benjamyn/any-sync
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Validation issues fix

Browse Source
This commit is contained in:
Dmitry Bilienko 2023-04-17 17:15:48 +05:00 committed by Mikhail Iudin
parent d144336aa2
commit 4773eb1d06
No known key found for this signature in database
GPG Key ID: FAAAA8BAABDFF1C0
2 changed files with 41 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
commonspace/spacestorage/spacestorage.go
View File

@ -107,7 +107,7 @@ func validateCreateSpaceHeaderPayload(rawHeaderWithId *spacesyncproto.RawSpaceHe
if len(split) != 2 { if len(split) != 2 {
return ErrIncorrectSpaceHeader return ErrIncorrectSpaceHeader
} }
if !cidutil.VerifyCid(rawSpaceHeader.SpaceHeader, split[0]) { if !cidutil.VerifyCid(rawHeaderWithId.RawHeader, split[0]) {
err = objecttree.ErrIncorrectCid err = objecttree.ErrIncorrectCid
return return
} }
@ -120,7 +120,7 @@ func validateCreateSpaceHeaderPayload(rawHeaderWithId *spacesyncproto.RawSpaceHe
err = ErrIncorrectSpaceHeader err = ErrIncorrectSpaceHeader
return return
} }
id, err := cidutil.NewCidFromBytes(rawSpaceHeader.SpaceHeader) id, err := cidutil.NewCidFromBytes(rawHeaderWithId.RawHeader)
if err != nil { if err != nil {
return return
} }
@ -148,7 +148,7 @@ func validateCreateSpaceAclPayload(rawWithId *aclrecordproto.RawAclRecordWithId)
if err != nil { if err != nil {
return return
} }
payloadIdentity, err := crypto.UnmarshalEd25519PublicKeyProto(aclRoot.Identity) payloadIdentity, err := crypto.UnmarshalEd25519PublicKey(aclRoot.Identity)
if err != nil { if err != nil {
return return
} }
@ -161,6 +161,7 @@ func validateCreateSpaceAclPayload(rawWithId *aclrecordproto.RawAclRecordWithId)
if err != nil { if err != nil {
return return
} }
res, err = masterKey.Verify(aclRoot.Identity, aclRoot.IdentitySignature) res, err = masterKey.Verify(aclRoot.Identity, aclRoot.IdentitySignature)
if err != nil || !res { if err != nil || !res {
err = ErrIncorrectSpaceHeader err = ErrIncorrectSpaceHeader

