msgMeta.mAuthorId,RsIdentityUsage(mServType,RsIdentityUsage::MESSAGE_AUTHOR_SIGNATURE_CREATION,msgMeta.mGroupId,msgMeta.mMsgId)) ;
signSet.keySignSet[INDEX_AUTHEN_IDENTITY] = sign;
}
else
@ -868,7 +868,7 @@ int RsGenExchange::validateMsg(RsNxsMsg *msg, const uint32_t& grpFlag, const uin
{
RsTlvKeySignature sign = metaData.signSet.keySignSet[INDEX_AUTHEN_IDENTITY];
idValidate &= GxsSecurity::validateNxsMsg(*msg, sign, authorKey);
mGixs->timeStampKey(metaData.mAuthorId,"Validation of author signature, service: " + rsServiceControl->getServiceName(serviceFullType()) + ". Grp="+metaData.mGroupId.toStdString()+", msg="+metaData.mMsgId.toStdString()) ;
mGixs->timeStampKey(metaData.mAuthorId,RsIdentityUsage(mServType,RsIdentityUsage::MESSAGE_AUTHOR_SIGNATURE_VALIDATION,metaData.mGroupId,metaData.mMsgId)) ;
}
else
{
@ -911,7 +911,7 @@ int RsGenExchange::validateMsg(RsNxsMsg *msg, const uint32_t& grpFlag, const uin
{
std::list<RsPeerId> peers;
peers.push_back(msg->PeerId());
mGixs->requestKey(metaData.mAuthorId, peers,"Validation of author signature, service: " + rsServiceControl->getServiceName(serviceFullType()) + ". Grp="+metaData.mGroupId.toStdString()+", msg="+metaData.mMsgId.toStdString());
mGixs->requestKey(metaData.mAuthorId, peers, RsIdentityUsage(serviceType(),RsIdentityUsage::MESSAGE_AUTHOR_SIGNATURE_VALIDATION,metaData.mGroupId,metaData.mMsgId));
#ifdef GEN_EXCH_DEBUG
std::cerr << ", Key missing. Retry later." << std::endl;
@ -988,7 +988,7 @@ int RsGenExchange::validateGrp(RsNxsGrp* grp)
#ifdef GEN_EXCH_DEBUG
std::cerr << " key ID validation result: " << idValidate << std::endl;
#endif
mGixs->timeStampKey(metaData.mAuthorId,"Group author signature validation. GrpId=" + metaData.mGroupId.toStdString()) ;
mGixs->timeStampKey(metaData.mAuthorId,RsIdentityUsage(mServType,RsIdentityUsage::GROUP_AUTHOR_SIGNATURE_VALIDATION,metaData.mGroupId));
}
else
{
@ -1006,7 +1006,7 @@ int RsGenExchange::validateGrp(RsNxsGrp* grp)
#endif
std::list<RsPeerId> peers;
peers.push_back(grp->PeerId());
mGixs->requestKey(metaData.mAuthorId, peers,"Group author signature validation. GrpId=" + metaData.mGroupId.toStdString());
mGixs->requestKey(metaData.mAuthorId, peers,RsIdentityUsage(mServType,RsIdentityUsage::GROUP_AUTHOR_SIGNATURE_VALIDATION,metaData.mGroupId));
return VALIDATE_FAIL_TRY_LATER;
}
}
@ -3143,6 +3143,8 @@ bool RsGenExchange::updateValid(RsGxsGrpMetaData& oldGrpMeta, RsNxsGrp& newGrp)
// also check this is the latest published group
bool latest = newGrp.metaData->mPublishTs > oldGrpMeta.mPublishTs;
mGixs->timeStampKey(newGrp.metaData->mAuthorId, RsIdentityUsage(mServType,RsIdentityUsage::GROUP_ADMIN_SIGNATURE_CREATION, oldGrpMeta.mGroupId)) ;
return GxsSecurity::validateNxsGrp(newGrp, adminSign, keyMit->second) && latest;
}

