dark/zerotiertspu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Clang-format!!!

Browse source
This commit is contained in:
Adam Ierymenko 2024-09-26 08:52:29 -04:00
parent f190df8621
commit 96ba1079b2
No known key found for this signature in database
GPG key ID: C8877CF2D7A5D7F3
122 changed files with 41245 additions and 39820 deletions
Download patch file Download diff file Expand all files Collapse all files

553
node/Identity.hpp
View file

@ -14,16 +14,16 @@
#ifndef ZT_IDENTITY_HPP
#define ZT_IDENTITY_HPP
#include "Address.hpp"
#include "Buffer.hpp"
#include "Constants.hpp"
#include "ECC.hpp"
#include "SHA512.hpp"
#include "Utils.hpp"
#include <stdio.h>
#include <stdlib.h>
#include "Constants.hpp"
#include "Utils.hpp"
#include "Address.hpp"
#include "ECC.hpp"
#include "Buffer.hpp"
#include "SHA512.hpp"
#define ZT_IDENTITY_STRING_BUFFER_LENGTH 384
namespace ZeroTier {
@ -38,295 +38,318 @@ namespace ZeroTier {
* search for a different public key that duplicates an existing address. (See
* code for deriveAddress() for this algorithm.)
*/
class Identity
{
public:
Identity() :
_privateKey((ECC::Private *)0)
{
}
class Identity {
public:
Identity() : _privateKey((ECC::Private*)0)
{
}
Identity(const Identity &id) :
_address(id._address),
_publicKey(id._publicKey),
_privateKey((id._privateKey) ? new ECC::Private(*(id._privateKey)) : (ECC::Private *)0)
{
}
Identity(const Identity& id) : _address(id._address), _publicKey(id._publicKey), _privateKey((id._privateKey) ? new ECC::Private(*(id._privateKey)) : (ECC::Private*)0)
{
}
Identity(const char *str) :
_privateKey((ECC::Private *)0)
{
if (!fromString(str)) {
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_INVALID_TYPE;
}
}
Identity(const char* str) : _privateKey((ECC::Private*)0)
{
if (! fromString(str)) {
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_INVALID_TYPE;
}
}
template<unsigned int C>
Identity(const Buffer<C> &b,unsigned int startAt = 0) :
_privateKey((ECC::Private *)0)
{
deserialize(b,startAt);
}
template <unsigned int C> Identity(const Buffer<C>& b, unsigned int startAt = 0) : _privateKey((ECC::Private*)0)
{
deserialize(b, startAt);
}
~Identity()
{
if (_privateKey) {
Utils::burn(_privateKey,sizeof(ECC::Private));
delete _privateKey;
}
}
~Identity()
{
if (_privateKey) {
Utils::burn(_privateKey, sizeof(ECC::Private));
delete _privateKey;
}
}
inline Identity &operator=(const Identity &id)
{
_address = id._address;
_publicKey = id._publicKey;
if (id._privateKey) {
if (!_privateKey) {
_privateKey = new ECC::Private();
}
*_privateKey = *(id._privateKey);
} else {
delete _privateKey;
_privateKey = (ECC::Private *)0;
}
return *this;
}
inline Identity& operator=(const Identity& id)
{
_address = id._address;
_publicKey = id._publicKey;
if (id._privateKey) {
if (! _privateKey) {
_privateKey = new ECC::Private();
}
*_privateKey = *(id._privateKey);
}
else {
delete _privateKey;
_privateKey = (ECC::Private*)0;
}
return *this;
}
/**
* Generate a new identity (address, key pair)
*
* This is a time consuming operation.
*/
void generate();
/**
* Generate a new identity (address, key pair)
*
* This is a time consuming operation.
*/
void generate();
/**
* Check the validity of this identity's pairing of key to address
*
* @return True if validation check passes
*/
bool locallyValidate() const;
/**
* Check the validity of this identity's pairing of key to address
*
* @return True if validation check passes
*/
bool locallyValidate() const;
/**
* @return True if this identity contains a private key
*/
inline bool hasPrivate() const { return (_privateKey != (ECC::Private *)0); }
/**
* @return True if this identity contains a private key
*/
inline bool hasPrivate() const
{
return (_privateKey != (ECC::Private*)0);
}
/**
* Compute a SHA384 hash of this identity's address and public key(s).
*
* @param sha384buf Buffer with 48 bytes of space to receive hash
*/
inline void publicKeyHash(void *sha384buf) const
{
uint8_t address[ZT_ADDRESS_LENGTH];
_address.copyTo(address, ZT_ADDRESS_LENGTH);
SHA384(sha384buf, address, ZT_ADDRESS_LENGTH, _publicKey.data, ZT_ECC_PUBLIC_KEY_SET_LEN);
}
/**
* Compute a SHA384 hash of this identity's address and public key(s).
