Page MenuHomePhabricator

D5948.id20068.diff
No OneTemporary

D5948.id20068.diff

diff --git a/services/tunnelbroker/src/cxx_bridge.rs b/services/tunnelbroker/src/cxx_bridge.rs
--- a/services/tunnelbroker/src/cxx_bridge.rs
+++ b/services/tunnelbroker/src/cxx_bridge.rs
@@ -59,7 +59,6 @@
pub fn newSessionHandler(
deviceID: &str,
publicKey: &str,
- signature: &str,
deviceType: i32,
deviceAppVersion: &str,
deviceOS: &str,
diff --git a/services/tunnelbroker/src/libcpp/Tunnelbroker.h b/services/tunnelbroker/src/libcpp/Tunnelbroker.h
--- a/services/tunnelbroker/src/libcpp/Tunnelbroker.h
+++ b/services/tunnelbroker/src/libcpp/Tunnelbroker.h
@@ -11,7 +11,6 @@
NewSessionResult newSessionHandler(
rust::Str deviceID,
rust::Str publicKey,
- rust::Str signature,
int32_t deviceType,
rust::Str deviceAppVersion,
rust::Str deviceOS,
diff --git a/services/tunnelbroker/src/libcpp/Tunnelbroker.cpp b/services/tunnelbroker/src/libcpp/Tunnelbroker.cpp
--- a/services/tunnelbroker/src/libcpp/Tunnelbroker.cpp
+++ b/services/tunnelbroker/src/libcpp/Tunnelbroker.cpp
@@ -2,7 +2,6 @@
#include "AmqpManager.h"
#include "AwsTools.h"
#include "ConfigManager.h"
-#include "CryptoTools.h"
#include "DatabaseManager.h"
#include "DeliveryBroker.h"
#include "GlobalTools.h"
@@ -80,7 +79,6 @@
NewSessionResult newSessionHandler(
rust::Str deviceID,
rust::Str publicKey,
- rust::Str signature,
int32_t deviceType,
rust::Str deviceAppVersion,
rust::Str deviceOS,
@@ -98,14 +96,6 @@
const std::string stringPublicKey{publicKey};
const std::string newSessionID = comm::network::tools::generateUUID();
try {
- sessionSignItem = comm::network::database::DatabaseManager::getInstance()
- .findSessionSignItem(stringDeviceID);
- if (sessionSignItem == nullptr) {
- return NewSessionResult{
- .grpcStatus = {
- .statusCode = GRPCStatusCodes::NotFound,
- .errorText = "Session signature request not found for deviceID"}};
- }
publicKeyItem = comm::network::database::DatabaseManager::getInstance()
.findPublicKeyItem(stringDeviceID);
if (publicKeyItem == nullptr) {
@@ -120,15 +110,6 @@
.statusCode = GRPCStatusCodes::PermissionDenied,
.errorText = "The public key doesn't match for deviceID"}};
}
- const std::string verificationMessage = sessionSignItem->getSign();
- if (!comm::network::crypto::rsaVerifyString(
- stringPublicKey, verificationMessage, std::string{signature})) {
- return NewSessionResult{
- .grpcStatus = {
- .statusCode = GRPCStatusCodes::PermissionDenied,
- .errorText =
- "Signature for the verification message is not valid"}};
- }
comm::network::database::DatabaseManager::getInstance()
.removeSessionSignItem(stringDeviceID);
diff --git a/services/tunnelbroker/src/libcpp/src/Tools/CryptoTools.h b/services/tunnelbroker/src/libcpp/src/Tools/CryptoTools.h
deleted file mode 100644
--- a/services/tunnelbroker/src/libcpp/src/Tools/CryptoTools.h
+++ /dev/null
@@ -1,16 +0,0 @@
-#pragma once
-
-#include <string>
-
-namespace comm {
-namespace network {
-namespace crypto {
-
-bool rsaVerifyString(
- const std::string &publicKeyBase64,
- const std::string &message,
- const std::string &signatureBase64);
-
-} // namespace crypto
-} // namespace network
-} // namespace comm
diff --git a/services/tunnelbroker/src/libcpp/src/Tools/CryptoTools.cpp b/services/tunnelbroker/src/libcpp/src/Tools/CryptoTools.cpp
deleted file mode 100644
--- a/services/tunnelbroker/src/libcpp/src/Tools/CryptoTools.cpp
+++ /dev/null
@@ -1,42 +0,0 @@
-#include "CryptoTools.h"
-
-#include <cryptopp/base64.h>
-#include <cryptopp/filters.h>
-#include <cryptopp/rsa.h>
-#include <glog/logging.h>
-
-namespace comm {
