From 088629fddf301e6a69a700d514fe18a6600e9bc9 Mon Sep 17 00:00:00 2001
From: "Richard T. Carback III" <rick.carback@gmail.com>
Date: Thu, 20 Oct 2022 17:58:32 +0000
Subject: [PATCH] Disable node signature checking when using WASM. This is
temporary until we can get access to a faster RSA implementation
---
cmix/nodes/request.go | 5 +++--
cmix/nodes/verifyNodeSig.go | 22 ++++++++++++++++++++++
cmix/nodes/verifyNodeSig_js.go | 22 ++++++++++++++++++++++
3 files changed, 47 insertions(+), 2 deletions(-)
create mode 100644 cmix/nodes/verifyNodeSig.go
create mode 100644 cmix/nodes/verifyNodeSig_js.go
diff --git a/cmix/nodes/request.go b/cmix/nodes/request.go
index 499acb455..281b9a119 100644
--- a/cmix/nodes/request.go
+++ b/cmix/nodes/request.go
@@ -8,6 +8,8 @@
package nodes
import (
+ "io"
+
"github.com/golang/protobuf/proto"
"github.com/pkg/errors"
jww "github.com/spf13/jwalterweatherman"
@@ -27,7 +29,6 @@ import (
"gitlab.com/xx_network/crypto/tls"
"gitlab.com/xx_network/primitives/id"
"gitlab.com/xx_network/primitives/netTime"
- "io"
)
// requestKey is a helper function which constructs a ClientKeyRequest message.
@@ -184,7 +185,7 @@ func processRequestResponse(signedKeyResponse *pb.SignedKeyResponse,
}
// Verify the response signature
- err = rsa.Verify(nodePubKey, opts.Hash, hashedResponse,
+ err = verifyNodeSignature(nodePubKey, opts.Hash, hashedResponse,
signedKeyResponse.KeyResponseSignedByGateway.Signature, opts)
if err != nil {
return nil, nil, 0,
diff --git a/cmix/nodes/verifyNodeSig.go b/cmix/nodes/verifyNodeSig.go
new file mode 100644
index 000000000..5fff37215
--- /dev/null
+++ b/cmix/nodes/verifyNodeSig.go
@@ -0,0 +1,22 @@
+////////////////////////////////////////////////////////////////////////////////
+// Copyright © 2022 xx foundation //
+// //
+// Use of this source code is governed by a license that can be found in the //
+// LICENSE file. //
+////////////////////////////////////////////////////////////////////////////////
+
+//go:build !js || !wasm
+
+package nodes
+
+import (
+ "crypto"
+
+ "gitlab.com/xx_network/crypto/signature/rsa"
+)
+
+func verifyNodeSignature(pub *rsa.PublicKey, hash crypto.Hash,
+ hashed []byte, sig []byte, opts *rsa.Options) error {
+ // Verify the response signature
+ return rsa.Verify(pub, hash, hashed, sig, opts)
+}
diff --git a/cmix/nodes/verifyNodeSig_js.go b/cmix/nodes/verifyNodeSig_js.go
new file mode 100644
index 000000000..23ce88172
--- /dev/null
+++ b/cmix/nodes/verifyNodeSig_js.go
@@ -0,0 +1,22 @@
+////////////////////////////////////////////////////////////////////////////////
+// Copyright © 2022 xx foundation //
+// //
+// Use of this source code is governed by a license that can be found in the //
+// LICENSE file. //
+////////////////////////////////////////////////////////////////////////////////
+
+//go:build js && wasm
+
+package nodes
+
+import (
+ "crypto"
+
+ "gitlab.com/xx_network/crypto/signature/rsa"
+)
+
+func verifyNodeSignature(pub *rsa.PublicKey, hash crypto.Hash,
+ hashed []byte, sig []byte, opts *rsa.Options) error {
+ jww.WARN.Printf("node signature checking disabled for wasm")
+ return nil
+}
--
GitLab