*
* @param sha384buf Buffer with 48 bytes of space to receive hash
*/
inline void publicKeyHash(void* sha384buf) const
{
uint8_t address[ZT_ADDRESS_LENGTH];
_address.copyTo(address, ZT_ADDRESS_LENGTH);
SHA384(sha384buf, address, ZT_ADDRESS_LENGTH, _publicKey.data, ZT_ECC_PUBLIC_KEY_SET_LEN);
}
/**
* Compute the SHA512 hash of our private key (if we have one)
*
* @param sha Buffer to receive SHA512 (MUST be ZT_SHA512_DIGEST_LEN (64) bytes in length)
* @return True on success, false if no private key
*/
inline bool sha512PrivateKey(void *sha) const
{
if (_privateKey) {
SHA512(sha,_privateKey->data,ZT_ECC_PRIVATE_KEY_SET_LEN);
return true;
}
return false;
}
/**
* Compute the SHA512 hash of our private key (if we have one)
*
* @param sha Buffer to receive SHA512 (MUST be ZT_SHA512_DIGEST_LEN (64) bytes in length)
* @return True on success, false if no private key
*/
inline bool sha512PrivateKey(void* sha) const
{
if (_privateKey) {
SHA512(sha, _privateKey->data, ZT_ECC_PRIVATE_KEY_SET_LEN);
return true;
}
return false;
}
/**
* Sign a message with this identity (private key required)
*
* @param data Data to sign
* @param len Length of data
*/
inline ECC::Signature sign(const void *data,unsigned int len) const
{
if (_privateKey) {
return ECC::sign(*_privateKey,_publicKey,data,len);
}
throw ZT_EXCEPTION_PRIVATE_KEY_REQUIRED;
}
/**
* Sign a message with this identity (private key required)
*
* @param data Data to sign
* @param len Length of data
*/
inline ECC::Signature sign(const void* data, unsigned int len) const
{
if (_privateKey) {
return ECC::sign(*_privateKey, _publicKey, data, len);
}
throw ZT_EXCEPTION_PRIVATE_KEY_REQUIRED;
}
/**
* Verify a message signature against this identity
*
* @param data Data to check
* @param len Length of data
* @param signature Signature bytes
* @param siglen Length of signature in bytes
* @return True if signature validates and data integrity checks
*/
inline bool verify(const void *data,unsigned int len,const void *signature,unsigned int siglen) const
{
if (siglen != ZT_ECC_SIGNATURE_LEN) {
return false;
}
return ECC::verify(_publicKey,data,len,signature);
}
/**
* Verify a message signature against this identity
*
* @param data Data to check
* @param len Length of data
* @param signature Signature bytes
* @param siglen Length of signature in bytes
* @return True if signature validates and data integrity checks
*/
inline bool verify(const void* data, unsigned int len, const void* signature, unsigned int siglen) const
{
if (siglen != ZT_ECC_SIGNATURE_LEN) {
return false;
}
return ECC::verify(_publicKey, data, len, signature);
}
/**
* Verify a message signature against this identity
*
* @param data Data to check
* @param len Length of data
* @param signature Signature
* @return True if signature validates and data integrity checks
*/
inline bool verify(const void *data,unsigned int len,const ECC::Signature &signature) const
{
return ECC::verify(_publicKey,data,len,signature);
}
/**
* Verify a message signature against this identity
*
* @param data Data to check
* @param len Length of data
* @param signature Signature
* @return True if signature validates and data integrity checks
*/
inline bool verify(const void* data, unsigned int len, const ECC::Signature& signature) const
{
return ECC::verify(_publicKey, data, len, signature);
}
/**
* Shortcut method to perform key agreement with another identity
*
* This identity must have a private key. (Check hasPrivate())
*
* @param id Identity to agree with
* @param key Result parameter to fill with key bytes
* @return Was agreement successful?
*/
inline bool agree(const Identity &id,void *const key) const
{
if (_privateKey) {
ECC::agree(*_privateKey,id._publicKey,key,ZT_SYMMETRIC_KEY_SIZE);
return true;
}
return false;
}
/**
* Shortcut method to perform key agreement with another identity
*
* This identity must have a private key. (Check hasPrivate())
*
* @param id Identity to agree with
* @param key Result parameter to fill with key bytes
* @return Was agreement successful?
*/
inline bool agree(const Identity& id, void* const key) const
{
if (_privateKey) {
ECC::agree(*_privateKey, id._publicKey, key, ZT_SYMMETRIC_KEY_SIZE);
return true;
}
return false;
}
/**
* @return This identity's address
*/
inline const Address &address() const { return _address; }
/**
* @return This identity's address
*/
inline const Address& address() const
{
return _address;
}
/**
* Serialize this identity (binary)
*
* @param b Destination buffer to append to
* @param includePrivate If true, include private key component (if present) (default: false)
* @throws std::out_of_range Buffer too small
*/
template<unsigned int C>
inline void serialize(Buffer<C> &b,bool includePrivate = false) const
{
_address.appendTo(b);
b.append((uint8_t)0); // C25519/Ed25519 identity type
b.append(_publicKey.data,ZT_ECC_PUBLIC_KEY_SET_LEN);
if ((_privateKey)&&(includePrivate)) {
b.append((unsigned char)ZT_ECC_PRIVATE_KEY_SET_LEN);
b.append(_privateKey->data,ZT_ECC_PRIVATE_KEY_SET_LEN);
} else {
b.append((unsigned char)0);
}
}
/**
* Serialize this identity (binary)
*
* @param b Destination buffer to append to
* @param includePrivate If true, include private key component (if present) (default: false)
* @throws std::out_of_range Buffer too small
*/
template <unsigned int C> inline void serialize(Buffer<C>& b, bool includePrivate = false) const
{
_address.appendTo(b);
b.append((uint8_t)0); // C25519/Ed25519 identity type
b.append(_publicKey.data, ZT_ECC_PUBLIC_KEY_SET_LEN);
if ((_privateKey) && (includePrivate)) {
b.append((unsigned char)ZT_ECC_PRIVATE_KEY_SET_LEN);
b.append(_privateKey->data, ZT_ECC_PRIVATE_KEY_SET_LEN);
}
else {
b.append((unsigned char)0);
}
}
/**
* Deserialize a binary serialized identity
*
* If an exception is thrown, the Identity object is left in an undefined
* state and should not be used.
*
* @param b Buffer containing serialized data
* @param startAt Index within buffer of serialized data (default: 0)
* @return Length of serialized data read from buffer
* @throws std::out_of_range Serialized data invalid
* @throws std::invalid_argument Serialized data invalid
*/
template<unsigned int C>
inline unsigned int deserialize(const Buffer<C> &b,unsigned int startAt = 0)
{
delete _privateKey;
_privateKey = (ECC::Private *)0;
/**
* Deserialize a binary serialized identity
*
* If an exception is thrown, the Identity object is left in an undefined
* state and should not be used.
*
* @param b Buffer containing serialized data
* @param startAt Index within buffer of serialized data (default: 0)
* @return Length of serialized data read from buffer
* @throws std::out_of_range Serialized data invalid
* @throws std::invalid_argument Serialized data invalid
*/
template <unsigned int C> inline unsigned int deserialize(const Buffer<C>& b, unsigned int startAt = 0)
{
delete _privateKey;
_privateKey = (ECC::Private*)0;
unsigned int p = startAt;
unsigned int p = startAt;
_address.setTo(b.field(p,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH);
p += ZT_ADDRESS_LENGTH;
_address.setTo(b.field(p, ZT_ADDRESS_LENGTH), ZT_ADDRESS_LENGTH);
p += ZT_ADDRESS_LENGTH;
if (b[p++] != 0) {
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_INVALID_TYPE;
}
if (b[p++] != 0) {
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_INVALID_TYPE;
}
memcpy(_publicKey.data,b.field(p,ZT_ECC_PUBLIC_KEY_SET_LEN),ZT_ECC_PUBLIC_KEY_SET_LEN);
p += ZT_ECC_PUBLIC_KEY_SET_LEN;
memcpy(_publicKey.data, b.field(p, ZT_ECC_PUBLIC_KEY_SET_LEN), ZT_ECC_PUBLIC_KEY_SET_LEN);
p += ZT_ECC_PUBLIC_KEY_SET_LEN;
unsigned int privateKeyLength = (unsigned int)b[p++];
if (privateKeyLength) {
if (privateKeyLength != ZT_ECC_PRIVATE_KEY_SET_LEN) {
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_INVALID_CRYPTOGRAPHIC_TOKEN;
}
_privateKey = new ECC::Private();
memcpy(_privateKey->data,b.field(p,ZT_ECC_PRIVATE_KEY_SET_LEN),ZT_ECC_PRIVATE_KEY_SET_LEN);
p += ZT_ECC_PRIVATE_KEY_SET_LEN;
}
unsigned int privateKeyLength = (unsigned int)b[p++];
if (privateKeyLength) {
if (privateKeyLength != ZT_ECC_PRIVATE_KEY_SET_LEN) {
throw ZT_EXCEPTION_INVALID_SERIALIZED_DATA_INVALID_CRYPTOGRAPHIC_TOKEN;
}
_privateKey = new ECC::Private();
memcpy(_privateKey->data, b.field(p, ZT_ECC_PRIVATE_KEY_SET_LEN), ZT_ECC_PRIVATE_KEY_SET_LEN);
p += ZT_ECC_PRIVATE_KEY_SET_LEN;
}
return (p - startAt);
}
return (p - startAt);
}
/**
* Serialize to a more human-friendly string
*
* @param includePrivate If true, include private key (if it exists)
* @param buf Buffer to store string
* @return ASCII string representation of identity
*/
char *toString(bool includePrivate,char buf[ZT_IDENTITY_STRING_BUFFER_LENGTH]) const;
/**
* Serialize to a more human-friendly string
*
* @param includePrivate If true, include private key (if it exists)
* @param buf Buffer to store string
* @return ASCII string representation of identity
*/
char* toString(bool includePrivate, char buf[ZT_IDENTITY_STRING_BUFFER_LENGTH]) const;
/**
* Deserialize a human-friendly string
*
* Note: validation is for the format only. The locallyValidate() method
* must be used to check signature and address/key correspondence.
