void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-04-26 17:03:43 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
ZeroTierOne/node/CertificateOfMembership.cpp
Adam Ierymenko b9f60fc3c2
A bunch of warning removal and LINT cleanliness.
2020-03-31 12:35:54 -07:00

281 lines
9.9 KiB
C++
Raw Blame History

/*
* Copyright (c)2013-2020 ZeroTier, Inc.
*
* Use of this software is governed by the Business Source License included
* in the LICENSE.TXT file in the project's root directory.
*
* Change Date: 2024-01-01
*
* On the date above, in accordance with the Business Source License, use
* of this software will be governed by version 2.0 of the Apache License.
*/
/****/
#include "CertificateOfMembership.hpp"
namespace ZeroTier {
CertificateOfMembership::CertificateOfMembership(const int64_t timestamp,const int64_t timestampMaxDelta,const uint64_t nwid,const Identity &issuedTo) noexcept : // NOLINT(cppcoreguidelines-pro-type-member-init,hicpp-member-init)
_timestamp(timestamp),
_timestampMaxDelta(timestampMaxDelta),
_networkId(nwid),
_issuedTo(issuedTo.fingerprint()),
_signatureLength(0) {}
bool CertificateOfMembership::agreesWith(const CertificateOfMembership &other) const noexcept
{
// NOTE: we always do explicit absolute value with an if() since llabs() can have overflow
// conditions that could introduce a vulnerability.
if (other._timestamp > _timestamp) {
if ((other._timestamp - _timestamp) > std::min(_timestampMaxDelta,other._timestampMaxDelta))
return false;
} else {
if ((_timestamp - other._timestamp) > std::min(_timestampMaxDelta,other._timestampMaxDelta))
return false;
}
// us <> them
for(FCV<_Qualifier,ZT_CERTIFICATEOFMEMBERSHIP_MAX_ADDITIONAL_QUALIFIERS>::const_iterator i(_additionalQualifiers.begin());i != _additionalQualifiers.end();++i) {
if (i->delta != 0xffffffffffffffffULL) {
const uint64_t *v2 = nullptr;
for(FCV<_Qualifier,ZT_CERTIFICATEOFMEMBERSHIP_MAX_ADDITIONAL_QUALIFIERS>::const_iterator j(other._additionalQualifiers.begin());j != other._additionalQualifiers.end();++i) {
if (j->id == i->id) {
v2 = &(j->value);
break;
}
}
if (!v2)
return false;
if (*v2 > i->value) {
if ((*v2 - i->value) > i->delta)
return false;
} else {
if ((i->value - *v2) > i->delta)
return false;
}
}
}
// them <> us (we need a second pass in case they have qualifiers we don't or vice versa)
for(FCV<_Qualifier,ZT_CERTIFICATEOFMEMBERSHIP_MAX_ADDITIONAL_QUALIFIERS>::const_iterator i(other._additionalQualifiers.begin());i != other._additionalQualifiers.end();++i) {
if (i->delta != 0xffffffffffffffffULL) {
const uint64_t *v2 = nullptr;
for(FCV<_Qualifier,ZT_CERTIFICATEOFMEMBERSHIP_MAX_ADDITIONAL_QUALIFIERS>::const_iterator j(_additionalQualifiers.begin());j != _additionalQualifiers.end();++i) {
if (j->id == i->id) {
v2 = &(j->value);
break;
}
}
if (!v2)
return false;
if (*v2 > i->value) {
if ((*v2 - i->value) > i->delta)
return false;
} else {
if ((i->value - *v2) > i->delta)
return false;
}
}
}
// SECURITY: check for issued-to inequality is a sanity check. This should be impossible since elsewhere
// in the code COMs are checked to ensure that they do in fact belong to their issued-to identities.
return (other._networkId == _networkId) && (_networkId != 0) && (other._issuedTo.address() != _issuedTo.address());
}
bool CertificateOfMembership::sign(const Identity &with) noexcept
{
_signedBy = with.address();
uint64_t buf[ZT_CERTIFICATEOFMEMBERSHIP_MARSHAL_SIZE_MAX / 8];
const unsigned int bufSize = _fillSigningBuf(buf);
_signatureLength = with.sign(buf,bufSize,_signature,sizeof(_signature));
return _signatureLength > 0;
}
int CertificateOfMembership::marshal(uint8_t data[ZT_CERTIFICATEOFMEMBERSHIP_MARSHAL_SIZE_MAX],const bool v2) const noexcept
{
data[0] = v2 ? 2 : 1;
// All formats start with the standard three qualifiers: timestamp with delta, network ID as a strict
// equality compare, and the address of the issued-to node as an informational tuple.
