From 2a5ff51dbf91a47c0c83fedc08f4736574855d1a Mon Sep 17 00:00:00 2001 From: Sarah Jamie Lewis Date: Thu, 14 Jan 2021 02:46:27 -0800 Subject: [PATCH] Verify Authorship of Orbs + Update tapir to get new validation functions --- Cargo.lock | 4 ++-- Cargo.toml | 2 +- src/main.rs | 69 ++++++++++++++++++++++++++++++++++++----------------- 3 files changed, 50 insertions(+), 25 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 1f696b3..99d8aaa 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -593,9 +593,9 @@ dependencies = [ [[package]] name = "tapir-cwtch" -version = "0.1.10" +version = "0.1.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ad8e20f5a4273a8c2fafb62601ee3554e0050f2da386ffe44ad48208bf09225" +checksum = "8c3d0dfcb64ad300c006a9deba83c6d3257a55c38179509da2175851bc75329b" dependencies = [ "base32", "base64", diff --git a/Cargo.toml b/Cargo.toml index 1ec576a..bb227e6 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -9,7 +9,7 @@ edition = "2018" [dependencies] tui = "0.14.0" termion = "1.5.5" -tapir-cwtch = {version="0.1.10", features=["onionv3"]} +tapir-cwtch = {version="0.1.11", features=["onionv3"]} ed25519-dalek = {version="1.0.1", features=["serde"]} rand = "0.7.3" serde = {version="1.0.119",features = ["rc","derive"]} diff --git a/src/main.rs b/src/main.rs index 3473905..8b1ae03 100644 --- a/src/main.rs +++ b/src/main.rs @@ -11,7 +11,7 @@ use crate::Mode::{Browsing, NewPost}; use chrono::{NaiveDateTime, Utc}; use clipboard::{ClipboardContext, ClipboardProvider}; use crossbeam_queue::SegQueue; -use ed25519_dalek::Signature; +use ed25519_dalek::{Signature, Verifier}; use integer_encoding::FixedInt; use rand::distributions::Alphanumeric; use rand::{thread_rng, Rng}; @@ -27,6 +27,7 @@ use std::{error::Error, io}; use tapir_cwtch::acns::tor::authentication::HashedPassword; use tapir_cwtch::acns::tor::run::TorRunner; use tapir_cwtch::acns::tor::torrc::TorrcGenerator; +use tapir_cwtch::acns::tor::validation::{hostname_to_public_key, public_key_to_hostname, validate_hostname}; use tapir_cwtch::acns::tor::TorProcess; use tapir_cwtch::applications::authentication_app::AuthenicationApp; use tapir_cwtch::connections::service::Service; @@ -44,7 +45,6 @@ use tui::{ widgets::{Block, Borders}, Terminal, }; -use tapir_cwtch::acns::tor::validation::validate_hostname; #[derive(Serialize, Deserialize, Debug, Clone)] pub struct Orb { @@ -108,9 +108,7 @@ fn main() -> Result<(), Box> { cache: vec![], }; match profile.save() { - Err(e) => { - panic!("Could not generate orb.profile file {}", e) - } + Err(e) => panic!("Could not generate orb.profile file {}", e), _ => {} } } @@ -182,12 +180,9 @@ fn main() -> Result<(), Box> { let mut _service = service.listen(port, inbound_service.clone()).unwrap_or_else(|_| panic!()); } - Err(_err) => { - panic!("Could not host orb listener at {}", profile.identity.hostname()) - } + Err(_err) => panic!("Could not host orb listener at {}", profile.identity.hostname()), } - for follow in profile.follows.iter() { follow_orbs(profile.identity.clone(), socks_port, follow.clone()); } @@ -276,9 +271,7 @@ fn main() -> Result<(), Box> { app.status = format!("Followed {}", follow); follow_orbs(profile.identity.clone(), socks_port, follow.clone()); match profile.save() { - Err(e) => { - app.status = format!("Could not save orb.profile: {}", e.to_string()) - } + Err(e) => app.status = format!("Could not save orb.profile: {}", e.to_string()), _ => {} } } @@ -300,6 +293,10 @@ fn main() -> Result<(), Box> { profile.orbs.lock().unwrap().push(orb_to_rebroadcast.clone()); Q.push(orb_to_rebroadcast.clone()); // Flush Cache app.orbs.unselect(); + match profile.save() { + Err(e) => app.status = format!("Could not save orb.profile: {}", e.to_string()), + _ => {} + } } _ => { app.orbs.unselect(); @@ -339,9 +336,7 @@ fn main() -> Result<(), Box> { app.input = String::new(); app.mode = Browsing; match profile.save() { - Err(e) => { - app.status = format!("Could not save orb.profile: {}", e.to_string()) - } + Err(e) => app.status = format!("Could not save orb.profile: {}", e.to_string()), _ => {} } } @@ -381,14 +376,44 @@ fn follow_orbs(profile_identity: Arc, socks_port: u16, follow: String) let mut transcript = Transcript::new_transcript("tapir-transcript"); let mut auth_app = AuthenicationApp::new(outbound_identity); match auth_app.run_outbound(conn, &mut transcript) { - Ok(mut conn) => { - let orbs_json_bytes = conn.expect_encrypted(); - let orbs_json = String::from_utf8(orbs_json_bytes).unwrap_or_default(); - let orbs: Vec = serde_json::from_str(orbs_json.as_str()).unwrap_or(vec![]); - for orb in orbs.iter() { - Q.push(orb.clone()); + Ok(mut conn) => match hostname_to_public_key(conn.hostname().as_str()) { + Ok(public_key) => { + let orbs_json_bytes = conn.expect_encrypted(); + let orbs_json = String::from_utf8(orbs_json_bytes).unwrap_or_default(); + let orbs: Vec = serde_json::from_str(orbs_json.as_str()).unwrap_or(vec![]); + for orb in orbs.iter() { + let mut unsigned_orb = Orb { + message: orb.message.clone(), + author: orb.author.clone(), + timestamp: orb.timestamp, + signature: Signature::new([0; 64]), + rebroadcast_from: None, + rebroadcast_time: None, + }; + if orb.author == conn.hostname() { + if public_key + .verify(serde_json::to_string_pretty(&unsigned_orb).unwrap().as_bytes(), &orb.signature) + .is_ok() + { + Q.push(orb.clone()); + } + } else { + match hostname_to_public_key(orb.author.as_str()) { + Ok(public_key) => { + if public_key + .verify(serde_json::to_string_pretty(&unsigned_orb).unwrap().as_bytes(), &orb.signature) + .is_ok() + { + Q.push(orb.clone()); + } + } + _ => {} + } + } + } } - } + _ => {} + }, Err(_err) => {} } };