go-libp2p-pubsub/sign.go

package floodsub

import (
	"fmt"

	pb "github.com/libp2p/go-floodsub/pb"

	crypto "github.com/libp2p/go-libp2p-crypto"
	peer "github.com/libp2p/go-libp2p-peer"
)

func verifyMessageSignature(m *pb.Message) error {
	var pubk crypto.PubKey

	pid, err := peer.IDFromBytes(m.From)
	if err != nil {
		return err
	}

	if m.Key == nil {
		// no attached key, it must be extractable from the source ID
		pubk, err = pid.ExtractPublicKey()
		if err != nil {
			return err
		}
	} else {
		pubk, err = crypto.UnmarshalPublicKey(m.Key)
		if err != nil {
			return err
		}

		// verify that the source ID matches the attached key
		if !pid.MatchesPublicKey(pubk) {
			return fmt.Errorf("bad signing key; source ID %s doesn't match key", pid)
		}
	}

	xm := pb.Message{
		Data:     m.Data,
		TopicIDs: m.TopicIDs,
		From:     m.From,
		Seqno:    m.Seqno,
	}
	bytes, err := xm.Marshal()
	if err != nil {
		return err
	}

	valid, err := pubk.Verify(bytes, m.Signature)
	if err != nil {
		return err
	}

	if !valid {
		return fmt.Errorf("invalid signature")
	}

	return nil
}

func signMessage(key crypto.PrivKey, m *pb.Message) error {
	bytes, err := m.Marshal()
	if err != nil {
		return err
	}

	sig, err := key.Sign(bytes)
	if err != nil {
		return err
	}

	m.Signature = sig
	switch key.Type() {
	case crypto.RSA:
		pubk, err := key.GetPublic().Bytes()
		if err != nil {
			return err
		}
		m.Key = pubk
	}
	return nil
}
implement validateSignature 2018-08-26 10:13:12 +00:00			`package floodsub`

			`import (`
implement signMessage and verifyMessageSignature 2018-08-26 10:57:14 +00:00			`"fmt"`

implement validateSignature 2018-08-26 10:13:12 +00:00			`pb "github.com/libp2p/go-floodsub/pb"`
sign messages when a signing key is present 2018-08-26 10:26:44 +00:00
			`crypto "github.com/libp2p/go-libp2p-crypto"`
implement signMessage and verifyMessageSignature 2018-08-26 10:57:14 +00:00			`peer "github.com/libp2p/go-libp2p-peer"`
implement validateSignature 2018-08-26 10:13:12 +00:00			`)`

			`func verifyMessageSignature(m *pb.Message) error {`
implement signMessage and verifyMessageSignature 2018-08-26 10:57:14 +00:00			`var pubk crypto.PubKey`

			`pid, err := peer.IDFromBytes(m.From)`
			`if err != nil {`
			`return err`
			`}`

			`if m.Key == nil {`
			`// no attached key, it must be extractable from the source ID`
			`pubk, err = pid.ExtractPublicKey()`
			`if err != nil {`
			`return err`
			`}`
			`} else {`
			`pubk, err = crypto.UnmarshalPublicKey(m.Key)`
			`if err != nil {`
			`return err`
			`}`

			`// verify that the source ID matches the attached key`
use MatchesPublicKey, don't rewrite it. 2018-08-27 07:57:05 +00:00			`if !pid.MatchesPublicKey(pubk) {`
			`return fmt.Errorf("bad signing key; source ID %s doesn't match key", pid)`
implement signMessage and verifyMessageSignature 2018-08-26 10:57:14 +00:00			`}`
			`}`

			`xm := pb.Message{`
			`Data: m.Data,`
			`TopicIDs: m.TopicIDs,`
			`From: m.From,`
			`Seqno: m.Seqno,`
			`}`
			`bytes, err := xm.Marshal()`
			`if err != nil {`
			`return err`
			`}`

			`valid, err := pubk.Verify(bytes, m.Signature)`
			`if err != nil {`
			`return err`
			`}`

			`if !valid {`
			`return fmt.Errorf("invalid signature")`
			`}`

implement validateSignature 2018-08-26 10:13:12 +00:00			`return nil`
			`}`

implement signMessage and verifyMessageSignature 2018-08-26 10:57:14 +00:00			`func signMessage(key crypto.PrivKey, m *pb.Message) error {`
			`bytes, err := m.Marshal()`
			`if err != nil {`
			`return err`
			`}`
implement validateSignature 2018-08-26 10:13:12 +00:00
implement signMessage and verifyMessageSignature 2018-08-26 10:57:14 +00:00			`sig, err := key.Sign(bytes)`
			`if err != nil {`
			`return err`
			`}`

			`m.Signature = sig`
			`switch key.Type() {`
			`case crypto.RSA:`
			`pubk, err := key.GetPublic().Bytes()`
			`if err != nil {`
			`return err`
			`}`
			`m.Key = pubk`
			`}`
			`return nil`
implement validateSignature 2018-08-26 10:13:12 +00:00			`}`