implement rpc message signing

2017-03-16 14:45:38 +01:00 · 2017-03-16 14:45:38 +01:00 · e8c3cf6aa5
commit e8c3cf6aa5
parent d85a42c776
1 changed files with 24 additions and 14 deletions
--- a/www/common/rpc.js
+++ b/www/common/rpc.js
@ -4,12 +4,19 @@ define([
    '/bower_components/tweetnacl/nacl-fast.min.js',
 ], function (Encode) {
    var MAX_LAG_BEFORE_TIMEOUT = 30000;
+    var Nacl = window.nacl;

    var uid = function () {
        return Number(Math.floor(Math.random() * Number.MAX_SAFE_INTEGER))
            .toString(32).replace(/\./g, '');
    };

+    var signMsg = function (type, msg, signKey) {
+        var toSign = JSON.stringify([type, msg]);
+        var buffer = Nacl.util.decodeUTF8(toSign);
+        return Nacl.util.encodeBase64(Nacl.sign(buffer, signKey));
+    };
+
    /*
 types of messages:
    pin -> hash
@ -24,14 +31,14 @@ types of messages:
    messages have the format:
        [TYPE, txid, msg]
 */
-    var sendMsg = function (ctx, type, msg, cb) {
+    var sendMsg = function (ctx, type, signed, id, cb) {
        var network = ctx.network;
        var hkn = network.historyKeeper;
        var txid = uid();

        ctx.pending[txid] = cb;

-        return network.sendto(hkn, JSON.stringify([txid, type, msg]));
+        return network.sendto(hkn, JSON.stringify([txid, signed, id]));
    };

    var parse = function (msg) {
@ -68,18 +75,19 @@ types of messages:
        }
    };

-    var cookie = function (ctx, cb) {
-        // TODO txid
-    };
+    var create = function (network, edPrivateKey, edPublicKey) {
+        var signKey = Nacl.util.decodeBase64(edPrivateKey);

-    var signMsg = function (msg, secKey) {
-        // TODO
-    };
-
-    var create = function (network, edPrivateKey) {
-        if (!/[0-9a-f]{64}/.test(edPrivateKey)) {
-            //throw new Error("private signing key is not valid");
+        try {
+            if (signKey.length !== 64) {
+                throw new Error('private key did not match expected length of 64');
+            }
+        } catch (err) {
+            throw new Error("private signing key is not valid");
        }
+
+        // TODO validate public key as well
+
        var ctx = {
            //privateKey: Encode.hexToUint8Array(edPrivateKey),
            seq: new Date().getTime(),
@ -91,13 +99,15 @@ types of messages:
        var pin = function (channel, cb) { };

        var send = function (type, msg, cb) {
-            return sendMsg(ctx, type, msg, cb);
+            // construct a signed message...
+            var signed = signMsg(type, msg, signKey);
+
+            return sendMsg(ctx, type, signed, edPublicKey, cb);
        };
        network.on('message', function (msg, sender) {
            onMsg(ctx, msg);
        });
        return {
-            cookie: function (cb) { cookie(ctx, cb); },
            send: send,
        };
    };