ligo/src/bin_signer/handler.ml

66 lines
2.6 KiB
OCaml
Raw Normal View History

(**************************************************************************)
(* *)
(* Copyright (c) 2014 - 2018. *)
(* Dynamic Ledger Solutions, Inc. <contact@tezos.com> *)
(* *)
(* All rights reserved. No warranty, explicit or implicit, provided. *)
(* *)
(**************************************************************************)
let log = Signer_logging.lwt_log_notice
2018-06-06 12:49:53 +04:00
module Authorized_key =
Client_aliases.Alias (struct
include Signature.Public_key
let name = "authorized_key"
let to_source s = return (to_b58check s)
let of_source t = Lwt.return (of_b58check t)
end)
2018-06-08 19:56:05 +04:00
let check_magic_byte magic_bytes data =
match magic_bytes with
| None -> return ()
| Some magic_bytes ->
let byte = MBytes.get_uint8 data 0 in
if MBytes.length data > 1
&& (List.mem byte magic_bytes) then
return ()
else
failwith "magic byte 0x%02X not allowed" byte
2018-06-06 12:49:53 +04:00
let sign
(cctxt : #Client_context.wallet)
2018-06-08 19:56:05 +04:00
Signer_messages.Sign.Request.{ pkh ; data ; signature }
?magic_bytes ~require_auth =
log "Request for signing %d bytes of data for key %a, magic byte = %02X"
(MBytes.length data)
Signature.Public_key_hash.pp pkh
(MBytes.get_uint8 data 0) >>= fun () ->
2018-06-08 19:56:05 +04:00
check_magic_byte magic_bytes data >>=? fun () ->
2018-06-06 12:49:53 +04:00
begin match require_auth, signature with
| false, _ -> return ()
| true, None -> failwith "missing authentication signature field"
| true, Some signature ->
let to_sign = Signer_messages.Sign.Request.to_sign ~pkh ~data in
Authorized_key.load cctxt >>=? fun keys ->
if List.fold_left
(fun acc (_, key) -> acc || Signature.check key signature to_sign)
false keys
then
return ()
else
failwith "invalid authentication signature"
end >>=? fun () ->
Client_keys.get_key cctxt pkh >>=? fun (name, _pkh, sk_uri) ->
log "Signing data for key %s" name >>= fun () ->
Client_keys.sign sk_uri data >>=? fun signature ->
return signature
let public_key (cctxt : #Client_context.wallet) pkh =
log "Request for public key %a"
Signature.Public_key_hash.pp pkh >>= fun () ->
Client_keys.get_public_key cctxt pkh >>=? fun (name, pk) ->
log "Found public key for hash %a (name: %s)"
Signature.Public_key_hash.pp pkh name >>= fun () ->
return pk