6
libretroshare/src/gxs/rsgixs.h
View File

@ -117,7 +117,7 @@ public:
*/
virtual bool signData(const uint8_t *data,uint32_t data_size,const RsGxsId& signer_id,RsTlvKeySignature& signature,uint32_t& signing_error) = 0 ;
virtual bool validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const std::string& info_string,uint32_t& signing_error) = 0 ;
virtual bool validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const RsIdentityUsage& info,uint32_t& signing_error) = 0 ;
virtual bool encryptData(const uint8_t *clear_data,uint32_t clear_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& encryption_error) = 0 ;
virtual bool decryptData(const uint8_t *encrypted_data,uint32_t encrypted_data_size,uint8_t *& clear_data,uint32_t& clear_data_size,const RsGxsId& encryption_key_id,uint32_t& encryption_error) = 0 ;
@ -125,7 +125,7 @@ public:
virtual bool getOwnIds(std::list<RsGxsId>& ids) = 0;
virtual bool isOwnId(const RsGxsId& key_id) = 0 ;
virtual void timeStampKey(const RsGxsId& key_id,const std::string& reason) = 0 ;
virtual void timeStampKey(const RsGxsId& key_id,const RsIdentityUsage& reason) = 0 ;
// Key related interface - used for validating msgs and groups.
/*!
@ -149,7 +149,7 @@ public:
* @param keyref the KeyRef of the key being requested
* @return will
*/
virtual bool requestKey(const RsGxsId &id, const std::list<RsPeerId> &peers,const std::string& info) = 0;
virtual bool requestKey(const RsGxsId &id, const std::list<RsPeerId> &peers,const RsIdentityUsage& info) = 0;
virtual bool requestPrivateKey(const RsGxsId &id) = 0;

6
libretroshare/src/gxs/rsgxsnetservice.cc
View File

@ -4232,9 +4232,9 @@ void RsGxsNetService::handleRecvSyncMessage(RsNxsSyncMsgReqItem *item,bool item_
if(details.mReputation.mOverallReputationLevel < minReputationForForwardingMessages(grpMeta->mSignFlags, details.mFlags))
{
//#ifdef NXS_NET_DEBUG_0
std::cerr << /* GXSNETDEBUG_PG(item->PeerId(),item->grpId) << */ " not sending item ID " << (*vit)->mMsgId << ", because the author is flags " << std::hex << details.mFlags << std::dec << " and reputation level " << details.mReputation.mOverallReputationLevel << std::endl;
//#endif
#ifdef NXS_NET_DEBUG_0
std::cerr << GXSNETDEBUG_PG(item->PeerId(),item->grpId) << " not sending item ID " << (*vit)->mMsgId << ", because the author is flags " << std::hex << details.mFlags << std::dec << " and reputation level " << details.mReputation.mOverallReputationLevel << std::endl;
#endif
continue ;
}
}

14
libretroshare/src/gxs/rsgxsutil.cc
View File

@ -139,7 +139,7 @@ bool RsGxsIntegrityCheck::check()
GxsMsgReq msgIds;
GxsMsgReq grps;
std::map<RsGxsId,RsGxsGroupId> used_gxs_ids ;
std::map<RsGxsId,RsIdentityUsage> used_gxs_ids ;
