Mirrors/overte
3
0
Fork 0
mirror of https://github.com/overte-org/overte.git synced 2025-08-04 17:00:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Final ECSDA and nonce modifications for this dev cycle

Browse source
This commit is contained in:
H Q 2017-11-14 15:40:29 -08:00
parent f997ad4628
commit 44f2c92d30
5 changed files with 113 additions and 109 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

71
interface/src/commerce/Wallet.cpp
View file

@ -27,7 +27,6 @@
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rsa.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/evp.h>
@ -552,7 +551,7 @@ QString Wallet::signWithKey(const QByteArray& text, const QString& key) {
QByteArray hashedPlaintext = QCryptographicHash::hash(text, QCryptographicHash::Sha256);
int encryptReturn = ECDSA_sign(0,
int Return = ECDSA_sign(0,
reinterpret_cast<const unsigned char*>(hashedPlaintext.constData()),
hashedPlaintext.size(),
reinterpret_cast<unsigned char*>(signature.data()),
@ -569,7 +568,7 @@ QString Wallet::signWithKey(const QByteArray& text, const QString& key) {
// free the private key RSA struct now that we are done with it
EC_KEY_free(ecPrivateKey);
if (encryptReturn != -1) {
if (Return != -1) {
return signature.toBase64();
}
}
@ -719,20 +718,20 @@ void Wallet::handleChallengeOwnershipPacket(QSharedPointer<ReceivedMessage> pack
bool challengeOriginatedFromClient = packet->getType() == PacketType::ChallengeOwnershipRequest;
//unsigned char decryptedText[64];
int decryptionStatus;
int Status;
int certIDByteArraySize;
int encryptedTextByteArraySize;
int TextByteArraySize;
int challengingNodeUUIDByteArraySize;
packet->readPrimitive(&certIDByteArraySize);
packet->readPrimitive(&encryptedTextByteArraySize); //rerturns a cast char*, size
packet->readPrimitive(&TextByteArraySize); //rerturns a cast char*, size
if (challengeOriginatedFromClient) {
packet->readPrimitive(&challengingNodeUUIDByteArraySize);
}
//"encryptedText" is now a series of random bytes, a nonce
QByteArray certID = packet->read(certIDByteArraySize);
QByteArray encryptedText = packet->read(encryptedTextByteArraySize);
QByteArray Text = packet->read(TextByteArraySize);
QByteArray challengingNodeUUID;
if (challengeOriginatedFromClient) {
challengingNodeUUID = packet->read(challengingNodeUUIDByteArraySize);
@ -742,10 +741,10 @@ void Wallet::handleChallengeOwnershipPacket(QSharedPointer<ReceivedMessage> pack
QString sig;
// int decryptionStatus = -1;
if (ec) {
if (ec) {
ERR_clear_error();
sig = signWithKey(encryptedText, ""); //base64 signature, QByteArray cast
//upon return to QString
sig = signWithKey(Text, ""); //base64 signature, QByteArray cast
//upon return to QString
// decryptionStatus = RSA_private_decrypt(encryptedTextByteArraySize,
// reinterpret_cast<const unsigned char*>(encryptedText.constData()),
@ -753,52 +752,52 @@ void Wallet::handleChallengeOwnershipPacket(QSharedPointer<ReceivedMessage> pack
// ec,
// RSA_PKCS1_OAEP_PADDING);
EC_KEY_free(ec);
decryptionStatus = 1;
// EC_KEY_free(ec);
Status = 1;
} else {
qCDebug(commerce) << "During entity ownership challenge, creating the EC-signed nonce failed.";
decryptionStatus = -1;
Status = -1;
}
QByteArray ba = sig.toLocal8Bit();
const char *sigChar = ba.data();
QByteArray decryptedTextByteArray;
if (decryptionStatus > -1) {
decryptedTextByteArray = QByteArray(sigChar, decryptionStatus);
}
int decryptedTextByteArraySize = decryptedTextByteArray.size();
QByteArray TextByteArray;
// if (decryptionStatus > -1) {
TextByteArray = QByteArray(sigChar, Status);
//}
TextByteArraySize = TextByteArray.size();
int certIDSize = certID.size();
// setup the packet
if (challengeOriginatedFromClient) {
auto decryptedTextPacket = NLPacket::create(PacketType::ChallengeOwnershipReply,
certIDSize + decryptedTextByteArraySize + challengingNodeUUIDByteArraySize + 3 * sizeof(int),
auto TextPacket = NLPacket::create(PacketType::ChallengeOwnershipReply,
certIDSize + TextByteArraySize + challengingNodeUUIDByteArraySize + 3 * sizeof(int),
true);
decryptedTextPacket->writePrimitive(certIDSize);
decryptedTextPacket->writePrimitive(decryptedTextByteArraySize);
decryptedTextPacket->writePrimitive(challengingNodeUUIDByteArraySize);
decryptedTextPacket->write(certID);
decryptedTextPacket->write(decryptedTextByteArray);
decryptedTextPacket->write(challengingNodeUUID);
TextPacket->writePrimitive(certIDSize);
TextPacket->writePrimitive(TextByteArraySize);
TextPacket->writePrimitive(challengingNodeUUIDByteArraySize);
TextPacket->write(certID);
TextPacket->write(TextByteArray);
TextPacket->write(challengingNodeUUID);
qCDebug(commerce) << "Sending ChallengeOwnershipReply Packet containing signed text" << decryptedTextByteArray << "for CertID" << certID;
qCDebug(commerce) << "Sending ChallengeOwnershipReply Packet containing signed text" << TextByteArray << "for CertID" << certID;
nodeList->sendPacket(std::move(decryptedTextPacket), *sendingNode);
nodeList->sendPacket(std::move(TextPacket), *sendingNode);
} else {
auto decryptedTextPacket = NLPacket::create(PacketType::ChallengeOwnership, certIDSize + decryptedTextByteArraySize + 2 * sizeof(int), true);
auto TextPacket = NLPacket::create(PacketType::ChallengeOwnership, certIDSize + TextByteArraySize + 2 * sizeof(int), true);
decryptedTextPacket->writePrimitive(certIDSize);
decryptedTextPacket->writePrimitive(decryptedTextByteArraySize);
decryptedTextPacket->write(certID);
decryptedTextPacket->write(decryptedTextByteArray);
TextPacket->writePrimitive(certIDSize);
TextPacket->writePrimitive(TextByteArraySize);
TextPacket->write(certID);
TextPacket->write(TextByteArray);
qCDebug(commerce) << "Sending ChallengeOwnership Packet containing signed text" << decryptedTextByteArray << "for CertID" << certID;
qCDebug(commerce) << "Sending ChallengeOwnership Packet containing signed text" << TextByteArray << "for CertID" << certID;
nodeList->sendPacket(std::move(decryptedTextPacket), *sendingNode);
nodeList->sendPacket(std::move(TextPacket), *sendingNode);
}
if (decryptionStatus == -1) {
if (Status == -1) {
qCDebug(commerce) << "During entity ownership challenge, signing the text failed.";
long error = ERR_get_error();
if (error != 0) {

18
interface/src/ui/overlays/ContextOverlayInterface.cpp
View file

@ -311,21 +311,21 @@ void ContextOverlayInterface::openInspectionCertificate() {
QString ownerKey = jsonObject["transfer_recipient_key"].toString();
QByteArray certID = entityProperties.getCertificateID().toUtf8();
QByteArray encryptedText = DependencyManager::get<EntityTreeRenderer>()->getTree()->computeEncryptedNonce(certID, ownerKey);
QByteArray Text = DependencyManager::get<EntityTreeRenderer>()->getTree()->computeNonce(certID, ownerKey);
QByteArray nodeToChallengeByteArray = entityProperties.getOwningAvatarID().toRfc4122();
int certIDByteArraySize = certID.length();
int encryptedTextByteArraySize = encryptedText.length();
int TextByteArraySize = Text.length();
int nodeToChallengeByteArraySize = nodeToChallengeByteArray.length();
auto challengeOwnershipPacket = NLPacket::create(PacketType::ChallengeOwnershipRequest,
certIDByteArraySize + encryptedTextByteArraySize + nodeToChallengeByteArraySize + 3 * sizeof(int),
certIDByteArraySize + TextByteArraySize + nodeToChallengeByteArraySize + 3 * sizeof(int),
true);
challengeOwnershipPacket->writePrimitive(certIDByteArraySize);
challengeOwnershipPacket->writePrimitive(encryptedTextByteArraySize);
challengeOwnershipPacket->writePrimitive(TextByteArraySize);
challengeOwnershipPacket->writePrimitive(nodeToChallengeByteArraySize);
challengeOwnershipPacket->write(certID);
challengeOwnershipPacket->write(encryptedText);
challengeOwnershipPacket->write(Text);
challengeOwnershipPacket->write(nodeToChallengeByteArray);
nodeList->sendPacket(std::move(challengeOwnershipPacket), *entityServer);
@ -406,16 +406,16 @@ void ContextOverlayInterface::handleChallengeOwnershipReplyPacket(QSharedPointer
_challengeOwnershipTimeoutTimer.stop();
int certIDByteArraySize;
int decryptedTextByteArraySize;
int TextByteArraySize;
packet->readPrimitive(&certIDByteArraySize);
packet->readPrimitive(&decryptedTextByteArraySize);
packet->readPrimitive(&TextByteArraySize);
QString certID(packet->read(certIDByteArraySize));
QString decryptedText(packet->read(decryptedTextByteArraySize));
QString Text(packet->read(TextByteArraySize));
EntityItemID id;
bool verificationSuccess = DependencyManager::get<EntityTreeRenderer>()->getTree()->verifyDecryptedNonce(certID, decryptedText, id);
bool verificationSuccess = DependencyManager::get<EntityTreeRenderer>()->getTree()->verifyNonce(certID, Text, id);
if (verificationSuccess) {
emit ledger->updateCertificateStatus(certID, (uint)(ledger->CERTIFICATE_STATUS_VERIFICATION_SUCCESS));

