mirror of
https://code.briarproject.org/briar/briar.git
synced 2026-02-16 12:49:55 +01:00
Move validator's signature verification into ClientHelper
This commit is contained in:
Torsten Grote
@@ -6,10 +6,6 @@ import org.briarproject.api.blogs.BlogFactory;
|
||||
import org.briarproject.api.blogs.MessageType;
|
||||
import org.briarproject.api.clients.BdfMessageContext;
|
||||
import org.briarproject.api.clients.ClientHelper;
|
||||
import org.briarproject.api.crypto.CryptoComponent;
|
||||
import org.briarproject.api.crypto.KeyParser;
|
||||
import org.briarproject.api.crypto.PublicKey;
|
||||
import org.briarproject.api.crypto.Signature;
|
||||
import org.briarproject.api.data.BdfDictionary;
|
||||
import org.briarproject.api.data.BdfEntry;
|
||||
import org.briarproject.api.data.BdfList;
|
||||
@@ -24,7 +20,6 @@ import org.briarproject.api.sync.MessageId;
|
||||
import org.briarproject.api.system.Clock;
|
||||
import org.briarproject.clients.BdfMessageValidator;
|
||||
|
||||
import java.security.GeneralSecurityException;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
|
||||
@@ -48,18 +43,15 @@ import static org.briarproject.api.identity.AuthorConstants.MAX_SIGNATURE_LENGTH
|
||||
|
||||
class BlogPostValidator extends BdfMessageValidator {
|
||||
|
||||
private final CryptoComponent crypto;
|
||||
private final GroupFactory groupFactory;
|
||||
private final MessageFactory messageFactory;
|
||||
private final BlogFactory blogFactory;
|
||||
|
||||
BlogPostValidator(CryptoComponent crypto, GroupFactory groupFactory,
|
||||
MessageFactory messageFactory, BlogFactory blogFactory,
|
||||
ClientHelper clientHelper, MetadataEncoder metadataEncoder,
|
||||
Clock clock) {
|
||||
BlogPostValidator(GroupFactory groupFactory, MessageFactory messageFactory,
|
||||
BlogFactory blogFactory, ClientHelper clientHelper,
|
||||
MetadataEncoder metadataEncoder, Clock clock) {
|
||||
super(clientHelper, metadataEncoder, clock);
|
||||
|
||||
this.crypto = crypto;
|
||||
this.groupFactory = groupFactory;
|
||||
this.messageFactory = messageFactory;
|
||||
this.blogFactory = blogFactory;
|
||||
@@ -109,7 +101,7 @@ class BlogPostValidator extends BdfMessageValidator {
|
||||
BdfList signed = BdfList.of(g.getId(), m.getTimestamp(), postBody);
|
||||
Blog b = blogFactory.parseBlog(g, ""); // description doesn't matter
|
||||
Author a = b.getAuthor();
|
||||
verifySignature(sig, a.getPublicKey(), signed);
|
||||
clientHelper.verifySignature(sig, a.getPublicKey(), signed);
|
||||
|
||||
// Return the metadata and dependencies
|
||||
BdfDictionary meta = new BdfDictionary();
|
||||
@@ -150,7 +142,7 @@ class BlogPostValidator extends BdfMessageValidator {
|
||||
currentId);
|
||||
Blog b = blogFactory.parseBlog(g, ""); // description doesn't matter
|
||||
Author a = b.getAuthor();
|
||||
verifySignature(sig, a.getPublicKey(), signed);
|
||||
clientHelper.verifySignature(sig, a.getPublicKey(), signed);
|
||||
|
||||
// Return the metadata and dependencies
|
||||
BdfDictionary meta = new BdfDictionary();
|
||||
@@ -267,26 +259,6 @@ class BlogPostValidator extends BdfMessageValidator {
|
||||
return new BdfMessageContext(meta, dependencies);
|
||||
}
|
||||
|
||||
private void verifySignature(byte[] sig, byte[] publicKey, BdfList signed)
|
||||
throws InvalidMessageException {
|
||||
try {
|
||||
// Parse the public key
|
||||
KeyParser keyParser = crypto.getSignatureKeyParser();
|
||||
PublicKey key = keyParser.parsePublicKey(publicKey);
|
||||
// Verify the signature
|
||||
Signature signature = crypto.getSignature();
|
||||
signature.initVerify(key);
|
||||
signature.update(clientHelper.toByteArray(signed));
|
||||
if (!signature.verify(sig)) {
|
||||
throw new InvalidMessageException("Invalid signature");
|
||||
}
|
||||
