func (e *TrackToken) storeRemoteTrack(ctx *Context, pubKID keybase1.KID) (err error) {
e.G().Log.Debug("+ StoreRemoteTrack")
defer func() {
e.G().Log.Debug("- StoreRemoteTrack -> %s", libkb.ErrToOk(err))
}()
// need unlocked signing key
ska := libkb.SecretKeyArg{
Me: e.arg.Me,
KeyType: libkb.DeviceSigningKeyType,
}
arg := ctx.SecretKeyPromptArg(ska, "tracking signature")
signingKey, err := e.G().Keyrings.GetSecretKeyWithPrompt(arg)
if err != nil {
return err
}
if signingKey == nil {
return libkb.NoSecretKeyError{}
}
// double-check that the KID of the unlocked key matches
if signingKey.GetKID().NotEqual(pubKID) {
return errors.New("unexpeceted KID mismatch between locked and unlocked signing key")
}
sig, sigid, err := signingKey.SignToString(e.trackStatementBytes)
if err != nil {
return err
}
_, err = e.G().API.Post(libkb.APIArg{
Endpoint: "follow",
NeedSession: true,
Args: libkb.HTTPArgs{
"sig_id_base": libkb.S{Val: sigid.ToString(false)},
"sig_id_short": libkb.S{Val: sigid.ToShortID()},
"sig": libkb.S{Val: sig},
"uid": libkb.UIDArg(e.them.GetUID()),
"type": libkb.S{Val: "track"},
"signing_kid": signingKey.GetKID(),
},
})
if err != nil {
e.G().Log.Info("api error: %s", err)
return err
}
linkid := libkb.ComputeLinkID(e.trackStatementBytes)
e.arg.Me.SigChainBump(linkid, sigid)
return err
}
func (e *TrackToken) storeRemoteTrack(ctx *Context) (err error) {
e.G().Log.Debug("+ StoreRemoteTrack")
defer func() {
e.G().Log.Debug("- StoreRemoteTrack -> %s", libkb.ErrToOk(err))
}()
var secretStore libkb.SecretStore
if e.arg.Me != nil {
e.lockedKey.SetUID(e.arg.Me.GetUID())
secretStore = libkb.NewSecretStore(e.G(), e.arg.Me.GetNormalizedName())
}
// need to unlock private key
parg := ctx.SecretKeyPromptArg(libkb.SecretKeyArg{}, "tracking signature")
e.signingKeyPriv, err = e.lockedKey.PromptAndUnlock(parg, e.lockedWhich, secretStore, nil, e.arg.Me)
if err != nil {
return err
}
if e.signingKeyPriv == nil {
return libkb.NoSecretKeyError{}
}
sig, sigid, err := e.signingKeyPriv.SignToString(e.trackStatementBytes)
if err != nil {
return err
}
_, err = e.G().API.Post(libkb.APIArg{
Endpoint: "follow",
NeedSession: true,
Args: libkb.HTTPArgs{
"sig_id_base": libkb.S{Val: sigid.ToString(false)},
"sig_id_short": libkb.S{Val: sigid.ToShortID()},
"sig": libkb.S{Val: sig},
"uid": libkb.UIDArg(e.them.GetUID()),
"type": libkb.S{Val: "track"},
"signing_kid": e.signingKeyPub.GetKID(),
},
})
if err != nil {
e.G().Log.Info("api error: %s", err)
return err
}
linkid := libkb.ComputeLinkID(e.trackStatementBytes)
e.arg.Me.SigChainBump(linkid, sigid)
return err
}
func (e *Kex2Provisionee) decodeSig(sig []byte) (*decodedSig, error) {
body, err := base64.StdEncoding.DecodeString(string(sig))
if err != nil {
return nil, err
}
packet, err := libkb.DecodePacket(body)
if err != nil {
return nil, err
}
naclSig, ok := packet.Body.(*libkb.NaclSigInfo)
if !ok {
return nil, libkb.UnmarshalError{T: "Nacl signature"}
}
jw, err := jsonw.Unmarshal(naclSig.Payload)
if err != nil {
return nil, err
}
res := decodedSig{
sigID: libkb.ComputeSigIDFromSigBody(body),
linkID: libkb.ComputeLinkID(naclSig.Payload),
}
res.seqno, err = jw.AtKey("seqno").GetInt()
if err != nil {
return nil, err
}
seldestKID, err := jw.AtPath("body.key.eldest_kid").GetString()
if err != nil {
return nil, err
}
res.eldestKID = keybase1.KIDFromString(seldestKID)
ssigningKID, err := jw.AtPath("body.key.kid").GetString()
if err != nil {
return nil, err
}
res.signingKID = keybase1.KIDFromString(ssigningKID)
return &res, nil
}
