Verify Authorship of Orbs + Update tapir to get new validation functions

This commit is contained in:
Sarah Jamie Lewis 2021-01-14 02:46:27 -08:00
parent 6d06944b23
commit 2a5ff51dbf
3 changed files with 50 additions and 25 deletions

4
Cargo.lock generated
View File

@ -593,9 +593,9 @@ dependencies = [
[[package]] [[package]]
name = "tapir-cwtch" name = "tapir-cwtch"
version = "0.1.10" version = "0.1.11"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9ad8e20f5a4273a8c2fafb62601ee3554e0050f2da386ffe44ad48208bf09225" checksum = "8c3d0dfcb64ad300c006a9deba83c6d3257a55c38179509da2175851bc75329b"
dependencies = [ dependencies = [
"base32", "base32",
"base64", "base64",

View File

@ -9,7 +9,7 @@ edition = "2018"
[dependencies] [dependencies]
tui = "0.14.0" tui = "0.14.0"
termion = "1.5.5" termion = "1.5.5"
tapir-cwtch = {version="0.1.10", features=["onionv3"]} tapir-cwtch = {version="0.1.11", features=["onionv3"]}
ed25519-dalek = {version="1.0.1", features=["serde"]} ed25519-dalek = {version="1.0.1", features=["serde"]}
rand = "0.7.3" rand = "0.7.3"
serde = {version="1.0.119",features = ["rc","derive"]} serde = {version="1.0.119",features = ["rc","derive"]}