23
libraries/entities/src/EntityItemProperties.cpp
View file

@ -15,14 +15,14 @@
#include <QtCore/QJsonDocument>
#include <openssl/err.h>
#include <openssl/rsa.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
#include <NetworkingConstants.h>
#include <NetworkAccessManager.h>
#include <QtNetwork/QNetworkReply>
#include <QtNetwork/QNetworkRequest>
#include <openssl/ecdsa.h>
#include <ByteCountCoding.h>
#include <GLMHelpers.h>
#include <RegisteredMetaTypes.h>
@ -2531,8 +2531,8 @@ bool EntityItemProperties::verifyStaticCertificateProperties() {
BIO *bio = BIO_new_mem_buf((void*)marketplacePublicKey, marketplacePublicKeyLength);
EVP_PKEY* evp_key = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
if (evp_key) {
RSA* rsa = EVP_PKEY_get1_RSA(evp_key);
if (rsa) {
EC_KEY* ec = EVP_PKEY_get1_EC_KEY(evp_key);
if (ec) {
const QByteArray digestByteArray = getStaticCertificateHash();
const unsigned char* digest = reinterpret_cast<const unsigned char*>(digestByteArray.constData());
int digestLength = digestByteArray.length();
@ -2542,22 +2542,25 @@ bool EntityItemProperties::verifyStaticCertificateProperties() {
int signatureLength = signatureByteArray.length();
ERR_clear_error();
bool answer = RSA_verify(NID_sha256,
//ECSDA verification prototype: note that type is currently ignored
//int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
// const unsigned char *sig, int siglen, EC_KEY *eckey);
bool answer = ECDSA_verify(0,
digest,
digestLength,
signature,
signatureLength,
rsa);
ec);
long error = ERR_get_error();
if (error != 0) {
const char* error_str = ERR_error_string(error, NULL);
qCWarning(entities) << "ERROR while verifying static certificate properties! RSA error:" << error_str
qCWarning(entities) << "ERROR while verifying static certificate properties! EC error:" << error_str
<< "\nStatic Cert JSON:" << getStaticCertificateJSON()
<< "\nKey:" << EntityItem::_marketplacePublicKey << "\nKey Length:" << marketplacePublicKeyLength
<< "\nDigest:" << digest << "\nDigest Length:" << digestLength
<< "\nSignature:" << signature << "\nSignature Length:" << signatureLength;
}
RSA_free(rsa);
EC_KEY_free(ec);
if (bio) {
BIO_free(bio);
}
@ -2574,7 +2577,7 @@ bool EntityItemProperties::verifyStaticCertificateProperties() {
}
long error = ERR_get_error();
const char* error_str = ERR_error_string(error, NULL);
qCWarning(entities) << "Failed to verify static certificate properties! RSA error:" << error_str;
qCWarning(entities) << "Failed to verify static certificate properties! EC error:" << error_str;
return false;
}
} else {
@ -2583,7 +2586,7 @@ bool EntityItemProperties::verifyStaticCertificateProperties() {
}
long error = ERR_get_error();
const char* error_str = ERR_error_string(error, NULL);
qCWarning(entities) << "Failed to verify static certificate properties! RSA error:" << error_str;
qCWarning(entities) << "Failed to verify static certificate properties! EC error:" << error_str;
return false;
}
}

