bob/p2p
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

signature verification

Browse Source
This commit is contained in:
wikano
2025-12-31 19:40:25 +01:00
parent cc09fab16d
commit c804695725
5 changed files with 100 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
client-network/src/cryptographic_signature.rs
View File

@@ -1,4 +1,8 @@
use std::io::Read;
use crate::messages_structure::HandshakeMessage; use crate::messages_structure::HandshakeMessage;
use bytes::Bytes;
use p256::EncodedPoint;
use p256::ecdsa::{ use p256::ecdsa::{
Signature, SigningKey, VerifyingKey, Signature, SigningKey, VerifyingKey,
signature::{Signer, Verifier}, signature::{Signer, Verifier},
@@ -9,6 +13,7 @@ use sha2::{Digest, Sha256};
/// ///
/// contains the ecdsa private key, the ecdsa public key and the username /// contains the ecdsa private key, the ecdsa public key and the username
/// ///
///
pub struct CryptographicSignature { pub struct CryptographicSignature {
priv_key: SigningKey, priv_key: SigningKey,
pub pub_key: VerifyingKey, pub pub_key: VerifyingKey,
@@ -42,6 +47,53 @@ pub fn formatPubKey(crypto_pair: CryptographicSignature) -> String {
hex::encode(pubkey_bytes) hex::encode(pubkey_bytes)
} }
pub async fn get_peer_key(username: &String) -> Result<VerifyingKey, reqwest::Error> {
let client = reqwest::Client::new();
let uri = format!("https://jch.irif.fr:8443/peers/{}/key", username);
let res = client.get(uri).send().await?;
if res.status().is_success() {
println!("Successfully retreived the peers key.");
} else {
eprintln!(
"Failed to get the peers key from the server. Status: {}",
res.status()
);
}
let body: Bytes = res.bytes().await?;
let slice: &[u8] = body.as_ref();
let body_bytes: &[u8; 64] = slice.try_into().expect("size error");
let received_key = convert_verifyingkey(body_bytes);
Ok(received_key)
}
fn convert_verifyingkey(raw_xy: &[u8; 64]) -> VerifyingKey {
let mut sec1 = [0u8; 65];
sec1[0] = 0x04;
sec1[1..].copy_from_slice(raw_xy);
let ep = EncodedPoint::from_bytes(&sec1).expect("invalid point bytes");
let pk = VerifyingKey::from_encoded_point(&ep).expect("invalid encoded point");
VerifyingKey::from(pk)
}
pub fn verify_signature(pubkey: VerifyingKey, message: &Vec<u8>) -> bool {
let length_bytes: [u8; 2] = message[5..7].try_into().expect("Taille incorrecte");
let length = u16::from_be_bytes(length_bytes);
println!("message length: {}", length);
let msg_to_hash = &message[..length as usize + 7];
let signature_bytes = &message[length as usize + 7..length as usize + 7 + 64];
println!("conversion start");
let sig = match Signature::from_bytes(signature_bytes.try_into().expect("conversion error")) {
Ok(s) => s,
Err(_) => return false,
};
println!("conversion done");
match pubkey.verify(&msg_to_hash, &sig) {
Ok(()) => true,
Err(_) => false,
}
}
/// ///
/// takes a serialized message and adds the signature using the private key /// takes a serialized message and adds the signature using the private key
/// ///

2
client-network/src/lib.rs
View File

@@ -104,7 +104,7 @@ pub fn start_p2p_executor(
let messages_list = HashMap::<i32, EventType>::new(); let messages_list = HashMap::<i32, EventType>::new();
let username = String::from("Gamixtreize"); let username = String::from("az");
let crypto_pair = CryptographicSignature::new(username); let crypto_pair = CryptographicSignature::new(username);

