Commit 0bb12b06 authored by Benjamin Canou's avatar Benjamin Canou

Signer: magic-byte restriction

parent 347a5523
......@@ -17,13 +17,26 @@ module Authorized_key =
let of_source t = Lwt.return (of_b58check t)
end)
let check_magic_byte magic_bytes data =
match magic_bytes with
| None -> return ()
| Some magic_bytes ->
let byte = MBytes.get_uint8 data 0 in
if MBytes.length data > 1
&& (List.mem byte magic_bytes) then
return ()
else
failwith "magic byte 0x%02X not allowed" byte
let sign
(cctxt : #Client_context.wallet)
Signer_messages.Sign.Request.{ pkh ; data ; signature } ~require_auth =
Signer_messages.Sign.Request.{ pkh ; data ; signature }
?magic_bytes ~require_auth =
log "Request for signing %d bytes of data for key %a, magic byte = %02X"
(MBytes.length data)
Signature.Public_key_hash.pp pkh
(MBytes.get_uint8 data 0) >>= fun () ->
check_magic_byte magic_bytes data >>=? fun () ->
begin match require_auth, signature with
| false, _ -> return ()
| true, None -> failwith "missing authentication signature field"
......
......@@ -9,14 +9,14 @@
let log = Signer_logging.lwt_log_notice
let run (cctxt : #Client_context.wallet) ~host ~port ~cert ~key ~require_auth =
let run (cctxt : #Client_context.wallet) ~host ~port ~cert ~key ?magic_bytes ~require_auth =
log "Accepting HTTPS requests on port %d" port >>= fun () ->
let mode : Conduit_lwt_unix.server =
`TLS (`Crt_file_path cert, `Key_file_path key, `No_password, `Port port) in
let dir = RPC_directory.empty in
let dir =
RPC_directory.register1 dir Signer_services.sign begin fun pkh signature data ->
Handler.sign cctxt { pkh ; data ; signature } ~require_auth
Handler.sign cctxt { pkh ; data ; signature } ?magic_bytes ~require_auth
end in
let dir =
RPC_directory.register1 dir Signer_services.public_key begin fun pkh () () ->
......
......@@ -10,5 +10,6 @@
val run:
#Client_context.io_wallet ->
host:string -> port:int -> cert:string -> key:string ->
?magic_bytes: int list ->
require_auth: bool ->
'a tzresult Lwt.t
......@@ -38,11 +38,30 @@ let group =
{ Clic.name = "signer" ;
title = "Commands specific to the signing daemon" }
let magic_bytes_arg =
Clic.arg
~doc: "values allowed for the magic bytes, defaults to any"
~short: 'M'
~long: "magic-bytes"
~placeholder: "0xHH,0xHH,..."
(Clic.parameter (fun _ s ->
try
return
(List.map
(fun s ->
let b = int_of_string s in
if b < 0 || b > 255 then raise Exit else b)
(String.split ',' s))
with _ ->
failwith "Bad format for magic bytes, a series of numbers \
is expected, separated by commas."))
let commands base_dir require_auth =
Client_keys_commands.commands () @
[ command ~group
~desc: "Launch a signer daemon over a TCP socket."
(args2
(args3
magic_bytes_arg
(default_arg
~doc: "listening address or host name"
~short: 'a'
......@@ -61,12 +80,13 @@ let commands base_dir require_auth =
try return (int_of_string x)
with Failure _ -> failwith "Invalid port %s" x))))
(prefixes [ "launch" ; "socket" ; "signer" ] @@ stop)
(fun (host, port) cctxt ->
(fun (magic_bytes, host, port) cctxt ->
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
Socket_daemon.run cctxt (Tcp (host, port)) ~require_auth) ;
Socket_daemon.run cctxt (Tcp (host, port)) ?magic_bytes ~require_auth) ;
command ~group
~desc: "Launch a signer daemon over a local Unix socket."
(args1
(args2
magic_bytes_arg
(default_arg
~doc: "path to the local socket file"
~short: 's'
......@@ -75,12 +95,13 @@ let commands base_dir require_auth =
~default: (Filename.concat base_dir "socket")
(parameter (fun _ s -> return s))))
(prefixes [ "launch" ; "local" ; "signer" ] @@ stop)
(fun path cctxt ->
(fun (magic_bytes, path) cctxt ->
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
Socket_daemon.run cctxt (Unix path) ~require_auth) ;
Socket_daemon.run cctxt (Unix path) ?magic_bytes ~require_auth) ;
command ~group
~desc: "Launch a signer daemon over HTTPS."
(args2
(args3
magic_bytes_arg
(default_arg
~doc: "listening address or host name"
~short: 'a'
......@@ -107,9 +128,9 @@ let commands base_dir require_auth =
~name:"key"
~desc: "path to th TLS key"
(parameter (fun _ s -> return s)) @@ stop)
(fun (host, port) cert key cctxt ->
(fun (magic_bytes, host, port) cert key cctxt ->
Tezos_signer_backends.Encrypted.decrypt_all cctxt >>=? fun () ->
Https_daemon.run cctxt ~host ~port ~cert ~key ~require_auth) ;
Https_daemon.run cctxt ~host ~port ~cert ~key ?magic_bytes ~require_auth) ;
command ~group
~desc: "Authorize a given public key to perform signing requests."
(args1
......
......@@ -11,7 +11,7 @@ open Signer_messages
let log = Signer_logging.lwt_log_notice
let run (cctxt : #Client_context.wallet) path ~require_auth =
let run (cctxt : #Client_context.wallet) path ?magic_bytes ~require_auth =
Lwt_utils_unix.Socket.bind path >>=? fun fd ->
let rec loop () =
Lwt_unix.accept fd >>= fun (fd, _) ->
......@@ -19,7 +19,7 @@ let run (cctxt : #Client_context.wallet) path ~require_auth =
Lwt_utils_unix.Socket.recv fd Request.encoding >>=? function
| Sign req ->
let encoding = result_encoding Sign.Response.encoding in
Handler.sign cctxt req ~require_auth >>= fun res ->
Handler.sign cctxt req ?magic_bytes ~require_auth >>= fun res ->
Lwt_utils_unix.Socket.send fd encoding res >>= fun _ ->
Lwt_unix.close fd >>= fun () ->
return ()
......
......@@ -10,5 +10,6 @@
val run:
#Client_context.io_wallet ->
Lwt_utils_unix.Socket.addr ->
?magic_bytes: int list ->
require_auth: bool ->
'a tzresult Lwt.t
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment