##// END OF EJS Templates
u » bodqhrohro » swineboard
RSS
Added signature verification for a post
neko259 -
r1237:6c4ec150 decentral
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -27,6 +27,7 b" ATTR_TYPE = 'type'"
27 27 ATTR_NAME = 'name'
28 28 ATTR_VALUE = 'value'
29 29 ATTR_MIMETYPE = 'mimetype'
30 ATTR_KEY = 'key'
30 31
31 32 STATUS_SUCCESS = 'success'
32 33
@@ -79,12 +80,13 b' class SyncManager:'
79 80 signatures = [Signature(
80 81 key_type=key.key_type,
81 82 key=key.public_key,
82 signature=key.sign(et.tostring(model, ENCODING_UNICODE)),
83 signature=key.sign(et.tostring(content_tag, ENCODING_UNICODE)),
83 84 )]
84 85 for signature in signatures:
85 86 signature_tag = et.SubElement(signatures_tag, TAG_SIGNATURE)
86 87 signature_tag.set(ATTR_TYPE, signature.key_type)
87 88 signature_tag.set(ATTR_VALUE, signature.signature)
89 signature_tag.set(ATTR_KEY, signature.key)
88 90
89 91 return et.tostring(response, ENCODING_UNICODE)
90 92
@@ -97,6 +99,12 b' class SyncManager:'
97 99 tag_models = tag_root.find(TAG_MODELS)
98 100 for tag_model in tag_models:
99 101 tag_content = tag_model.find(TAG_CONTENT)
102
103 valid = SyncManager.verify_model(tag_content, tag_model)
104
105 if not valid:
106 raise Exception('Invalid model signature')
107
100 108 tag_id = tag_content.find(TAG_ID)
101 109 global_id, exists = GlobalId.from_xml_element(tag_id)
102 110
@@ -127,3 +135,26 b' class SyncManager:'
127 135 else:
128 136 # TODO Throw an exception?
129 137 pass
138
139 @staticmethod
140 def verify_model(tag_content, tag_model):
141 """
142 Verifies all signatures for a single model.
143 """
144
145 valid = True
146
147 tag_signatures = tag_model.find(TAG_SIGNATURES)
148 for tag_signature in tag_signatures:
149 signature_type = tag_signature.get(ATTR_TYPE)
150 signature_value = tag_signature.get(ATTR_VALUE)
151 signature_key = tag_signature.get(ATTR_KEY)
152
153 if not KeyPair.objects.verify(
154 signature_key,
155 et.tostring(tag_content, ENCODING_UNICODE),
156 signature_value, signature_type):
157 valid = False
158 break
159
160 return valid
Show file before | Show file after | Hide comments
@@ -68,23 +68,23 b' author)'
68 68
69 69 Sample request is as follows:
70 70
71 <?xml version="1.1" encoding="UTF-8" ?>
72 <request version="1.0" type="pull">
73 <model version="1.0" name="post">
74 <timestamp_from>0</timestamp_from>
75 <timestamp_to>0</timestamp_to>
76 <tags>
77 <tag>tag1</tag>
78 </tags>
79 <sender>
80 <allow>
81 <key>abcehy3h9t</key>
82 <key>ehoehyoe</key>
83 </allow>
84 <!-- There can be only allow block (all other are denied) or deny block (all other are allowed) -->
85 </sender>
86 </model>
87 </request>
71 <?xml version="1.1" encoding="UTF-8" ?>
72 <request version="1.0" type="pull">
73 <model version="1.0" name="post">
74 <timestamp_from>0</timestamp_from>
75 <timestamp_to>0</timestamp_to>
76 <tags>
77 <tag>tag1</tag>
78 </tags>
79 <sender>
80 <allow>
81 <key>abcehy3h9t</key>
82 <key>ehoehyoe</key>
83 </allow>
84 <!-- There can be only allow block (all other are denied) or deny block (all other are allowed) -->
85 </sender>
86 </model>
87 </request>
88 88
89 89 Under the <model> tag there are filters. Filters for the "post" model can
90 90 be found in DIP-2.
General Comments 0
You need to be logged in to leave comments. Login now