std::set<RsGxsGroupId> subscribed_groups ;
// compute hash and compare to stored value, if it fails then simply add it
@ -172,7 +172,7 @@ bool RsGxsIntegrityCheck::check()
#endif
if(rsIdentity!=NULL && rsIdentity->overallReputationLevel(grp->metaData->mAuthorId) > RsReputations::REPUTATION_LOCALLY_NEGATIVE)
used_gxs_ids.insert(std::make_pair(grp->metaData->mAuthorId,grp->grpId)) ;
used_gxs_ids.insert(std::make_pair(grp->metaData->mAuthorId,RsIdentityUsage(mGenExchangeClient->serviceType(),RsIdentityUsage::GROUP_AUTHOR_KEEP_ALIVE,grp->grpId))) ;
}
}
}
@ -270,7 +270,7 @@ bool RsGxsIntegrityCheck::check()
GXSUTIL_DEBUG() << "TimeStamping message authors' key ID " << msg->metaData->mAuthorId << " in message " << msg->msgId << ", group ID " << msg->grpId<< std::endl;
#endif
if(rsIdentity!=NULL && rsIdentity->overallReputationLevel(msg->metaData->mAuthorId) > RsReputations::REPUTATION_LOCALLY_NEGATIVE)
used_gxs_ids.insert(std::make_pair(msg->metaData->mAuthorId,msg->metaData->mGroupId)) ;
used_gxs_ids.insert(std::make_pair(msg->metaData->mAuthorId,RsIdentityUsage(mGenExchangeClient->serviceType(),RsIdentityUsage::MESSAGE_AUTHOR_KEEP_ALIVE,msg->metaData->mGroupId,msg->metaData->mMsgId))) ;
}
delete msg;
@ -297,9 +297,9 @@ bool RsGxsIntegrityCheck::check()
std::list<RsPeerId> connected_friends ;
rsPeers->getOnlineList(connected_friends) ;
std::vector<std::pair<RsGxsId,RsGxsGroupId> > gxs_ids ;
std::vector<std::pair<RsGxsId,RsIdentityUsage> > gxs_ids ;
for(std::map<RsGxsId,RsGxsGroupId>::const_iterator it(used_gxs_ids.begin());it!=used_gxs_ids.end();++it)
for(std::map<RsGxsId,RsIdentityUsage>::const_iterator it(used_gxs_ids.begin());it!=used_gxs_ids.end();++it)
{
gxs_ids.push_back(*it) ;
#ifdef DEBUG_GXSUTIL
@ -323,7 +323,7 @@ bool RsGxsIntegrityCheck::check()
if(!mGixs->haveKey(gxs_ids[n].first)) // checks if we have it already in the cache (conservative way to ensure that we atually have it)
{
mGixs->requestKey(gxs_ids[n].first,connected_friends,"Author in service \"" + rsServiceControl->getServiceName(mGenExchangeClient->serviceFullType())+"\" (group ID " + gxs_ids[n].second.toStdString() + ")" ) ;
mGixs->requestKey(gxs_ids[n].first,connected_friends,gxs_ids[n].second);
++nb_requested_not_in_cache ;
#ifdef DEBUG_GXSUTIL
@ -336,7 +336,7 @@ bool RsGxsIntegrityCheck::check()
GXSUTIL_DEBUG() << " ... already in cache" << std::endl;
#endif
}
mGixs->timeStampKey(gxs_ids[n].first,"Author in service \"" + rsServiceControl->getServiceName(mGenExchangeClient->serviceFullType())+"\" (group ID " + gxs_ids[n].second.toStdString() + ")");
mGixs->timeStampKey(gxs_ids[n].first,gxs_ids[n].second);
gxs_ids[n] = gxs_ids[gxs_ids.size()-1] ;
gxs_ids.pop_back() ;