104
libraries/entities/src/EntityTree.cpp
View file

@ -14,7 +14,7 @@
#include <QtCore/QQueue>
#include <openssl/err.h>
#include <openssl/rsa.h>
//#include <openssl/ecdsa.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
#include <NetworkingConstants.h>
@ -1167,36 +1167,38 @@ void EntityTree::startPendingTransferStatusTimer(const QString& certID, const En
transferStatusRetryTimer->start(90000);
}
QByteArray EntityTree::computeEncryptedNonce(const QString& certID, const QString ownerKey) {
QString ownerKeyWithHeaders = ("-----BEGIN RSA PUBLIC KEY-----\n" + ownerKey + "\n-----END RSA PUBLIC KEY-----");
QByteArray EntityTree::computeNonce(const QString& certID, const QString ownerKey) {
QString ownerKeyWithHeaders = ("-----BEGIN ECDSA PUBLIC KEY-----\n" + ownerKey + "\n-----END ECDSA PUBLIC KEY-----");
BIO* bio = BIO_new_mem_buf((void*)ownerKeyWithHeaders.toUtf8().constData(), -1);
BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); // NO NEWLINE
RSA* rsa = PEM_read_bio_RSAPublicKey(bio, NULL, NULL, NULL);
EC_KEY* ec = PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL);
if (rsa) {
QUuid nonce = QUuid::createUuid();
const unsigned int textLength = nonce.toString().length();
QByteArray encryptedText(RSA_size(rsa), 0);
const int encryptStatus = RSA_public_encrypt(textLength,
reinterpret_cast<const unsigned char*>(qPrintable(nonce.toString())),
reinterpret_cast<unsigned char*>(encryptedText.data()),
rsa,
RSA_PKCS1_OAEP_PADDING);
if (ec) {
QUuid nonce = QUuid::createUuid(); //random, 5-hex value, separated by "-"
QByteArray nonceBytes = nonce.toByteArray();
//const unsigned int textLength = nonce.toString().length();
//QByteArray encryptedText(ECDSA_size(ec), 0);
//const int encryptStatus = RSA_public_encrypt(textLength,
// reinterpret_cast<const unsigned char*>(qPrintable(nonce.toString())),
// reinterpret_cast<unsigned char*>(encryptedText.data()),
// rsa,
// RSA_PKCS1_OAEP_PADDING);
if (bio) {
BIO_free(bio);
}
RSA_free(rsa);
if (encryptStatus == -1) {
long error = ERR_get_error();
const char* error_str = ERR_error_string(error, NULL);
qCWarning(entities) << "Unable to compute encrypted nonce for" << certID << "\nRSA error:" << error_str;
return "";
}
//rsa_free(ec);
// if (encryptStatus == -1) {
// long error = ERR_get_error();
// const char* error_str = ERR_error_string(error, NULL);
// qCWarning(entities) << "Unable to compute nonce for" << certID << "\nECDSA error:" << error_str;
// return "";
//}
QWriteLocker locker(&_certNonceMapLock);
_certNonceMap.insert(certID, nonce);
return encryptedText;
return nonceBytes;
} else {
if (bio) {
BIO_free(bio);
@ -1205,7 +1207,7 @@ QByteArray EntityTree::computeEncryptedNonce(const QString& certID, const QStrin
}
}
bool EntityTree::verifyDecryptedNonce(const QString& certID, const QString& decryptedNonce, EntityItemID& id) {
bool EntityTree::verifyNonce(const QString& certID, const QString& Nonce, EntityItemID& id) {
{
QReadLocker certIdMapLocker(&_entityCertificateIDMapLock);
id = _entityCertificateIDMap.value(certID);
@ -1217,13 +1219,13 @@ bool EntityTree::verifyDecryptedNonce(const QString& certID, const QString& decr
actualNonce = _certNonceMap.take(certID).toString();
}
bool verificationSuccess = (actualNonce == decryptedNonce);
bool verificationSuccess = (actualNonce == Nonce);
if (verificationSuccess) {
qCDebug(entities) << "Ownership challenge for Cert ID" << certID << "succeeded.";
} else {
qCDebug(entities) << "Ownership challenge for Cert ID" << certID << "failed."
<< "\nActual nonce:" << actualNonce << "\nDecrypted nonce:" << decryptedNonce;
<< "\nActual nonce:" << actualNonce << "\nonce:" << Nonce;
}
return verificationSuccess;
@ -1231,67 +1233,67 @@ bool EntityTree::verifyDecryptedNonce(const QString& certID, const QString& decr
void EntityTree::processChallengeOwnershipRequestPacket(ReceivedMessage& message, const SharedNodePointer& sourceNode) {
int certIDByteArraySize;
int encryptedTextByteArraySize;
int TextByteArraySize;
int nodeToChallengeByteArraySize;
message.readPrimitive(&certIDByteArraySize);
message.readPrimitive(&encryptedTextByteArraySize);
message.readPrimitive(&TextByteArraySize);
message.readPrimitive(&nodeToChallengeByteArraySize);
QByteArray certID(message.read(certIDByteArraySize));
QByteArray encryptedText(message.read(encryptedTextByteArraySize));
QByteArray Text(message.read(TextByteArraySize));
QByteArray nodeToChallenge(message.read(nodeToChallengeByteArraySize));
sendChallengeOwnershipRequestPacket(certID, encryptedText, nodeToChallenge, sourceNode);
sendChallengeOwnershipRequestPacket(certID, Text, nodeToChallenge, sourceNode);
}
void EntityTree::processChallengeOwnershipReplyPacket(ReceivedMessage& message, const SharedNodePointer& sourceNode) {
auto nodeList = DependencyManager::get<NodeList>();
int certIDByteArraySize;
int decryptedTextByteArraySize;
int TextByteArraySize;
int challengingNodeUUIDByteArraySize;
message.readPrimitive(&certIDByteArraySize);
message.readPrimitive(&decryptedTextByteArraySize);
message.readPrimitive(&TextByteArraySize);
message.readPrimitive(&challengingNodeUUIDByteArraySize);
QByteArray certID(message.read(certIDByteArraySize));
