##// END OF EJS Templates
Added signature verification for a post
neko259 -
r1237:6c4ec150 decentral
parent child Browse files
Show More
@@ -27,6 +27,7 b" ATTR_TYPE = 'type'"
27 ATTR_NAME = 'name'
27 ATTR_NAME = 'name'
28 ATTR_VALUE = 'value'
28 ATTR_VALUE = 'value'
29 ATTR_MIMETYPE = 'mimetype'
29 ATTR_MIMETYPE = 'mimetype'
30 ATTR_KEY = 'key'
30
31
31 STATUS_SUCCESS = 'success'
32 STATUS_SUCCESS = 'success'
32
33
@@ -79,12 +80,13 b' class SyncManager:'
79 signatures = [Signature(
80 signatures = [Signature(
80 key_type=key.key_type,
81 key_type=key.key_type,
81 key=key.public_key,
82 key=key.public_key,
82 signature=key.sign(et.tostring(model, ENCODING_UNICODE)),
83 signature=key.sign(et.tostring(content_tag, ENCODING_UNICODE)),
83 )]
84 )]
84 for signature in signatures:
85 for signature in signatures:
85 signature_tag = et.SubElement(signatures_tag, TAG_SIGNATURE)
86 signature_tag = et.SubElement(signatures_tag, TAG_SIGNATURE)
86 signature_tag.set(ATTR_TYPE, signature.key_type)
87 signature_tag.set(ATTR_TYPE, signature.key_type)
87 signature_tag.set(ATTR_VALUE, signature.signature)
88 signature_tag.set(ATTR_VALUE, signature.signature)
89 signature_tag.set(ATTR_KEY, signature.key)
88
90
89 return et.tostring(response, ENCODING_UNICODE)
91 return et.tostring(response, ENCODING_UNICODE)
90
92
@@ -97,6 +99,12 b' class SyncManager:'
97 tag_models = tag_root.find(TAG_MODELS)
99 tag_models = tag_root.find(TAG_MODELS)
98 for tag_model in tag_models:
100 for tag_model in tag_models:
99 tag_content = tag_model.find(TAG_CONTENT)
101 tag_content = tag_model.find(TAG_CONTENT)
102
103 valid = SyncManager.verify_model(tag_content, tag_model)
104
105 if not valid:
106 raise Exception('Invalid model signature')
107
100 tag_id = tag_content.find(TAG_ID)
108 tag_id = tag_content.find(TAG_ID)
101 global_id, exists = GlobalId.from_xml_element(tag_id)
109 global_id, exists = GlobalId.from_xml_element(tag_id)
102
110
@@ -127,3 +135,26 b' class SyncManager:'
127 else:
135 else:
128 # TODO Throw an exception?
136 # TODO Throw an exception?
129 pass
137 pass
138
139 @staticmethod
140 def verify_model(tag_content, tag_model):
141 """
142 Verifies all signatures for a single model.
143 """
144
145 valid = True
146
147 tag_signatures = tag_model.find(TAG_SIGNATURES)
148 for tag_signature in tag_signatures:
149 signature_type = tag_signature.get(ATTR_TYPE)
150 signature_value = tag_signature.get(ATTR_VALUE)
151 signature_key = tag_signature.get(ATTR_KEY)
152
153 if not KeyPair.objects.verify(
154 signature_key,
155 et.tostring(tag_content, ENCODING_UNICODE),
156 signature_value, signature_type):
157 valid = False
158 break
159
160 return valid
@@ -68,23 +68,23 b' author)'
68
68
69 Sample request is as follows:
69 Sample request is as follows:
70
70
71 <?xml version="1.1" encoding="UTF-8" ?>
71 <?xml version="1.1" encoding="UTF-8" ?>
72 <request version="1.0" type="pull">
72 <request version="1.0" type="pull">
73 <model version="1.0" name="post">
73 <model version="1.0" name="post">
74 <timestamp_from>0</timestamp_from>
74 <timestamp_from>0</timestamp_from>
75 <timestamp_to>0</timestamp_to>
75 <timestamp_to>0</timestamp_to>
76 <tags>
76 <tags>
77 <tag>tag1</tag>
77 <tag>tag1</tag>
78 </tags>
78 </tags>
79 <sender>
79 <sender>
80 <allow>
80 <allow>
81 <key>abcehy3h9t</key>
81 <key>abcehy3h9t</key>
82 <key>ehoehyoe</key>
82 <key>ehoehyoe</key>
83 </allow>
83 </allow>
84 <!-- There can be only allow block (all other are denied) or deny block (all other are allowed) -->
84 <!-- There can be only allow block (all other are denied) or deny block (all other are allowed) -->
85 </sender>
85 </sender>
86 </model>
86 </model>
87 </request>
87 </request>
88
88
89 Under the <model> tag there are filters. Filters for the "post" model can
89 Under the <model> tag there are filters. Filters for the "post" model can
90 be found in DIP-2.
90 be found in DIP-2.
General Comments 0
You need to be logged in to leave comments. Login now