Page MenuHomePhabricator
Files F3493574

D5947.id20241.diff
No OneTemporary
Actions

D5947.id20241.diff
View Options

diff --git a/services/tunnelbroker/src/server/mod.rs b/services/tunnelbroker/src/server/mod.rs
--- a/services/tunnelbroker/src/server/mod.rs
+++ b/services/tunnelbroker/src/server/mod.rs
@@ -3,8 +3,8 @@
use super::constants;
use super::cxx_bridge::ffi::{
ackMessageFromAMQP, eraseMessagesFromAMQP, getMessagesFromDatabase,
- getSessionItem, newSessionHandler, removeMessages, sendMessages,
- sessionSignatureHandler, updateSessionItemDeviceToken,
+ getSavedNonceToSign, getSessionItem, newSessionHandler, removeMessages,
+ sendMessages, sessionSignatureHandler, updateSessionItemDeviceToken,
updateSessionItemIsOnline, waitMessageFromDeliveryBroker, GRPCStatusCodes,
};
use anyhow::Result;
@@ -61,6 +61,37 @@
));
};
+ let nonce_to_be_signed = match getSavedNonceToSign(&inner_request.device_id)
+ {
+ Ok(saved_nonce) => saved_nonce,
+ Err(err) => {
+ return Err(tools::create_tonic_status(
+ GRPCStatusCodes::Internal,
+ &err.what(),
+ ))
+ }
+ };
+ match tools::verify_signed_string(
+ &inner_request.public_key,
+ &nonce_to_be_signed,
+ &inner_request.signature,
+ ) {
+ Ok(verifying_result) => {
+ if !verifying_result {
+ return Err(tools::create_tonic_status(
+ GRPCStatusCodes::PermissionDenied,
+ "Signature for the verification message is not valid",
+ ));
+ }
+ }
+ Err(_) => {
+ return Err(tools::create_tonic_status(
+ GRPCStatusCodes::Internal,
+ "Error while verifying the signature",
+ ))
+ }
+ }
+
let result = newSessionHandler(
&inner_request.device_id,
&inner_request.public_key,

File Metadata

Mime Type
text/plain
Expires
Fri, Dec 20, 3:41 AM (20 h, 47 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2676843
Default Alt Text
D5947.id20241.diff (1 KB)

Event Timeline