-namespace network {
-namespace crypto {
-
-bool rsaVerifyString(
- const std::string &publicKeyBase64,
- const std::string &message,
- const std::string &signatureBase64) {
- CryptoPP::RSA::PublicKey publicKey;
- std::string decodedSignature;
- try {
- publicKey.Load(CryptoPP::StringSource(
- publicKeyBase64, true, new CryptoPP::Base64Decoder())
- .Ref());
- CryptoPP::StringSource stringSource(
- signatureBase64,
- true,
- new CryptoPP::Base64Decoder(
- new CryptoPP::StringSink(decodedSignature)));
- CryptoPP::RSASSA_PKCS1v15_SHA_Verifier verifierSha256(publicKey);
- return verifierSha256.VerifyMessage(
- reinterpret_cast<const unsigned char *>(message.c_str()),
- message.length(),
- reinterpret_cast<const unsigned char *>(decodedSignature.c_str()),
- decodedSignature.length());
- } catch (const std::exception &e) {
- LOG(ERROR) << "CryptoTools: "
- << "Got an exception " << e.what();
- return false;
- }
-}
-
-} // namespace crypto
-} // namespace network
-} // namespace comm
diff --git a/services/tunnelbroker/src/libcpp/test/CryptoToolsTest.cpp b/services/tunnelbroker/src/libcpp/test/CryptoToolsTest.cpp
deleted file mode 100644
--- a/services/tunnelbroker/src/libcpp/test/CryptoToolsTest.cpp
+++ /dev/null
@@ -1,45 +0,0 @@
-#include "CryptoTools.h"
-#include "Constants.h"
-#include "Tools.h"
-
-#include <gtest/gtest.h>
-
-#include <string>
-
-using namespace comm::network;
-
-class CryptoToolsTest : public testing::Test {};
-
-TEST(CryptoToolsTest, RsaVerifyStringIsTrueOnValidSignature) {
- const std::string publicKeyBase64 =
- "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGC8M8FdRSSEdfAufY/V5iP6cB"
- "crXdeZa19OjpbbNvq9qAT2FobnYrlNI8p3y/2LvJBxlR9VlvS0Nh4HLZLdmf8zOf"
- "3HyN0w8ey54xE5eIILZi1Xudrk8J+U5xij78Bzl2WdAvoVCiVbaodff8DBvmqHeR"
- "/EDcMX3ipPDzjcCFXwIDAQAB";
- const std::string verifyMessage = "testverifymessagetestverifymessage";
- const std::string validSignatureBase64 =
- "tn5w317+CcuUdK8JRvM0GW+m65ph7sHqlbpY5PhYZtl1hlb86ILgmlCaa+"
- "O7icLImcLQkVsabCaVkczrJOy95jvT251gAKBZAXc4oDNqg4n5An3GmwHzbh50Z40M9gwXG/"
- "zx6ReEYvgqDo9e1cimljewFykHt8ApBX6mbJ8ShyM=";
- EXPECT_EQ(
- crypto::rsaVerifyString(
- publicKeyBase64, verifyMessage, validSignatureBase64),
- true);
-}
-
-TEST(CryptoToolsTest, RsaVerifyStringIsFalseOnInvalidSignature) {
- const std::string publicKeyBase64 =
- "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGC8M8FdRSSEdfAufY/V5iP6cB"
- "crXdeZa19OjpbbNvq9qAT2FobnYrlNI8p3y/2LvJBxlR9VlvS0Nh4HLZLdmf8zOf"
- "3HyN0w8ey54xE5eIILZi1Xudrk8J+U5xij78Bzl2WdAvoVCiVbaodff8DBvmqHeR"
- "/EDcMX3ipPDzjcCFXwIDAQAB";
- const std::string verifyMessage = "testverifymessagetestverifymessage";
- const std::string invalidSignatureBase64 =
- "Opuw317+CcuUdK8JRvM0GW+m65ph7sHqlbpY5PhYZtl1hlb86ILgmlCaa+"
- "O7icLImcLQkVsabCaVkczrJOy95jvT251gAKBZAXc4oDNqg4n5An3GmwHzbh50Z40M9gwXG/"
- "zx6ReEYvgqDo9e1cimljewFykHt8ApBX6mbJ8dfrM=";
- EXPECT_EQ(
- crypto::rsaVerifyString(
- publicKeyBase64, verifyMessage, invalidSignatureBase64),
- false);
-}
diff --git a/services/tunnelbroker/src/server/mod.rs b/services/tunnelbroker/src/server/mod.rs
--- a/services/tunnelbroker/src/server/mod.rs
+++ b/services/tunnelbroker/src/server/mod.rs
@@ -95,7 +95,6 @@
let result = newSessionHandler(
&inner_request.device_id,
&inner_request.public_key,
- &inner_request.signature,
inner_request.device_type,
&inner_request.device_app_version,
&inner_request.device_os,

File Metadata

Mime Type
text/plain
Expires
Sun, Dec 22, 11:03 PM (17 h, 26 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2692801
Default Alt Text
D5948.id20068.diff (7 KB)

Event Timeline