Root set stuff, code formatting and other boring stuff.

cmd/zerotier/cli/help.go

@@ -58,8 +58,8 @@ Commands:
   root [command]                       - Root management commands
     add <identity> [endpoint]            Designate a peer as a root
     remove <address>                     Un-designate a peer as a root
-    subscribe <url>                      Subscribe to a root set
-    unsubscribe <url>                    Unsubscribe from a root set
+    subscribe <url> [<key hash>]         Subscribe to a set of roots
+    unsubscribe <url | key hash>         Unsubscribe from a set of roots
   set [option] [value]                 - Get or set a core config option
     port <port>                          Primary P2P port
     secondaryport <port/0>               Secondary P2P port (0 to disable)

cmd/zerotier/cli/root.go

@@ -21,10 +21,6 @@ func Root(basePath, authToken string, args []string, jsonOutput bool) {
 
 		case "remove":
 
-		case "subscribe":
-
-		case "unsubscribe":
-
 		}
 	}
 }

core/Constants.hpp

@@ -224,10 +224,6 @@
  */
 #define ZT_SIGNATURE_BUFFER_SIZE 96
 
-// Internal cryptographic algorithm IDs (these match relevant identity types)
-#define ZT_CRYPTO_ALG_C25519 0
-#define ZT_CRYPTO_ALG_P384 1
-
 /* Ethernet frame types that might be relevant to us */
 #define ZT_ETHERTYPE_IPV4 0x0800
 #define ZT_ETHERTYPE_ARP 0x0806

core/Containers.hpp

@@ -20,8 +20,11 @@
 #include "Utils.hpp"
 
 #ifdef __CPP11__
+
 #include <unordered_map>
+
 #endif
+
 #include <map>
 #include <vector>
 #include <list>
@@ -35,16 +38,26 @@ namespace ZeroTier {
 struct intl_MapHasher
 {
 	template< typename O >
-	std::size_t operator()(const O &obj) const noexcept { return (std::size_t)obj.hashCode(); }
-	std::size_t operator()(const uint64_t i) const noexcept { return (std::size_t)Utils::hash64(i + Utils::s_mapNonce); }
-	std::size_t operator()(const int64_t i) const noexcept { return (std::size_t)Utils::hash64((uint64_t)i + Utils::s_mapNonce); }
-	std::size_t operator()(const uint32_t i) const noexcept { return (std::size_t)Utils::hash32(i + (uint32_t)Utils::s_mapNonce); }
-	std::size_t operator()(const int32_t i) const noexcept { return (std::size_t)Utils::hash32((uint32_t)i + (uint32_t)Utils::s_mapNonce); }
+	std::size_t operator()(const O &obj) const noexcept
+	{ return (std::size_t)obj.hashCode(); }
+
+	std::size_t operator()(const uint64_t i) const noexcept
+	{ return (std::size_t)Utils::hash64(i + Utils::s_mapNonce); }
+
+	std::size_t operator()(const int64_t i) const noexcept
+	{ return (std::size_t)Utils::hash64((uint64_t)i + Utils::s_mapNonce); }
+
+	std::size_t operator()(const uint32_t i) const noexcept
+	{ return (std::size_t)Utils::hash32(i + (uint32_t)Utils::s_mapNonce); }
+
+	std::size_t operator()(const int32_t i) const noexcept
+	{ return (std::size_t)Utils::hash32((uint32_t)i + (uint32_t)Utils::s_mapNonce); }
 };
 
 template< typename K, typename V >
-class Map : public std::unordered_map< K,V,intl_MapHasher,std::equal_to<K>,Utils::Mallocator< std::pair<const K,V> > >
-{
+class Map : public std::unordered_map< K, V, intl_MapHasher, std::equal_to< K >, Utils::Mallocator < std::pair< const K, V > >
+
+> {
 public:
 ZT_INLINE V *get(const K &key) noexcept
 {
@@ -63,13 +76,13 @@ public:
 }
 