QByteArray decryptedText(message.read(decryptedTextByteArraySize));
QByteArray Text(message.read(TextByteArraySize));
QUuid challengingNode = QUuid::fromRfc4122(message.read(challengingNodeUUIDByteArraySize));
auto challengeOwnershipReplyPacket = NLPacket::create(PacketType::ChallengeOwnershipReply,
certIDByteArraySize + decryptedText.length() + 2 * sizeof(int),
certIDByteArraySize + Text.length() + 2 * sizeof(int),
true);
challengeOwnershipReplyPacket->writePrimitive(certIDByteArraySize);
challengeOwnershipReplyPacket->writePrimitive(decryptedText.length());
challengeOwnershipReplyPacket->writePrimitive(Text.length());
challengeOwnershipReplyPacket->write(certID);
challengeOwnershipReplyPacket->write(decryptedText);
challengeOwnershipReplyPacket->write(Text);
nodeList->sendPacket(std::move(challengeOwnershipReplyPacket), *(nodeList->nodeWithUUID(challengingNode)));
}
void EntityTree::sendChallengeOwnershipPacket(const QString& certID, const QString& ownerKey, const EntityItemID& entityItemID, const SharedNodePointer& senderNode) {
// 1. Encrypt a nonce with the owner's public key
// 1. Obtain a nonce
auto nodeList = DependencyManager::get<NodeList>();
QByteArray encryptedText = computeEncryptedNonce(certID, ownerKey);
QByteArray Text = computeNonce(certID, ownerKey);
if (encryptedText == "") {
qCDebug(entities) << "CRITICAL ERROR: Couldn't compute encrypted nonce. Deleting entity...";
if (Text == "") {
qCDebug(entities) << "CRITICAL ERROR: Couldn't compute nonce. Deleting entity...";
deleteEntity(entityItemID, true);
} else {
qCDebug(entities) << "Challenging ownership of Cert ID" << certID;
// 2. Send the encrypted text to the rezzing avatar's node
// 2. Send the nonce to the rezzing avatar's node
QByteArray certIDByteArray = certID.toUtf8();
int certIDByteArraySize = certIDByteArray.size();
auto challengeOwnershipPacket = NLPacket::create(PacketType::ChallengeOwnership,
certIDByteArraySize + encryptedText.length() + 2 * sizeof(int),
certIDByteArraySize + Text.length() + 2 * sizeof(int),
true);
challengeOwnershipPacket->writePrimitive(certIDByteArraySize);
challengeOwnershipPacket->writePrimitive(encryptedText.length());
challengeOwnershipPacket->writePrimitive(Text.length());
challengeOwnershipPacket->write(certIDByteArray);
challengeOwnershipPacket->write(encryptedText);
challengeOwnershipPacket->write(Text);
nodeList->sendPacket(std::move(challengeOwnershipPacket), *senderNode);
// 3. Kickoff a 10-second timeout timer that deletes the entity if we don't get an ownership response in time
@ -1304,7 +1306,7 @@ void EntityTree::sendChallengeOwnershipPacket(const QString& certID, const QStri
}
}
void EntityTree::sendChallengeOwnershipRequestPacket(const QByteArray& certID, const QByteArray& encryptedText, const QByteArray& nodeToChallenge, const SharedNodePointer& senderNode) {
void EntityTree::sendChallengeOwnershipRequestPacket(const QByteArray& certID, const QByteArray& Text, const QByteArray& nodeToChallenge, const SharedNodePointer& senderNode) {
auto nodeList = DependencyManager::get<NodeList>();
// In this case, Client A is challenging Client B. Client A is inspecting a certified entity that it wants
@ -1312,17 +1314,17 @@ void EntityTree::sendChallengeOwnershipRequestPacket(const QByteArray& certID, c
QByteArray senderNodeUUID = senderNode->getUUID().toRfc4122();
int certIDByteArraySize = certID.length();
int encryptedTextByteArraySize = encryptedText.length();
int TextByteArraySize = Text.length();
int senderNodeUUIDSize = senderNodeUUID.length();
auto challengeOwnershipPacket = NLPacket::create(PacketType::ChallengeOwnershipRequest,
certIDByteArraySize + encryptedTextByteArraySize + senderNodeUUIDSize + 3 * sizeof(int),
certIDByteArraySize + TextByteArraySize + senderNodeUUIDSize + 3 * sizeof(int),
true);
challengeOwnershipPacket->writePrimitive(certIDByteArraySize);
challengeOwnershipPacket->writePrimitive(encryptedTextByteArraySize);
challengeOwnershipPacket->writePrimitive(TextByteArraySize);
challengeOwnershipPacket->writePrimitive(senderNodeUUIDSize);
challengeOwnershipPacket->write(certID);
challengeOwnershipPacket->write(encryptedText);
challengeOwnershipPacket->write(Text);
challengeOwnershipPacket->write(senderNodeUUID);
nodeList->sendPacket(std::move(challengeOwnershipPacket), *(nodeList->nodeWithUUID(QUuid::fromRfc4122(nodeToChallenge))));
@ -1391,18 +1393,18 @@ void EntityTree::validatePop(const QString& certID, const EntityItemID& entityIt
void EntityTree::processChallengeOwnershipPacket(ReceivedMessage& message, const SharedNodePointer& sourceNode) {
int certIDByteArraySize;
int decryptedTextByteArraySize;
int TextByteArraySize;
message.readPrimitive(&certIDByteArraySize);
message.readPrimitive(&decryptedTextByteArraySize);
message.readPrimitive(&TextByteArraySize);
QString certID(message.read(certIDByteArraySize));
QString decryptedText(message.read(decryptedTextByteArraySize));
QString Text(message.read(TextByteArraySize));
emit killChallengeOwnershipTimeoutTimer(certID);
EntityItemID id;
if (!verifyDecryptedNonce(certID, decryptedText, id)) {
if (!verifyNonce(certID, Text, id)) {
if (!id.isNull()) {
deleteEntity(id, true);
}

