Example #1
0
// Hash makes a cryptographic hash of the configuration-file - this
// can be used as an ID.
func (c *Config) Hash() (crypto.HashID, error) {
	hash := network.Suite.Hash()
	err := binary.Write(hash, binary.LittleEndian, int32(c.Threshold))
	if err != nil {
		return nil, err
	}
	var owners []string
	for s := range c.Device {
		owners = append(owners, s)
	}
	sort.Strings(owners)
	for _, s := range owners {
		_, err = hash.Write([]byte(s))
		if err != nil {
			return nil, err
		}
		_, err = hash.Write([]byte(c.Data[s]))
		if err != nil {
			return nil, err
		}
		b, err := network.MarshalRegisteredType(c.Device[s])
		if err != nil {
			return nil, err
		}
		_, err = hash.Write(b)
		if err != nil {
			return nil, err
		}
	}
	return hash.Sum(nil), nil
}
Example #2
0
func verifyMessage(suite abstract.Suite, m interface{}, hash1 []byte) error {

	// Make a copy of the signature
	x := reflect.ValueOf(m).Elem().FieldByName("Sig")
	sig := reflect.New(x.Type()).Elem()
	sig.Set(x)

	// Reset signature field
	reflect.ValueOf(m).Elem().FieldByName("Sig").Set(reflect.ValueOf(crypto.SchnorrSig{})) // XXX: hack

	// Marshal ...
	mb, err := network.MarshalRegisteredType(m)
	if err != nil {
		return err
	}

	// ... and hash message
	hash2, err := crypto.HashBytes(suite.Hash(), mb)
	if err != nil {
		return err
	}

	// Copy back original signature
	reflect.ValueOf(m).Elem().FieldByName("Sig").Set(sig) // XXX: hack

	// Compare hashes
	if !bytes.Equal(hash1, hash2) {
		return errors.New("Message has a different hash than the given one")
	}

	return nil
}
Example #3
0
// proposeSkipBlock sends a proposeSkipBlock to the service. If latest has
// a Nil-Hash, it will be used as a
// - rosterSkipBlock if data is nil, the Roster will be taken from 'el'
// - dataSkipBlock if data is non-nil. Furthermore 'el' will hold the activeRoster
// to send the request to.
func (c *Client) proposeSkipBlock(latest *SkipBlock, el *onet.Roster, d network.Body) (reply *ProposedSkipBlockReply, cerr onet.ClientError) {
	log.Lvl3(latest)
	activeRoster := latest.Roster
	hash := latest.Hash
	propose := latest
	if !hash.IsNull() {
		// We have to create a new SkipBlock to propose to the
		// service
		propose = NewSkipBlock()
		if d == nil {
			// This is a RosterSkipBlock
			propose.Roster = el
		} else {
			// DataSkipBlock will be set later, just make sure that
			// there will be a receiver
			activeRoster = el
		}
	}
	if d != nil {
		// Set either a new or a proposed SkipBlock
		b, e := network.MarshalRegisteredType(d)
		if e != nil {
			cerr = onet.NewClientError(e)
			return
		}
		propose.Data = b
	}
	host := activeRoster.RandomServerIdentity()
	reply = &ProposedSkipBlockReply{}
	cerr = c.SendProtobuf(host, &ProposeSkipBlock{hash, propose}, reply)
	if cerr != nil {
		return
	}
	return
}
Example #4
0
// SaveToStream stores the configuration of the client to a stream
func (i *Identity) SaveToStream(out io.Writer) error {
	data, err := network.MarshalRegisteredType(&i.Data)
	if err != nil {
		return err
	}
	_, err = out.Write(data)
	return err
}
Example #5
0
func (rh *RandHound) handleI1(i1 WI1) error {

	msg := &i1.I1

	// Compute hash of the client's message
	msg.Sig = crypto.SchnorrSig{} // XXX: hack
	i1b, err := network.MarshalRegisteredType(msg)
	if err != nil {
		return err
	}

	hi1, err := crypto.HashBytes(rh.Suite().Hash(), i1b)
	if err != nil {
		return err
	}

	// Find out the server's index (we assume servers are stateless)
	idx := 0
	for i, j := range msg.Group {
		if msg.Key[i].Equal(rh.Public()) {
			idx = int(j)
			break
		}
	}

