2018-06-29 16:08:08 +04:00
|
|
|
(*****************************************************************************)
|
|
|
|
|
(* *)
|
|
|
|
|
(* Open Source License *)
|
|
|
|
|
(* Copyright (c) 2018 Dynamic Ledger Solutions, Inc. <contact@tezos.com> *)
|
|
|
|
|
(* *)
|
|
|
|
|
(* Permission is hereby granted, free of charge, to any person obtaining a *)
|
|
|
|
|
(* copy of this software and associated documentation files (the "Software"),*)
|
|
|
|
|
(* to deal in the Software without restriction, including without limitation *)
|
|
|
|
|
(* the rights to use, copy, modify, merge, publish, distribute, sublicense, *)
|
|
|
|
|
(* and/or sell copies of the Software, and to permit persons to whom the *)
|
|
|
|
|
(* Software is furnished to do so, subject to the following conditions: *)
|
|
|
|
|
(* *)
|
|
|
|
|
(* The above copyright notice and this permission notice shall be included *)
|
|
|
|
|
(* in all copies or substantial portions of the Software. *)
|
|
|
|
|
(* *)
|
|
|
|
|
(* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR*)
|
|
|
|
|
(* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, *)
|
|
|
|
|
(* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL *)
|
|
|
|
|
(* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER*)
|
|
|
|
|
(* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING *)
|
|
|
|
|
(* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER *)
|
|
|
|
|
(* DEALINGS IN THE SOFTWARE. *)
|
|
|
|
|
(* *)
|
|
|
|
|
(*****************************************************************************)
|
2018-05-26 14:03:12 +04:00
|
|
|
|
2018-06-12 23:07:50 +04:00
|
|
|
open Signer_logging
|
|
|
|
|
|
|
|
|
|
let log = lwt_log_notice
|
|
|
|
|
|
2018-05-26 14:03:12 +04:00
|
|
|
|
2018-06-06 12:49:53 +04:00
|
|
|
module Authorized_key =
|
|
|
|
|
Client_aliases.Alias (struct
|
|
|
|
|
include Signature.Public_key
|
|
|
|
|
let name = "authorized_key"
|
|
|
|
|
let to_source s = return (to_b58check s)
|
|
|
|
|
let of_source t = Lwt.return (of_b58check t)
|
|
|
|
|
end)
|
|
|
|
|
|
2018-06-08 19:56:05 +04:00
|
|
|
let check_magic_byte magic_bytes data =
|
|
|
|
|
match magic_bytes with
|
2018-06-26 13:07:12 +04:00
|
|
|
| None -> return_unit
|
2018-06-08 19:56:05 +04:00
|
|
|
| Some magic_bytes ->
|
|
|
|
|
let byte = MBytes.get_uint8 data 0 in
|
|
|
|
|
if MBytes.length data > 1
|
|
|
|
|
&& (List.mem byte magic_bytes) then
|
2018-06-26 13:07:12 +04:00
|
|
|
return_unit
|
2018-06-08 19:56:05 +04:00
|
|
|
else
|
|
|
|
|
failwith "magic byte 0x%02X not allowed" byte
|
|
|
|
|
|
2018-06-06 12:49:53 +04:00
|
|
|
let sign
|
|
|
|
|
(cctxt : #Client_context.wallet)
|
2018-06-08 19:56:05 +04:00
|
|
|
Signer_messages.Sign.Request.{ pkh ; data ; signature }
|
|
|
|
|
?magic_bytes ~require_auth =
|
2018-06-12 23:07:50 +04:00
|
|
|
log Tag.DSL.(fun f ->
|
|
|
|
|
f "Request for signing %d bytes of data for key %a, magic byte = %02X"
|
|
|
|
|
-% t event "request_for_signing"
|
|
|