2
libretroshare/src/gxstunnel/p3gxstunnel.cc
View File

@ -937,7 +937,7 @@ void p3GxsTunnelService::handleRecvDHPublicKey(RsGxsTunnelDHPublicKeyItem *item)
std::cerr << "(SS) Signature was verified and it doesn't check! This is a security issue!" << std::endl;
return ;
}
mGixs->timeStampKey(item->signature.keyId,"Used to validate GXS tunnel DH half-key.") ;
mGixs->timeStampKey(item->signature.keyId,RsIdentityUsage(RS_SERVICE_TYPE_GXS_TUNNEL,RsIdentityUsage::GXS_TUNNEL_DH_SIGNATURE_CHECK));
#ifdef DEBUG_GXS_TUNNEL
std::cerr << " Signature checks! Sender's ID = " << senders_id << std::endl;

79
libretroshare/src/retroshare/rsidentity.h
View File

@ -162,6 +162,65 @@ class RsRecognTagDetails
bool is_pending;
};
class RsIdOpinion
{
public:
RsGxsId id;
int rating;
};
class RsIdentityParameters
{
public:
RsIdentityParameters(): isPgpLinked(false) { return; }
bool isPgpLinked;
std::string nickname;
RsGxsImage mImage ;
};
class RsIdentityUsage
{
public:
enum UsageCode { UNKNOWN_USAGE = 0x00,
GROUP_ADMIN_SIGNATURE_CREATION = 0x01, // These 2 are normally not normal GXS identities, but nothing prevents it to happen either.
GROUP_ADMIN_SIGNATURE_VALIDATION = 0x02,
GROUP_AUTHOR_SIGNATURE_CREATION = 0x03, // not typically used, since most services do not require group author signatures
GROUP_AUTHOR_SIGNATURE_VALIDATION = 0x04,
MESSAGE_AUTHOR_SIGNATURE_CREATION = 0x05, // most common use case. Messages are signed by authors in e.g. forums.
MESSAGE_AUTHOR_SIGNATURE_VALIDATION = 0x06,
GROUP_AUTHOR_KEEP_ALIVE = 0x07, // Identities are stamped regularly by crawlign the set of messages for all groups. That helps keepign the useful identities in hand.
MESSAGE_AUTHOR_KEEP_ALIVE = 0x08, // Identities are stamped regularly by crawlign the set of messages for all groups. That helps keepign the useful identities in hand.
CHAT_LOBBY_MSG_VALIDATION = 0x09, // Chat lobby msgs are signed, so each time one comes, or a chat lobby event comes, a signature verificaiton happens.
GLOBAL_ROUTER_SIGNATURE_CHECK = 0x0a, // Global router message validation
GLOBAL_ROUTER_SIGNATURE_CREATION = 0x0b, // Global router message signature
GXS_TUNNEL_DH_SIGNATURE_CHECK = 0x0c, //
GXS_TUNNEL_DH_SIGNATURE_CREATION = 0x0d, //
IDENTITY_DATA_UPDATE = 0x0e, // Group update on that identity data. Can be avatar, name, etc.
IDENTITY_GENERIC_SIGNATURE_CHECK = 0x0f, // Any signature verified for that identity
IDENTITY_GENERIC_SIGNATURE_CREATION = 0x10, // Any signature made by that identity
IDENTITY_GENERIC_ENCRYPTION = 0x11,
IDENTITY_GENERIC_DECRYPTION = 0x12,
CIRCLE_MEMBERSHIP_CHECK = 0x13
} ;
explicit RsIdentityUsage(uint16_t service,const RsIdentityUsage::UsageCode& code,const RsGxsGroupId& gid=RsGxsGroupId(),const RsGxsMessageId& mid=RsGxsMessageId(),uint64_t additional_id=0,const std::string& comment = std::string());
uint16_t mServiceId; // Id of the service using that identity
UsageCode mUsageCode; // Specific code to use. Will allow forming the correct translated message in the GUI if necessary.
RsGxsGroupId mGrpId; // Group ID using the identity
RsGxsMessageId mMsgId; // Message ID using the identity
uint64_t mAdditionalId; // Some additional ID. Can be used for e.g. chat lobbies.
std::string mComment ; // additional comment to be used mainly for debugging, but not GUI display
bool operator<(const RsIdentityUsage& u) const
{
return mHash < u.mHash ;
}
RsFileHash mHash ;
};
class RsIdentityDetails
{
public:
@ -172,7 +231,7 @@ public:
// identity details.
std::string mNickname;
uint32_t mFlags ;
// PGP Stuff.
@ -191,26 +250,10 @@ public:
// last usage
time_t mLastUsageTS ;
std::map<std::string,time_t> mUseCases ;
std::map<RsIdentityUsage,time_t> mUseCases ;
};
class RsIdOpinion
{
public:
RsGxsId id;
int rating;
};
class RsIdentityParameters
{
public:
RsIdentityParameters(): isPgpLinked(false) { return; }
bool isPgpLinked;
std::string nickname;
RsGxsImage mImage ;
};
class RsIdentity: public RsGxsIfaceHelper

2
libretroshare/src/services/p3gxscircles.cc
View File

@ -1090,7 +1090,7 @@ bool p3GxsCircles::locked_processLoadingCacheEntry(RsGxsCircleCache& cache)
rsPeers->getOnlineList(peers) ;
}
mIdentities->requestKey(pit->first, peers,"Membership status check in Circle "+cache.mCircleName+" ("+cache.mCircleId.toStdString()+")");
mIdentities->requestKey(pit->first, peers,RsIdentityUsage(serviceType(),RsIdentityUsage::CIRCLE_MEMBERSHIP_CHECK,RsGxsGroupId(cache.mCircleId)));
//isUnprocessedPeers = true;
}
}

