mirror of
https://github.com/matrix-construct/construct
synced 2024-12-11 08:02:59 +01:00
547 lines
10 KiB
C++
547 lines
10 KiB
C++
|
/*
|
||
|
* Copyright (C) 2016 Charybdis Development Team
|
||
|
* Copyright (C) 2016 Jason Volk <jason@zemos.net>
|
||
|
*
|
||
|
* Permission to use, copy, modify, and/or distribute this software for any
|
||
|
* purpose with or without fee is hereby granted, provided that the above
|
||
|
* copyright notice and this permission notice is present in all copies.
|
||
|
*
|
||
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
||
|
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||
|
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||
|
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
|
||
|
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
||
|
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
||
|
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
||
|
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||
|
* POSSIBILITY OF SUCH DAMAGE.
|
||
|
*/
|
||
|
|
||
|
#include <ircd/m/m.h>
|
||
|
|
||
|
const ircd::m::room::id::buf
|
||
|
keys_room_id
|
||
|
{
|
||
|
"keys", ircd::my_host()
|
||
|
};
|
||
|
|
||
|
/// The keys room is where the public key data for each server is stored as
|
||
|
/// state indexed by the server name.
|
||
|
ircd::m::room
|
||
|
ircd::m::keys::room
|
||
|
{
|
||
|
keys_room_id
|
||
|
};
|
||
|
|
||
|
ircd::ed25519::sk
|
||
|
ircd::m::self::secret_key
|
||
|
{};
|
||
|
|
||
|
ircd::ed25519::pk
|
||
|
ircd::m::self::public_key
|
||
|
{};
|
||
|
|
||
|
std::string
|
||
|
ircd::m::self::public_key_b64
|
||
|
{};
|
||
|
|
||
|
std::string
|
||
|
ircd::m::self::public_key_id
|
||
|
{};
|
||
|
|
||
|
std::string
|
||
|
ircd::m::self::tls_cert_der
|
||
|
{};
|
||
|
|
||
|
std::string
|
||
|
ircd::m::self::tls_cert_der_sha256_b64
|
||
|
{};
|
||
|
|
||
|
//
|
||
|
// init
|
||
|
//
|
||
|
|
||
|
ircd::m::keys::init::init(const json::object &conf)
|
||
|
:conf{conf}
|
||
|
{
|
||
|
certificate();
|
||
|
signing();
|
||
|
}
|
||
|
|
||
|
ircd::m::keys::init::~init()
|
||
|
noexcept
|
||
|
{
|
||
|
}
|
||
|
|
||
|
void
|
||
|
ircd::m::keys::init::certificate()
|
||
|
{
|
||
|
const std::string cert_file
|
||
|
{
|
||
|
unquote(conf.at("tls_certificate_path"))
|
||
|
};
|
||
|
|
||
|
if(!fs::exists(cert_file))
|
||
|
throw fs::error("Failed to find SSL certificate @ `%s'", cert_file);
|
||
|
|
||
|
const auto cert_pem
|
||
|
{
|
||
|
fs::read(cert_file)
|
||
|
};
|
||
|
|
||
|
const unique_buffer<mutable_raw_buffer> der_buf
|
||
|
{
|
||
|
8_KiB
|
||
|
};
|
||
|
|
||
|
const auto cert_der
|
||
|
{
|
||
|
openssl::cert2d(der_buf, cert_pem)
|
||
|
};
|
||
|
|
||
|
const fixed_buffer<const_raw_buffer, crh::sha256::digest_size> hash
|
||
|
{
|
||
|
sha256{cert_der}
|
||
|
};
|
||
|
|
||
|
self::tls_cert_der_sha256_b64 =
|
||
|
{
|
||
|
b64encode_unpadded(hash)
|
||
|
};
|
||
|
|
||
|
log.info("Certificate `%s' (PEM: %zu bytes; DER: %zu bytes) sha256b64: %s",
|
||
|
cert_file,
|
||
|
cert_pem.size(),
|
||
|
ircd::size(cert_der),
|
||
|
self::tls_cert_der_sha256_b64);
|
||
|
}
|
||
|
|
||
|
void
|
||
|
ircd::m::keys::init::signing()
|
||
|
