github.com/keybase/client/go@v0.0.0-20241007131713-f10651d043c8/libkb/id_table.go (about)

     1  // Copyright 2015 Keybase, Inc. All rights reserved. Use of
     2  // this source code is governed by the included BSD license.
     3  
     4  package libkb
     5  
     6  import (
     7  	"crypto/hmac"
     8  	"crypto/sha256"
     9  	"encoding/hex"
    10  	"encoding/json"
    11  	"fmt"
    12  	"strings"
    13  	"time"
    14  
    15  	keybase1 "github.com/keybase/client/go/protocol/keybase1"
    16  	stellar1 "github.com/keybase/client/go/protocol/stellar1"
    17  	jsonw "github.com/keybase/go-jsonw"
    18  )
    19  
    20  type TypedChainLink interface {
    21  	GetRevocations() []keybase1.SigID
    22  	GetRevokeKids() []keybase1.KID
    23  	insertIntoTable(tab *IdentityTable)
    24  	GetSigID() keybase1.SigID
    25  	GetArmoredSig() string
    26  	markRevoked(l TypedChainLink)
    27  	ToDebugString() string
    28  	Type() string
    29  	ToDisplayString() string
    30  	IsRevocationIsh() bool
    31  	IsRevoked() bool
    32  	IsDirectlyRevoked() bool
    33  	GetRole() KeyRole
    34  	GetSeqno() keybase1.Seqno
    35  	GetCTime() time.Time
    36  	GetETime() time.Time
    37  	GetPGPFingerprint() *PGPFingerprint
    38  	GetPGPFullHash() string
    39  	GetKID() keybase1.KID
    40  	IsInCurrentFamily(u *User) bool
    41  	GetUsername() string
    42  	GetUID() keybase1.UID
    43  	GetDelegatedKid() keybase1.KID
    44  	GetMerkleHashMeta() (keybase1.HashMeta, error)
    45  	GetParentKid() keybase1.KID
    46  	VerifyReverseSig(ckf ComputedKeyFamily) error
    47  	GetMerkleSeqno() keybase1.Seqno
    48  	GetFirstAppearedMerkleSeqnoUnverified() keybase1.Seqno
    49  	GetDevice() *Device
    50  	DoOwnNewLinkFromServerNotifications(g *GlobalContext)
    51  	ToSigChainLocation() keybase1.SigChainLocation
    52  }
    53  
    54  // =========================================================================
    55  // GenericChainLink
    56  //
    57  
    58  type GenericChainLink struct {
    59  	*ChainLink
    60  }
    61  
    62  func (g *GenericChainLink) GetSigID() keybase1.SigID {
    63  	return g.unpacked.sigID
    64  }
    65  func (g *GenericChainLink) ToSigChainLocation() keybase1.SigChainLocation {
    66  	return g.ChainLink.ToSigChainLocation()
    67  }
    68  func (g *GenericChainLink) Type() string            { return "generic" }
    69  func (g *GenericChainLink) ToDisplayString() string { return "unknown" }
    70  func (g *GenericChainLink) insertIntoTable(tab *IdentityTable) {
    71  	tab.insertLink(g)
    72  }
    73  func (g *GenericChainLink) markRevoked(r TypedChainLink) {
    74  	g.revoked = true
    75  }
    76  func (g *GenericChainLink) ToDebugString() string {
    77  	return fmt.Sprintf("uid=%s, seq=%d, link=%s", g.Parent().uid, g.unpacked.seqno, g.id)
    78  }
    79  
    80  func (g *GenericChainLink) GetDelegatedKid() (kid keybase1.KID)          { return }
    81  func (g *GenericChainLink) GetParentKid() (kid keybase1.KID)             { return }
    82  func (g *GenericChainLink) VerifyReverseSig(ckf ComputedKeyFamily) error { return nil }
    83  func (g *GenericChainLink) IsRevocationIsh() bool                        { return false }
    84  func (g *GenericChainLink) GetRole() KeyRole                             { return DLGNone }
    85  func (g *GenericChainLink) IsRevoked() bool                              { return g.revoked }
    86  func (g *GenericChainLink) IsDirectlyRevoked() bool {
    87  	// Same as IsRevoked, but should not be overridden by subclasses (as
    88  	// TrackChainLink does with IsRevoked). E.g. if in the future
    89  	// SibkeyChainLink decides to return IsRevoked=true when the delegated
    90  	// sibkey has been revoked *by KID*, that could be fine, but
    91  	// IsDirectlyRevoked should still return false in that case.
