Namecoin: Update TLS record syntax for Encaya

namecoin · Jul 7, 2021 · 1690b1f · 1690b1f
1 parent 5c34a8b
commit 1690b1f
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 224 deletions.
diff --git a/electrum_nmc/electrum/gui/qt/configure_dns_dialog.py b/electrum_nmc/electrum/gui/qt/configure_dns_dialog.py
@@ -68,7 +68,7 @@ class Columns(IntEnum):
         Columns.DATA: _('Data'),
     }
 
-    TEXT_ADD_SUBDOMAIN = "Add Subdomain..."
+    TEXT_ADD_SUBDOMAIN = "Add Subdomain…"
 
     def __init__(self, value, parent):
         QDialog.__init__(self, parent=parent)
@@ -84,7 +84,7 @@ def __init__(self, value, parent):
         if self.name_dialog.namespace == "d":
             self.base_domain = identifier[len("d/"):] + ".bit"
         elif self.name_dialog.namespace == "dd":
-            self.base_domain = "(...).bit"
+            self.base_domain = "(…).bit"
         else:
             raise Exception("Identifier '" + identifier + "' is not d/ or dd/")
 
@@ -268,25 +268,7 @@ def create_tls_record(self):
         idx = model.rowCount()
 
         domain = self.get_selected_domain()
-        try:
-            tls = [
-                int(self.ui.editTLSCertUsage.text()),
-                int(self.ui.editTLSSelector.text()),
-                int(self.ui.editTLSMatchingType.text()),
-                self.ui.editTLSData.toPlainText(),
-            ]
-        except ValueError:
-            self.show_error(_("The Cert Usage, Selector, and Matching Type must be integers."))
-            return
-        try:
-            data = [
-                self.ui.editTLSProto.text(),
-                int(self.ui.editTLSPort.text()),
-                tls,
-            ]
-        except ValueError:
-            self.show_error(_("The Port must be an integer."))
-            return
+        data = self.ui.editTLSData.toPlainText()
 
         record = [domain, "tls", data]
 
@@ -436,7 +418,7 @@ def insert_record(self, idx, record):
             formatted_data = json.dumps(data)
         elif record_type == "tls":
             formatted_record_type = "TLS"
-            formatted_data = json.dumps(data)
+            formatted_data = data
         elif record_type == "sshfp":
             formatted_record_type = "SSH"
             formatted_data = json.dumps(data)
@@ -548,28 +530,12 @@ def edit_selected_record(self):
 
             self.force_one_tab(self.ui.tabDS)
         elif record_type == "tls":
-            protocol, port, tls = record_data
-
-            port = str(port)
-
-            if type(tls) == dict:
-                if "dane" in tls:
-                    tls = tls["dane"]
-                else:
-                    self.show_error(_("Only DANE-formatted TLS records can be edited."))
-                    return
+            cert_data = record_data
 
-            cert_usage, selector, matching_type, cert_data = tls
-
-            cert_usage = str(cert_usage)
-            selector = str(selector)
-            matching_type = str(matching_type)
+            if not isinstance(cert_data, str):
+                self.show_error(_("Only DANE-TA Public Key TLS records can be edited."))
+                return
 
-            self.ui.editTLSProto.setText(protocol)
-            self.ui.editTLSPort.setText(port)
-            self.ui.editTLSCertUsage.setText(cert_usage)
-            self.ui.editTLSSelector.setText(selector)
-            self.ui.editTLSMatchingType.setText(matching_type)
             self.ui.editTLSData.setPlainText(cert_data)
 
             self.force_one_tab(self.ui.tabTLS)