|
|
-% s num_bytes (MBytes.length data)
|
|
|
|
|
-% a Signature.Public_key_hash.Logging.tag pkh
|
|
|
|
|
-% s magic_byte (MBytes.get_uint8 data 0)) >>= fun () ->
|
2018-06-08 19:56:05 +04:00
|
|
|
check_magic_byte magic_bytes data >>=? fun () ->
|
2018-06-06 12:49:53 +04:00
|
|
|
begin match require_auth, signature with
|
2018-06-26 13:07:12 +04:00
|
|
|
| false, _ -> return_unit
|
2018-06-06 12:49:53 +04:00
|
|
|
| true, None -> failwith "missing authentication signature field"
|
|
|
|
|
| true, Some signature ->
|
|
|
|
|
let to_sign = Signer_messages.Sign.Request.to_sign ~pkh ~data in
|
|
|
|
|
Authorized_key.load cctxt >>=? fun keys ->
|
|
|
|
|
if List.fold_left
|
|
|
|
|
(fun acc (_, key) -> acc || Signature.check key signature to_sign)
|
|
|
|
|
false keys
|
|
|
|
|
then
|
2018-06-26 13:07:12 +04:00
|
|
|
return_unit
|
2018-06-06 12:49:53 +04:00
|
|
|
else
|
|
|
|
|
failwith "invalid authentication signature"
|
|
|
|
|
end >>=? fun () ->
|
2018-05-26 14:51:51 +04:00
|
|
|
Client_keys.get_key cctxt pkh >>=? fun (name, _pkh, sk_uri) ->
|
2018-06-12 23:07:50 +04:00
|
|
|
log Tag.DSL.(fun f ->
|
|
|
|
|
f "Signing data for key %s"
|
|
|
|
|
-% t event "signing_data"
|
|
|
|
|
-% s Client_keys.Logging.tag name) >>= fun () ->
|
2018-06-17 02:07:58 +04:00
|
|
|
Client_keys.sign cctxt sk_uri data >>=? fun signature ->
|
2018-05-26 14:51:51 +04:00
|
|
|
return signature
|
2018-05-26 14:03:12 +04:00
|
|
|
|
2018-05-26 14:51:51 +04:00
|
|
|
let public_key (cctxt : #Client_context.wallet) pkh =
|
2018-06-12 23:07:50 +04:00
|
|
|
log Tag.DSL.(fun f ->
|
|
|
|
|
f "Request for public key %a"
|
|
|
|
|
-% t event "request_for_public_key"
|
|
|
|
|
-% a Signature.Public_key_hash.Logging.tag pkh) >>= fun () ->
|
2018-06-14 01:05:36 +04:00
|
|
|
Client_keys.list_keys cctxt >>=? fun all_keys ->
|
2018-06-30 14:04:06 +04:00
|
|
|
match List.find_opt (fun (_, h, _, _) -> Signature.Public_key_hash.equal h pkh) all_keys with
|
|
|
|
|
| None ->
|
2018-06-12 23:07:50 +04:00
|
|
|
log Tag.DSL.(fun f ->
|
|
|
|
|
f "No public key found for hash %a"
|
|
|
|
|
-% t event "not_found_public_key"
|
|
|
|
|
-% a Signature.Public_key_hash.Logging.tag pkh) >>= fun () ->
|
2018-06-14 01:05:36 +04:00
|
|
|
Lwt.fail Not_found
|
2018-06-30 14:04:06 +04:00
|
|
|
| Some (_, _, None, _) ->
|
2018-06-12 23:07:50 +04:00
|
|
|
log Tag.DSL.(fun f ->
|
|
|
|
|
f "No public key found for hash %a"
|
|
|
|
|
-% t event "not_found_public_key"
|
|
|
|
|
-% a Signature.Public_key_hash.Logging.tag pkh) >>= fun () ->
|
2018-06-14 01:05:36 +04:00
|
|
|
Lwt.fail Not_found
|
2018-06-30 14:04:06 +04:00
|
|
|
| Some (name, _, Some pk, _) ->
|
2018-06-12 23:07:50 +04:00
|
|
|
log Tag.DSL.(fun f ->
|
|
|
|
|
f "Found public key for hash %a (name: %s)"
|
|
|
|
|
-% t event "found_public_key"
|
|
|
|
|
-% a Signature.Public_key_hash.Logging.tag pkh
|
|
|
|
|
-% s Client_keys.Logging.tag name) >>= fun () ->
|
2018-06-14 01:05:36 +04:00
|
|
|
return pk
|
