enforce nacl sig packet hash with flag

keybase · Feb 23, 2020 · 30a4d61 · 30a4d61
1 parent 377850b
commit 30a4d61
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 17 deletions.
diff --git a/lib/base.js b/lib/base.js
diff --git a/src/base.iced b/src/base.iced
@@ -76,7 +76,7 @@ compare_hash_buf_to_str = (b, s) ->
 
 class Verifier
 
-  constructor : ({@armored, @id, @short_id, @skip_ids, @make_ids, @strict, @now, @critical_clock_skew_secs, @skip_clock_skew_check, @inner, @outer, @expansions, @assert_pgp_hash}, @sig_eng, @base) ->
+  constructor : ({@armored, @id, @short_id, @skip_ids, @make_ids, @strict, @now, @critical_clock_skew_secs, @skip_clock_skew_check, @inner, @outer, @expansions, @assert_pgp_hash, @strict_packet_hash}, @sig_eng, @base) ->
 
   #---------------
 
@@ -215,7 +215,7 @@ class Verifier
 
   _parse_and_process : ({armored}, cb) ->
     err = null
-    await @sig_eng.unbox armored, defer(err, payload, body), { @assert_pgp_hash }
+    await @sig_eng.unbox armored, defer(err, payload, body), { @assert_pgp_hash, @strict_packet_hash }
     if not err? and not @skip_ids
       await @_check_ids body, defer err
     if not err? and @make_ids
@@ -583,7 +583,7 @@ class Base
     out = null
     opts = { version : constants.versions.sig_v2 }
     await @_v_generate opts, esc defer()
-    await @generate_json opts, esc defer s, o, expansions
+    await @generate_json opts, esc(defer(s, o, expansions))
     inner = { str : s, obj : o }
     await @generate_outer { inner }, esc defer outer
     await @sig_eng.box outer, esc(defer({pgp, raw, armored})), { dohash }

diff --git a/test/files/team.iced b/test/files/team.iced
@@ -15,10 +15,10 @@ test_klass = ({T,arg, klass, keys}, cb) ->
     await KeyManager.generate {}, esc defer arg.kms.signing
     arg.kms.generation = 10
   obj = new klass arg
-  await obj.generate_v2 esc defer out
+  await obj.generate_v2 esc(defer(out)), {dohash:true}
   typ = out.inner.obj.body.type
   obj2 = alloc typ, arg
-  varg = { armored : out.armored, skip_ids : true, make_ids : true, inner : out.inner.str }
+  varg = { armored : out.armored, skip_ids : true, make_ids : true, inner : out.inner.str, strict_packet_hash : true }
   await obj2.verify_v2 varg, esc defer()
   T.waypoint "checked #{typ} #{if keys then 'with' else 'without'} keys"
   cb null
@@ -48,10 +48,10 @@ exports.test_key_section_bad_and_good = (T,cb) ->
 
   verify_from_arg = ({arg}, cb) ->
     obj = new team.RotateKey arg
-    await obj.generate_v2 esc defer out
+    await obj.generate_v2 esc(defer(out)), {dohash:true}
     typ = out.inner.obj.body.type
     obj2 = alloc typ, arg
-    varg = { armored : out.armored, skip_ids : true, make_ids : true, inner : out.inner.str }
+    varg = { armored : out.armored, skip_ids : true, make_ids : true, inner : out.inner.str, strict_packet_hash : true }
     await obj2.verify_v2 varg, defer err
     cb err
   await verify_from_arg { arg }, defer err
@@ -99,10 +99,10 @@ round_trip_with_corrupted_reverse_sig = ({T, corrupt}, cb) ->
     x.reverse_sig = armored
     cb null
 
-  await obj.generate_v2 esc defer out
+  await obj.generate_v2 esc(defer(out)), {dohash:true}
   typ = out.inner.obj.body.type
   obj2 = alloc typ, arg
-  varg = { armored : out.armored, skip_ids : true, make_ids : true, inner : out.inner.str }
+  varg = { armored : out.armored, skip_ids : true, make_ids : true, inner : out.inner.str, strict_packet_hash : true }
   await obj2.verify_v2 varg, defer err
   if corrupt
     T.assert err?, "got an error back"

diff --git a/test/files/wot.iced b/test/files/wot.iced
@@ -40,36 +40,36 @@ exports.wot_vouch_happy = (T,cb) ->
         "darn rootin tootin"
       ]
   obj = new wot.Vouch me
-  await obj.generate_v2 esc defer out
+  await obj.generate_v2 esc(defer(out)), {dohash:true}
   hsh = out.inner.obj.body.wot_vouch
   T.assert hsh?, "hash was there"
   T.equal hsh.length, 64, "64-byte hex string"
   T.assert out.expansions[hsh]?.obj?, "expansion was there"
 
   verifier = alloc out.inner.obj.body.type, me
-  varg = { armored : out.armored, skip_ids : true, make_ids : true, inner : out.inner.str, expansions : out.expansions}
+  varg = { armored : out.armored, skip_ids : true, make_ids : true, inner : out.inner.str, expansions : out.expansions, strict_packet_hash:true}
   await verifier.verify_v2 varg, esc defer()
 
   me.wot =
     react :
       sig_id : new_sig_id()
       reaction : "accept"
   obj = new wot.React me
-  await obj.generate_v2 esc defer out
+  await obj.generate_v2 esc(defer(out)), {dohash:true}
   verifier = alloc out.inner.obj.body.type, me
-  varg = { armored : out.armored, skip_ids : true, make_ids : true, inner : out.inner.str, expansions : out.expansions}
+  varg = { armored : out.armored, skip_ids : true, make_ids : true, inner : out.inner.str, expansions : out.expansions, strict_packet_hash:true}
   await verifier.verify_v2 varg, esc defer()
 
   # try to revoke both with and without a replacement...
   me.revoke = { sig_ids : [ new_sig_id() ]}
   obj = new wot.Vouch me
-  await obj.generate_v2 esc defer out
+  await obj.generate_v2 esc(defer(out)), {dohash:true}
   outer = unpack out.outer
   T.equal outer[4], constants.sig_types_v2.wot.vouch_with_revoke, "revoke picked up"
 
   me.wot = null
   obj = new wot.Vouch me
-  await obj.generate_v2 esc defer out
+  await obj.generate_v2 esc(defer(out)), {dohash:true}
   outer = unpack out.outer
   T.equal outer[4], constants.sig_types_v2.wot.vouch_with_revoke, "revoke picked up"