} catch (GeneralSecurityException e) {
|
||||
throw new InvalidMessageException("Invalid public key");
|
||||
} catch (FormatException e) {
|
||||
throw new InvalidMessageException(e);
|
||||
}
|
||||
}
|
||||
|
||||
static BdfDictionary authorToBdfDictionary(Author a) {
|
||||
return BdfDictionary.of(
|
||||
new BdfEntry(KEY_AUTHOR_ID, a.getId()),
|
||||
|
||||
@@ -5,7 +5,6 @@ import org.briarproject.api.blogs.BlogManager;
|
||||
import org.briarproject.api.blogs.BlogPostFactory;
|
||||
import org.briarproject.api.clients.ClientHelper;
|
||||
import org.briarproject.api.contact.ContactManager;
|
||||
import org.briarproject.api.crypto.CryptoComponent;
|
||||
import org.briarproject.api.data.MetadataEncoder;
|
||||
import org.briarproject.api.identity.AuthorFactory;
|
||||
import org.briarproject.api.identity.IdentityManager;
|
||||
@@ -64,14 +63,14 @@ public class BlogsModule {
|
||||
@Provides
|
||||
@Singleton
|
||||
BlogPostValidator provideBlogPostValidator(
|
||||
ValidationManager validationManager, CryptoComponent crypto,
|
||||
GroupFactory groupFactory, MessageFactory messageFactory,
|
||||
BlogFactory blogFactory, ClientHelper clientHelper,
|
||||
MetadataEncoder metadataEncoder, Clock clock) {
|
||||
ValidationManager validationManager, GroupFactory groupFactory,
|
||||
MessageFactory messageFactory, BlogFactory blogFactory,
|
||||
ClientHelper clientHelper, MetadataEncoder metadataEncoder,
|
||||
Clock clock) {
|
||||
|
||||
BlogPostValidator validator = new BlogPostValidator(crypto,
|
||||
groupFactory, messageFactory, blogFactory, clientHelper,
|
||||
metadataEncoder, clock);
|
||||
BlogPostValidator validator = new BlogPostValidator(groupFactory,
|
||||
messageFactory, blogFactory, clientHelper, metadataEncoder,
|
||||
clock);
|
||||
validationManager.registerMessageValidator(CLIENT_ID, validator);
|
||||
|
||||
return validator;
|
||||
|
||||
@@ -5,6 +5,7 @@ import org.briarproject.api.clients.ClientHelper;
|
||||
import org.briarproject.api.crypto.CryptoComponent;
|
||||
import org.briarproject.api.crypto.KeyParser;
|
||||
import org.briarproject.api.crypto.PrivateKey;
|
||||
import org.briarproject.api.crypto.PublicKey;
|
||||
import org.briarproject.api.crypto.Signature;
|
||||
import org.briarproject.api.data.BdfDictionary;
|
||||
import org.briarproject.api.data.BdfList;
|
||||
@@ -19,6 +20,7 @@ import org.briarproject.api.db.DbException;
|
||||
import org.briarproject.api.db.Metadata;
|
||||
import org.briarproject.api.db.Transaction;
|
||||
import org.briarproject.api.sync.GroupId;
|
||||
import org.briarproject.api.sync.InvalidMessageException;
|
||||
import org.briarproject.api.sync.Message;
|
||||
import org.briarproject.api.sync.MessageFactory;
|
||||
import org.briarproject.api.sync.MessageId;
|
||||
@@ -320,4 +322,26 @@ class ClientHelperImpl implements ClientHelper {
|
||||
signature.update(toByteArray(toSign));
|
||||
return signature.sign();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void verifySignature(byte[] sig, byte[] publicKey, BdfList signed)
|
||||
throws InvalidMessageException {
|
||||
try {
|
||||
// Parse the public key
|
||||
KeyParser keyParser = cryptoComponent.getSignatureKeyParser();
|
||||
PublicKey key = keyParser.parsePublicKey(publicKey);
|
||||
// Verify the signature
|
||||
Signature signature = cryptoComponent.getSignature();
|
||||
signature.initVerify(key);
|
||||
signature.update(toByteArray(signed));
|
||||
if (!signature.verify(sig)) {
|
||||
throw new InvalidMessageException("Invalid signature");
|
||||
}
|
||||
} catch (GeneralSecurityException e) {
|
||||
throw new InvalidMessageException("Invalid public key");
|
||||
} catch (FormatException e) {
|
||||
throw new InvalidMessageException(e);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -54,11 +54,11 @@ public class ForumModule {