6
libraries/entities/src/EntityTree.h
View file

@ -275,8 +275,8 @@ public:
static const float DEFAULT_MAX_TMP_ENTITY_LIFETIME;
QByteArray computeEncryptedNonce(const QString& certID, const QString ownerKey);
bool verifyDecryptedNonce(const QString& certID, const QString& decryptedNonce, EntityItemID& id);
QByteArray computeNonce(const QString& certID, const QString ownerKey);
bool verifyNonce(const QString& certID, const QString& Nonce, EntityItemID& id);
signals:
void deletingEntity(const EntityItemID& entityID);
@ -381,7 +381,7 @@ protected:
private:
void sendChallengeOwnershipPacket(const QString& certID, const QString& ownerKey, const EntityItemID& entityItemID, const SharedNodePointer& senderNode);
void sendChallengeOwnershipRequestPacket(const QByteArray& certID, const QByteArray& encryptedText, const QByteArray& nodeToChallenge, const SharedNodePointer& senderNode);
void sendChallengeOwnershipRequestPacket(const QByteArray& certID, const QByteArray& Text, const QByteArray& nodeToChallenge, const SharedNodePointer& senderNode);
void validatePop(const QString& certID, const EntityItemID& entityItemID, const SharedNodePointer& senderNode, bool isRetryingValidation);
};