// Hash makes a cryptographic hash of the configuration-file - this // can be used as an ID. func (c *Config) Hash() (crypto.HashID, error) { hash := network.Suite.Hash() err := binary.Write(hash, binary.LittleEndian, int32(c.Threshold)) if err != nil { return nil, err } var owners []string for s := range c.Device { owners = append(owners, s) } sort.Strings(owners) for _, s := range owners { _, err = hash.Write([]byte(s)) if err != nil { return nil, err } _, err = hash.Write([]byte(c.Data[s])) if err != nil { return nil, err } b, err := network.MarshalRegisteredType(c.Device[s]) if err != nil { return nil, err } _, err = hash.Write(b) if err != nil { return nil, err } } return hash.Sum(nil), nil }
func verifyMessage(suite abstract.Suite, m interface{}, hash1 []byte) error { // Make a copy of the signature x := reflect.ValueOf(m).Elem().FieldByName("Sig") sig := reflect.New(x.Type()).Elem() sig.Set(x) // Reset signature field reflect.ValueOf(m).Elem().FieldByName("Sig").Set(reflect.ValueOf(crypto.SchnorrSig{})) // XXX: hack // Marshal ... mb, err := network.MarshalRegisteredType(m) if err != nil { return err } // ... and hash message hash2, err := crypto.HashBytes(suite.Hash(), mb) if err != nil { return err } // Copy back original signature reflect.ValueOf(m).Elem().FieldByName("Sig").Set(sig) // XXX: hack // Compare hashes if !bytes.Equal(hash1, hash2) { return errors.New("Message has a different hash than the given one") } return nil }
// proposeSkipBlock sends a proposeSkipBlock to the service. If latest has // a Nil-Hash, it will be used as a // - rosterSkipBlock if data is nil, the Roster will be taken from 'el' // - dataSkipBlock if data is non-nil. Furthermore 'el' will hold the activeRoster // to send the request to. func (c *Client) proposeSkipBlock(latest *SkipBlock, el *onet.Roster, d network.Body) (reply *ProposedSkipBlockReply, cerr onet.ClientError) { log.Lvl3(latest) activeRoster := latest.Roster hash := latest.Hash propose := latest if !hash.IsNull() { // We have to create a new SkipBlock to propose to the // service propose = NewSkipBlock() if d == nil { // This is a RosterSkipBlock propose.Roster = el } else { // DataSkipBlock will be set later, just make sure that // there will be a receiver activeRoster = el } } if d != nil { // Set either a new or a proposed SkipBlock b, e := network.MarshalRegisteredType(d) if e != nil { cerr = onet.NewClientError(e) return } propose.Data = b } host := activeRoster.RandomServerIdentity() reply = &ProposedSkipBlockReply{} cerr = c.SendProtobuf(host, &ProposeSkipBlock{hash, propose}, reply) if cerr != nil { return } return }
// SaveToStream stores the configuration of the client to a stream func (i *Identity) SaveToStream(out io.Writer) error { data, err := network.MarshalRegisteredType(&i.Data) if err != nil { return err } _, err = out.Write(data) return err }
func (rh *RandHound) handleI1(i1 WI1) error { msg := &i1.I1 // Compute hash of the client's message msg.Sig = crypto.SchnorrSig{} // XXX: hack i1b, err := network.MarshalRegisteredType(msg) if err != nil { return err } hi1, err := crypto.HashBytes(rh.Suite().Hash(), i1b) if err != nil { return err } // Find out the server's index (we assume servers are stateless) idx := 0 for i, j := range msg.Group { if msg.Key[i].Equal(rh.Public()) { idx = int(j) break } } // Init PVSS and create shares H, _ := rh.Suite().Point().Pick(nil, rh.Suite().Cipher(msg.SID)) pvss := NewPVSS(rh.Suite(), H, msg.Threshold) idxShare, encShare, encProof, pb, err := pvss.Split(msg.Key, nil) if err != nil { return err } share := make([]Share, len(encShare)) for i := 0; i < len(encShare); i++ { share[i] = Share{ Source: idx, Target: int(msg.Group[i]), Pos: idxShare[i], Val: encShare[i], Proof: encProof[i], } } r1 := &R1{ HI1: hi1, EncShare: share, CommitPoly: pb, } // Sign R1 and store signature in R1.Sig if err := signSchnorr(rh.Suite(), rh.Private(), r1); err != nil { return err } return rh.SendTo(rh.Root(), r1) }
func setpass(c *cli.Context) error { uid := []byte(c.Args().Get(0)) Pass := c.Args().Get(1) usrdata := []byte(c.Args().Get(2)) set(c, uid, []byte(EPOCH), string(Pass), usrdata) b, err := network.MarshalRegisteredType(db) log.ErrFatal(err) err = ioutil.WriteFile("config.bin", b, 0660) return nil }
func (s *Service) startBFTSignature(block *SkipBlock) error { done := make(chan bool) // create the message we want to sign for this round msg := []byte(block.Hash) el, cerr := block.GetResponsible(s) if cerr != nil { return cerr } switch len(el.List) { case 0: return errors.New("Found empty Roster") case 1: return errors.New("Need more than 1 entry for Roster") } // Start the protocol tree := el.GenerateNaryTreeWithRoot(2, s.ServerIdentity()) node, e := s.CreateProtocolOnet(skipchainBFT, tree) if e != nil { return onet.NewClientErrorCode(ErrorOnet, "Couldn't create new node: "+e.Error()) } // Register the function generating the protocol instance root := node.(*bftcosi.ProtocolBFTCoSi) root.Msg = msg data, e := network.MarshalRegisteredType(block) if e != nil { return errors.New("Couldn't marshal block: " + cerr.Error()) } root.Data = data // in testing-mode with more than one host and service per cothority-instance // we might have the wrong verification-function, so set it again here. root.VerificationFunction = s.bftVerify // function that will be called when protocol is finished by the root root.RegisterOnDone(func() { done <- true }) go node.Start() select { case <-done: block.BlockSig = root.Signature() if len(block.BlockSig.Exceptions) != 0 { return errors.New("Not everybody signed off the new block") } if e := block.BlockSig.Verify(network.Suite, el.Publics()); e != nil { return errors.New("Couldn't verify signature") } case <-time.After(time.Second * 60): return errors.New("Timed out while waiting for signature") } return nil }
// addSliceToHash hashes the whole SkipBlockFix plus a slice of bytes. // This is used func (sbf *SkipBlockFix) calculateHash() SkipBlockID { b, err := network.MarshalRegisteredType(sbf) if err != nil { log.Panic("Couldn't marshal SkipBlockFix:", err) } h, err := crypto.HashBytes(network.Suite.Hash(), b) if err != nil { log.Panic("Couldn't hash SkipBlockFix:", err) } return h }
// saves the actual identity func (s *Service) save() { log.Lvl3("Saving service") b, err := network.MarshalRegisteredType(s.StorageMap) if err != nil { log.Error("Couldn't marshal service:", err) } else { err = ioutil.WriteFile(s.path+"/identity.bin", b, 0660) if err != nil { log.Error("Couldn't save file:", err) } } }
// Saves the clientApp in the configfile - refuses to save an empty file. func (cfg *ciscConfig) saveConfig(c *cli.Context) error { configFile := getConfig(c) if cfg == nil { return errors.New("Cannot save empty clientApp") } buf, err := network.MarshalRegisteredType(cfg) if err != nil { log.Error(err) return err } log.Lvl2("Saving to", configFile) return ioutil.WriteFile(configFile, buf, 0660) }
// setup is called when you setup the password database. func setup(c *cli.Context) error { groupToml := c.Args().First() var err error t, err := readGroup(groupToml) db = &Database{ Cothority: t, } log.ErrFatal(err) b, err := network.MarshalRegisteredType(db) log.ErrFatal(err) err = ioutil.WriteFile("config.bin", b, 0660) log.ErrFatal(err) return nil }