 ZT_INLINE void set(const K &key, const V &value)
-	{
-		this->emplace(key,value);
-	}
+{ this->emplace(key, value); }
 };
 
 template< typename K, typename V >
-class MultiMap : public std::unordered_multimap< K,V,intl_MapHasher,std::equal_to<K>,Utils::Mallocator< std::pair<const K,V> > >
+class MultiMap : public std::unordered_multimap< K, V, intl_MapHasher, std::equal_to< K >, Utils::Mallocator < std::pair< const K, V > >
+
+>
 {
 };
 
@@ -96,9 +109,7 @@ public:
 	}
 
 	ZT_INLINE void set(const K &key,const V &value)
-	{
-		(*this)[key] = value;
-	}
+	{ (*this)[key] = value; }
 };
 
 template<typename K,typename V>
@@ -109,7 +120,9 @@ class MultiMap : public std::multimap< K,V,std::less<K>,Utils::Mallocator< std::
 #endif
 
 template< typename K, typename V >
-class SortedMap : public std::map< K,V,std::less<K>,Utils::Mallocator< std::pair<const K,V> > >
+class SortedMap : public std::map< K, V, std::less< K >, Utils::Mallocator < std::pair< const K, V > >
+
+>
 {
 public:
 ZT_INLINE V *get(const K &key) noexcept
@@ -129,39 +142,81 @@ public:
 }
 
 ZT_INLINE void set(const K &key, const V &value)
+{ (*this)[key] = value; }
+
+};
+
+template< typename V >
+class Vector : public std::vector< V, Utils::Mallocator < V >
+
+>
 {
-		(*this)[key] = value;
+public:
+ZT_INLINE Vector()
+{}
+
+template< typename I >
+ZT_INLINE Vector(I
+begin,
+I end
+) : std::vector< V, Utils::Mallocator < V > >(begin,end) {
 }
 };
 
 template< typename V >
-class Vector : public std::vector< V,Utils::Mallocator<V> >
-{
-public:
-	ZT_INLINE Vector() {}
-	template<typename I>
-	ZT_INLINE Vector(I begin,I end) : std::vector< V,Utils::Mallocator<V> >(begin,end) {}
-};
+class List : public std::list< V, Utils::Mallocator < V >
 
-template<typename V>
-class List : public std::list< V,Utils::Mallocator<V> >
+>
 {
 };
 
 template< typename V >
-class Set : public std::set< V,std::less<V>,Utils::Mallocator<V> >
+class Set : public std::set< V, std::less< V >, Utils::Mallocator < V >
+
+>
 {
 };
 
-class String : public std::basic_string< char,std::char_traits<char>,Utils::Mallocator<char> >
+class String : public std::basic_string< char, std::char_traits< char >, Utils::Mallocator < char >
+
+>
 {
 public:
-	ZT_INLINE String() {}
-	ZT_INLINE String(const String &s) : std::basic_string< char,std::char_traits<char>,Utils::Mallocator<char> >(s.c_str()) {}
-	ZT_INLINE String(const std::string &s) : std::basic_string< char,std::char_traits<char>,Utils::Mallocator<char> >(s.c_str()) {}
-	ZT_INLINE String(const char *const s) : std::basic_string< char,std::char_traits<char>,Utils::Mallocator<char> >(s) {}
-	ZT_INLINE String &operator=(const char *const s) { assign(s); return *this; }
-	ZT_INLINE String &operator=(const std::string &s) { assign(s.c_str()); return *this; }
+ZT_INLINE String()
+{}
+
+ZT_INLINE String(const String &s) : std::basic_string< char, std::char_traits< char >, Utils::Mallocator < char >
+
+>(s.
+
+c_str()
+
+) {
+}
+ZT_INLINE String(const std::string &s) : std::basic_string< char, std::char_traits< char >, Utils::Mallocator < char >
+
+>(s.
+
+c_str()
+
+) {
+}
+ZT_INLINE String(const char *const s) : std::basic_string< char, std::char_traits< char >, Utils::Mallocator < char >
+
+>(s) {
+}
+ZT_INLINE String &operator=(const char *const s)
+{
+	assign(s);
+	return *this;
+}
+
+ZT_INLINE String &operator=(const std::string &s)
+{
+	assign(s.c_str());
+	return *this;
+}
+
 };
 
