func (e *TrackToken) storeRemoteTrack(ctx *Context, pubKID keybase1.KID) (err error) { e.G().Log.Debug("+ StoreRemoteTrack") defer func() { e.G().Log.Debug("- StoreRemoteTrack -> %s", libkb.ErrToOk(err)) }() // need unlocked signing key ska := libkb.SecretKeyArg{ Me: e.arg.Me, KeyType: libkb.DeviceSigningKeyType, } arg := ctx.SecretKeyPromptArg(ska, "tracking signature") signingKey, err := e.G().Keyrings.GetSecretKeyWithPrompt(arg) if err != nil { return err } if signingKey == nil { return libkb.NoSecretKeyError{} } // double-check that the KID of the unlocked key matches if signingKey.GetKID().NotEqual(pubKID) { return errors.New("unexpeceted KID mismatch between locked and unlocked signing key") } sig, sigid, err := signingKey.SignToString(e.trackStatementBytes) if err != nil { return err } _, err = e.G().API.Post(libkb.APIArg{ Endpoint: "follow", NeedSession: true, Args: libkb.HTTPArgs{ "sig_id_base": libkb.S{Val: sigid.ToString(false)}, "sig_id_short": libkb.S{Val: sigid.ToShortID()}, "sig": libkb.S{Val: sig}, "uid": libkb.UIDArg(e.them.GetUID()), "type": libkb.S{Val: "track"}, "signing_kid": signingKey.GetKID(), }, }) if err != nil { e.G().Log.Info("api error: %s", err) return err } linkid := libkb.ComputeLinkID(e.trackStatementBytes) e.arg.Me.SigChainBump(linkid, sigid) return err }
func (e *TrackToken) storeRemoteTrack(ctx *Context) (err error) { e.G().Log.Debug("+ StoreRemoteTrack") defer func() { e.G().Log.Debug("- StoreRemoteTrack -> %s", libkb.ErrToOk(err)) }() var secretStore libkb.SecretStore if e.arg.Me != nil { e.lockedKey.SetUID(e.arg.Me.GetUID()) secretStore = libkb.NewSecretStore(e.G(), e.arg.Me.GetNormalizedName()) } // need to unlock private key parg := ctx.SecretKeyPromptArg(libkb.SecretKeyArg{}, "tracking signature") e.signingKeyPriv, err = e.lockedKey.PromptAndUnlock(parg, e.lockedWhich, secretStore, nil, e.arg.Me) if err != nil { return err } if e.signingKeyPriv == nil { return libkb.NoSecretKeyError{} } sig, sigid, err := e.signingKeyPriv.SignToString(e.trackStatementBytes) if err != nil { return err } _, err = e.G().API.Post(libkb.APIArg{ Endpoint: "follow", NeedSession: true, Args: libkb.HTTPArgs{ "sig_id_base": libkb.S{Val: sigid.ToString(false)}, "sig_id_short": libkb.S{Val: sigid.ToShortID()}, "sig": libkb.S{Val: sig}, "uid": libkb.UIDArg(e.them.GetUID()), "type": libkb.S{Val: "track"}, "signing_kid": e.signingKeyPub.GetKID(), }, }) if err != nil { e.G().Log.Info("api error: %s", err) return err } linkid := libkb.ComputeLinkID(e.trackStatementBytes) e.arg.Me.SigChainBump(linkid, sigid) return err }
func (e *Kex2Provisionee) decodeSig(sig []byte) (*decodedSig, error) { body, err := base64.StdEncoding.DecodeString(string(sig)) if err != nil { return nil, err } packet, err := libkb.DecodePacket(body) if err != nil { return nil, err } naclSig, ok := packet.Body.(*libkb.NaclSigInfo) if !ok { return nil, libkb.UnmarshalError{T: "Nacl signature"} } jw, err := jsonw.Unmarshal(naclSig.Payload) if err != nil { return nil, err } res := decodedSig{ sigID: libkb.ComputeSigIDFromSigBody(body), linkID: libkb.ComputeLinkID(naclSig.Payload), } res.seqno, err = jw.AtKey("seqno").GetInt() if err != nil { return nil, err } seldestKID, err := jw.AtPath("body.key.eldest_kid").GetString() if err != nil { return nil, err } res.eldestKID = keybase1.KIDFromString(seldestKID) ssigningKID, err := jw.AtPath("body.key.kid").GetString() if err != nil { return nil, err } res.signingKID = keybase1.KIDFromString(ssigningKID) return &res, nil }