36
libretroshare/src/services/p3idservice.cc
View File

@ -33,6 +33,7 @@
#include "util/rsrandom.h"
#include "util/rsstring.h"
#include "util/radix64.h"
#include "util/rsdir.h"
#include "gxs/gxssecurity.h"
#include "retroshare/rspeers.h"
@ -263,7 +264,7 @@ time_t p3IdService::locked_getLastUsageTS(const RsGxsId& gxs_id)
else
return it->second.TS ;
}
void p3IdService::timeStampKey(const RsGxsId& gxs_id, const std::string& reason)
void p3IdService::timeStampKey(const RsGxsId& gxs_id, const RsIdentityUsage& reason)
{
if(rsReputations->isIdentityBanned(gxs_id) )
{
@ -287,10 +288,10 @@ void p3IdService::timeStampKey(const RsGxsId& gxs_id, const std::string& reason)
{
// This is very costly, but normally the outerloop should never be rolled more than once.
std::map<std::string,time_t>::iterator best_it ;
std::map<RsIdentityUsage,time_t>::iterator best_it ;
time_t best_time = now+1;
for(std::map<std::string,time_t>::iterator it(info.usage_map.begin());it!=info.usage_map.end();++it)
for(std::map<RsIdentityUsage,time_t>::iterator it(info.usage_map.begin());it!=info.usage_map.end();++it)
if(it->second < best_time)
{
best_time = it->second ;
@ -525,7 +526,7 @@ void p3IdService::notifyChanges(std::vector<RsGxsNotify *> &changes)
// also time_stamp the key that this group represents
timeStampKey(RsGxsId(*git),"Group meta data changed") ;
timeStampKey(RsGxsId(*git),RsIdentityUsage(serviceType(),RsIdentityUsage::IDENTITY_DATA_UPDATE)) ;
++git;
}
@ -788,7 +789,7 @@ static void mergeIds(std::map<RsGxsId,std::list<RsPeerId> >& idmap,const RsGxsId
old_peers.push_back(*it) ;
}
bool p3IdService::requestKey(const RsGxsId &id, const std::list<RsPeerId>& peers,const std::string& info)
bool p3IdService::requestKey(const RsGxsId &id, const std::list<RsPeerId>& peers,const RsIdentityUsage& use_info)
{
if(id.isNull())
{
@ -834,7 +835,7 @@ bool p3IdService::requestKey(const RsGxsId &id, const std::list<RsPeerId>& peers
}
{
RS_STACK_MUTEX(mIdMtx); /********** STACK LOCKED MTX ******/
mKeysTS[id].usage_map["Requested to friends: "+info] = time(NULL) ;
mKeysTS[id].usage_map[use_info] = time(NULL) ;
}
return cache_request_load(id, peers);
@ -932,10 +933,11 @@ bool p3IdService::signData(const uint8_t *data,uint32_t data_size,const RsGxsId&
return false ;
}
error_status = RS_GIXS_ERROR_NO_ERROR ;
timeStampKey(own_gxs_id,"Own GXS id") ;
timeStampKey(own_gxs_id,RsIdentityUsage(serviceType(),RsIdentityUsage::IDENTITY_GENERIC_SIGNATURE_CREATION)) ;
return true ;
}
bool p3IdService::validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const std::string& info_string,uint32_t& signing_error)
bool p3IdService::validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const RsIdentityUsage& info,uint32_t& signing_error)
{
// RsIdentityDetails details ;
// getIdDetails(signature.keyId,details);
@ -969,7 +971,7 @@ bool p3IdService::validateData(const uint8_t *data,uint32_t data_size,const RsTl
}
signing_error = RS_GIXS_ERROR_NO_ERROR ;
timeStampKey(signature.keyId,"Used in signature checking: "+info_string ) ;
timeStampKey(signature.keyId,info);
return true ;
}
bool p3IdService::encryptData(const uint8_t *decrypted_data,uint32_t decrypted_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& error_status)
@ -997,7 +999,7 @@ bool p3IdService::encryptData(const uint8_t *decrypted_data,uint32_t decrypted_d
return false ;
}
error_status = RS_GIXS_ERROR_NO_ERROR ;
timeStampKey(encryption_key_id,"Used to encrypt data") ;
timeStampKey(encryption_key_id,RsIdentityUsage(serviceType(),RsIdentityUsage::IDENTITY_GENERIC_ENCRYPTION)) ;
return true ;
}
@ -1029,7 +1031,7 @@ bool p3IdService::decryptData(const uint8_t *encrypted_data,uint32_t encrypted_d
return false ;
}
error_status = RS_GIXS_ERROR_NO_ERROR ;
timeStampKey(key_id,"Used to decrypt data") ;
timeStampKey(key_id,RsIdentityUsage(serviceType(),RsIdentityUsage::IDENTITY_GENERIC_DECRYPTION)) ;
return true ;
}
@ -2264,6 +2266,9 @@ bool p3IdService::cache_load_for_token(uint32_t token)
for(std::map<RsGxsId,std::list<RsPeerId> >::const_iterator itt(mPendingCache.begin());itt!=mPendingCache.end();++itt)
if(!itt->second.empty())
mergeIds(mIdsNotPresent,itt->first,itt->second) ;
else
std::cerr << "(WW) empty list of peers to request ID " << itt->first << ": cannot request" << std::endl;
mPendingCache.clear();
@ -2534,7 +2539,7 @@ bool p3IdService::cachetest_handlerequest(uint32_t token)
if (!haveKey(*vit))
{
std::list<RsPeerId> nullpeers;
requestKey(*vit, nullpeers,"Cache test in p3IdService");
requestKey(*vit, nullpeers,RsIdentityUsage(serviceType(),RsIdentityUsage::UNKNOWN_USAGE));
#ifdef DEBUG_IDS
std::cerr << "p3IdService::cachetest_request() Requested Key Id: " << *vit;
@ -4114,5 +4119,12 @@ void p3IdService::handle_event(uint32_t event_type, const std::string &/*elabel*
}
}
RsIdentityUsage::RsIdentityUsage(uint16_t service,const RsIdentityUsage::UsageCode& code,const RsGxsGroupId& gid,const RsGxsMessageId& mid,uint64_t additional_id,const std::string& comment)
: mServiceId(service), mUsageCode(code), mGrpId(gid), mMsgId(mid),mAdditionalId(additional_id),mComment(comment)
{
// This is a hack, since it will hash also mHash, but because it is initialized to 0, and only computed in the constructor here, it should be ok.
mHash = RsDirUtil::sha1sum(reinterpret_cast<uint8_t*>(this),sizeof(RsIdentityUsage)) ;
}

