u/bodqhrohro/swineboard Commit - r1582:9e8b0925

Check that parsed post has a signature of its author's key

neko259 -

r1582:9e8b0925 default

parent child

boards/models/post/sync.py

0 +15 -7

              from django.db import transaction
              from boards.models import KeyPair, GlobalId, Signature, Post, Tag
-             EXCEPTION_NODE = 'Sync node returned an error: {}'
-             EXCEPTION_OP = 'Load the OP first'
-             EXCEPTION_DOWNLOAD = 'File was not downloaded'
-             EXCEPTION_HASH = 'File hash does not match attachment hash'
-             EXCEPTION_SIGNATURE = 'Invalid model signature for {}'
+             EXCEPTION_NODE = 'Sync node returned an error: {}.'
+             EXCEPTION_OP = 'Load the OP first.'
+             EXCEPTION_DOWNLOAD = 'File was not downloaded.'
+             EXCEPTION_HASH = 'File hash does not match attachment hash.'
+             EXCEPTION_SIGNATURE = 'Invalid model signature for {}.'
+             EXCEPTION_AUTHOR_SIGNATURE = 'Model {} has no author signature.'
              ENCODING_UNICODE = 'unicode'
              TAG_MODEL = 'model'
                              tag_content = tag_model.find(TAG_CONTENT)
                              content_str = et.tostring(tag_content, ENCODING_UNICODE)
-                             signatures = SyncManager._verify_model(content_str, tag_model)
                              tag_id = tag_content.find(TAG_ID)
                              global_id, exists = GlobalId.from_xml_element(tag_id)
+                             signatures = SyncManager._verify_model(global_id, content_str, tag_model)
                              if exists:
                                  print('Post with same ID already exists')
                      return et.tostring(response, ENCODING_UNICODE)
                  @staticmethod
-                 def _verify_model(content_str, tag_model):
+                 def _verify_model(global_id, content_str, tag_model):
                      """
                      Verifies all signatures for a single model.
                      """
                      signatures = []
                      tag_signatures = tag_model.find(TAG_SIGNATURES)
+                     has_author_signature = False
                      for tag_signature in tag_signatures:
                          signature_type = tag_signature.get(ATTR_TYPE)
                          signature_value = tag_signature.get(ATTR_VALUE)
                          signature_key = tag_signature.get(ATTR_KEY)
+                         if global_id.key_type == signature_type and\
+                                 global_id.key == signature_key:
+                             has_author_signature = True
                          signature = Signature(key_type=signature_type,
                                                key=signature_key,
                                                signature=signature_value)
                              raise SyncException(EXCEPTION_SIGNATURE.format(content_str))
                          signatures.append(signature)
+                     if not has_author_signature:
+                         raise SyncException(EXCEPTION_AUTHOR_SIGNATURE.format(content_str))
                      return signatures

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages