Accueil Explorer Aide
Connexion
vvecna
/
troll-patrol
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

Add verify function for PRs, doesn't handle Lox proof verification

Vecna il y a 3 mois
Parent
e4ee46866a
commit
d971e420a2
2 fichiers modifiés avec 47 ajouts et 3 suppressions
Vue séparée Afficher les stats Diff
  1. 1 1
      Cargo.toml
  2. 46 2
      src/positive_report.rs

+ 1 - 1
Cargo.toml
Voir le fichier 

@@ -23,7 +23,7 @@ lox-library = { git = "https://gitlab.torproject.org/vecna/lox.git", version = "
 
 select = "0.6.0"
 
 serde = "1.0.195"
 
 serde_json = "1.0"
 
-serde_with = {version = "3.4.0", features = ["json"]}
 
+serde_with = {version = "3.5.0", features = ["json"]}
 
 sha1 = "0.10"
 
 sha3 = "0.10"
 
 sled = "0.34.7"

+ 46 - 2
src/positive_report.rs
Voir le fichier 

@@ -1,6 +1,13 @@
 
-use crate::{CONFIG, get_date, COUNTRY_CODES};
 
+// For Lox-related code where points are uppercase and scalars are lowercase
 
+#![allow(non_snake_case)]
 
 
-use ed25519_dalek::{Signature, Signer, SigningKey};
 
+// TODO: Make SerializableBridgeToken, check its fields while deserializing,
 
+// check that its fields match the report's fields while deserializing a report
 
+
 
+use crate::{get_date, CONFIG, COUNTRY_CODES};
 
+
 
+use curve25519_dalek::Scalar;
 
+use ed25519_dalek::{Signature, Signer, SigningKey, Verifier, VerifyingKey};
 
 use lox_library::{cred::Lox, proto::positive_report as lox_pr, IssuerPubKey};
 
 use serde::{Deserialize, Serialize};
 
 use sha1::{Digest, Sha1};
 
@@ -86,6 +93,43 @@ impl PositiveReport {
 
             Err(_) => Err(PositiveReportError::FailedToDeserialize),
 
         }
 
     }
 
+
 
+    /// Verify everything except the Lox proof.
 
+    /// Parameters:
 
+    ///   - The bucket ID for the bucket containing this bridge
 
+    ///   - The bridge verifying key for this bridge
 
+    /// These parameters are assumed to be correct and are NOT checked against
 
+    /// the fingerprint listed in the report.
 
+    pub fn verify_excluding_lox_proof(
 
+        self,
 
+        bucket: Scalar,
 
+        bridge_key: Option<VerifyingKey>,
 
+    ) -> bool {
 
+        // Verify bridge token
 
+        if CONFIG.require_bridge_token {
 
+            let bridge_token = self.bridge_token.unwrap();
 
+            if bridge_key.is_none() {
 
+                return false;
 
+            }
 
+            if bridge_key
 
+                .unwrap()
 
+                .verify(
 
+                    &bincode::serialize(&bridge_token.unsigned_bridge_token).unwrap(),
 
+                    &bridge_token.sig,
 
+                )
 
+                .is_err()
 
+            {
 
+                return false;
 
+            }
 
+        }
 
+        // Verify knowledge of bucket ID
 
+        let H = self.lox_proof.H;
 
+        let BP = self.lox_proof.BP;
 
+        if bucket * H != BP {
 
+            return false;
 
+        }
 
+        true
 
+    }
 
 }
 
 
 /// (De)serializable positive report object which must be consumed by the