65
client-network/src/message_handling.rs
View File

@@ -1,5 +1,7 @@
use crate::{ use crate::{
cryptographic_signature::{CryptographicSignature, sign_message}, cryptographic_signature::{
CryptographicSignature, get_peer_key, sign_message, verify_signature,
},
messages_channels::MultipleSenders, messages_channels::MultipleSenders,
messages_structure::HandshakeMessage, messages_structure::HandshakeMessage,
registration, registration,
@@ -58,34 +60,49 @@ pub fn handle_recevied_message(
match eventtype { match eventtype {
Some(EventType::ServerHelloReply) => { Some(EventType::ServerHelloReply) => {
/*registration::register_ip_addresses( /*registration::register_ip_addresses(
crypto_pair, crypto_pair,
socket_addr.to_string(), socket_addr.to_string(),
senders, senders,
&messages_list, // Pass the mutable reference inside the lock &messages_list, // Pass the mutable reference inside the lock
546, 546,
);*/ );*/
} }
Some(_) => print!("Not implemented"), Some(_) => print!("Not implemented"),
None => { None => {
let message_type = recevied_message[4]; let message_type = recevied_message[4];
if message_type == 1 { if message_type == 1 {
let username_size = crypto_pair.username.len(); println!("verify the signature");
let hello_handshake = HandshakeMessage::helloReply( let parsed_received_message = HandshakeMessage::parse(recevied_message.to_vec());
id as u32, let received_name = String::from_utf8(parsed_received_message.name).expect("error");
username_size as u16 + 4, let peer_pubkey = tokio::runtime::Runtime::new()
crypto_pair.username.clone(), .unwrap()
); .block_on(get_peer_key(&received_name))
//HandshakeMessage::display(&hello_handshake); .expect("failed to retrieve public key");
let hello_handshake_serialized = hello_handshake.serialize();
let message_signed = sign_message(crypto_pair, &hello_handshake_serialized); if !verify_signature(peer_pubkey, recevied_message) {
senders.send_via(0, message_signed, socket_addr.to_string()); println!(
let mut list = messages_list.lock().expect("Failed to lock messages_list"); "incorrect signature from given peer: {}, ignoring message {}",
match list.get(&id) { &received_name, id
Some(_) => { );
list.remove(&id); } else {
} let username_size = crypto_pair.username.len();
None => { let hello_handshake = HandshakeMessage::helloReply(
list.insert(id, EventType::ServerHelloReply); id as u32,
username_size as u16 + 4,
crypto_pair.username.clone(),
);
//HandshakeMessage::display(&hello_handshake);
let hello_handshake_serialized = hello_handshake.serialize();
let message_signed = sign_message(crypto_pair, &hello_handshake_serialized);
senders.send_via(0, message_signed, socket_addr.to_string());
let mut list = messages_list.lock().expect("Failed to lock messages_list");
match list.get(&id) {
Some(_) => {
list.remove(&id);
}
None => {
list.insert(id, EventType::ServerHelloReply);
}
} }
} }
} }

10
client-network/src/messages_structure.rs
View File

@@ -7,12 +7,12 @@ pub struct UDPMessage {
} }
pub struct HandshakeMessage { pub struct HandshakeMessage {
id: u32, pub id: u32,
msg_type: u8, msg_type: u8,
length: u16, length: u16,
extensions: u32, extensions: u32,
name: Vec<u8>, pub name: Vec<u8>,
signature: Vec<u8>, pub signature: Vec<u8>,
} }
impl UDPMessage { impl UDPMessage {
@@ -130,9 +130,9 @@ impl HandshakeMessage {
let extensions_bytes: [u8; 4] = received_message[7..11] let extensions_bytes: [u8; 4] = received_message[7..11]
.try_into() .try_into()
.expect("Taille incorrecte"); .expect("Taille incorrecte");
let name_bytes = &received_message[11..12 + msg_length as usize]; let name_bytes = &received_message[11..(11 + msg_length - 4) as usize];
let signature_bytes = let signature_bytes =
&received_message[12 + msg_length as usize..(13 + msg_length + 32) as usize]; &received_message[(11 + msg_length - 4) as usize..(11 + msg_length - 4 + 64) as usize];
HandshakeMessage { HandshakeMessage {
id: u32::from_be_bytes(id_bytes), id: u32::from_be_bytes(id_bytes),
msg_type: received_message[4], msg_type: received_message[4],

2
client-network/src/registration.rs
View File

@@ -48,7 +48,7 @@ pub async fn get_socket_address(username: String) -> Result<Bytes, reqwest::Erro
println!("Successfully retreived the addresses."); println!("Successfully retreived the addresses.");
} else { } else {
eprintln!( eprintln!(
"Failed to register with the server. Status: {}", "Failed to get the peers addresses from the server. Status: {}",
res.status() res.status()
); );
} }