From d2b33bc731563a7e6ed9fb3fe5be9752d883f026 Mon Sep 17 00:00:00 2001 From: Charles Cunningham Date: Mon, 17 May 2021 13:19:44 +0200 Subject: [PATCH] change salt => parameters for create, update verify_oid_v0 --- src/auth.rs | 2 +- src/main.rs | 16 ++++++++++++---- src/orbit.rs | 11 +++++++---- src/tz.rs | 10 +++++----- 4 files changed, 25 insertions(+), 14 deletions(-) diff --git a/src/auth.rs b/src/auth.rs index 7dea38d0..ab219a88 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -25,7 +25,7 @@ pub enum Action { }, Create { orbit_id: Cid, - salt: String, + parameters: String, content: Vec, }, } diff --git a/src/main.rs b/src/main.rs index de73feb5..84adde9c 100644 --- a/src/main.rs +++ b/src/main.rs @@ -210,8 +210,12 @@ async fn batch_put_create( auth: AuthWrapper, ) -> Result> { match auth.0.action() { - Action::Create { orbit_id, salt, .. } => { - verify_oid_v0(orbit_id, &auth.0.pkh, salt)?; + Action::Create { + orbit_id, + parameters, + .. + } => { + verify_oid_v0(orbit_id, &auth.0.pkh, parameters)?; let vm = DIDURL { did: format!("did:pkh:tz:{}", &auth.0.pkh), @@ -255,8 +259,12 @@ async fn put_create( auth: AuthWrapper, ) -> Result> { match auth.0.action() { - Action::Create { orbit_id, salt, .. } => { - verify_oid_v0(orbit_id, &auth.0.pkh, salt)?; + Action::Create { + orbit_id, + parameters, + .. + } => { + verify_oid_v0(orbit_id, &auth.0.pkh, parameters)?; let vm = DIDURL { did: format!("did:pkh:tz:{}", &auth.0.pkh), diff --git a/src/orbit.rs b/src/orbit.rs index 1d0a8f27..f58fa020 100644 --- a/src/orbit.rs +++ b/src/orbit.rs @@ -10,7 +10,7 @@ use libipld::{ store::DefaultParams, }; use libp2p_core::PeerId; -use rocket::{futures::stream::StreamExt, tokio::fs}; +use rocket::{futures::stream::StreamExt, http::uri::Absolute, tokio::fs}; use serde::{Deserialize, Serialize}; use ssi::did::DIDURL; use std::{convert::TryFrom, path::Path}; @@ -147,9 +147,12 @@ where }) } -pub fn verify_oid_v0(oid: &Cid, pkh: &str, salt: &str) -> Result<()> { - if &Code::try_from(oid.hash().code())?.digest(format!("{}:{}", salt, pkh).as_bytes()) - == oid.hash() +pub fn verify_oid_v0(oid: &Cid, pkh: &str, params: &str) -> Result<()> { + let uri = format!("tz:{}{}", pkh, params); + // try to parse as a URL with query params + Absolute::parse(&uri).map_err(|_| anyhow!("Orbit Parameters Invalid"))?; + if &Code::try_from(oid.hash().code())?.digest(uri.as_bytes()) == oid.hash() + && oid.codec() == 0x55 { Ok(()) } else { diff --git a/src/tz.rs b/src/tz.rs index db49cf09..241736ab 100644 --- a/src/tz.rs +++ b/src/tz.rs @@ -95,16 +95,16 @@ fn parse_create(s: &str) -> IResult<&str, Action> { tuple(( map_parser(take_until(" "), parse_cid), tag(" CREATE"), - space_delimit, // salt (orbit secret + nonce) + space_delimit, // parameters many1(map_parser(space_delimit, parse_cid)), ))(s) - .map(|(rest, (orbit_id, _, salt, content))| { + .map(|(rest, (orbit_id, _, params, content))| { ( rest, Action::Create { orbit_id, content, - salt: salt.into(), + parameters: params.into(), }, ) }) @@ -122,11 +122,11 @@ fn serialize_action(action: &Action) -> Result { Action::Create { orbit_id, content, - salt, + parameters, } => Ok([ &orbit_id.to_string_of_base(Base::Base58Btc)?, "CREATE", - &salt, + ¶meters, &content .iter() .map(|c| c.to_string_of_base(Base::Base58Btc))