{
|
||
|
const std::string sk_file
|
||
|
{
|
||
|
unquote(conf.get("signing_key_path", "construct.sk"))
|
||
|
};
|
||
|
|
||
|
if(fs::exists(sk_file))
|
||
|
log.info("Using ed25519 secret key @ `%s'", sk_file);
|
||
|
else
|
||
|
log.notice("Creating new ed25519 secret key @ `%s'", sk_file);
|
||
|
|
||
|
self::secret_key = ed25519::sk
|
||
|
{
|
||
|
sk_file, &self::public_key
|
||
|
};
|
||
|
|
||
|
self::public_key_b64 = b64encode_unpadded(self::public_key);
|
||
|
const fixed_buffer<const_raw_buffer, sha256::digest_size> hash
|
||
|
{
|
||
|
sha256{const_raw_buffer{self::public_key}}
|
||
|
};
|
||
|
|
||
|
const auto public_key_hash_b64
|
||
|
{
|
||
|
b64encode_unpadded(hash)
|
||
|
};
|
||
|
|
||
|
self::public_key_id = fmt::snstringf
|
||
|
{
|
||
|
BUFSIZE, "ed25519:%s", public_key_hash_b64
|
||
|
};
|
||
|
|
||
|
log.info("Current key is '%s' and the public key is: %s",
|
||
|
self::public_key_id,
|
||
|
self::public_key_b64);
|
||
|
}
|
||
|
|
||
|
void
|
||
|
ircd::m::keys::init::bootstrap()
|
||
|
{
|
||
|
create(keys::room, me.user_id);
|
||
|
send(keys::room, me.user_id, "m.room.name", "",
|
||
|
{
|
||
|
{ "name", "Key Room" }
|
||
|
});
|
||
|
|
||
|
const json::strung verify_keys
|
||
|
{
|
||
|
json::members
|
||
|
{{
|
||
|
string_view{self::public_key_id},
|
||
|
{
|
||
|
{ "key", self::public_key_b64 }
|
||
|
}
|
||
|
}}
|
||
|
};
|
||
|
|
||
|
keys my_key;
|
||
|
json::get<"verify_keys"_>(my_key) = verify_keys;
|
||
|
json::get<"server_name"_>(my_key) = my_host();
|
||
|
json::get<"old_verify_keys"_>(my_key) = "{}";
|
||
|
json::get<"valid_until_ts"_>(my_key) = ircd::time<milliseconds>() + duration_cast<milliseconds>(hours(2160)).count();
|
||
|
|
||
|
const json::members tlsfps
|
||
|
{
|
||
|
{ "sha256", self::tls_cert_der_sha256_b64 }
|
||
|
};
|
||
|
|
||
|
const json::value tlsfp[1]
|
||
|
{
|
||
|
{ tlsfps }
|
||
|
};
|
||
|
|
||
|
const json::strung tls_fingerprints{json::value
|
||
|
{
|
||
|
tlsfp, 1
|
||
|
}};
|
||
|
|
||
|
json::get<"tls_fingerprints"_>(my_key) = tls_fingerprints;
|
||
|
|
||
|
const auto presig
|
||
|
{
|
||
|
json::strung(my_key)
|
||
|
};
|
||
|
|
||
|
const ed25519::sig sig
|
||
|
{
|
||
|
self::secret_key.sign(const_raw_buffer{presig})
|
||
|
};
|
||
|
|
||
|
static char signature[256];
|
||
|
const json::strung signatures{json::members
|
||
|
{
|
||
|
{ my_host(), json::members
|
||
|
{
|
||
|
{ string_view{self::public_key_id}, b64encode_unpadded(signature, sig) }
|
||
|
}}
|
||
|
}};
|
||
|
|
||
|
json::get<"signatures"_>(my_key) = signatures;
|
||
|
keys::set(my_key);
|
||
|
}
|
||
|
|
||
|
//
|
||
|
// keys
|
||
|
//
|
||
|
|
||
|
void
|
||
|
ircd::m::keys::get(const string_view &server_name,
|
||
|
const string_view &key_id,
|
||
|
const key_closure &closure)
|
||
|
try
|
||
|
{
|
||
|
get(server_name, [&key_id, &closure](const keys &keys)
|
||
|
{
|
||
|
const json::object vks
|
||
|
{
|
||
|
at<"verify_keys"_>(keys)
|
||
|
};
|
||
|
|
||
|
const json::object vkk
|
||
|
{
|
||
|
vks.at(key_id)
|
||
|
};
|
||
|
|
||
|
// The key is not unquote() because some types of keys may be
|
||
|
// more complex than just a string one day; think: RLWE.
