Sign Dictionary in doNETWORK_CONFIG_REQUEST.

10 years ago · 7036831203
3 changed files with 15 additions and 1 deletions
--- a/node/Dictionary.hpp
+++ b/node/Dictionary.hpp
@ -454,7 +454,7 @@ public:
 	{
 		this->erase(sigKey);
 		C25519::Signature sig(C25519::sign(kp,this->data(),this->sizeBytes()));
-		this->add(sigKey,sig.data,ZT_C25519_SIGNATURE_LEN);
+		this->add(sigKey,reinterpret_cast<const char *>(sig.data),ZT_C25519_SIGNATURE_LEN);
 	}

 	/**
--- a/node/Identity.hpp
+++ b/node/Identity.hpp
@ -287,6 +287,19 @@ public:
 	 */
 	inline const C25519::Public &publicKey() const { return _publicKey; }

+	/**
+	 * @return C25519 key pair (only returns valid pair if private key is present in this Identity object)
+	 */
+	inline const C25519::Pair privateKeyPair() const
+	{
+		C25519::Pair pair;
+		pair.pub = _publicKey;
+		if (_privateKey)
+			pair.priv = *_privateKey;
+		else memset(pair.priv.data,0,ZT_C25519_PRIVATE_KEY_LEN);
+		return pair;
+	}
+
 	/**
 	 * @return True if this identity contains something
 	 */
--- a/node/IncomingPacket.cpp
+++ b/node/IncomingPacket.cpp
@ -749,6 +749,7 @@ bool IncomingPacket::_doNETWORK_CONFIG_REQUEST(const RuntimeEnvironment *RR,cons
 						Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY> *dconf = new Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY>();
 						try {
 							if (netconf->toDictionary(*dconf,metaData.getUI(ZT_NETWORKCONFIG_REQUEST_METADATA_KEY_VERSION,0) < 6)) {
+								dconf->wrapWithSignature(ZT_NETWORKCONFIG_DICT_KEY_SIGNATURE,RR->identity.privateKeyPair());
 								const unsigned int totalSize = dconf->sizeBytes();
 								unsigned int chunkIndex = 0;
 								while (chunkIndex < totalSize) {