You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
159 lines
4.6 KiB
159 lines
4.6 KiB
/* |
|
* ZeroTier One - Global Peer to Peer Ethernet |
|
* Copyright (C) 2012-2013 ZeroTier Networks LLC |
|
* |
|
* This program is free software: you can redistribute it and/or modify |
|
* it under the terms of the GNU General Public License as published by |
|
* the Free Software Foundation, either version 3 of the License, or |
|
* (at your option) any later version. |
|
* |
|
* This program is distributed in the hope that it will be useful, |
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
* GNU General Public License for more details. |
|
* |
|
* You should have received a copy of the GNU General Public License |
|
* along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
* |
|
* -- |
|
* |
|
* ZeroTier may be used and distributed under the terms of the GPLv3, which |
|
* are available at: http://www.gnu.org/licenses/gpl-3.0.html |
|
* |
|
* If you would like to embed ZeroTier into a commercial application or |
|
* redistribute it in a modified binary form, please contact ZeroTier Networks |
|
* LLC. Start here: http://www.zerotier.com/ |
|
*/ |
|
|
|
#include <iostream> |
|
#include <string.h> |
|
#include <stdlib.h> |
|
#include "Pack.hpp" |
|
#include "BlobArray.hpp" |
|
#include "Utils.hpp" |
|
|
|
#include <openssl/sha.h> |
|
|
|
namespace ZeroTier { |
|
|
|
std::vector<const Pack::Entry *> Pack::getAll() const |
|
{ |
|
std::vector<const Entry *> v; |
|
for(std::map<std::string,Entry>::const_iterator e=_entries.begin();e!=_entries.end();++e) |
|
v.push_back(&(e->second)); |
|
return v; |
|
} |
|
|
|
const Pack::Entry *Pack::get(const std::string &name) const |
|
{ |
|
std::map<std::string,Entry>::const_iterator e(_entries.find(name)); |
|
return ((e == _entries.end()) ? (const Entry *)0 : &(e->second)); |
|
} |
|
|
|
const Pack::Entry *Pack::put(const std::string &name,const std::string &content) |
|
{ |
|
SHA256_CTX sha; |
|
|
|
Pack::Entry &e = _entries[name]; |
|
e.name = name; |
|
e.content = content; |
|
|
|
SHA256_Init(&sha); |
|
SHA256_Update(&sha,content.data(),content.length()); |
|
SHA256_Final(e.sha256,&sha); |
|
|
|
e.signedBy = 0; |
|
e.signature.assign((const char *)0,0); |
|
|
|
return &e; |
|
} |
|
|
|
void Pack::clear() |
|
{ |
|
_entries.clear(); |
|
} |
|
|
|
std::string Pack::serialize() const |
|
{ |
|
BlobArray archive; |
|
for(std::map<std::string,Entry>::const_iterator e=_entries.begin();e!=_entries.end();++e) { |
|
BlobArray entry; |
|
entry.push_back(e->second.name); |
|
entry.push_back(e->second.content); |
|
entry.push_back(std::string((const char *)e->second.sha256,sizeof(e->second.sha256))); |
|
entry.push_back(e->second.signedBy.toBinaryString()); |
|
entry.push_back(e->second.signature); |
|
archive.push_back(entry.serialize()); |
|
} |
|
|
|
std::string ser(archive.serialize()); |
|
std::string comp; |
|
Utils::compress(ser.begin(),ser.end(),Utils::StringAppendOutput(comp)); |
|
return comp; |
|
} |
|
|
|
bool Pack::deserialize(const void *sd,unsigned int sdlen) |
|
{ |
|
unsigned char dig[32]; |
|
SHA256_CTX sha; |
|
|
|
std::string decomp; |
|
if (!Utils::decompress(((const char *)sd),((const char *)sd) + sdlen,Utils::StringAppendOutput(decomp))) |
|
return false; |
|
|
|
BlobArray archive; |
|
archive.deserialize(decomp.data(),decomp.length()); |
|
clear(); |
|
for(BlobArray::const_iterator i=archive.begin();i!=archive.end();++i) { |
|
BlobArray entry; |
|
entry.deserialize(i->data(),i->length()); |
|
|
|
if (entry.size() != 5) return false; |
|
if (entry[2].length() != 32) return false; // SHA-256 |
|
if (entry[3].length() != ZT_ADDRESS_LENGTH) return false; // Address |
|
|
|
Pack::Entry &e = _entries[entry[0]]; |
|
e.name = entry[0]; |
|
e.content = entry[1]; |
|
|
|
SHA256_Init(&sha); |
|
SHA256_Update(&sha,e.content.data(),e.content.length()); |
|
SHA256_Final(dig,&sha); |
|
if (memcmp(dig,entry[2].data(),32)) return false; // integrity check failed |
|
memcpy(e.sha256,dig,32); |
|
|
|
if (entry[3].length() == ZT_ADDRESS_LENGTH) |
|
e.signedBy.setTo(entry[3].data()); |
|
else e.signedBy = 0; |
|
e.signature = entry[4]; |
|
} |
|
return true; |
|
} |
|
|
|
bool Pack::signAll(const Identity &id) |
|
{ |
|
for(std::map<std::string,Entry>::iterator e=_entries.begin();e!=_entries.end();++e) { |
|
e->second.signedBy = id.address(); |
|
e->second.signature = id.sign(e->second.sha256); |
|
if (!e->second.signature.length()) |
|
return false; |
|
} |
|
return true; |
|
} |
|
|
|
std::vector<const Pack::Entry *> Pack::verifyAll(const Identity &id,bool mandatory) const |
|
{ |
|
std::vector<const Entry *> bad; |
|
for(std::map<std::string,Entry>::const_iterator e=_entries.begin();e!=_entries.end();++e) { |
|
if ((e->second.signedBy)&&(e->second.signature.length())) { |
|
if (id.address() != e->second.signedBy) |
|
bad.push_back(&(e->second)); |
|
else if (!id.verifySignature(e->second.sha256,e->second.signature.data(),e->second.signature.length())) |
|
bad.push_back(&(e->second)); |
|
} else if (mandatory) |
|
bad.push_back(&(e->second)); |
|
} |
|
return bad; |
|
} |
|
|
|
} // namespace ZeroTier
|
|
|