9
libretroshare/src/services/p3idservice.h
View File

@ -212,7 +212,6 @@ private:
void init(const RsGxsIdGroupItem *item, const RsTlvPublicRSAKey& in_pub_key, const RsTlvPrivateRSAKey& in_priv_key,const std::list<RsRecognTag> &tagList);
};
// Not sure exactly what should be inherited here?
// Chris - please correct as necessary.
@ -287,7 +286,7 @@ public:
virtual bool isOwnId(const RsGxsId& key_id) ;
virtual bool signData(const uint8_t *data,uint32_t data_size,const RsGxsId& signer_id,RsTlvKeySignature& signature,uint32_t& signing_error) ;
virtual bool validateData(const uint8_t *data,uint32_t data_size,const RsTlvKeySignature& signature,bool force_load,const std::string& info_string,uint32_t& signing_error) ;
virtual bool validateData(const uint8_t *data, uint32_t data_size, const RsTlvKeySignature& signature, bool force_load, const RsIdentityUsage &info, uint32_t& signing_error) ;
virtual bool encryptData(const uint8_t *decrypted_data,uint32_t decrypted_data_size,uint8_t *& encrypted_data,uint32_t& encrypted_data_size,const RsGxsId& encryption_key_id,bool force_load,uint32_t& encryption_error) ;
virtual bool decryptData(const uint8_t *encrypted_data,uint32_t encrypted_data_size,uint8_t *& decrypted_data,uint32_t& decrypted_data_size,const RsGxsId& encryption_key_id,uint32_t& encryption_error) ;
@ -298,7 +297,7 @@ public:
virtual bool getKey(const RsGxsId &id, RsTlvPublicRSAKey &key);
virtual bool getPrivateKey(const RsGxsId &id, RsTlvPrivateRSAKey &key);
virtual bool requestKey(const RsGxsId &id, const std::list<RsPeerId> &peers, const std::string &info);
virtual bool requestKey(const RsGxsId &id, const std::list<RsPeerId> &peers, const RsIdentityUsage &use_info);
virtual bool requestPrivateKey(const RsGxsId &id);
@ -467,7 +466,7 @@ private:
void cleanUnusedKeys() ;
void slowIndicateConfigChanged() ;
virtual void timeStampKey(const RsGxsId& id,const std::string& reason) ;
virtual void timeStampKey(const RsGxsId& id, const RsIdentityUsage& reason) ;
time_t locked_getLastUsageTS(const RsGxsId& gxs_id);
std::string genRandomId(int len = 20);
@ -512,7 +511,7 @@ private:
keyTSInfo() : TS(0) {}
time_t TS ;
std::map<std::string,time_t> usage_map ;
std::map<RsIdentityUsage,time_t> usage_map ;
};
friend class IdCacheEntryCleaner;