 } // ZeroTier

core/Dictionary.cpp

@@ -12,27 +12,23 @@
 /****/
 
 #include "Dictionary.hpp"
+#include "SHA512.hpp"
 
 namespace ZeroTier {
 
-static const FCV<char, 8> s_signatureFingerprint("@Si", 4);
-static const FCV<char, 8> s_signatureData("@Ss", 4);
-
 Dictionary::Dictionary()
 {
 }
 
 Vector<uint8_t> &Dictionary::operator[](const char *k)
 {
-	FCV<char, 8> key;
-	return m_entries[s_key(key, k)];
+	return m_entries[s_key(k)];
 }
 
 const Vector<uint8_t> &Dictionary::operator[](const char *k) const
 {
 	static const Vector<uint8_t> s_emptyEntry;
-	FCV<char, 8> key;
-	SortedMap<FCV<char, 8>, Vector<uint8_t> >::const_iterator e(m_entries.find(s_key(key, k)));
+	SortedMap< String, Vector<uint8_t> >::const_iterator e(m_entries.find(s_key(k)));
 	return (e == m_entries.end()) ? s_emptyEntry : e->second;
 }
 
@@ -131,8 +127,8 @@ void Dictionary::clear()
 void Dictionary::encode(Vector<uint8_t> &out, const bool omitSignatureFields) const
 {
 	out.clear();
-	for (SortedMap<FCV<char, 8>, Vector<uint8_t> >::const_iterator ti(m_entries.begin());ti != m_entries.end();++ti) {
-		if ((!omitSignatureFields) || ((ti->first != s_signatureFingerprint) && (ti->first != s_signatureData))) {
+	for (SortedMap< String, Vector<uint8_t> >::const_iterator ti(m_entries.begin());ti != m_entries.end();++ti) {
+		if ((!omitSignatureFields) || ((ti->first != ZT_DICTIONARY_SIGNATURE_KEY))) {
 			s_appendKey(out, ti->first.data());
 			for (Vector<uint8_t>::const_iterator i(ti->second.begin());i != ti->second.end();++i)
 				s_appendValueByte(out, *i);
@@ -145,7 +141,7 @@ void Dictionary::encode(Vector<uint8_t> &out, const bool omitSignatureFields) co
 bool Dictionary::decode(const void *data, unsigned int len)
 {
 	clear();
-	FCV<char, 8> k;
+	String k;
 	Vector<uint8_t> *v = nullptr;
 	bool escape = false;
 	for (unsigned int di = 0;di < len;++di) {
@@ -197,4 +193,59 @@ bool Dictionary::decode(const void *data, unsigned int len)
 	return true;
 }
 
