func handleVerify(conn http.ResponseWriter, req *http.Request) {
if !(req.Method == "POST" && req.URL.Path == "/camli/sig/verify") {
httputil.BadRequestError(conn, "Inconfigured handler.")
return
}
req.ParseForm()
sjson := req.FormValue("sjson")
if sjson == "" {
httputil.BadRequestError(conn, "Missing sjson parameter.")
return
}
m := make(map[string]interface{})
vreq := jsonsign.NewVerificationRequest(sjson, pubKeyFetcher)
if vreq.Verify() {
m["signatureValid"] = 1
m["verifiedData"] = vreq.PayloadMap
} else {
errStr := vreq.Err.String()
m["signatureValid"] = 0
m["errorMessage"] = errStr
}
conn.WriteHeader(http.StatusOK) // no HTTP response code fun, error info in JSON
httputil.ReturnJson(conn, m)
}
func (h *JSONSignHandler) handleVerify(rw http.ResponseWriter, req *http.Request) {
req.ParseForm()
sjson := req.FormValue("sjson")
if sjson == "" {
http.Error(rw, "missing \"sjson\" parameter", http.StatusBadRequest)
return
}
m := make(map[string]interface{})
// TODO: use a different fetcher here that checks memory, disk,
// the internet, etc.
fetcher := h.pubKeyFetcher
vreq := jsonsign.NewVerificationRequest(sjson, fetcher)
if vreq.Verify() {
m["signatureValid"] = 1
m["signerKeyId"] = vreq.SignerKeyId
m["verifiedData"] = vreq.PayloadMap
} else {
errStr := vreq.Err.String()
m["signatureValid"] = 0
m["errorMessage"] = errStr
}
rw.WriteHeader(http.StatusOK) // no HTTP response code fun, error info in JSON
httputil.ReturnJson(rw, m)
}
func (mi *Indexer) populateClaim(client *mysql.Client, blobRef *blobref.BlobRef, camli *schema.Superset, sniffer *blobSniffer) (err os.Error) {
pnBlobref := blobref.Parse(camli.Permanode)
if pnBlobref == nil {
// Skip bogus claim with malformed permanode.
return
}
verifiedKeyId := ""
if rawJson, err := sniffer.Body(); err == nil {
vr := jsonsign.NewVerificationRequest(rawJson, mi.KeyFetcher)
if vr.Verify() {
verifiedKeyId = vr.SignerKeyId
log.Printf("mysqlindex: verified claim %s from %s", blobRef, verifiedKeyId)
if err = execSQL(client, "INSERT IGNORE INTO signerkeyid (blobref, keyid) "+
"VALUES (?, ?)", vr.CamliSigner.String(), verifiedKeyId); err != nil {
return
}
} else {
log.Printf("mysqlindex: verification failure on claim %s: %v", blobRef, vr.Err)
}
}
if err = execSQL(client,
"INSERT IGNORE INTO claims (blobref, signer, verifiedkeyid, date, unverified, claim, permanode, attr, value) "+
"VALUES (?, ?, ?, ?, 'Y', ?, ?, ?, ?)",
blobRef.String(), camli.Signer, verifiedKeyId, camli.ClaimDate,
camli.ClaimType, camli.Permanode,
camli.Attribute, camli.Value); err != nil {
return
}
if verifiedKeyId != "" {
// TODO: limit this to only certain attributes (for now, just "camliRoot") once search handler
// is working and the UI permits setting camliRoot.
if err = execSQL(client, "INSERT IGNORE INTO signerattrvalue (keyid, attr, value, claimdate, blobref, permanode) "+
"VALUES (?, ?, ?, ?, ?, ?)",
verifiedKeyId, camli.Attribute, camli.Value,
camli.ClaimDate, blobRef.String(), camli.Permanode); err != nil {
return
}
}
// And update the lastmod on the permanode row.