97
retroshare-gui/src/gui/Identity/IdDialog.cpp
View File

@ -46,6 +46,7 @@
#include <retroshare/rspeers.h>
#include "retroshare/rsgxsflags.h"
#include "retroshare/rsmsgs.h"
#include "retroshare/rsservicecontrol.h"
#include <iostream>
#include <algorithm>
@ -1884,12 +1885,12 @@ void IdDialog::insertIdDetails(uint32_t token)
rsIdentity->getIdDetails(RsGxsId(data.mMeta.mGroupId),det) ;
QString usage_txt ;
std::map<time_t,std::string> rmap ;
for(std::map<std::string,time_t>::const_iterator it(det.mUseCases.begin());it!=det.mUseCases.end();++it)
std::map<time_t,RsIdentityUsage> rmap ;
for(std::map<RsIdentityUsage,time_t>::const_iterator it(det.mUseCases.begin());it!=det.mUseCases.end();++it)
rmap.insert(std::make_pair(it->second,it->first)) ;
for(std::map<time_t,std::string>::const_iterator it(rmap.begin());it!=rmap.end();++it)
usage_txt += QString("<b>")+ getHumanReadableDuration(now - data.mLastUsageTS) + "</b> \t: " + QString::fromStdString(it->second) + "<br/>" ;
for(std::map<time_t,RsIdentityUsage>::const_iterator it(rmap.begin());it!=rmap.end();++it)
usage_txt += QString("<b>")+ getHumanReadableDuration(now - data.mLastUsageTS) + "</b> \t: " + createUsageString(it->second) + "<br/>" ;
if(usage_txt.isNull())
usage_txt = tr("<b>[No record in current session]</b>") ;
@ -1897,6 +1898,94 @@ void IdDialog::insertIdDetails(uint32_t token)
ui->usageStatistics_TB->setText(usage_txt) ;
}
QString IdDialog::createUsageString(const RsIdentityUsage& u) const
{
QString service_name;
RetroShareLink::enumType service_type = RetroShareLink::TYPE_UNKNOWN;
switch(u.mServiceId)
{
case RS_SERVICE_GXS_TYPE_CHANNELS: service_name = tr("Channels") ;service_type = RetroShareLink::TYPE_CHANNEL ; break ;
case RS_SERVICE_GXS_TYPE_FORUMS: service_name = tr("Forums") ; service_type = RetroShareLink::TYPE_FORUM ; break ;
case RS_SERVICE_GXS_TYPE_POSTED: service_name = tr("Posted") ; service_type = RetroShareLink::TYPE_POSTED ; break ;
case RS_SERVICE_TYPE_CHAT: service_name = tr("Chat") ; break ;
default:
service_name = tr("Unknown"); service_type = RetroShareLink::TYPE_UNKNOWN ;
}
switch(u.mUsageCode)
{
case RsIdentityUsage::UNKNOWN_USAGE:
return tr("[Unknown]") ;
case RsIdentityUsage::GROUP_ADMIN_SIGNATURE_CREATION: // These 2 are normally not normal GXS identities, but nothing prevents it to happen either.
return tr("Admin signature in service %1").arg(service_name);
case RsIdentityUsage::GROUP_ADMIN_SIGNATURE_VALIDATION:
return tr("Admin signature verification in service %1").arg(service_name);
case RsIdentityUsage::GROUP_AUTHOR_SIGNATURE_CREATION: // not typically used, since most services do not require group author signatures
return tr("Creation of author signature in service %1").arg(service_name);
case RsIdentityUsage::GROUP_AUTHOR_SIGNATURE_VALIDATION:
case RsIdentityUsage::MESSAGE_AUTHOR_SIGNATURE_CREATION: // most common use case. Messages are signed by authors in e.g. forums.
case RsIdentityUsage::GROUP_AUTHOR_KEEP_ALIVE: // Identities are stamped regularly by crawlign the set of messages for all groups. That helps keepign the useful identities in hand.
break ;
case RsIdentityUsage::MESSAGE_AUTHOR_SIGNATURE_VALIDATION:
case RsIdentityUsage::MESSAGE_AUTHOR_KEEP_ALIVE: // Identities are stamped regularly by crawlign the set of messages for all groups. That helps keepign the useful identities in hand.
{
RetroShareLink l;
l.createGxsMessageLink(service_type,u.mGrpId,u.mMsgId,tr("Message/vote/comment"));
return tr("%1 in %2 tab").arg(l.toHtml()).arg(service_name) ;
}
case RsIdentityUsage::CHAT_LOBBY_MSG_VALIDATION: // Chat lobby msgs are signed, so each time one comes, or a chat lobby event comes, a signature verificaiton happens.
{
// there is no link for chat lobby yet.
return tr("Message in chat lobby %1").arg(u.mAdditionalId) ;
}
case RsIdentityUsage::GLOBAL_ROUTER_SIGNATURE_CHECK: // Global router message validation
{
return tr("Distant message signature validation.");
}
case RsIdentityUsage::GLOBAL_ROUTER_SIGNATURE_CREATION: // Global router message signature
{
return tr("Distant message signature creation.");
}
case RsIdentityUsage::GXS_TUNNEL_DH_SIGNATURE_CHECK: //
{
return tr("Signature validation in distant tunnel system.");
}
case RsIdentityUsage::GXS_TUNNEL_DH_SIGNATURE_CREATION: //
{
return tr("Signature in distant tunnel system.");
}
case RsIdentityUsage::IDENTITY_DATA_UPDATE: // Group update on that identity data. Can be avatar, name, etc.
{
return tr("Update of identity data.");
}
case RsIdentityUsage::IDENTITY_GENERIC_SIGNATURE_CHECK: // Any signature verified for that identity
{
return tr("Generic signature validation.");
}
case RsIdentityUsage::IDENTITY_GENERIC_SIGNATURE_CREATION: // Any signature made by that identity
{
return tr("Generic signature.");
}
case RsIdentityUsage::IDENTITY_GENERIC_ENCRYPTION:
{
return tr("Generic encryption.");
}
case RsIdentityUsage::IDENTITY_GENERIC_DECRYPTION:
{
return tr("Generic decryption.");
}
case RsIdentityUsage::CIRCLE_MEMBERSHIP_CHECK:
{
return tr("Membership verification in circle %1.").arg(QString::fromStdString(u.mGrpId.toStdString()));
}
#warning TODO! Add the different strings and translations here.
default:
return QString("Undone yet");
}
}
void IdDialog::modifyReputation()
{
#ifdef ID_DEBUG

