# HG changeset patch # User neko259 # Date 2016-05-13 21:06:19 # Node ID 9e8b09257afde2317ff48fb656bfb5ff3c9bfbff # Parent 8b72916c60a53711d2510b5ef16de3335037e21b Check that parsed post has a signature of its author's key diff --git a/boards/models/post/sync.py b/boards/models/post/sync.py --- a/boards/models/post/sync.py +++ b/boards/models/post/sync.py @@ -5,11 +5,12 @@ from boards.utils import get_file_mimety from django.db import transaction from boards.models import KeyPair, GlobalId, Signature, Post, Tag -EXCEPTION_NODE = 'Sync node returned an error: {}' -EXCEPTION_OP = 'Load the OP first' -EXCEPTION_DOWNLOAD = 'File was not downloaded' -EXCEPTION_HASH = 'File hash does not match attachment hash' -EXCEPTION_SIGNATURE = 'Invalid model signature for {}' +EXCEPTION_NODE = 'Sync node returned an error: {}.' +EXCEPTION_OP = 'Load the OP first.' +EXCEPTION_DOWNLOAD = 'File was not downloaded.' +EXCEPTION_HASH = 'File hash does not match attachment hash.' +EXCEPTION_SIGNATURE = 'Invalid model signature for {}.' +EXCEPTION_AUTHOR_SIGNATURE = 'Model {} has no author signature.' ENCODING_UNICODE = 'unicode' TAG_MODEL = 'model' @@ -166,10 +167,10 @@ class SyncManager: tag_content = tag_model.find(TAG_CONTENT) content_str = et.tostring(tag_content, ENCODING_UNICODE) - signatures = SyncManager._verify_model(content_str, tag_model) tag_id = tag_content.find(TAG_ID) global_id, exists = GlobalId.from_xml_element(tag_id) + signatures = SyncManager._verify_model(global_id, content_str, tag_model) if exists: print('Post with same ID already exists') @@ -253,7 +254,7 @@ class SyncManager: return et.tostring(response, ENCODING_UNICODE) @staticmethod - def _verify_model(content_str, tag_model): + def _verify_model(global_id, content_str, tag_model): """ Verifies all signatures for a single model. """ @@ -261,11 +262,16 @@ class SyncManager: signatures = [] tag_signatures = tag_model.find(TAG_SIGNATURES) + has_author_signature = False for tag_signature in tag_signatures: signature_type = tag_signature.get(ATTR_TYPE) signature_value = tag_signature.get(ATTR_VALUE) signature_key = tag_signature.get(ATTR_KEY) + if global_id.key_type == signature_type and\ + global_id.key == signature_key: + has_author_signature = True + signature = Signature(key_type=signature_type, key=signature_key, signature=signature_value) @@ -274,6 +280,8 @@ class SyncManager: raise SyncException(EXCEPTION_SIGNATURE.format(content_str)) signatures.append(signature) + if not has_author_signature: + raise SyncException(EXCEPTION_AUTHOR_SIGNATURE.format(content_str)) return signatures