Move verify

4e91ecf5 · Jonah Husson · ba97330c · 4e91ecf5
Commit 4e91ecf5 authored Jan 14, 2022 by Jonah Husson
--- a/io/userRegistration.go
+++ b/io/userRegistration.go
@@ -33,7 +33,7 @@ func registerUser(msg *pb.UDBUserRegistration, permPublicKey *rsa.PublicKey,
 	}

 	// Parse the username and UserID
-	username := msg.IdentityRegistration.Username // TODO: this & msg.Frs.Fact seems redundant
+	username := msg.Frs.Fact.Fact // TODO: this & msg.IdentityRegistration.Username seems redundant
 	uid, err := id.Unmarshal(msg.UID)
 	if err != nil {
 		return &messages.Ack{}, errors.New("Could not parse UID sent over. " +
@@ -47,7 +47,7 @@ func registerUser(msg *pb.UDBUserRegistration, permPublicKey *rsa.PublicKey,
 	flattened := flatten(username)

 	// Check if username is taken
-	err = store.CheckUser(flattened, uid) // TODO: this should take flattened
+	err = store.CheckUser(flattened, uid)
 	if err != nil {
 		return &messages.Ack{}, errors.Errorf("Username %s is already taken. "+
 			"Please try again", username)
@@ -68,27 +68,32 @@ func registerUser(msg *pb.UDBUserRegistration, permPublicKey *rsa.PublicKey,
 		return &messages.Ack{}, errors.New("Could not parse key passed in")
 	}

-	// Verify the signed identity data
-	hashedIdentity := msg.IdentityRegistration.Digest()
-	err = rsa.Verify(clientPubKey, hash.CMixHash, hashedIdentity, msg.IdentitySignature, nil)
-	if err != nil {
-		return &messages.Ack{}, errors.New("Could not verify identity signature")
-	}
-
 	// Verify the signed fact
 	tf, err := fact.NewFact(fact.FactType(msg.Frs.Fact.FactType), msg.Frs.Fact.Fact)
 	if err != nil {
 		return &messages.Ack{}, errors.WithMessage(err, "Failed to hash fact")
 	}
-	hashedFact := factID.Fingerprint(tf)
+	hashedFact := factID.Fingerprint(tf) // TODO: does fingerprint still need to uppercase the fact?
 	err = rsa.Verify(clientPubKey, hash.CMixHash, hashedFact, msg.Frs.FactSig, nil)
 	if err != nil {
 		return &messages.Ack{}, errors.New("Could not verify fact signature")
 	}

+	flattendFact, err := fact.NewFact(fact.FactType(msg.Frs.Fact.FactType), flattened)
+	if err != nil {
+		return &messages.Ack{}, errors.WithMessage(err, "Failed to hash flattened fact")
+	}
+
+	// Verify the signed identity data
+	hashedIdentity := msg.IdentityRegistration.Digest()
+	err = rsa.Verify(clientPubKey, hash.CMixHash, hashedIdentity, msg.IdentitySignature, nil)
+	if err != nil {
+		return &messages.Ack{}, errors.New("Could not verify identity signature")
+	}
+
 	// Create fact off of username
 	f := storage.Fact{
-		Hash:      hashedFact,
+		Hash:      factID.Fingerprint(flattendFact),
 		UserId:    msg.UID,
 		Fact:      flattened,
 		Type:      uint8(msg.Frs.Fact.FactType),