+void Dictionary::sign(
+	const uint8_t c25519PrivateKey[ZT_C25519_COMBINED_PRIVATE_KEY_SIZE],
+	const uint8_t c25519PublicKey[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE],
+	const uint8_t p384PrivateKey[ZT_ECC384_PRIVATE_KEY_SIZE],
+	const uint8_t p384PublicKey[ZT_ECC384_PUBLIC_KEY_SIZE])
+{
+	Vector<uint8_t> buf;
+	encode(buf, true);
+
+	uint8_t c25519Signature[ZT_C25519_SIGNATURE_LEN];
+	C25519::sign(c25519PrivateKey, c25519PublicKey, buf.data(), (unsigned int)buf.size(), c25519Signature);
+
+	uint8_t hbuf[ZT_ECC384_SIGNATURE_HASH_SIZE];
+	static_assert(ZT_ECC384_SIGNATURE_HASH_SIZE == ZT_SHA384_DIGEST_SIZE,"size mismatch");
+	SHA384(hbuf, buf.data(), (unsigned int)buf.size());
+	uint8_t p384Signature[ZT_ECC384_SIGNATURE_SIZE];
+	ECC384ECDSASign(p384PrivateKey, hbuf, p384Signature);
+
+	SHA384(hbuf, c25519PublicKey, ZT_C25519_COMBINED_PUBLIC_KEY_SIZE, p384PublicKey, ZT_ECC384_PUBLIC_KEY_SIZE);
+
+	Dictionary signature;
+	signature["kh"].assign(hbuf, hbuf + ZT_SHA384_DIGEST_SIZE);
+	signature["ed25519"].assign(c25519Signature, c25519Signature + ZT_C25519_SIGNATURE_LEN);
+	signature["p384"].assign(p384Signature, p384Signature + ZT_ECC384_SIGNATURE_SIZE);
+	signature.encode((*this)[ZT_DICTIONARY_SIGNATURE_KEY], true);
+}
+
+bool Dictionary::verify(
+	const uint8_t c25519PublicKey[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE],
+	const uint8_t p384PublicKey[ZT_ECC384_PUBLIC_KEY_SIZE]) const
+{
+	try {
+		const Vector< uint8_t > &data = (*this)[ZT_DICTIONARY_SIGNATURE_KEY];
+		if (data.empty())
+			return false;
+		Dictionary signature;
+		if (!signature.decode(data.data(), (unsigned int)data.size()))
+			return false;
+		const Vector< uint8_t > &p384Signature = signature["p384"];
+		const Vector< uint8_t > &c25519Signature = signature["ed25519"];
+		if ((p384Signature.size() != ZT_ECC384_SIGNATURE_SIZE) || (c25519Signature.size() != ZT_C25519_SIGNATURE_LEN))
+			return false;
+
+		Vector< uint8_t > buf;
+		encode(buf, true);
+
+		if (C25519::verify(c25519PublicKey, buf.data(), (unsigned int)buf.size(), c25519Signature.data(), (unsigned int)c25519Signature.size())) {
+			uint8_t hbuf[ZT_ECC384_SIGNATURE_HASH_SIZE];
+			SHA384(hbuf, buf.data(), (unsigned int)buf.size());
+			return ECC384ECDSAVerify(p384PublicKey, hbuf, p384Signature.data());
+		}
+	} catch ( ... ) {}
+	return false;
+}
+
 } // namespace ZeroTier

core/Dictionary.hpp

@@ -18,8 +18,11 @@
 #include "Utils.hpp"
 #include "Address.hpp"
 #include "Buf.hpp"
-#include "FCV.hpp"
 #include "Containers.hpp"
+#include "C25519.hpp"
+#include "ECC384.hpp"
+
+#define ZT_DICTIONARY_SIGNATURE_KEY "@S"
 
 namespace ZeroTier {
 
@@ -29,9 +32,7 @@ class Identity;
  * A simple key-value store for short keys
  *
  * This data structure is used for network configurations, node meta-data,
- * and other open-definition protocol objects. It consists of a key-value
- * store with short (max: 7 characters) keys that map to strings, blobs,
- * or integers with the latter being by convention in hex format.
+ * and other open-definition protocol objects.
  *
  * If this seems a little odd, it is. It dates back to the very first alpha
  * versions of ZeroTier and if it were redesigned today we'd use some kind
@@ -45,6 +46,9 @@ class Identity;
 class Dictionary
 {
 public:
+	typedef SortedMap< String, Vector < uint8_t > >
+	::const_iterator const_iterator;
+
 	Dictionary();
 
 	/**
@@ -63,6 +67,18 @@ public:
 	 */
 	const Vector <uint8_t> &operator[](const char *k) const;
 