if err = execSQL(client,
"INSERT IGNORE INTO permanodes (blobref) VALUES (?)",
pnBlobref.String()); err != nil {
return
}
if err = execSQL(client,
"UPDATE permanodes SET lastmod=? WHERE blobref=? AND ? > lastmod",
camli.ClaimDate, pnBlobref.String(), camli.ClaimDate); err != nil {
return
}
return nil
}
func (mi *Indexer) populateClaim(blobRef *blobref.BlobRef, camli *schema.Superset, sniffer *blobSniffer) (err os.Error) {
pnBlobref := blobref.Parse(camli.Permanode)
if pnBlobref == nil {
// Skip bogus claim with malformed permanode.
return
}
verifiedKeyId := ""
if rawJson, err := sniffer.Body(); err == nil {
vr := jsonsign.NewVerificationRequest(rawJson, mi.KeyFetcher)
if vr.Verify() {
verifiedKeyId = vr.SignerKeyId
log.Printf("mysqlindex: verified claim %s from %s", blobRef, verifiedKeyId)
if err = mi.db.Execute("INSERT IGNORE INTO signerkeyid (blobref, keyid) "+
"VALUES (?, ?)", vr.CamliSigner.String(), verifiedKeyId); err != nil {
return
}
} else {
log.Printf("mysqlindex: verification failure on claim %s: %v", blobRef, vr.Err)
}
}
if err = mi.db.Execute(
"INSERT IGNORE INTO claims (blobref, signer, verifiedkeyid, date, unverified, claim, permanode, attr, value) "+
"VALUES (?, ?, ?, ?, 'Y', ?, ?, ?, ?)",
blobRef.String(), camli.Signer, verifiedKeyId, camli.ClaimDate,
camli.ClaimType, camli.Permanode,
camli.Attribute, camli.Value); err != nil {
return
}
if verifiedKeyId != "" {
switch camli.Attribute {
case "camliRoot", "tag", "title":
// TODO(bradfitz,mpl): these tag names are hard-coded.
// we should probably have a config file of attributes
// and properties (e.g. which way(s) they're indexed)
if err = mi.db.Execute("INSERT IGNORE INTO signerattrvalue (keyid, attr, value, claimdate, blobref, permanode) "+
"VALUES (?, ?, ?, ?, ?, ?)",
verifiedKeyId, camli.Attribute, camli.Value,
camli.ClaimDate, blobRef.String(), camli.Permanode); err != nil {
return
}
if camli.Attribute == "tag" || camli.Attribute == "title" {
// Identical copy for fulltext searches
// TODO(mpl): do the DELETEs as well
if err = mi.db.Execute("INSERT IGNORE INTO signerattrvalueft (keyid, attr, value, claimdate, blobref, permanode) "+
"VALUES (?, ?, ?, ?, ?, ?)",
verifiedKeyId, camli.Attribute, camli.Value,
camli.ClaimDate, blobRef.String(), camli.Permanode); err != nil {
return
}
}
}
if strings.HasPrefix(camli.Attribute, "camliPath:") {
// TODO: deal with set-attribute vs. del-attribute
// properly? I think we get it for free when
// del-attribute has no Value, but we need to deal
// with the case where they explicitly delete the
// current value.
suffix := camli.Attribute[len("camliPath:"):]
active := "Y"
if camli.ClaimType == "del-attribute" {
active = "N"
}
if err = mi.db.Execute("INSERT IGNORE INTO path (claimref, claimdate, keyid, baseref, suffix, targetref, active) "+
"VALUES (?, ?, ?, ?, ?, ?, ?)",
blobRef.String(), camli.ClaimDate, verifiedKeyId, camli.Permanode, suffix, camli.Value, active); err != nil {
return
}
}
}
// And update the lastmod on the permanode row.
if err = mi.db.Execute(
"INSERT IGNORE INTO permanodes (blobref) VALUES (?)",
pnBlobref.String()); err != nil {
return
}
if err = mi.db.Execute(
"UPDATE permanodes SET lastmod=? WHERE blobref=? AND ? > lastmod",
camli.ClaimDate, pnBlobref.String(), camli.ClaimDate); err != nil {
return
}
return nil
}