	// Init PVSS and create shares
	H, _ := rh.Suite().Point().Pick(nil, rh.Suite().Cipher(msg.SID))
	pvss := NewPVSS(rh.Suite(), H, msg.Threshold)
	idxShare, encShare, encProof, pb, err := pvss.Split(msg.Key, nil)
	if err != nil {
		return err
	}

	share := make([]Share, len(encShare))
	for i := 0; i < len(encShare); i++ {
		share[i] = Share{
			Source: idx,
			Target: int(msg.Group[i]),
			Pos:    idxShare[i],
			Val:    encShare[i],
			Proof:  encProof[i],
		}
	}

	r1 := &R1{
		HI1:        hi1,
		EncShare:   share,
		CommitPoly: pb,
	}

	// Sign R1 and store signature in R1.Sig
	if err := signSchnorr(rh.Suite(), rh.Private(), r1); err != nil {
		return err
	}

	return rh.SendTo(rh.Root(), r1)
}
Example #6
0
func setpass(c *cli.Context) error {
	uid := []byte(c.Args().Get(0))
	Pass := c.Args().Get(1)
	usrdata := []byte(c.Args().Get(2))
	set(c, uid, []byte(EPOCH), string(Pass), usrdata)
	b, err := network.MarshalRegisteredType(db)
	log.ErrFatal(err)
	err = ioutil.WriteFile("config.bin", b, 0660)
	return nil
}
Example #7
0
func (s *Service) startBFTSignature(block *SkipBlock) error {
	done := make(chan bool)
	// create the message we want to sign for this round
	msg := []byte(block.Hash)
	el, cerr := block.GetResponsible(s)
	if cerr != nil {
		return cerr
	}
	switch len(el.List) {
	case 0:
		return errors.New("Found empty Roster")
	case 1:
		return errors.New("Need more than 1 entry for Roster")
	}

	// Start the protocol
	tree := el.GenerateNaryTreeWithRoot(2, s.ServerIdentity())

	node, e := s.CreateProtocolOnet(skipchainBFT, tree)
	if e != nil {
		return onet.NewClientErrorCode(ErrorOnet, "Couldn't create new node: "+e.Error())
	}

	// Register the function generating the protocol instance
	root := node.(*bftcosi.ProtocolBFTCoSi)
	root.Msg = msg
	data, e := network.MarshalRegisteredType(block)
	if e != nil {
		return errors.New("Couldn't marshal block: " + cerr.Error())
	}
	root.Data = data

	// in testing-mode with more than one host and service per cothority-instance
	// we might have the wrong verification-function, so set it again here.
	root.VerificationFunction = s.bftVerify
	// function that will be called when protocol is finished by the root
	root.RegisterOnDone(func() {
		done <- true
	})
	go node.Start()
	select {
	case <-done:
		block.BlockSig = root.Signature()
		if len(block.BlockSig.Exceptions) != 0 {
			return errors.New("Not everybody signed off the new block")
		}
		if e := block.BlockSig.Verify(network.Suite, el.Publics()); e != nil {
			return errors.New("Couldn't verify signature")
		}
	case <-time.After(time.Second * 60):
		return errors.New("Timed out while waiting for signature")
	}
	return nil
}
Example #8
0
// addSliceToHash hashes the whole SkipBlockFix plus a slice of bytes.
// This is used
func (sbf *SkipBlockFix) calculateHash() SkipBlockID {
	b, err := network.MarshalRegisteredType(sbf)
	if err != nil {
		log.Panic("Couldn't marshal SkipBlockFix:", err)
	}
	h, err := crypto.HashBytes(network.Suite.Hash(), b)
	if err != nil {
		log.Panic("Couldn't hash SkipBlockFix:", err)
	}
	return h
}
Example #9
0
// saves the actual identity
func (s *Service) save() {
	log.Lvl3("Saving service")
	b, err := network.MarshalRegisteredType(s.StorageMap)
	if err != nil {
		log.Error("Couldn't marshal service:", err)
	} else {
		err = ioutil.WriteFile(s.path+"/identity.bin", b, 0660)
		if err != nil {
			log.Error("Couldn't save file:", err)
		}
	}
}
Example #10
0
// Saves the clientApp in the configfile - refuses to save an empty file.
func (cfg *ciscConfig) saveConfig(c *cli.Context) error {
	configFile := getConfig(c)
	if cfg == nil {
		return errors.New("Cannot save empty clientApp")
	}
	buf, err := network.MarshalRegisteredType(cfg)
	if err != nil {
		log.Error(err)
		return err
	}
	log.Lvl2("Saving to", configFile)
	return ioutil.WriteFile(configFile, buf, 0660)
}
Example #11
0
// setup is called when you setup the password database.
func setup(c *cli.Context) error {
	groupToml := c.Args().First()
	var err error
	t, err := readGroup(groupToml)
	db = &Database{
		Cothority: t,
	}
	log.ErrFatal(err)
	b, err := network.MarshalRegisteredType(db)
	log.ErrFatal(err)
	err = ioutil.WriteFile("config.bin", b, 0660)
	log.ErrFatal(err)
	return nil
}
Example #12
0
// Copy returns a deep copy of the AccountList.
func (c *Config) Copy() *Config {
	b, err := network.MarshalRegisteredType(c)
	if err != nil {
		log.Error("Couldn't marshal AccountList:", err)
		return nil
	}
	_, msg, err := network.UnmarshalRegisteredType(b, network.DefaultConstructors(network.Suite))
	if err != nil {
		log.Error("Couldn't unmarshal AccountList:", err)
	}
	ilNew := msg.(Config)
	if len(ilNew.Data) == 0 {
		ilNew.Data = make(map[string]string)
	}
	return &ilNew
}
Example #13
0
// Separate function for testing
func propagateStartAndWait(pi onet.ProtocolInstance, msg network.Body, msec int, f PropagationStore) (int, error) {
	d, err := network.MarshalRegisteredType(msg)
	if err != nil {
		return -1, err
	}
	protocol := pi.(*Propagate)
	protocol.Lock()
	protocol.sd.Data = d
	protocol.sd.Msec = msec
	protocol.onData = f

