ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2025-12-06 17:27:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Sign manifest with ephemeral and master keys (RIPD-1083)

Browse Source
This commit is contained in:
wilsonianb
2016-02-03 14:28:12 -08:00
committed by Edward Hennis
parent 7d46d153c6
commit b55edfa8f0
15 changed files with 262 additions and 182 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/ripple/overlay/impl/Manifest.cpp
View File

@@ -42,7 +42,8 @@ make_Manifest (std::string s)
auto const opt_spk = get<PublicKey>(st, sfSigningPubKey);
auto const opt_seq = get (st, sfSequence);
auto const opt_sig = get (st, sfSignature);
if (!opt_pk || !opt_spk || !opt_seq || !opt_sig)
auto const opt_msig = get (st, sfMasterSignature);
if (!opt_pk || !opt_spk || !opt_seq || !opt_sig || !opt_msig)
{
return boost::none;
}
@@ -99,7 +100,11 @@ bool Manifest::verify () const
STObject st (sfGeneric);
SerialIter sit (serialized.data (), serialized.size ());
st.set (sit);
return ripple::verify (st, HashPrefix::manifest, masterKey, true);
if (! ripple::verify (st, HashPrefix::manifest, signingKey, true))
return false;
return ripple::verify (
st, HashPrefix::manifest, masterKey, true, sfMasterSignature);
}
uint256 Manifest::hash () const
@@ -127,6 +132,14 @@ Blob Manifest::getSignature () const
return st.getFieldVL (sfSignature);
}
Blob Manifest::getMasterSignature () const
{
STObject st (sfGeneric);
SerialIter sit (serialized.data (), serialized.size ());
st.set (sit);
return st.getFieldVL (sfMasterSignature);
}
bool
ManifestCache::loadValidatorKeys(
Section const& keys,
@@ -415,7 +428,9 @@ void ManifestCache::load (
{
if (!mo->verify())
{
Throw<std::runtime_error> ("Unverifiable manifest in db");
JLOG(journal.warn())
<< "Unverifiable manifest in db";
continue;
}
if (trusted(mo->masterKey) || unl.trusted(mo->masterKey))
@@ -444,13 +459,15 @@ void ManifestCache::save (DatabaseCon& dbCon) const
*db << "DELETE FROM ValidatorManifests";
static const char* const sql =
"INSERT INTO ValidatorManifests (RawData) VALUES (:rawData);";
// soci does not support bulk insertion of blob data
soci::blob rawData(*db);
for (auto const& v : map_)
{
if (!v.second.m)
continue;
// soci does not support bulk insertion of blob data
// Do not reuse blob because manifest ecdsa signatures vary in length
// but blob write length is expected to be >= the last write
soci::blob rawData(*db);
convert (v.second.m->serialized, rawData);
*db << sql,
soci::use (rawData);