1
retroshare-gui/src/gui/Identity/IdDialog.h
View File

@ -119,6 +119,7 @@ private slots:
private:
void processSettings(bool load);
QString createUsageString(const RsIdentityUsage& u) const;
void requestIdDetails();
void insertIdDetails(uint32_t token);

46
retroshare-gui/src/gui/Identity/IdDialog.ui
View File

@ -7,7 +7,7 @@
<x>0</x>
<y>0</y>
<width>1269</width>
<height>792</height>
<height>793</height>
</rect>
</property>
<property name="sizePolicy">
@ -20,16 +20,7 @@
<string/>
</property>
<layout class="QGridLayout" name="IdDialogGLayout">
<property name="leftMargin">
<number>0</number>
</property>
<property name="topMargin">
<number>0</number>
</property>
<property name="rightMargin">
<number>0</number>
</property>
<property name="bottomMargin">
<property name="margin">
<number>0</number>
</property>
<item row="0" column="0">
@ -47,16 +38,7 @@
<enum>QFrame::Sunken</enum>
</property>
<layout class="QHBoxLayout" name="titleBarFrameHLayout">
<property name="leftMargin">
<number>2</number>
</property>
<property name="topMargin">
<number>2</number>
</property>
<property name="rightMargin">
<number>2</number>
</property>
<property name="bottomMargin">
<property name="margin">
<number>2</number>
</property>
<item>
@ -147,16 +129,7 @@
<enum>QFrame::Sunken</enum>
</property>
<layout class="QHBoxLayout" name="toolBarFrameHLayout">
<property name="leftMargin">
<number>1</number>
</property>
<property name="topMargin">
<number>1</number>
</property>
<property name="rightMargin">
<number>1</number>
</property>
<property name="bottomMargin">
<property name="margin">
<number>1</number>
</property>
<item>
@ -249,7 +222,7 @@
<string>Votes</string>
</property>
<property name="textAlignment">
<set>AlignLeading|AlignVCenter</set>
<set>AlignLeft|AlignVCenter</set>
</property>
<property name="icon">
<iconset resource="../icons.qrc">
@ -691,7 +664,7 @@ p, li { white-space: pre-wrap; }
</property>
<layout class="QHBoxLayout" name="horizontalLayout">
<item>
<widget class="QTextBrowser" name="usageStatistics_TB"/>
<widget class="RSTextBrowser" name="usageStatistics_TB"/>
</item>
</layout>
</widget>
@ -844,7 +817,7 @@ p, li { white-space: pre-wrap; }
<customwidget>
<class>LineEditClear</class>
<extends>QLineEdit</extends>
<header location="global">gui/common/LineEditClear.h</header>
<header>gui/common/LineEditClear.h</header>
</customwidget>
<customwidget>
<class>RSTreeWidget</class>
@ -861,6 +834,11 @@ p, li { white-space: pre-wrap; }
<extends>QLabel</extends>
<header>gui/common/StyledLabel.h</header>
</customwidget>
<customwidget>
<class>RSTextBrowser</class>
<extends>QTextBrowser</extends>
<header>gui/common/RSTextBrowser.h</header>
</customwidget>
</customwidgets>
<tabstops>
<tabstop>idTreeWidget</tabstop>

1
retroshare-gui/src/gui/RetroShareLink.h
View File

@ -76,6 +76,7 @@ class RetroShareLink
RetroShareLink(const QUrl& url);
RetroShareLink(const QString& url);
#warning these methods should be static and return a created link
bool createFile(const QString& name, uint64_t size, const QString& hash);
bool createExtraFile(const QString& name, uint64_t size, const QString& hash, const QString& ssl_id);
bool createPerson(const RsPgpId &id);