58
commonspace/spacestorage/spacestorage_test.go
View File

@ -65,7 +65,7 @@ func TestFailedHeaderPayloadForSpaceCreate_InvalidFormatSpaceId(t *testing.T) {
Id: spaceId, Id: spaceId,
} }
err = validateCreateSpaceHeaderPayload(rawHeaderWithId) err = validateCreateSpaceHeaderPayload(rawHeaderWithId)
assert.EqualErrorf(t, err, ErrIncorrectSpaceHeader.Error(), "Error should be: %v, got: %v", objecttree.ErrIncorrectCid, err) assert.EqualErrorf(t, err, ErrIncorrectSpaceHeader.Error(), "Error should be: %v, got: %v", ErrIncorrectSpaceHeader, err)
} }
func TestFailedHeaderPayloadForSpaceCreate_CidIsWrong(t *testing.T) { func TestFailedHeaderPayloadForSpaceCreate_CidIsWrong(t *testing.T) {
@ -206,8 +206,6 @@ func TestFailAclPayloadSpace_IncorrectCid(t *testing.T) {
func TestFailedAclPayloadSpace_IncorrectSignature(t *testing.T) { func TestFailedAclPayloadSpace_IncorrectSignature(t *testing.T) {
accountKeys, err := accountdata.NewRandom() accountKeys, err := accountdata.NewRandom()
require.NoError(t, err) require.NoError(t, err)
identity, err := accountKeys.SignKey.GetPublic().Marshall()
require.NoError(t, err)
readKeyBytes := make([]byte, 32) readKeyBytes := make([]byte, 32)
_, err = rand.Read(readKeyBytes) _, err = rand.Read(readKeyBytes)
require.NoError(t, err) require.NoError(t, err)
@ -222,7 +220,7 @@ func TestFailedAclPayloadSpace_IncorrectSignature(t *testing.T) {
rawMasterKey, err := masterKey.GetPublic().Raw() rawMasterKey, err := masterKey.GetPublic().Raw()
require.NoError(t, err) require.NoError(t, err)
aclRoot := aclrecordproto.AclRoot{ aclRoot := aclrecordproto.AclRoot{
Identity: identity, Identity: rawIdentity,
MasterKey: rawMasterKey, MasterKey: rawMasterKey,
SpaceId: "SpaceId", SpaceId: "SpaceId",
EncryptedReadKey: readKey, EncryptedReadKey: readKey,
@ -249,38 +247,56 @@ func TestFailedAclPayloadSpace_IncorrectSignature(t *testing.T) {
} }
func TestFailedAclPayloadSpace_IncorrectIdentitySignature(t *testing.T) { func TestFailedAclPayloadSpace_IncorrectIdentitySignature(t *testing.T) {
spaceId := "AnySpaceId"
accountKeys, err := accountdata.NewRandom() accountKeys, err := accountdata.NewRandom()
require.NoError(t, err) require.NoError(t, err)
identity, err := accountKeys.SignKey.GetPublic().Marshall()
require.NoError(t, err)
readKeyBytes := make([]byte, 32) readKeyBytes := make([]byte, 32)
_, err = rand.Read(readKeyBytes) _, err = rand.Read(readKeyBytes)
require.NoError(t, err) if err != nil {
return
}
readKey, err := accountKeys.SignKey.GetPublic().Encrypt(readKeyBytes) readKey, err := accountKeys.SignKey.GetPublic().Encrypt(readKeyBytes)
require.NoError(t, err) if err != nil {
return
}
masterKey, _, err := crypto.GenerateRandomEd25519KeyPair() masterKey, _, err := crypto.GenerateRandomEd25519KeyPair()
require.NoError(t, err) if err != nil {
rawMasterKey, err := masterKey.GetPublic().Marshall() return
require.NoError(t, err) }
masterPubKey := masterKey.GetPublic()
rawIdentity, err := accountKeys.SignKey.GetPublic().Raw()
if err != nil {
return
}
rawMasterKey, err := masterPubKey.Marshall()
if err != nil {
return
}
aclRoot := aclrecordproto.AclRoot{ aclRoot := aclrecordproto.AclRoot{
Identity: identity, Identity: rawIdentity,
MasterKey: rawMasterKey, MasterKey: rawMasterKey,
SpaceId: "SpaceId", SpaceId: spaceId,
EncryptedReadKey: readKey, EncryptedReadKey: readKey,
Timestamp: time.Now().Unix(), Timestamp: time.Now().Unix(),
IdentitySignature: identity, IdentitySignature: rawIdentity,
} }
marshalled, err := aclRoot.Marshal() marshalled, err := aclRoot.Marshal()
require.NoError(t, err) if err != nil {
return
}
signature, err := accountKeys.SignKey.Sign(marshalled) signature, err := accountKeys.SignKey.Sign(marshalled)
rawAclRecord := &aclrecordproto.RawAclRecord{ rawAclRecord := &aclrecordproto.RawAclRecord{
Payload: marshalled, Payload: marshalled,
Signature: signature, Signature: signature,
} }
marshalledRaw, err := rawAclRecord.Marshal() marshalledRaw, err := rawAclRecord.Marshal()
require.NoError(t, err) if err != nil {
return
}
aclHeadId, err := cidutil.NewCidFromBytes(marshalledRaw) aclHeadId, err := cidutil.NewCidFromBytes(marshalledRaw)
require.NoError(t, err) if err != nil {
return
}
rawWithId := &aclrecordproto.RawAclRecordWithId{ rawWithId := &aclrecordproto.RawAclRecordWithId{
Payload: marshalledRaw, Payload: marshalledRaw,
Id: aclHeadId, Id: aclHeadId,
@ -538,11 +554,11 @@ func rawAclWithId(accountKeys *accountdata.AccountKeys, spaceId string) (aclHead
return return
} }
masterPubKey := masterKey.GetPublic() masterPubKey := masterKey.GetPublic()
identity, err := accountKeys.SignKey.GetPublic().Marshall() rawIdentity, err := accountKeys.SignKey.GetPublic().Raw()
if err != nil { if err != nil {
return return
} }
identitySignature, err := masterKey.Sign(identity) identitySignature, err := masterKey.Sign(rawIdentity)
if err != nil { if err != nil {
return return
} }
@ -551,7 +567,7 @@ func rawAclWithId(accountKeys *accountdata.AccountKeys, spaceId string) (aclHead
return return
} }
aclRoot := aclrecordproto.AclRoot{ aclRoot := aclrecordproto.AclRoot{
Identity: identity, Identity: rawIdentity,
MasterKey: rawMasterKey, MasterKey: rawMasterKey,
SpaceId: spaceId, SpaceId: spaceId,
EncryptedReadKey: readKey, EncryptedReadKey: readKey,
@ -623,7 +639,7 @@ func rawHeaderWithId(accountKeys *accountdata.AccountKeys) (spaceId string, rawW
if err != nil { if err != nil {
return return
} }
id, err := cidutil.NewCidFromBytes(marhalled) id, err := cidutil.NewCidFromBytes(marhalledRawHeader)
if err != nil { if err != nil {
return return
} }