gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-taldir] branch master updated: s/code/challenge

From: gnunet
Subject: [taler-taldir] branch master updated: s/code/challenge
Date: Mon, 11 Jul 2022 19:01:52 +0200 
This is an automated email from the git hooks/post-receive script.

martin-schanzenbach pushed a commit to branch master
in repository taldir.

The following commit(s) were added to refs/heads/master by this push:
     new 9fd3f55  s/code/challenge
9fd3f55 is described below

commit 9fd3f55c3b44c76ad15cafaadd05f54c17566f9b
Author: Martin Schanzenbach <schanzen@gnunet.org>
AuthorDate: Mon Jul 11 19:01:49 2022 +0200

    s/code/challenge
---
 pkg/rest/taldir.go | 35 ++++++++++++++++++++---------------
 pkg/util/helper.go |  8 ++++----
 taldir.conf        |  4 ++--
 3 files changed, 26 insertions(+), 21 deletions(-)

diff --git a/pkg/rest/taldir.go b/pkg/rest/taldir.go
index 76c5a6a..3ff1ffd 100644
--- a/pkg/rest/taldir.go
+++ b/pkg/rest/taldir.go
@@ -75,8 +75,8 @@ type Taldir struct {
   // Request frequency
   RequestFrequency int64
 
-  // Code TTL
-  CodeTtl time.Duration
+  // Challence TTL
+  ChallengeTtl time.Duration
 
   // How often may a challenge be requested
   ValidationInitiationMax int
@@ -88,8 +88,8 @@ type Taldir struct {
   SolutionTimeframe time.Duration
 
 
-  // Code length in bytes before encoding
-  CodeBytes int
+  // Challenge length in bytes before encoding
+  ChallengeBytes int
 }
 
 type VersionResponse struct {
@@ -194,7 +194,7 @@ type Validation struct {
   Inbox string `json:"inbox_url"`
 
   // The activation code sent to the client
-  Code string `json:"activation_code"`
+  Challenge string `json:"-"`
 
   // Public key of the user to register
   PublicKey string `json:"public_key"`
@@ -251,6 +251,11 @@ type ErrorDetail struct {
 }
 
 type ValidationConfirmation struct {
+  // The solution is the SHA-512 hash of the challenge value
+  // chosen by TalDir (encoded as string just as given in the URL, but
+  // excluding the 0-termination) concatenated with the binary 32-byte
+  // value representing the wallet's EdDSA public key.
+  // The hash is provided as string in Crockford base32 encoding.
   Solution string `json:"solution"`
 }
 
@@ -325,7 +330,7 @@ func (t *Taldir) validationRequest(w http.ResponseWriter, r 
*http.Request){
     validation.SolutionAttemptCount = 1
   }
   t.Db.Save(&validation)
-  expectedSolution := util.GenerateSolution(validation.PublicKey, 
validation.Code)
+  expectedSolution := util.GenerateSolution(validation.PublicKey, 
validation.Challenge)
   if confirm.Solution != expectedSolution {
     w.WriteHeader(http.StatusForbidden)
     return
@@ -407,7 +412,7 @@ func (t *Taldir) registerRequest(w http.ResponseWriter, r 
*http.Request){
     }
   }
   err = t.Db.First(&validation, "h_address = ?", h_address).Error
-  validation.Code = util.GenerateCode(t.CodeBytes)
+  validation.Challenge = util.GenerateChallenge(t.ChallengeBytes)
   validation.Inbox = req.Inbox
   validation.Duration = req.Duration
   validation.PublicKey = req.PublicKey
@@ -416,7 +421,7 @@ func (t *Taldir) registerRequest(w http.ResponseWriter, r 
*http.Request){
   if err == nil {
     // Limit re-initiation attempts
     validation.InitiationCount++
-    if time.Now().Before(validation.TimeframeStart.Add(t.CodeTtl)) {
+    if time.Now().Before(validation.TimeframeStart.Add(t.ChallengeTtl)) {
       if validation.InitiationCount > t.ValidationInitiationMax {
         w.WriteHeader(429)
         rlResponse := RateLimitedResponse{
@@ -459,7 +464,7 @@ func (t *Taldir) registerRequest(w http.ResponseWriter, r 
*http.Request){
     w.WriteHeader(500)
     return
   }
-  out, err := exec.Command(path, req.Address, validation.Code).Output()
+  out, err := exec.Command(path, req.Address, validation.Challenge).Output()
   if err != nil {
     log.Println(err)
     t.Db.Delete(&validation)
@@ -499,7 +504,7 @@ func (t *Taldir) validationPage(w http.ResponseWriter, r 
*http.Request) {
   vars := mux.Vars(r)
   w.Header().Set("Content-Type", "text/html; charset=utf-8")
   var walletLink string
-  walletLink = "taler://taldir/" + vars["h_address"] + "/" + 
vars["validation_code"] + "-wallet"
+  walletLink = "taler://taldir/" + vars["h_address"] + "/" + vars["challenge"] 
+ "-wallet"
   var png []byte
   png, err := qrcode.Encode(walletLink, qrcode.Medium, 256)
   if err != nil {
@@ -648,7 +653,7 @@ func (t *Taldir) setupHandlers() {
   /* Registration API */
   t.Router.HandleFunc("/{h_address}", t.getSingleEntry).Methods("GET")
   t.Router.HandleFunc("/register/{method}", t.registerRequest).Methods("POST")
-  t.Router.HandleFunc("/register/{h_address}/{validation_code}", 
t.validationPage).Methods("GET")
+  t.Router.HandleFunc("/register/{h_address}/{challenge}", 
t.validationPage).Methods("GET")
   t.Router.HandleFunc("/{h_address}", t.validationRequest).Methods("POST")
 