|
||||
@Provides
|
||||
@Singleton
|
||||
ForumPostValidator provideForumPostValidator(
|
||||
ValidationManager validationManager, CryptoComponent crypto,
|
||||
AuthorFactory authorFactory, ClientHelper clientHelper,
|
||||
MetadataEncoder metadataEncoder, Clock clock) {
|
||||
ForumPostValidator validator = new ForumPostValidator(crypto,
|
||||
authorFactory, clientHelper, metadataEncoder, clock);
|
||||
ValidationManager validationManager, AuthorFactory authorFactory,
|
||||
ClientHelper clientHelper, MetadataEncoder metadataEncoder,
|
||||
Clock clock) {
|
||||
ForumPostValidator validator = new ForumPostValidator(authorFactory,
|
||||
clientHelper, metadataEncoder, clock);
|
||||
validationManager.registerMessageValidator(
|
||||
ForumManagerImpl.CLIENT_ID, validator);
|
||||
return validator;
|
||||
|
||||
@@ -4,10 +4,6 @@ import org.briarproject.api.FormatException;
|
||||
import org.briarproject.api.UniqueId;
|
||||
import org.briarproject.api.clients.BdfMessageContext;
|
||||
import org.briarproject.api.clients.ClientHelper;
|
||||
import org.briarproject.api.crypto.CryptoComponent;
|
||||
import org.briarproject.api.crypto.KeyParser;
|
||||
import org.briarproject.api.crypto.PublicKey;
|
||||
import org.briarproject.api.crypto.Signature;
|
||||
import org.briarproject.api.data.BdfDictionary;
|
||||
import org.briarproject.api.data.BdfList;
|
||||
import org.briarproject.api.data.MetadataEncoder;
|
||||
@@ -20,7 +16,6 @@ import org.briarproject.api.sync.MessageId;
|
||||
import org.briarproject.api.system.Clock;
|
||||
import org.briarproject.clients.BdfMessageValidator;
|
||||
|
||||
import java.security.GeneralSecurityException;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
|
||||
@@ -32,14 +27,11 @@ import static org.briarproject.api.identity.AuthorConstants.MAX_SIGNATURE_LENGTH
|
||||
|
||||
class ForumPostValidator extends BdfMessageValidator {
|
||||
|
||||
private final CryptoComponent crypto;
|
||||
private final AuthorFactory authorFactory;
|
||||
|
||||
ForumPostValidator(CryptoComponent crypto, AuthorFactory authorFactory,
|
||||
ClientHelper clientHelper, MetadataEncoder metadataEncoder,
|
||||
Clock clock) {
|
||||
ForumPostValidator(AuthorFactory authorFactory, ClientHelper clientHelper,
|
||||
MetadataEncoder metadataEncoder, Clock clock) {
|
||||
super(clientHelper, metadataEncoder, clock);
|
||||
this.crypto = crypto;
|
||||
this.authorFactory = authorFactory;
|
||||
}
|
||||
|
||||
@@ -81,23 +73,10 @@ class ForumPostValidator extends BdfMessageValidator {
|
||||
}
|
||||
// Verify the signature, if any
|
||||
if (author != null) {
|
||||
try {
|
||||
// Parse the public key
|
||||
KeyParser keyParser = crypto.getSignatureKeyParser();
|
||||
PublicKey key = keyParser.parsePublicKey(author.getPublicKey());
|
||||
// Serialise the data to be signed
|
||||
BdfList signed = BdfList.of(g.getId(), m.getTimestamp(), parent,
|
||||
authorList, contentType, forumPostBody);
|
||||
// Verify the signature
|
||||
Signature signature = crypto.getSignature();
|
||||
signature.initVerify(key);
|
||||
signature.update(clientHelper.toByteArray(signed));
|
||||
if (!signature.verify(sig)) {
|
||||
throw new InvalidMessageException("Invalid signature");
|
||||
}
|
||||
} catch (GeneralSecurityException e) {
|
||||
throw new InvalidMessageException("Invalid public key");
|
||||
}
|
||||
// Serialise the data to be signed
|
||||
BdfList signed = BdfList.of(g.getId(), m.getTimestamp(), parent,
|
||||
authorList, contentType, forumPostBody);
|
||||
clientHelper.verifySignature(sig, author.getPublicKey(), signed);
|
||||
}
|
||||
// Return the metadata and dependencies
|
||||
BdfDictionary meta = new BdfDictionary();
|
||||
|
||||
Reference in New Issue
Block a user