    92  	return g.revoked
    93  }
    94  func (g *GenericChainLink) GetSeqno() keybase1.Seqno { return g.unpacked.seqno }
    95  func (g *GenericChainLink) GetPGPFingerprint() *PGPFingerprint {
    96  	return g.unpacked.pgpFingerprint
    97  }
    98  func (g *GenericChainLink) GetPGPFullHash() string { return "" }
    99  
   100  func (g *GenericChainLink) GetArmoredSig() string {
   101  	return g.unpacked.sig
   102  }
   103  func (g *GenericChainLink) GetUsername() string {
   104  	return g.unpacked.username
   105  }
   106  func (g *GenericChainLink) GetUID() keybase1.UID {
   107  	return g.unpacked.uid
   108  }
   109  
   110  func (g *GenericChainLink) GetDevice() *Device { return nil }
   111  
   112  func (g *GenericChainLink) extractPGPFullHash(loc string) string {
   113  	if jw := g.UnmarshalPayloadJSON().AtPath("body." + loc + ".full_hash"); !jw.IsNil() {
   114  		if ret, err := jw.GetString(); err == nil {
   115  			return ret
   116  		}
   117  	}
   118  	return ""
   119  }
   120  
   121  func (g *GenericChainLink) DoOwnNewLinkFromServerNotifications(glob *GlobalContext) {}
   122  
   123  func CanonicalProofName(t TypedChainLink) string {
   124  	return strings.ToLower(t.ToDisplayString())
   125  }
   126  
   127  //
   128  // =========================================================================
   129  
   130  // =========================================================================
   131  // Web of Trust
   132  
   133  type WotVouchChainLink struct {
   134  	GenericChainLink
   135  	ExpansionID string
   136  	Revocations []keybase1.SigID
   137  }
   138  
   139  func (cl *WotVouchChainLink) DoOwnNewLinkFromServerNotifications(g *GlobalContext) {}
   140  func (cl *WotVouchChainLink) Type() string                                         { return string(LinkTypeWotVouch) }
   141  
   142  var _ TypedChainLink = (*WotVouchChainLink)(nil)
   143  
   144  func ParseWotVouch(base GenericChainLink) (ret *WotVouchChainLink, err error) {
   145  	body := base.UnmarshalPayloadJSON()
   146  	expansionID, err := body.AtPath("body.wot_vouch").GetString()
   147  	if err != nil {
   148  		return nil, err
   149  	}
   150  	return &WotVouchChainLink{
   151  		GenericChainLink: base,
   152  		ExpansionID:      expansionID,
   153  		Revocations:      base.GetRevocations(),
   154  	}, nil
   155  }
   156  
   157  type WotReactChainLink struct {
   158  	GenericChainLink
   159  	ExpansionID string
   160  }
   161  
   162  func (cl *WotReactChainLink) DoOwnNewLinkFromServerNotifications(g *GlobalContext) {}
   163  func (cl *WotReactChainLink) Type() string                                         { return string(LinkTypeWotReact) }
   164  
   165  var _ TypedChainLink = (*WotReactChainLink)(nil)
   166  
   167  func ParseWotReact(base GenericChainLink) (ret *WotReactChainLink, err error) {
   168  	body := base.UnmarshalPayloadJSON()
   169  	expansionID, err := body.AtPath("body.wot_react").GetString()
   170  	if err != nil {
   171  		return nil, err
   172  	}
   173  	return &WotReactChainLink{
   174  		GenericChainLink: base,
   175  		ExpansionID:      expansionID,
   176  	}, nil
   177  }
   178  
   179  type sigExpansion struct {
   180  	Key string      `json:"key"`
   181  	Obj interface{} `json:"obj"`
   182  }
   183  
   184  // ExtractExpansionObj extracts the `obj` field from a sig expansion and verifies the
   185  // hash of the content matches the expected id. This is reusable beyond WotVouchChainLink.