*
* @param str String to deserialize
* @return True if deserialization appears successful
*/
bool fromString(const char *str);
/**
* Deserialize a human-friendly string
*
* Note: validation is for the format only. The locallyValidate() method
* must be used to check signature and address/key correspondence.
*
* @param str String to deserialize
* @return True if deserialization appears successful
*/
bool fromString(const char* str);
/**
* @return C25519 public key
*/
inline const ECC::Public &publicKey() const { return _publicKey; }
/**
* @return C25519 public key
*/
inline const ECC::Public& publicKey() const
{
return _publicKey;
}
/**
* @return C25519 key pair (only returns valid pair if private key is present in this Identity object)
*/
inline const ECC::Pair privateKeyPair() const
{
ECC::Pair pair;
pair.pub = _publicKey;
if (_privateKey) {
pair.priv = *_privateKey;
} else {
memset(pair.priv.data,0,ZT_ECC_PRIVATE_KEY_SET_LEN);
}
return pair;
}
/**
* @return C25519 key pair (only returns valid pair if private key is present in this Identity object)
*/
inline const ECC::Pair privateKeyPair() const
{
ECC::Pair pair;
pair.pub = _publicKey;
if (_privateKey) {
pair.priv = *_privateKey;
}
else {
memset(pair.priv.data, 0, ZT_ECC_PRIVATE_KEY_SET_LEN);
}
return pair;
}
/**
* @return True if this identity contains something
*/
inline operator bool() const { return (_address); }
/**
* @return True if this identity contains something
*/
inline operator bool() const
{
return (_address);
}
inline bool operator==(const Identity &id) const { return ((_address == id._address)&&(memcmp(_publicKey.data,id._publicKey.data,ZT_ECC_PUBLIC_KEY_SET_LEN) == 0)); }
inline bool operator<(const Identity &id) const { return ((_address < id._address)||((_address == id._address)&&(memcmp(_publicKey.data,id._publicKey.data,ZT_ECC_PUBLIC_KEY_SET_LEN) < 0))); }
inline bool operator!=(const Identity &id) const { return !(*this == id); }
inline bool operator>(const Identity &id) const { return (id < *this); }
inline bool operator<=(const Identity &id) const { return !(id < *this); }
inline bool operator>=(const Identity &id) const { return !(*this < id); }
inline bool operator==(const Identity& id) const
{
return ((_address == id._address) && (memcmp(_publicKey.data, id._publicKey.data, ZT_ECC_PUBLIC_KEY_SET_LEN) == 0));
}
inline bool operator<(const Identity& id) const
{
return ((_address < id._address) || ((_address == id._address) && (memcmp(_publicKey.data, id._publicKey.data, ZT_ECC_PUBLIC_KEY_SET_LEN) < 0)));
}
inline bool operator!=(const Identity& id) const
{
return ! (*this == id);
}
inline bool operator>(const Identity& id) const
{
return (id < *this);
}
inline bool operator<=(const Identity& id) const
{
return ! (id < *this);
}
inline bool operator>=(const Identity& id) const
{
return ! (*this < id);
}
private:
Address _address;
ECC::Public _publicKey;
ECC::Private *_privateKey;
private:
Address _address;
ECC::Public _publicKey;
ECC::Private* _privateKey;
};
} // namespace ZeroTier
} // namespace ZeroTier
#endif