int p = 3;
Utils::storeBigEndian<uint64_t>(data + p,0); p += 8;
Utils::storeBigEndian<uint64_t>(data + p,(uint64_t)_timestamp); p += 8;
Utils::storeBigEndian<uint64_t>(data + p,(uint64_t)_timestampMaxDelta); p += 8;
Utils::storeBigEndian<uint64_t>(data + p,1); p += 8;
Utils::storeBigEndian<uint64_t>(data + p,_networkId); p += 8;
Utils::storeBigEndian<uint64_t>(data + p,0); p += 8;
Utils::storeBigEndian<uint64_t>(data + p,2); p += 8;
Utils::storeBigEndian<uint64_t>(data + p,_issuedTo.address().toInt()); p += 8;
Utils::storeAsIsEndian<uint64_t>(data + p,0xffffffffffffffffULL); p += 8;
if (v2) {
// V2 marshal format will have three tuples followed by the fingerprint hash.
Utils::storeBigEndian<uint16_t>(data + 1,3);
Utils::copy<48>(data + p,_issuedTo.hash());
p += 48;
} else {
// V1 marshal format must shove everything into tuples, resulting in nine.
Utils::storeBigEndian<uint16_t>(data + 1,9);
for(int k=0;k<6;++k) {
Utils::storeBigEndian<uint64_t>(data + p,(uint64_t)k + 3); p += 8;
Utils::storeAsIsEndian<uint64_t>(data + p,Utils::loadAsIsEndian<uint64_t>(_issuedTo.hash() + (k * 8))); p += 8;
Utils::storeAsIsEndian<uint64_t>(data + p,0xffffffffffffffffULL); p += 8;
}
}
_signedBy.copyTo(data + p); p += 5;
if (v2) {
// V2 marshal format prefixes signatures with a 16-bit length to support future signature types.
Utils::storeBigEndian<uint16_t>(data + p,(uint16_t)_signatureLength); p += 2;
Utils::copy(data + p,_signature,_signatureLength);
p += (int)_signatureLength;
} else {
// V1 only supports 96-byte signature fields.
Utils::copy<96>(data + p,_signature);
p += 96;
}
return p;
}
int CertificateOfMembership::unmarshal(const uint8_t *data,int len) noexcept
{
if (len < (1 + 2 + 72))
return -1;
TriviallyCopyable::memoryZero(this);
const unsigned int numq = Utils::loadBigEndian<uint16_t>(data + 1);
if ((numq < 3)||(numq > (ZT_CERTIFICATEOFMEMBERSHIP_MAX_ADDITIONAL_QUALIFIERS + 3)))
return -1;
int p = 3;
for(unsigned int q=0;q<numq;++q) {
if ((p + 24) > len)
return -1;
const uint64_t id = Utils::loadBigEndian<uint64_t>(data + p); p += 8; // NOLINT(hicpp-use-auto,modernize-use-auto)
const uint64_t value = Utils::loadBigEndian<uint64_t>(data + p); p += 8; // NOLINT(hicpp-use-auto,modernize-use-auto)
const uint64_t delta = Utils::loadBigEndian<uint64_t>(data + p); p += 8; // NOLINT(hicpp-use-auto,modernize-use-auto)
switch(id) {
case 0:
_timestamp = (int64_t)value;
_timestampMaxDelta = (int64_t)delta;
break;
case 1:
_networkId = value;
break;
case 2:
_issuedTo.apiFingerprint()->address = value;
break;
// V1 nodes will pack the hash into qualifier tuples.