View File

@ -11,7 +11,7 @@ use crate::Mode::{Browsing, NewPost};
use chrono::{NaiveDateTime, Utc}; use chrono::{NaiveDateTime, Utc};
use clipboard::{ClipboardContext, ClipboardProvider}; use clipboard::{ClipboardContext, ClipboardProvider};
use crossbeam_queue::SegQueue; use crossbeam_queue::SegQueue;
use ed25519_dalek::Signature; use ed25519_dalek::{Signature, Verifier};
use integer_encoding::FixedInt; use integer_encoding::FixedInt;
use rand::distributions::Alphanumeric; use rand::distributions::Alphanumeric;
use rand::{thread_rng, Rng}; use rand::{thread_rng, Rng};
@ -27,6 +27,7 @@ use std::{error::Error, io};
use tapir_cwtch::acns::tor::authentication::HashedPassword; use tapir_cwtch::acns::tor::authentication::HashedPassword;
use tapir_cwtch::acns::tor::run::TorRunner; use tapir_cwtch::acns::tor::run::TorRunner;
use tapir_cwtch::acns::tor::torrc::TorrcGenerator; use tapir_cwtch::acns::tor::torrc::TorrcGenerator;
use tapir_cwtch::acns::tor::validation::{hostname_to_public_key, public_key_to_hostname, validate_hostname};
use tapir_cwtch::acns::tor::TorProcess; use tapir_cwtch::acns::tor::TorProcess;
use tapir_cwtch::applications::authentication_app::AuthenicationApp; use tapir_cwtch::applications::authentication_app::AuthenicationApp;
use tapir_cwtch::connections::service::Service; use tapir_cwtch::connections::service::Service;
@ -44,7 +45,6 @@ use tui::{
widgets::{Block, Borders}, widgets::{Block, Borders},
Terminal, Terminal,
}; };
use tapir_cwtch::acns::tor::validation::validate_hostname;
#[derive(Serialize, Deserialize, Debug, Clone)] #[derive(Serialize, Deserialize, Debug, Clone)]
pub struct Orb { pub struct Orb {
@ -108,9 +108,7 @@ fn main() -> Result<(), Box<dyn Error>> {
cache: vec![], cache: vec![],
}; };
match profile.save() { match profile.save() {
Err(e) => { Err(e) => panic!("Could not generate orb.profile file {}", e),
panic!("Could not generate orb.profile file {}", e)
}
_ => {} _ => {}
} }
} }
@ -182,12 +180,9 @@ fn main() -> Result<(), Box<dyn Error>> {
let mut _service = service.listen(port, inbound_service.clone()).unwrap_or_else(|_| panic!()); let mut _service = service.listen(port, inbound_service.clone()).unwrap_or_else(|_| panic!());
} }
Err(_err) => { Err(_err) => panic!("Could not host orb listener at {}", profile.identity.hostname()),
panic!("Could not host orb listener at {}", profile.identity.hostname())
}
} }
for follow in profile.follows.iter() { for follow in profile.follows.iter() {
follow_orbs(profile.identity.clone(), socks_port, follow.clone()); follow_orbs(profile.identity.clone(), socks_port, follow.clone());
} }
@ -276,9 +271,7 @@ fn main() -> Result<(), Box<dyn Error>> {
app.status = format!("Followed {}", follow); app.status = format!("Followed {}", follow);
follow_orbs(profile.identity.clone(), socks_port, follow.clone()); follow_orbs(profile.identity.clone(), socks_port, follow.clone());
match profile.save() { match profile.save() {
Err(e) => { Err(e) => app.status = format!("Could not save orb.profile: {}", e.to_string()),
app.status = format!("Could not save orb.profile: {}", e.to_string())
}
_ => {} _ => {}
} }
} }
@ -300,6 +293,10 @@ fn main() -> Result<(), Box<dyn Error>> {
profile.orbs.lock().unwrap().push(orb_to_rebroadcast.clone()); profile.orbs.lock().unwrap().push(orb_to_rebroadcast.clone());
Q.push(orb_to_rebroadcast.clone()); // Flush Cache Q.push(orb_to_rebroadcast.clone()); // Flush Cache
app.orbs.unselect(); app.orbs.unselect();
match profile.save() {
Err(e) => app.status = format!("Could not save orb.profile: {}", e.to_string()),
_ => {}
}
} }
_ => { _ => {
app.orbs.unselect(); app.orbs.unselect();
@ -339,9 +336,7 @@ fn main() -> Result<(), Box<dyn Error>> {
app.input = String::new(); app.input = String::new();
app.mode = Browsing; app.mode = Browsing;
match profile.save() { match profile.save() {
Err(e) => { Err(e) => app.status = format!("Could not save orb.profile: {}", e.to_string()),
app.status = format!("Could not save orb.profile: {}", e.to_string())
}
_ => {} _ => {}
} }
} }
@ -381,14 +376,44 @@ fn follow_orbs(profile_identity: Arc<Identity>, socks_port: u16, follow: String)
let mut transcript = Transcript::new_transcript("tapir-transcript"); let mut transcript = Transcript::new_transcript("tapir-transcript");
let mut auth_app = AuthenicationApp::new(outbound_identity); let mut auth_app = AuthenicationApp::new(outbound_identity);
match auth_app.run_outbound(conn, &mut transcript) { match auth_app.run_outbound(conn, &mut transcript) {
Ok(mut conn) => { Ok(mut conn) => match hostname_to_public_key(conn.hostname().as_str()) {
let orbs_json_bytes = conn.expect_encrypted(); Ok(public_key) => {
let orbs_json = String::from_utf8(orbs_json_bytes).unwrap_or_default(); let orbs_json_bytes = conn.expect_encrypted();
let orbs: Vec<Orb> = serde_json::from_str(orbs_json.as_str()).unwrap_or(vec![]); let orbs_json = String::from_utf8(orbs_json_bytes).unwrap_or_default();
for orb in orbs.iter() { let orbs: Vec<Orb> = serde_json::from_str(orbs_json.as_str()).unwrap_or(vec![]);
Q.push(orb.clone()); for orb in orbs.iter() {
let mut unsigned_orb = Orb {
message: orb.message.clone(),
author: orb.author.clone(),
timestamp: orb.timestamp,
signature: Signature::new([0; 64]),
rebroadcast_from: None,
rebroadcast_time: None,
};
if orb.author == conn.hostname() {
if public_key
.verify(serde_json::to_string_pretty(&unsigned_orb).unwrap().as_bytes(), &orb.signature)
.is_ok()
{
Q.push(orb.clone());
}
} else {
match hostname_to_public_key(orb.author.as_str()) {
Ok(public_key) => {
if public_key
.verify(serde_json::to_string_pretty(&unsigned_orb).unwrap().as_bytes(), &orb.signature)
.is_ok()
{
Q.push(orb.clone());
}
}
_ => {}
}
}
}
} }
} _ => {}
},
Err(_err) => {} Err(_err) => {}
} }
}; };