   186  func ExtractExpansionObj(expansionID string, expansionJSON string) (expansionObj []byte, err error) {
   187  	var expansions map[string]sigExpansion
   188  	err = json.Unmarshal([]byte(expansionJSON), &expansions)
   189  	if err != nil {
   190  		return nil, err
   191  	}
   192  	expansion, ok := expansions[expansionID]
   193  	if !ok {
   194  		return nil, fmt.Errorf("expansion %s does not exist", expansionID)
   195  	}
   196  
   197  	// verify the hash of the expansion object payload matches the expension id
   198  	objBytes, err := json.Marshal(expansion.Obj)
   199  	if err != nil {
   200  		return nil, err
   201  	}
   202  	hmacKey, err := hex.DecodeString(expansion.Key)
   203  	if err != nil {
   204  		return nil, err
   205  	}
   206  	mac := hmac.New(sha256.New, hmacKey)
   207  	if _, err := mac.Write(objBytes); err != nil {
   208  		return nil, err
   209  	}
   210  	sum := mac.Sum(nil)
   211  	expectedID := hex.EncodeToString(sum)
   212  	if expectedID != expansionID {
   213  		return nil, fmt.Errorf("expansion id doesn't match expected value %s != %s", expansionID, expectedID)
   214  	}
   215  	return objBytes, nil
   216  }
   217  
   218  func EmbedExpansionObj(statement *jsonw.Wrapper) (expansion *jsonw.Wrapper, sum []byte, err error) {
   219  	outer := jsonw.NewDictionary()
   220  	inner := jsonw.NewDictionary()
   221  	if err := inner.SetKey("obj", statement); err != nil {
   222  		return nil, nil, err
   223  	}
   224  	randKey, err := RandBytes(16)
   225  	if err != nil {
   226  		return nil, nil, err
   227  	}
   228  	hexKey := hex.EncodeToString(randKey)
   229  	if err := inner.SetKey("key", jsonw.NewString(hexKey)); err != nil {
   230  		return nil, nil, err
   231  	}
   232  	marshaled, err := statement.Marshal()
   233  	if err != nil {
   234  		return nil, nil, err
   235  	}
   236  	mac := hmac.New(sha256.New, randKey)
   237  	if _, err := mac.Write(marshaled); err != nil {
   238  		return nil, nil, err
   239  	}
   240  	sum = mac.Sum(nil)
   241  	if err := outer.SetKey(hex.EncodeToString(sum), inner); err != nil {
   242  		return nil, nil, err
   243  	}
   244  	return outer, sum, nil
   245  }
   246  
   247  // =========================================================================
   248  // Remote, Web and Social
   249  type RemoteProofChainLink interface {
   250  	TypedChainLink
   251  	DisplayPriorityKey() string
   252  	TableKey() string
   253  	LastWriterWins() bool
   254  	GetRemoteUsername() string
   255  	GetHostname() string
   256  	GetProtocol() string
   257  	DisplayCheck(m MetaContext, ui IdentifyUI, lcr LinkCheckResult) error
   258  	ToTrackingStatement(keybase1.ProofState) (*jsonw.Wrapper, error)
   259  	CheckDataJSON() *jsonw.Wrapper
   260  	ToIDString() string
   261  	ToKeyValuePair() (string, string)
   262  	ComputeTrackDiff(tl *TrackLookup) TrackDiff
   263  	GetProofType() keybase1.ProofType
   264  	ProofText() string
   265  }
   266  
   267  type WebProofChainLink struct {
   268  	GenericChainLink
   269  	protocol  string
   270  	hostname  string
   271  	proofText string
   272  }
   273  
   274  type SocialProofChainLink struct {
   275  	GenericChainLink
   276  	service   string
   277  	username  string
   278  	proofText string
   279  	// signifies a GENERIC_SOCIAL link from a parameterized proof
   280  	isGeneric bool
   281  }
   282  
   283  func (w *WebProofChainLink) DisplayPriorityKey() string {
   284  	return w.protocol
   285  }
   286  
   287  func (w *WebProofChainLink) TableKey() string {
   288  	if w.protocol == "https" {
   289  		return "http"
   290  	}
   291  	return w.protocol
   292  }
   293  
   294  func (w *WebProofChainLink) GetProofType() keybase1.ProofType {
   295  	if w.protocol == "dns" {
   296  		return keybase1.ProofType_DNS
   297  	}
   298  	return keybase1.ProofType_GENERIC_WEB_SITE
   299  }
   300  
   301  func (w *WebProofChainLink) ToTrackingStatement(state keybase1.ProofState) (*jsonw.Wrapper, error) {
   302  	ret := w.BaseToTrackingStatement(state)