case 3:
Utils::storeBigEndian<uint64_t>(_issuedTo.apiFingerprint()->hash,value);
break;
case 4:
Utils::storeBigEndian<uint64_t>(_issuedTo.apiFingerprint()->hash + 8,value);
break;
case 5:
Utils::storeBigEndian<uint64_t>(_issuedTo.apiFingerprint()->hash + 16,value);
break;
case 6:
Utils::storeBigEndian<uint64_t>(_issuedTo.apiFingerprint()->hash + 24,value);
break;
case 7:
Utils::storeBigEndian<uint64_t>(_issuedTo.apiFingerprint()->hash + 32,value);
break;
case 8:
Utils::storeBigEndian<uint64_t>(_issuedTo.apiFingerprint()->hash + 40,value);
break;
default:
if (_additionalQualifiers.size() >= ZT_CERTIFICATEOFMEMBERSHIP_MAX_ADDITIONAL_QUALIFIERS)
return -1;
_additionalQualifiers.push_back(_Qualifier(id,value,delta));
break;
}
}
std::sort(_additionalQualifiers.begin(),_additionalQualifiers.end());
if (data[0] == 1) {
if ((p + 96) > len)
return -1;
_signatureLength = 96;
Utils::copy<96>(_signature,data + p);
return p + 96;
} else if (data[0] == 2) {
if ((p + 48) > len)
return -1;
Utils::copy<48>(_issuedTo.apiFingerprint()->hash,data + p);
p += 48;
if ((p + 2) > len)
return -1;
_signatureLength = Utils::loadBigEndian<uint16_t>(data + p);
if ((_signatureLength > (unsigned int)sizeof(_signature))||((p + (int)_signatureLength) > len))
return -1;
Utils::copy(_signature,data + p,_signatureLength);
return p + (int)_signatureLength;
}
return -1;
}
unsigned int CertificateOfMembership::_fillSigningBuf(uint64_t buf[ZT_CERTIFICATEOFMEMBERSHIP_MARSHAL_SIZE_MAX / 8]) const noexcept
{
const uint64_t informational = 0xffffffffffffffffULL;
/*
* Signing always embeds all data to be signed in qualifier tuple format for
* backward compatibility with V1 nodes, since otherwise we'd need a signature
* for v1 nodes to verify and another for v2 nodes to verify.
*/
// The standard three tuples that must begin every COM.
buf[0] = 0;
buf[1] = Utils::hton((uint64_t)_timestamp);
buf[2] = Utils::hton((uint64_t)_timestampMaxDelta);
buf[3] = ZT_CONST_TO_BE_UINT64(1);
buf[4] = Utils::hton(_networkId);
buf[5] = 0;
buf[6] = ZT_CONST_TO_BE_UINT64(2);
buf[7] = Utils::hton(_issuedTo.address().toInt());
buf[8] = informational;
unsigned int p = 9;
// The full identity fingerprint of the peer to whom the COM was issued,
// embeded as a series of informational tuples.
if (_issuedTo.haveHash()) {
buf[p++] = ZT_CONST_TO_BE_UINT64(3);
buf[p++] = Utils::loadAsIsEndian<uint64_t>(_issuedTo.hash());
buf[p++] = informational;
buf[p++] = ZT_CONST_TO_BE_UINT64(4);
buf[p++] = Utils::loadAsIsEndian<uint64_t>(_issuedTo.hash() + 8);
buf[p++] = informational;
buf[p++] = ZT_CONST_TO_BE_UINT64(5);
buf[p++] = Utils::loadAsIsEndian<uint64_t>(_issuedTo.hash() + 16);
buf[p++] = informational;
buf[p++] = ZT_CONST_TO_BE_UINT64(6);
buf[p++] = Utils::loadAsIsEndian<uint64_t>(_issuedTo.hash() + 24);
buf[p++] = informational;
buf[p++] = ZT_CONST_TO_BE_UINT64(7);
buf[p++] = Utils::loadAsIsEndian<uint64_t>(_issuedTo.hash() + 32);
buf[p++] = informational;
buf[p++] = ZT_CONST_TO_BE_UINT64(8);
buf[p++] = Utils::loadAsIsEndian<uint64_t>(_issuedTo.hash() + 40);
buf[p++] = informational;
}
for(FCV<_Qualifier,ZT_CERTIFICATEOFMEMBERSHIP_MAX_ADDITIONAL_QUALIFIERS>::const_iterator i(_additionalQualifiers.begin());i != _additionalQualifiers.end();++i) { // NOLINT(modernize-loop-convert)
buf[p++] = Utils::hton(i->id);
buf[p++] = Utils::hton(i->value);
buf[p++] = Utils::hton(i->delta);
}
return p * 8;
}
} // namespace ZeroTier
Reference in a new issue View git blame Copy permalink