records.go 2.71 KB
Newer Older
1 2 3 4 5 6
package dht

import (
	"bytes"
	"errors"
	"strings"
Jeromy's avatar
Jeromy committed
7
	"time"
8

Jeromy's avatar
Jeromy committed
9
	"code.google.com/p/go.net/context"
10
	"code.google.com/p/goprotobuf/proto"
Jeromy's avatar
Jeromy committed
11
	ci "github.com/jbenet/go-ipfs/crypto"
12 13 14 15 16 17 18 19 20 21 22 23 24 25
	"github.com/jbenet/go-ipfs/peer"
	pb "github.com/jbenet/go-ipfs/routing/dht/pb"
	u "github.com/jbenet/go-ipfs/util"
)

type ValidatorFunc func(u.Key, []byte) error

var ErrBadRecord = errors.New("bad dht record")
var ErrInvalidRecordType = errors.New("invalid record keytype")

// creates and signs a dht record for the given key/value pair
func (dht *IpfsDHT) makePutRecord(key u.Key, value []byte) (*pb.Record, error) {
	record := new(pb.Record)

Jeromy's avatar
Jeromy committed
26
	record.Key = proto.String(string(key))
27 28 29 30 31 32 33 34 35 36 37
	record.Value = value
	record.Author = proto.String(string(dht.self.ID()))
	blob := bytes.Join([][]byte{[]byte(key), value, []byte(dht.self.ID())}, []byte{})
	sig, err := dht.self.PrivKey().Sign(blob)
	if err != nil {
		return nil, err
	}
	record.Signature = sig
	return record, nil
}

Jeromy's avatar
Jeromy committed
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
func (dht *IpfsDHT) getPublicKey(pid peer.ID) (ci.PubKey, error) {
	log.Debug("getPublicKey for: %s", pid)
	p, err := dht.peerstore.Get(pid)
	if err == nil {
		return p.PubKey(), nil
	}

	log.Debug("not in peerstore, searching dht.")
	ctxT, _ := context.WithTimeout(dht.ContextCloser.Context(), time.Second*5)
	val, err := dht.GetValue(ctxT, u.Key("/pk/"+string(pid)))
	if err != nil {
		log.Warning("Failed to find requested public key.")
		return nil, err
	}

	pubkey, err := ci.UnmarshalPublicKey(val)
	if err != nil {
		log.Errorf("Failed to unmarshal public key: %s", err)
		return nil, err
	}
	return pubkey, nil
}

61 62 63 64 65 66
func (dht *IpfsDHT) verifyRecord(r *pb.Record) error {
	// First, validate the signature
	p, err := dht.peerstore.Get(peer.ID(r.GetAuthor()))
	if err != nil {
		return err
	}
Jeromy's avatar
Jeromy committed
67
	k := u.Key(r.GetKey())
68

Jeromy's avatar
Jeromy committed
69
	blob := bytes.Join([][]byte{[]byte(k),
70
		r.GetValue(),
Jeromy's avatar
Jeromy committed
71
		[]byte(r.GetAuthor())}, []byte{})
72 73 74

	ok, err := p.PubKey().Verify(blob, r.GetSignature())
	if err != nil {
Jeromy's avatar
Jeromy committed
75
		log.Error("Signature verify failed.")
76 77 78 79 80 81 82 83 84
		return err
	}

	if !ok {
		return ErrBadRecord
	}

	// Now, check validity func
	parts := strings.Split(r.GetKey(), "/")
Jeromy's avatar
Jeromy committed
85 86
	if len(parts) < 3 {
		log.Errorf("Record had bad key: %s", u.Key(r.GetKey()))
87 88 89
		return ErrBadRecord
	}

Jeromy's avatar
Jeromy committed
90
	fnc, ok := dht.Validators[parts[1]]
91
	if !ok {
Jeromy's avatar
Jeromy committed
92
		log.Errorf("Unrecognized key prefix: %s", parts[1])
93 94 95 96 97
		return ErrInvalidRecordType
	}

	return fnc(u.Key(r.GetKey()), r.GetValue())
}
98 99 100 101 102 103 104

func ValidateIpnsRecord(k u.Key, val []byte) error {
	// TODO:
	return nil
}

func ValidatePublicKeyRecord(k u.Key, val []byte) error {
Jeromy's avatar
Jeromy committed
105 106 107 108 109 110 111 112 113
	keyparts := bytes.Split([]byte(k), []byte("/"))
	if len(keyparts) < 3 {
		return errors.New("invalid key")
	}

	pkh := u.Hash(val)
	if !bytes.Equal(keyparts[2], pkh) {
		return errors.New("public key does not match storage key")
	}
114 115
	return nil
}