   303  	remoteProofToTrackingStatement(w, ret)
   304  	return ret, nil
   305  }
   306  
   307  func (w *WebProofChainLink) DisplayCheck(m MetaContext, ui IdentifyUI, lcr LinkCheckResult) error {
   308  	return ui.FinishWebProofCheck(m, ExportRemoteProof(w), lcr.Export())
   309  }
   310  
   311  func (w *WebProofChainLink) Type() string { return "proof" }
   312  func (w *WebProofChainLink) insertIntoTable(tab *IdentityTable) {
   313  	remoteProofInsertIntoTable(w, tab)
   314  }
   315  func (w *WebProofChainLink) ToDisplayString() string {
   316  	return w.protocol + "://" + w.hostname
   317  }
   318  func (w *WebProofChainLink) LastWriterWins() bool      { return false }
   319  func (w *WebProofChainLink) GetRemoteUsername() string { return "" }
   320  func (w *WebProofChainLink) GetHostname() string       { return w.hostname }
   321  func (w *WebProofChainLink) GetProtocol() string       { return w.protocol }
   322  func (w *WebProofChainLink) ProofText() string         { return w.proofText }
   323  
   324  func (w *WebProofChainLink) CheckDataJSON() *jsonw.Wrapper {
   325  	ret := jsonw.NewDictionary()
   326  	if w.protocol == "dns" {
   327  		_ = ret.SetKey("protocol", jsonw.NewString(w.protocol))
   328  		_ = ret.SetKey("domain", jsonw.NewString(w.hostname))
   329  
   330  	} else {
   331  		_ = ret.SetKey("protocol", jsonw.NewString(w.protocol+":"))
   332  		_ = ret.SetKey("hostname", jsonw.NewString(w.hostname))
   333  	}
   334  	return ret
   335  }
   336  func (w *WebProofChainLink) ToIDString() string { return w.ToDisplayString() }
   337  func (w *WebProofChainLink) ToKeyValuePair() (string, string) {
   338  	return w.GetProtocol(), w.GetHostname()
   339  }
   340  
   341  func (w *WebProofChainLink) ComputeTrackDiff(tl *TrackLookup) (res TrackDiff) {
   342  
   343  	find := func(list []string) bool {
   344  		for _, e := range list {
   345  			if Cicmp(e, w.hostname) {
   346  				return true
   347  			}
   348  		}
   349  		return false
   350  	}
   351  	if find(tl.ids[w.protocol]) {
   352  		res = TrackDiffNone{}
   353  	} else if w.protocol == "https" && find(tl.ids["http"]) {
   354  		res = TrackDiffUpgraded{"http", "https"}
   355  	} else {
   356  		res = TrackDiffNew{}
   357  	}
   358  	return
   359  }
   360  
   361  func (s *SocialProofChainLink) DisplayPriorityKey() string {
   362  	return s.TableKey()
   363  }
   364  func (s *SocialProofChainLink) TableKey() string { return s.service }
   365  func (s *SocialProofChainLink) Type() string     { return "proof" }
   366  func (s *SocialProofChainLink) insertIntoTable(tab *IdentityTable) {
   367  	remoteProofInsertIntoTable(s, tab)
   368  }
   369  func (s *SocialProofChainLink) ToDisplayString() string {
   370  	return s.username + "@" + s.service
   371  }
   372  func (s *SocialProofChainLink) LastWriterWins() bool      { return true }
   373  func (s *SocialProofChainLink) GetRemoteUsername() string { return s.username }
   374  func (s *SocialProofChainLink) GetHostname() string       { return "" }
   375  func (s *SocialProofChainLink) GetProtocol() string       { return "" }
   376  func (s *SocialProofChainLink) ProofText() string         { return s.proofText }
   377  func (s *SocialProofChainLink) ToIDString() string        { return s.ToDisplayString() }
   378  func (s *SocialProofChainLink) ToKeyValuePair() (string, string) {
   379  	return s.service, s.username
   380  }
   381  func (s *SocialProofChainLink) GetService() string { return s.service }
   382  
   383  func (s *SocialProofChainLink) ToTrackingStatement(state keybase1.ProofState) (*jsonw.Wrapper, error) {
   384  	ret := s.BaseToTrackingStatement(state)
   385  	remoteProofToTrackingStatement(s, ret)
   386  	return ret, nil
   387  }
   388  
   389  func (s *SocialProofChainLink) ComputeTrackDiff(tl *TrackLookup) TrackDiff {
   390  	k, v := s.ToKeyValuePair()
   391  	if list, found := tl.ids[k]; !found || len(list) == 0 {
   392  		return TrackDiffNew{}
