func (p *KeybasePacket) unmarshalBinary(data []byte) error {
ch := codecHandle()
if err := MsgpackDecodeAll(data, ch, p); err != nil {
return err
}
if err := p.unpackBody(ch); err != nil {
return err
}
// Test for nonstandard msgpack data (which could be maliciously crafted)
// by re-encoding and making sure we get the same thing.
// https://github.com/keybase/client/issues/423
//
// Ideally this should be done at a lower level, like MsgpackDecodeAll, but
// our msgpack library doesn't sort maps the way we expect. See
// https://github.com/ugorji/go/issues/103
var reencoded []byte
if err := codec.NewEncoderBytes(&reencoded, ch).Encode(p); err != nil {
return err
}
if reencoded, err := p.Encode(); err != nil {
return err
} else if !bytes.Equal(reencoded, data) {
return FishyMsgpackError{data, reencoded}
}
return p.checkHash()
}
func (p *KeybasePacket) unpackBody(ch *codec.MsgpackHandle) error {
var body interface{}
switch p.Tag {
case TagP3skb:
// XXX this function should get a G passed into it, but to do that requires
// a lot of changes upstream.
body = NewSKB(G)
case TagSignature:
body = &NaclSigInfo{}
case TagEncryption:
body = &NaclEncryptionInfo{}
default:
return fmt.Errorf("Unknown packet tag: %d", p.Tag)
}
var encoded []byte
if err := codec.NewEncoderBytes(&encoded, ch).Encode(p.Body); err != nil {
return err
}
if err := MsgpackDecodeAll(encoded, ch, body); err != nil {
return err
}
p.Body = body
return nil
}
func (e *framedMsgpackEncoder) encodeFrame(i interface{}) ([]byte, error) {
enc := codec.NewEncoderBytes(&[]byte{}, e.handle)
content, err := e.encodeToBytes(enc, i)
if err != nil {
return nil, err
}
length, err := e.encodeToBytes(enc, len(content))
if err != nil {
return nil, err
}
return append(length, content...), nil
}
func (c *Conn) encryptOutgoingMessage(seqno Seqno, buf []byte) (ret []byte, err error) {
var nonce [24]byte
var n int
if n, err = rand.Read(nonce[:]); err != nil {
return nil, err
} else if n != 24 {
return nil, ErrNotEnoughRandomness
}
im := innerMsg{
SenderID: c.deviceID,
SessionID: c.sessionID,
Seqno: seqno,
Payload: buf,
}
mh := codec.MsgpackHandle{WriteExt: true}
var imPacked []byte
enc := codec.NewEncoderBytes(&imPacked, &mh)
if err = enc.Encode(im); err != nil {
return nil, err
}
ciphertext := secretbox.Seal(nil, imPacked, &nonce, (*[32]byte)(&c.secret))
om := outerMsg{
SenderID: c.deviceID,
SessionID: c.sessionID,
Seqno: seqno,
Nonce: nonce,
Payload: ciphertext,
}
enc = codec.NewEncoderBytes(&ret, &mh)
if err = enc.Encode(om); err != nil {
return nil, err
}
return ret, nil
}
func isBase64KeybaseV0Sig(s string) bool {
firstKey := "body"
dataBytes := len(firstKey) + 1
b64dataBytes := (dataBytes + 1) * 4 / 3
if len(s) < b64dataBytes {
return false
}
buf, err := base64.StdEncoding.DecodeString(s[0:b64dataBytes])
if err != nil {
return false
}
// Packet should be an encoded dictionary of 3 values
if buf[0] != 0x83 {
return false
}
var mh codec.MsgpackHandle
var encoded []byte
codec.NewEncoderBytes(&encoded, &mh).Encode(firstKey)
return bytes.HasPrefix(buf[1:], encoded)
}
// Encode implements the Codec interface for CodecMsgpack
func (c *CodecMsgpack) Encode(obj interface{}) (buf []byte, err error) {
err = codec.NewEncoderBytes(&buf, c.h).Encode(obj)
return
}
func encodeToBytes(i interface{}) ([]byte, error) {
var encoded []byte
err := codec.NewEncoderBytes(&encoded, codecHandle()).Encode(i)
return encoded, err
}
func (s State) Marshal() ([]byte, error) {
var b []byte
err := codec.NewEncoderBytes(&b, &codec.MsgpackHandle{WriteExt: true}).Encode(s)
return b, err
}
func (p KeybasePackets) Encode() ([]byte, error) {
var encoded []byte
err := codec.NewEncoderBytes(&encoded, codecHandle()).Encode(p)
return encoded, err
}