|
||
|
const string_view &key
|
||
|
{
|
||
|
vkk.at("key")
|
||
|
};
|
||
|
|
||
|
closure(key);
|
||
|
});
|
||
|
}
|
||
|
catch(const json::not_found &e)
|
||
|
{
|
||
|
throw m::NOT_FOUND
|
||
|
{
|
||
|
"Failed to find key '%s' for '%s': %s",
|
||
|
key_id,
|
||
|
server_name,
|
||
|
e.what()
|
||
|
};
|
||
|
}
|
||
|
|
||
|
void
|
||
|
ircd::m::keys::get(const string_view &server_name,
|
||
|
const keys_closure &closure)
|
||
|
{
|
||
|
assert(!server_name.empty());
|
||
|
|
||
|
if(get_local(server_name, closure))
|
||
|
return;
|
||
|
|
||
|
if(server_name == my_host())
|
||
|
throw m::NOT_FOUND
|
||
|
{
|
||
|
"keys for '%s' (that's myself) not found", server_name
|
||
|
};
|
||
|
|
||
|
log.debug("Keys for %s not cached; querying network...",
|
||
|
server_name);
|
||
|
|
||
|
char url[1024]; const auto url_len
|
||
|
{
|
||
|
fmt::snprintf(url, sizeof(url), "_matrix/key/v2/server/")
|
||
|
};
|
||
|
|
||
|
//TODO: XXX
|
||
|
const unique_buffer<mutable_buffer> buffer
|
||
|
{
|
||
|
8192
|
||
|
};
|
||
|
|
||
|
ircd::parse::buffer pb{mutable_buffer{buffer}};
|
||
|
m::request request{"GET", url, {}, {}};
|
||
|
m::session session{server_name};
|
||
|
const json::object response
|
||
|
{
|
||
|
session(pb, request)
|
||
|
};
|
||
|
|
||
|
const m::keys &keys
|
||
|
{
|
||
|
response
|
||
|
};
|
||
|
|
||
|
if(!verify(keys))
|
||
|
throw m::error
|
||
|
{
|
||
|
http::UNAUTHORIZED, "M_INVALID_SIGNATURE",
|
||
|
"Failed to verify keys for '%s'", server_name
|
||
|
};
|
||
|
|
||
|
log.debug("Verified keys from '%s'",
|
||
|
server_name);
|
||
|
|
||
|
set(keys);
|
||
|
closure(keys);
|
||
|
}
|
||
|
|
||
|
void
|
||
|
ircd::m::keys::get(const string_view &server_name,
|
||
|
const string_view &key_id,
|
||
|
const string_view &query_server,
|
||
|
const keys_closure &closure)
|
||
|
try
|
||
|
{
|
||
|
assert(!server_name.empty());
|
||
|
assert(!query_server.empty());
|
||
|
|
||
|
char key_id_buf[1024];
|
||
|
char server_name_buf[1024];
|
||
|
char url[1024]; const auto url_len
|
||
|
{
|
||
|
fmt::snprintf(url, sizeof(url), "_matrix/key/v2/query/%s/%s/",
|
||
|
url::encode(server_name, server_name_buf),
|
||
|
url::encode(key_id, key_id_buf))
|
||
|
};
|
||
|
|
||
|
//TODO: XXX
|
||
|
const unique_buffer<mutable_buffer> buffer
|
||
|
{
|
||
|
8192
|
||
|
};
|
||
|
|
||
|
// Make request and receive response synchronously.
|
||
|
// This ircd::ctx will block here fetching.
|
||
|
ircd::parse::buffer pb{mutable_buffer{buffer}};
|
||
|
m::request request{"GET", url, {}, {}};
|
||
|
m::session session{server_name};
|
||
|
const json::object response
|
||
|
{
|
||
|
session(pb, request)
|
||
|
};
|
||
|
|
||
|
const json::array &keys
|
||
|
{
|
||
|
response.at("server_keys")
|
||
|
};
|
||
|
|
||
|
log::debug("Fetched %zu candidate keys seeking '%s' for '%s' from '%s' (%s)",
|
||
|
keys.count(),
|
||
|
empty(key_id)? "*" : key_id,
|
||
|
server_name,
|
||
|
query_server,
|
||
|
string(net::remote(session.server)));
|
||
|
|
||
|
bool ret{false};
|
||
|
for(auto it(begin(keys)); it != end(keys); ++it)
|
||
|
{
|
||
|
const m::keys &keys{*it};
|
||
|
const auto &_server_name
|
||
|
{
|
||
|
at<"server_name"_>(keys)
|
||
|
};
|
||
|
|
||
|
if(!verify(keys))
|
||
|
throw m::error
|
||
|
{
|
||
|
http::UNAUTHORIZED, "M_INVALID_SIGNATURE",
|
||
|
"Failed to verify keys for '%s' from '%s'",
|
||
|
_server_name,
|
||
|
query_server
|
||
|
};
|
||
|
|
||
|
log.debug("Verified keys for '%s' from '%s'",
|
||
|
_server_name,
|
||
|
query_server);
|
||
|
|
||
|
