From 088629fddf301e6a69a700d514fe18a6600e9bc9 Mon Sep 17 00:00:00 2001 From: "Richard T. Carback III" <rick.carback@gmail.com> Date: Thu, 20 Oct 2022 17:58:32 +0000 Subject: [PATCH] Disable node signature checking when using WASM. This is temporary until we can get access to a faster RSA implementation --- cmix/nodes/request.go | 5 +++-- cmix/nodes/verifyNodeSig.go | 22 ++++++++++++++++++++++ cmix/nodes/verifyNodeSig_js.go | 22 ++++++++++++++++++++++ 3 files changed, 47 insertions(+), 2 deletions(-) create mode 100644 cmix/nodes/verifyNodeSig.go create mode 100644 cmix/nodes/verifyNodeSig_js.go diff --git a/cmix/nodes/request.go b/cmix/nodes/request.go index 499acb455..281b9a119 100644 --- a/cmix/nodes/request.go +++ b/cmix/nodes/request.go @@ -8,6 +8,8 @@ package nodes import ( + "io" + "github.com/golang/protobuf/proto" "github.com/pkg/errors" jww "github.com/spf13/jwalterweatherman" @@ -27,7 +29,6 @@ import ( "gitlab.com/xx_network/crypto/tls" "gitlab.com/xx_network/primitives/id" "gitlab.com/xx_network/primitives/netTime" - "io" ) // requestKey is a helper function which constructs a ClientKeyRequest message. @@ -184,7 +185,7 @@ func processRequestResponse(signedKeyResponse *pb.SignedKeyResponse, } // Verify the response signature - err = rsa.Verify(nodePubKey, opts.Hash, hashedResponse, + err = verifyNodeSignature(nodePubKey, opts.Hash, hashedResponse, signedKeyResponse.KeyResponseSignedByGateway.Signature, opts) if err != nil { return nil, nil, 0, diff --git a/cmix/nodes/verifyNodeSig.go b/cmix/nodes/verifyNodeSig.go new file mode 100644 index 000000000..5fff37215 --- /dev/null +++ b/cmix/nodes/verifyNodeSig.go @@ -0,0 +1,22 @@ +//////////////////////////////////////////////////////////////////////////////// +// Copyright © 2022 xx foundation // +// // +// Use of this source code is governed by a license that can be found in the // +// LICENSE file. // +//////////////////////////////////////////////////////////////////////////////// + +//go:build !js || !wasm + +package nodes + +import ( + "crypto" + + "gitlab.com/xx_network/crypto/signature/rsa" +) + +func verifyNodeSignature(pub *rsa.PublicKey, hash crypto.Hash, + hashed []byte, sig []byte, opts *rsa.Options) error { + // Verify the response signature + return rsa.Verify(pub, hash, hashed, sig, opts) +} diff --git a/cmix/nodes/verifyNodeSig_js.go b/cmix/nodes/verifyNodeSig_js.go new file mode 100644 index 000000000..23ce88172 --- /dev/null +++ b/cmix/nodes/verifyNodeSig_js.go @@ -0,0 +1,22 @@ +//////////////////////////////////////////////////////////////////////////////// +// Copyright © 2022 xx foundation // +// // +// Use of this source code is governed by a license that can be found in the // +// LICENSE file. // +//////////////////////////////////////////////////////////////////////////////// + +//go:build js && wasm + +package nodes + +import ( + "crypto" + + "gitlab.com/xx_network/crypto/signature/rsa" +) + +func verifyNodeSignature(pub *rsa.PublicKey, hash crypto.Hash, + hashed []byte, sig []byte, opts *rsa.Options) error { + jww.WARN.Printf("node signature checking disabled for wasm") + return nil +} -- GitLab