+	/**
+	 * @return Start of key->value pairs
+	 */
+	ZT_INLINE const_iterator begin() const noexcept
+	{ return m_entries.begin(); }
+
+	/**
+	 * @return End of key->value pairs
+	 */
+	ZT_INLINE const_iterator end() const noexcept
+	{ return m_entries.end(); }
+
 	/**
 	 * Add a boolean as '1' or '0'
 	 */
@@ -70,13 +86,16 @@ public:
 
 	/**
 	 * Add an integer as a hexadecimal string value
+	 *
+	 * @param k Key to set
+	 * @param v Integer to set, will be cast to uint64_t and stored as hex
 	 */
-	ZT_INLINE void add(const char *const k,const uint64_t v) { char buf[17]; add(k,Utils::hex(v,buf)); }
-	ZT_INLINE void add(const char *const k,const int64_t v) { char buf[17]; add(k,Utils::hex((uint64_t)v,buf)); }
-	ZT_INLINE void add(const char *const k,const uint32_t v) { char buf[17]; add(k,Utils::hex((uint64_t)v,buf)); }
-	ZT_INLINE void add(const char *const k,const int32_t v) { char buf[17]; add(k,Utils::hex((uint64_t)v,buf)); }
-	ZT_INLINE void add(const char *const k,const uint16_t v) { char buf[17]; add(k,Utils::hex((uint64_t)v,buf)); }
-	ZT_INLINE void add(const char *const k,const int16_t v) { char buf[17]; add(k,Utils::hex((uint64_t)v,buf)); }
+	template< typename I >
+	ZT_INLINE void add(const char *const k, I v)
+	{
+		char buf[17];
+		add(k, Utils::hex((uint64_t)(v), buf));
+	}
 
 	/**
 	 * Add an address in 10-digit hex string format
@@ -147,12 +166,14 @@ public:
 	/**
 	 * @return Number of entries
 	 */
-	ZT_INLINE unsigned int size() const noexcept { return m_entries.size(); }
+	ZT_INLINE unsigned int size() const noexcept
+	{ return m_entries.size(); }
 
 	/**
 	 * @return True if dictionary is not empty
 	 */
-	ZT_INLINE bool empty() const noexcept { return m_entries.empty(); }
+	ZT_INLINE bool empty() const noexcept
+	{ return m_entries.empty(); }
 
 	/**
 	 * Encode to a string in the supplied vector
@@ -174,6 +195,34 @@ public:
 	 */
 	bool decode(const void *data, unsigned int len);
 
+	/**
+	 * Sign this dictionary with both an Ed25519 key and a NIST P-384 key.
+	 *
+	 * This is currently used just for signing root sets for the root subscribe
+	 * feature. It uses both key types for more crypto cowbell.
+	 *
+	 * @param c25519PrivateKey Curve25519 combined key (C25519 and ed25519), though only ed25519 part is used
+	 * @param c25519PublicKey Public part of Curve25519 combined key
+	 * @param p384PrivateKey NIST P-384 private key
+	 * @param p384PublicKey NIST P-384 public key
+	 */
+	void sign(
+		const uint8_t c25519PrivateKey[ZT_C25519_COMBINED_PRIVATE_KEY_SIZE],
+		const uint8_t c25519PublicKey[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE],
+		const uint8_t p384PrivateKey[ZT_ECC384_PRIVATE_KEY_SIZE],
+		const uint8_t p384PublicKey[ZT_ECC384_PUBLIC_KEY_SIZE]);
+
+	/**
+	 * Verify this dictionary's signature
+	 *
+	 * @param c25519PublicKey Curve25519 public key
+	 * @param p384PublicKey P-384 public key
+	 * @return True if signatures are valid
+	 */
+	bool verify(
+		const uint8_t c25519PublicKey[ZT_C25519_COMBINED_PUBLIC_KEY_SIZE],
+		const uint8_t p384PublicKey[ZT_ECC384_PUBLIC_KEY_SIZE]) const;
+
 	/**
 	 * Append a key=value pair to a buffer (vector or FCV)
 	 * 
@@ -234,19 +283,32 @@ public:
 	}
 