	done := make(chan int)
	protocol.onDoneCb = func(i int) { done <- i }
	protocol.Unlock()
	if err = protocol.Start(); err != nil {
		return -1, err
	}
	ret := <-done
	log.Lvl3("Finished propagation with", ret, "replies")
	return ret, nil
}
Example #14
0
func verifySchnorr(suite abstract.Suite, key abstract.Point, m interface{}) error {

	// Make a copy of the signature
	x := reflect.ValueOf(m).Elem().FieldByName("Sig")
	sig := reflect.New(x.Type()).Elem()
	sig.Set(x)

	// Reset signature field
	reflect.ValueOf(m).Elem().FieldByName("Sig").Set(reflect.ValueOf(crypto.SchnorrSig{})) // XXX: hack

	// Marshal message
	mb, err := network.MarshalRegisteredType(m)
	if err != nil {
		return err
	}

	// Copy back original signature
	reflect.ValueOf(m).Elem().FieldByName("Sig").Set(sig) // XXX: hack

	return crypto.VerifySchnorr(suite, key, mb, sig.Interface().(crypto.SchnorrSig))
}
Example #15
0
func signSchnorr(suite abstract.Suite, key abstract.Scalar, m interface{}) error {

	// Reset signature field
	reflect.ValueOf(m).Elem().FieldByName("Sig").Set(reflect.ValueOf(crypto.SchnorrSig{})) // XXX: hack

	// Marshal message
	mb, err := network.MarshalRegisteredType(m)
	if err != nil {
		return err
	}

	// Sign message
	sig, err := crypto.SignSchnorr(suite, key, mb)
	if err != nil {
		return err
	}

	// Store signature
	reflect.ValueOf(m).Elem().FieldByName("Sig").Set(reflect.ValueOf(sig)) // XXX: hack

	return nil
}
Example #16
0
func (rh *RandHound) handleI2(i2 WI2) error {

	msg := &i2.I2

	// Compute hash of the client's message
	msg.Sig = crypto.SchnorrSig{} // XXX: hack
	i2b, err := network.MarshalRegisteredType(msg)
	if err != nil {
		return err
	}

	hi2, err := crypto.HashBytes(rh.Suite().Hash(), i2b)
	if err != nil {
		return err
	}

	// Prepare data
	n := len(msg.EncShare)
	X := make([]abstract.Point, n)
	encShare := make([]abstract.Point, n)
	encProof := make([]ProofCore, n)
	for i := 0; i < n; i++ {
		X[i] = rh.Public()
		encShare[i] = msg.EncShare[i].Val
		encProof[i] = msg.EncShare[i].Proof
	}

	// Init PVSS and verify encryption consistency proof
	H, _ := rh.Suite().Point().Pick(nil, rh.Suite().Cipher(msg.SID))
	pvss := NewPVSS(rh.Suite(), H, 0)

	good, bad, err := pvss.Verify(H, X, msg.PolyCommit, encShare, encProof)
	if err != nil {
		return err
	}

	// Remove bad shares
	for i := len(bad) - 1; i >= 0; i-- {
		j := bad[i]
		encShare = append(encShare[:j], encShare[j+1:]...)
	}

	// Decrypt good shares
	decShare, decProof, err := pvss.Reveal(rh.Private(), encShare)
	if err != nil {
		return err
	}

	share := make([]Share, len(encShare))
	for i := 0; i < len(encShare); i++ {
		X[i] = rh.Public()
		j := good[i]
		share[i] = Share{
			Source: msg.EncShare[j].Source,
			Target: msg.EncShare[j].Target,
			Pos:    msg.EncShare[j].Pos,
			Val:    decShare[i],
			Proof:  decProof[i],
		}
	}

	r2 := &R2{
		HI2:      hi2,
		DecShare: share,
	}

	// Sign R2 and store signature in R2.Sig
	if err := signSchnorr(rh.Suite(), rh.Private(), r2); err != nil {
		return err
	}

	return rh.SendTo(rh.Root(), r2)
}