diff --git a/auth/credentials.hpp b/auth/credentials.hpp index a01251d..9b6858e 100644 --- a/auth/credentials.hpp +++ b/auth/credentials.hpp @@ -1,4 +1,4 @@ -// Copyright (C) 2019 The Xaya developers +// Copyright (C) 2019-2022 The Xaya developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. @@ -83,11 +83,21 @@ class Credentials */ bool IsExpired () const; - /* Accessor functions for the data in the protocol buffer. */ - + /** + * Returns the signature contained in the protocol buffer, encoded + * as base64 (per Xaya Core for verifymessage). + */ std::string GetSignature () const; + + /** + * Sets the signature field in the protocol buffer. The sgn argument + * must be base64 encoded, and will be set as raw bytes inside + * the proto. + */ void SetSignature (const std::string& sgn); + /* Accessor functions for the data in the protocol buffer. */ + bool HasExpiry () const { diff --git a/doc/rpc.md b/doc/rpc.md index 1d37ace..4db5160 100644 --- a/doc/rpc.md +++ b/doc/rpc.md @@ -198,8 +198,10 @@ in a second step. This method can be used to add in the signature for an already-constructed password (e.g. coming from [`getauthmessage`](#getauthmessage)). -It expects two string arguments, `password` and `signature`. It returns -the amended password as string. +It expects two string arguments, `password` and `signature`. +The signature should be the raw signature bytes encoded with base64, +as they get returned by Xaya Core's signing RPC methods. +`setauthsignature` returns the amended password as string. #### `verifyauth` diff --git a/gametest/auth.py b/gametest/auth.py index 782b082..052ac36 100755 --- a/gametest/auth.py +++ b/gametest/auth.py @@ -1,7 +1,7 @@ #!/usr/bin/env python3 # coding=utf8 -# Copyright (C) 2019-2021 The Xaya developers +# Copyright (C) 2019-2022 The Xaya developers # Distributed under the MIT software license, see the accompanying # file COPYING or http://www.opensource.org/licenses/mit-license.php. @@ -150,6 +150,9 @@ def testPasswordErrors (self): self.expectError (2, "failed to parse the password string", self.rpc.game.setauthsignature, password="invalid base64", signature="") + self.expectError (4, "the signature is not base64", + self.rpc.game.setauthsignature, + password="", signature="invalid base64") def testVerification (self): self.mainLogger.info ("Testing credentials verification...") diff --git a/src/Makefile.am b/src/Makefile.am index 04393c3..68f4276 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -14,11 +14,11 @@ CLEANFILES = $(RPC_STUBS) schema.cpp libxid_la_CXXFLAGS = \ -I$(top_srcdir) \ - $(XAYAGAME_CFLAGS) \ + $(XAYAUTIL_CFLAGS) $(XAYAGAME_CFLAGS) \ $(JSON_CFLAGS) $(GLOG_CFLAGS) $(SQLITE3_CFLAGS) libxid_la_LIBADD = \ $(top_builddir)/auth/libxidauth.la \ - $(XAYAGAME_LIBS) \ + $(XAYAUTIL_LIBS) $(XAYAGAME_LIBS) \ $(JSON_LIBS) $(GLOG_LIBS) $(SQLITE3_LIBS) libxid_la_SOURCES = \ gamestatejson.cpp \ diff --git a/src/nonstaterpc.cpp b/src/nonstaterpc.cpp index d0039a9..5ce1132 100644 --- a/src/nonstaterpc.cpp +++ b/src/nonstaterpc.cpp @@ -1,4 +1,4 @@ -// Copyright (C) 2019-2020 The Xaya developers +// Copyright (C) 2019-2022 The Xaya developers // Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. @@ -8,6 +8,8 @@ #include "auth/time.hpp" +#include + #include namespace xid @@ -89,6 +91,11 @@ NonStateRpc::setauthsignature (const std::string& password, ThrowJsonError (ErrorCode::AUTH_INVALID_DATA, "the authentication data is invalid"); + std::string rawSignature; + if (!xaya::DecodeBase64 (signature, rawSignature)) + ThrowJsonError (ErrorCode::AUTH_INVALID_SIGNATURE, + "the signature is not base64"); + cred.SetSignature (signature); return cred.ToPassword (); diff --git a/src/rpcerrors.hpp b/src/rpcerrors.hpp index 419a75f..1ba6a07 100644 --- a/src/rpcerrors.hpp +++ b/src/rpcerrors.hpp @@ -29,7 +29,7 @@ enum class ErrorCode /* This method is considered unsafe and not enabled in the server. */ UNSAFE_METHOD = -4, - /* The provided data (name, applcation, extra) is invalid while constructing + /* The provided data (name, application, extra) is invalid while constructing an auth message (not validating a password). */ AUTH_INVALID_DATA = 1, /* An invalid password string was provided, which could not be decoded to @@ -38,6 +38,8 @@ enum class ErrorCode AUTH_INVALID_PASSWORD = 2, /* The Xaya wallet does not hold any key allowed to sign the credentials. */ AUTH_NO_KEY = 3, + /* The signature provided with setauthsignature is invalid base64. */ + AUTH_INVALID_SIGNATURE = 4, };