 	template< typename V >
-	ZT_INLINE static void append(V &out,const char *const k,const int64_t v) { append(out,k,(uint64_t)v); }
+	ZT_INLINE static void append(V &out, const char *const k, const int64_t v)
+	{ append(out, k, (uint64_t)v); }
+
 	template< typename V >
-	ZT_INLINE static void append(V &out,const char *const k,const uint32_t v) { append(out,k,(uint64_t)v); }
+	ZT_INLINE static void append(V &out, const char *const k, const uint32_t v)
+	{ append(out, k, (uint64_t)v); }
+
 	template< typename V >
-	ZT_INLINE static void append(V &out,const char *const k,const int32_t v) { append(out,k,(uint64_t)v); }
+	ZT_INLINE static void append(V &out, const char *const k, const int32_t v)
+	{ append(out, k, (uint64_t)v); }
+
 	template< typename V >
-	ZT_INLINE static void append(V &out,const char *const k,const uint16_t v) { append(out,k,(uint64_t)v); }
+	ZT_INLINE static void append(V &out, const char *const k, const uint16_t v)
+	{ append(out, k, (uint64_t)v); }
+
 	template< typename V >
-	ZT_INLINE static void append(V &out,const char *const k,const int16_t v) { append(out,k,(uint64_t)v); }
+	ZT_INLINE static void append(V &out, const char *const k, const int16_t v)
+	{ append(out, k, (uint64_t)v); }
+
 	template< typename V >
-	ZT_INLINE static void append(V &out,const char *const k,const uint8_t v) { append(out,k,(uint64_t)v); }
+	ZT_INLINE static void append(V &out, const char *const k, const uint8_t v)
+	{ append(out, k, (uint64_t)v); }
+
 	template< typename V >
-	ZT_INLINE static void append(V &out,const char *const k,const int8_t v) { append(out,k,(uint64_t)v); }
+	ZT_INLINE static void append(V &out, const char *const k, const int8_t v)
+	{ append(out, k, (uint64_t)v); }
 
 	/**
 	 * Append a key=value pair to a buffer (vector or FCV)
@@ -292,9 +354,7 @@ public:
 	 */
 	template< typename V >
 	static ZT_INLINE void appendPacketId(V &out, const char *const k, const uint64_t pid)
-	{
-		append(out,k,&pid,8);
-	}
+	{ append(out, k, &pid, 8); }
 
 	/**
 	 * Append key=value with any object implementing the correct marshal interface
@@ -360,8 +420,9 @@ private:
 		out.push_back((uint8_t)'=');
 	}
 
-	ZT_INLINE static FCV<char,8> &s_key(FCV<char,8> &buf,const char *k) noexcept
+	ZT_INLINE static String s_key(const char *k) noexcept
 	{
+		String buf;
 		buf.clear();
 		for (unsigned int i = 0; i < 7; ++i) {
 			const char kc = k[i];
@@ -374,7 +435,7 @@ private:
 		return buf;
 	}
 
-	SortedMap< FCV<char,8>,Vector<uint8_t> > m_entries;
+	SortedMap <String, Vector< uint8_t >> m_entries;
 };
 
 } // namespace ZeroTier

core/EphemeralKey.hpp

@@ -47,7 +47,7 @@ public:
 	enum Type
 	{
 		TYPE_NIL = 0,
-		TYPE_C25519_P384 = ZT_CRYPTO_ALG_P384
+		TYPE_C25519_P384 = 1
 	};
 
 	/**

pkg/zerotier/misc.go

@@ -13,6 +13,9 @@
 
 package zerotier
 
+// #include "../../serviceiocore/GoGlue.h"
+import "C"
+
 import (
 	"encoding/base32"
 	"encoding/binary"