diff --git a/electrum_nmc/electrum/gui/qt/forms/dnsdialog.ui b/electrum_nmc/electrum/gui/qt/forms/dnsdialog.ui
@@ -614,156 +614,17 @@
        <item>
         <widget class="QLabel" name="labelTLSDesc">
          <property name="text">
-          <string>A TLS record authenticates TLS servers without a public certificate authority.  For compatibility with ncp11 (e.g. Tor Browser), leave all settings other than Certificate Association Data at their default.</string>
+          <string>A TLS record authenticates TLS servers without a public certificate authority.</string>
          </property>
          <property name="wordWrap">
           <bool>true</bool>
          </property>
         </widget>
        </item>
-       <item>
-        <layout class="QHBoxLayout" name="horizontalLayout_15">
-         <item>
-          <layout class="QVBoxLayout" name="verticalLayout_25">
-           <item>
-            <widget class="QLabel" name="labelTLSProto">
-             <property name="maximumSize">
-              <size>
-               <width>16777215</width>
-               <height>20</height>
-              </size>
-             </property>
-             <property name="text">
-              <string>Proto</string>
-             </property>
-            </widget>
-           </item>
-           <item>
-            <widget class="QLineEdit" name="editTLSProto">
-             <property name="placeholderText">
-              <string>e.g., tcp</string>
-             </property>
-             <property name="text">
-              <string>tcp</string>
-             </property>
-            </widget>
-           </item>
-          </layout>
-         </item>
-         <item>
-          <layout class="QVBoxLayout" name="verticalLayout_18">
-           <item>
-            <widget class="QLabel" name="labelTLSPort">
-             <property name="maximumSize">
-              <size>
-               <width>16777215</width>
-               <height>20</height>
-              </size>
-             </property>
-             <property name="text">
-              <string>Port</string>
-             </property>
-            </widget>
-           </item>
-           <item>
-            <widget class="QLineEdit" name="editTLSPort">
-             <property name="placeholderText">
-              <string>e.g., 443</string>
-             </property>
-             <property name="text">
-              <string>443</string>
-             </property>
-            </widget>
-           </item>
-          </layout>
-         </item>
-         <item>
-          <layout class="QVBoxLayout" name="verticalLayout_13">
-           <item>
-            <widget class="QLabel" name="labelTLSCertUsage">
-             <property name="maximumSize">
-              <size>
-               <width>16777215</width>
-               <height>20</height>
-              </size>
-             </property>
-             <property name="text">
-              <string>Cert. Usage</string>
-             </property>
-            </widget>
-           </item>
-           <item>
-            <widget class="QValidatedLineEdit" name="editTLSCertUsage">
-             <property name="placeholderText">
-              <string>e.g., 2</string>
-             </property>
-             <property name="text">
-              <string>2</string>
-             </property>
-            </widget>
-           </item>
-          </layout>
-         </item>
-         <item>
-          <layout class="QVBoxLayout" name="verticalLayout_16">
-           <item>
-            <widget class="QLabel" name="labelTLSSelector">
-             <property name="maximumSize">
-              <size>
-               <width>16777215</width>
-               <height>20</height>
-              </size>
-             </property>
-             <property name="text">
-              <string>Selector</string>
-             </property>
-            </widget>
-           </item>
-           <item>
-            <widget class="QValidatedLineEdit" name="editTLSSelector">
-             <property name="placeholderText">
-              <string>e.g., 1</string>
-             </property>
-             <property name="text">
-              <string>1</string>
-             </property>
-            </widget>
-           </item>
-          </layout>
-         </item>
-         <item>
-          <layout class="QVBoxLayout" name="verticalLayout_17">
-           <item>
-            <widget class="QLabel" name="labelTLSMatchingType">
-             <property name="maximumSize">
-              <size>
-               <width>16777215</width>
-               <height>20</height>
-              </size>
-             </property>
-             <property name="text">
-              <string>Matching Type</string>
-             </property>
-            </widget>
-           </item>
-           <item>
-            <widget class="QValidatedLineEdit" name="editTLSMatchingType">
-             <property name="placeholderText">
-              <string>e.g., 0</string>
-             </property>
-             <property name="text">
-              <string>0</string>
-             </property>
-            </widget>
-           </item>
-          </layout>
-         </item>
-        </layout>
-       </item>
        <item>
         <widget class="QLabel" name="label_24">
          <property name="text">
-          <string>Certificate Association Data (Base64)</string>
+          <string>DANE-TA Public Key (Base64)</string>
          </property>
         </widget>
        </item>