// Copy returns a deep copy of the AccountList. func (c *Config) Copy() *Config { b, err := network.MarshalRegisteredType(c) if err != nil { log.Error("Couldn't marshal AccountList:", err) return nil } _, msg, err := network.UnmarshalRegisteredType(b, network.DefaultConstructors(network.Suite)) if err != nil { log.Error("Couldn't unmarshal AccountList:", err) } ilNew := msg.(Config) if len(ilNew.Data) == 0 { ilNew.Data = make(map[string]string) } return &ilNew }
// Separate function for testing func propagateStartAndWait(pi onet.ProtocolInstance, msg network.Body, msec int, f PropagationStore) (int, error) { d, err := network.MarshalRegisteredType(msg) if err != nil { return -1, err } protocol := pi.(*Propagate) protocol.Lock() protocol.sd.Data = d protocol.sd.Msec = msec protocol.onData = f done := make(chan int) protocol.onDoneCb = func(i int) { done <- i } protocol.Unlock() if err = protocol.Start(); err != nil { return -1, err } ret := <-done log.Lvl3("Finished propagation with", ret, "replies") return ret, nil }
func verifySchnorr(suite abstract.Suite, key abstract.Point, m interface{}) error { // Make a copy of the signature x := reflect.ValueOf(m).Elem().FieldByName("Sig") sig := reflect.New(x.Type()).Elem() sig.Set(x) // Reset signature field reflect.ValueOf(m).Elem().FieldByName("Sig").Set(reflect.ValueOf(crypto.SchnorrSig{})) // XXX: hack // Marshal message mb, err := network.MarshalRegisteredType(m) if err != nil { return err } // Copy back original signature reflect.ValueOf(m).Elem().FieldByName("Sig").Set(sig) // XXX: hack return crypto.VerifySchnorr(suite, key, mb, sig.Interface().(crypto.SchnorrSig)) }
func signSchnorr(suite abstract.Suite, key abstract.Scalar, m interface{}) error { // Reset signature field reflect.ValueOf(m).Elem().FieldByName("Sig").Set(reflect.ValueOf(crypto.SchnorrSig{})) // XXX: hack // Marshal message mb, err := network.MarshalRegisteredType(m) if err != nil { return err } // Sign message sig, err := crypto.SignSchnorr(suite, key, mb) if err != nil { return err } // Store signature reflect.ValueOf(m).Elem().FieldByName("Sig").Set(reflect.ValueOf(sig)) // XXX: hack return nil }
func (rh *RandHound) handleI2(i2 WI2) error { msg := &i2.I2 // Compute hash of the client's message msg.Sig = crypto.SchnorrSig{} // XXX: hack i2b, err := network.MarshalRegisteredType(msg) if err != nil { return err } hi2, err := crypto.HashBytes(rh.Suite().Hash(), i2b) if err != nil { return err } // Prepare data n := len(msg.EncShare) X := make([]abstract.Point, n) encShare := make([]abstract.Point, n) encProof := make([]ProofCore, n) for i := 0; i < n; i++ { X[i] = rh.Public() encShare[i] = msg.EncShare[i].Val encProof[i] = msg.EncShare[i].Proof } // Init PVSS and verify encryption consistency proof H, _ := rh.Suite().Point().Pick(nil, rh.Suite().Cipher(msg.SID)) pvss := NewPVSS(rh.Suite(), H, 0) good, bad, err := pvss.Verify(H, X, msg.PolyCommit, encShare, encProof) if err != nil { return err } // Remove bad shares for i := len(bad) - 1; i >= 0; i-- { j := bad[i] encShare = append(encShare[:j], encShare[j+1:]...) } // Decrypt good shares decShare, decProof, err := pvss.Reveal(rh.Private(), encShare) if err != nil { return err } share := make([]Share, len(encShare)) for i := 0; i < len(encShare); i++ { X[i] = rh.Public() j := good[i] share[i] = Share{ Source: msg.EncShare[j].Source, Target: msg.EncShare[j].Target, Pos: msg.EncShare[j].Pos, Val: decShare[i], Proof: decProof[i], } } r2 := &R2{ HI2: hi2, DecShare: share, } // Sign R2 and store signature in R2.Sig if err := signSchnorr(rh.Suite(), rh.Private(), r2); err != nil { return err } return rh.SendTo(rh.Root(), r2) }