 }
@@ -672,17 +677,17 @@ func (t *Taldir) Initialize(cfgfile string) {
   for _, a := range 
strings.Split(t.Cfg.Section("taldir").Key("validators").String(), " ") {
     t.Validators[a] = true
   }
-  t.CodeBytes = 
t.Cfg.Section("taldir").Key("activation_code_bytes").MustInt(16)
+  t.ChallengeBytes = t.Cfg.Section("taldir").Key("challenge_bytes").MustInt(16)
   t.ValidationInitiationMax = 
t.Cfg.Section("taldir").Key("validation_initiation_max").MustInt(3)
   t.SolutionAttemptsMax = 
t.Cfg.Section("taldir").Key("solution_attempt_max").MustInt(3)
 
-  validationTtlStr := 
t.Cfg.Section("taldir").Key("activation_code_ttl").MustString("5m")
-  t.CodeTtl, err = time.ParseDuration(validationTtlStr)
+  validationTtlStr := 
t.Cfg.Section("taldir").Key("challenge_ttl").MustString("5m")
+  t.ChallengeTtl, err = time.ParseDuration(validationTtlStr)
   if err != nil {
     log.Fatal(err)
   }
 
-  retryTimeframeStr := 
t.Cfg.Section("taldir").Key("code_attempt_timeframe").MustString("1h")
+  retryTimeframeStr := 
t.Cfg.Section("taldir").Key("solution_attempt_timeframe").MustString("1h")
   t.SolutionTimeframe, err = time.ParseDuration(retryTimeframeStr)
   if err != nil {
     log.Fatal(err)
diff --git a/pkg/util/helper.go b/pkg/util/helper.go
index e1b0b04..e4fad51 100644
--- a/pkg/util/helper.go
+++ b/pkg/util/helper.go
@@ -26,21 +26,21 @@ import (
 )
 
 
-// Generates a solution from a code and pubkey
-func GenerateSolution(pubkeyEncoded string, code string) string {
+// Generates a solution from a challenge and pubkey
+func GenerateSolution(pubkeyEncoded string, challenge string) string {
   pubkey, err := DecodeStringToBinary(pubkeyEncoded, 36)
   if err != nil {
     fmt.Println("error decoding pubkey:", err)
     return ""
   }
   h := sha512.New()
-  h.Write([]byte(code))
+  h.Write([]byte(challenge))
   h.Write(pubkey)
   return EncodeBinaryToString(h.Sum(nil))
 }
 
 // Generates random reference token used in the validation flow.
-func GenerateCode(bytes int) string {
+func GenerateChallenge(bytes int) string {
   randBytes := make([]byte, bytes)
   _, err := rand.Read(randBytes)
   if err != nil {
diff --git a/taldir.conf b/taldir.conf
index 1c9a899..f688081 100644
--- a/taldir.conf
+++ b/taldir.conf
@@ -10,10 +10,10 @@ default_doc_filetype = text/markdown
 default_doc_lang = en-US
 default_tos_path = terms/
 default_pp_path = privacy/
-activation_code_bytes = 16
+challenge_bytes = 16
 validation_initiation_max = 3
 solution_attempt_max = 3
-activation_code_ttl = 10m
+challenge_ttl = 10m
 solution_attempt_timeframe = 1h
 
 [taldir-email]

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]