diff --git a/electrum_nmc/electrum/names.py b/electrum_nmc/electrum/names.py
@@ -859,12 +859,15 @@ def get_domain_records_ds_single(domain, value):
     return [domain, "ds", value], None
 
 def get_domain_records_tls(domain, value):
-    # Handle TLS subdomain
+    # Handle TLS subdomain; domain must be eTLD+2
     try:
-        port, protocol, domain = domain.split(".", 2)
-        port = port[1:]
-        protocol = protocol[1:]
-    except IndexError:
+        wildcard, sld, tld = domain.split(".")
+        domain = sld + "." + tld
+    except ValueError:
+        return [], value
+
+    # Must be "*" subdomain of eTLD+1
+    if wildcard != "*":
         return [], value
 
     # Must be array
@@ -875,21 +878,15 @@ def get_domain_records_tls(domain, value):
     records = []
     remaining = []
     for raw_address in value:
-        single_record, single_remaining = get_domain_records_tls_single(domain, raw_address, protocol, port)
+        single_record, single_remaining = get_domain_records_tls_single(domain, raw_address)
         if single_record is not None:
             records.append(single_record)
         if single_remaining is not None:
             remaining.append(single_remaining)
 
     return records, remaining
 
-def get_domain_records_tls_single(domain, value, protocol, port):
-    # Port must be an integer
-    try:
-        port = int(port)
-    except ValueError:
-        return None, value
-
+def get_domain_records_tls_single(domain, value):
     # Convert array to dict (default DANE format)
     if type(value) == list:
         value = {"dane": value}
@@ -904,30 +901,22 @@ def get_domain_records_tls_single(domain, value, protocol, port):
         return None, value
 
     # Check format
-    if "dane" in value:
-        cert = value["dane"]
-        if type(cert) != list:
-            return None, value
-        if len(cert) != 4:
-            return None, value
-        if type(cert[0]) != int or type(cert[1]) != int or type(cert[2]) != int or type(cert[3]) != str:
-            return None, value
-    # TODO: enable Dehydrated format by uncommenting the below code.  We need
-    # to finish the GUI first.
-    #elif "d8" in value:
-    #    cert = value["d8"]
-    #    if type(cert) != list:
-    #        return None, value
-    #    if len(cert) != 6:
-    #        return None, value
-    #    if cert[0] != 1:
-    #        return None, value
-    #    if type(cert[1]) != str or type(cert[2]) != int or type(cert[3]) != int or type(cert[4]) != int or type(cert[5]) != str:
-    #        return None, value
-    else:
+    if "dane" not in value:
+        return None, value
+
+    cert = value["dane"]
+    if not isinstance(cert, list):
+        return None, value
+    if len(cert) != 4:
+        return None, value
+    if cert[:3] != [2, 1, 0]:
+        return None, value
+
+    pubkey = cert[3]
+    if not isinstance(pubkey, str):
         return None, value
 
-    return [domain, "tls", [protocol, port, value]], None
+    return [domain, "tls", pubkey], None
 
 def get_domain_records_sshfp(domain, value):
     # Must be array
@@ -1117,10 +1106,9 @@ def add_domain_record(base_domain, value, record):
         record_type = "txt"
         data = data[1]
 
-    # Handle TLS record specially to prepend protocol/port subdomain
+    # Handle TLS record specially to prepend wildcard subdomain
     if record_type == "tls":
-        protocol, port, data = data
-        domain = "_" + str(port) + "._" + protocol + "." + domain
+        domain = "*." + domain
 
     if not domain.endswith(base_domain):
         raise Exception("Base domain mismatch")
@@ -1288,9 +1276,8 @@ def add_domain_record_tls(value, data):
     if "tls" not in value:
         value["tls"] = []
 
-    # Minimize the DANE format
-    if "dane" in data:
-        data = data["dane"]
+    # Fill in hardcoded DANE params
+    data = [2, 1, 0, data]
 
     # Add the record
     value["tls"].append(data)