set(keys);
|
||
|
const json::object vks{json::get<"verify_keys"_>(keys)};
|
||
|
if(_server_name == server_name)
|
||
|
{
|
||
|
closure(keys);
|
||
|
ret = true;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
if(!ret)
|
||
|
throw m::NOT_FOUND
|
||
|
{
|
||
|
"Failed to get any keys for '%s' from '%s' (got %zu total keys otherwise)",
|
||
|
server_name,
|
||
|
query_server,
|
||
|
keys.count()
|
||
|
};
|
||
|
}
|
||
|
catch(const json::not_found &e)
|
||
|
{
|
||
|
throw m::NOT_FOUND
|
||
|
{
|
||
|
"Failed to find key '%s' for '%s' when querying '%s': %s",
|
||
|
key_id,
|
||
|
server_name,
|
||
|
query_server,
|
||
|
e.what()
|
||
|
};
|
||
|
}
|
||
|
|
||
|
bool
|
||
|
ircd::m::keys::get_local(const string_view &server_name,
|
||
|
const keys_closure &closure)
|
||
|
{
|
||
|
const m::vm::query<m::vm::where::equal> query
|
||
|
{
|
||
|
{ "room_id", keys::room.room_id },
|
||
|
{ "type", "ircd.key" },
|
||
|
{ "state_key", server_name },
|
||
|
};
|
||
|
|
||
|
const auto have
|
||
|
{
|
||
|
[&closure](const auto &event)
|
||
|
{
|
||
|
closure(json::get<"content"_>(event));
|
||
|
return true;
|
||
|
}
|
||
|
};
|
||
|
|
||
|
return m::vm::test(query, have);
|
||
|
}
|
||
|
|
||
|
void
|
||
|
ircd::m::keys::set(const keys &keys)
|
||
|
{
|
||
|
const auto &state_key
|
||
|
{
|
||
|
unquote(at<"server_name"_>(keys))
|
||
|
};
|
||
|
|
||
|
const m::user::id::buf sender
|
||
|
{
|
||
|
"ircd", unquote(at<"server_name"_>(keys))
|
||
|
};
|
||
|
|
||
|
const json::strung content
|
||
|
{
|
||
|
keys
|
||
|
};
|
||
|
|
||
|
json::iov event;
|
||
|
json::iov::push members[]
|
||
|
{
|
||
|
{ event, { "type", "ircd.key" }},
|
||
|
{ event, { "state_key", state_key }},
|
||
|
{ event, { "sender", sender }},
|
||
|
{ event, { "content", content }}
|
||
|
};
|
||
|
|
||
|
keys::room.send(event);
|
||
|
}
|
||
|
|
||
|
/// Verify this key data (with itself).
|
||
|
bool
|
||
|
ircd::m::keys::verify(const keys &keys)
|
||
|
noexcept try
|
||
|
{
|
||
|
const auto &valid_until_ts
|
||
|
{
|
||
|
at<"valid_until_ts"_>(keys)
|
||
|
};
|
||
|
|
||
|
if(valid_until_ts < ircd::time<milliseconds>())
|
||
|
throw ircd::error("Key was valid until %s", timestr(valid_until_ts));
|
||
|
|
||
|
const json::object &verify_keys
|
||
|
{
|
||
|
at<"verify_keys"_>(keys)
|
||
|
};
|
||
|
|
||
|
const string_view &key_id
|
||
|
{
|
||
|
begin(verify_keys)->first
|
||
|
};
|
||
|
|
||
|
const json::object &key
|
||
|
{
|
||
|
begin(verify_keys)->second
|
||
|
};
|
||
|
|
||
|
const ed25519::pk pk
|
||
|
{
|
||
|
[&key](auto &pk)
|
||
|
{
|
||
|
b64decode(pk, unquote(key.at("key")));
|
||
|
}
|
||
|
};
|
||
|
|
||
|
const json::object &signatures
|
||
|
{
|
||
|
at<"signatures"_>(keys)
|
||
|
};
|
||
|
|
||
|
const string_view &server_name
|
||
|
{
|
||
|
unquote(at<"server_name"_>(keys))
|
||
|
};
|
||
|
|
||
|
const json::object &server_signatures
|
||
|
{
|
||
|
signatures.at(server_name)
|
||
|
};
|
||
|
|
||
|
const ed25519::sig sig{[&server_signatures, &key_id](auto &sig)
|
||
|
{
|
||
|
b64decode(sig, unquote(server_signatures.at(key_id)));
|
||
|
}};
|
||
|
|
||
|
///TODO: XXX
|
||
|
m::keys copy{keys};
|
||
|
at<"signatures"_>(copy) = string_view{};
|
||
|
const json::strung preimage{copy};
|
||
|
return pk.verify(const_raw_buffer{preimage}, sig);
|
||
|
}
|
||
|
catch(const std::exception &e)
|
||
|
{
|
||
|
log.error("key verification for '%s' failed: %s",
|
||
|
json::get<"server_name"_>(keys, "<no server name>"_sv),
|
||
|
e.what());
|
||
|
|
||
|
return false;
|
||
|
}
|