   393  	} else if expected := list[len(list)-1]; !Cicmp(expected, v) {
   394  		return TrackDiffClash{observed: v, expected: expected}
   395  	} else {
   396  		return TrackDiffNone{}
   397  	}
   398  }
   399  
   400  func (s *SocialProofChainLink) DisplayCheck(m MetaContext, ui IdentifyUI, lcr LinkCheckResult) error {
   401  	return ui.FinishSocialProofCheck(m, ExportRemoteProof(s), lcr.Export())
   402  }
   403  
   404  func (s *SocialProofChainLink) CheckDataJSON() *jsonw.Wrapper {
   405  	ret := jsonw.NewDictionary()
   406  	_ = ret.SetKey("username", jsonw.NewString(s.username))
   407  	_ = ret.SetKey("name", jsonw.NewString(s.service))
   408  	return ret
   409  }
   410  
   411  func (s *SocialProofChainLink) GetProofType() keybase1.ProofType {
   412  	if s.isGeneric {
   413  		return keybase1.ProofType_GENERIC_SOCIAL
   414  	}
   415  	return RemoteServiceTypes[s.service]
   416  }
   417  
   418  var _ RemoteProofChainLink = (*SocialProofChainLink)(nil)
   419  var _ RemoteProofChainLink = (*WebProofChainLink)(nil)
   420  
   421  func NewWebProofChainLink(b GenericChainLink, p, h, proofText string) *WebProofChainLink {
   422  	return &WebProofChainLink{b, p, h, proofText}
   423  }
   424  
   425  func NewSocialProofChainLink(b GenericChainLink, s, u, proofText string) *SocialProofChainLink {
   426  	_, found := RemoteServiceTypes[s]
   427  	return &SocialProofChainLink{
   428  		GenericChainLink: b,
   429  		service:          s,
   430  		username:         u,
   431  		proofText:        proofText,
   432  		isGeneric:        !found,
   433  	}
   434  }
   435  
   436  // =========================================================================
   437  
   438  // Can be used to either parse a proof `service` JSON block, or a
   439  // `remote_key_proof` JSON block in a tracking statement.
   440  type ServiceBlock struct {
   441  	social     bool
   442  	typ        string
   443  	id         string
   444  	proofState keybase1.ProofState
   445  	proofType  keybase1.ProofType
   446  }
   447  
   448  func (sb ServiceBlock) GetProofState() keybase1.ProofState { return sb.proofState }
   449  
   450  func (sb ServiceBlock) IsSocial() bool { return sb.social }
   451  
   452  func (sb ServiceBlock) ToIDString() string {
   453  	if sb.social {
   454  		return sb.id + "@" + sb.typ
   455  	}
   456  	return sb.typ + "://" + sb.id
   457  }
   458  
   459  func (sb ServiceBlock) ToKeyValuePair() (string, string) {
   460  	return sb.typ, sb.id
   461  }
   462  
   463  func (sb ServiceBlock) LastWriterWins() bool {
   464  	return sb.social
   465  }
   466  
   467  func (sb ServiceBlock) GetProofType() keybase1.ProofType { return sb.proofType }
   468  
   469  func ParseServiceBlock(jw *jsonw.Wrapper, pt keybase1.ProofType) (sb *ServiceBlock, err error) {
   470  	var social bool
   471  	var typ, id string
   472  
   473  	if prot, e1 := jw.AtKey("protocol").GetString(); e1 == nil {
   474  
   475  		var hostname string
   476  
   477  		jw.AtKey("hostname").GetStringVoid(&hostname, &e1)
   478  		if e1 == nil {
   479  			switch prot {
   480  			case "http:":
   481  				typ, id = "http", hostname
   482  			case "https:":
   483  				typ, id = "https", hostname
   484  			}
   485  		} else if domain, e2 := jw.AtKey("domain").GetString(); e2 == nil && prot == "dns" {
   486  			typ, id = "dns", domain
   487  		}
   488  	} else {
   489  
   490  		var e2 error
   491  
   492  		jw.AtKey("name").GetStringVoid(&typ, &e2)
   493  		jw.AtKey("username").GetStringVoid(&id, &e2)
   494  		if e2 != nil {
   495  			id, typ = "", ""
   496  		} else {
   497  			social = true
   498  		}
   499  	}
   500  
   501  	if len(typ) == 0 {
   502  		err = fmt.Errorf("Unrecognized Web proof @%s", jw.MarshalToDebug())
   503  	}
   504  	sb = &ServiceBlock{social: social, typ: typ, id: id, proofType: pt}
   505  	return
   506  }
   507  
   508  // To be used for signatures in a user's signature chain.
   509  func ParseWebServiceBinding(base GenericChainLink) (ret RemoteProofChainLink, err error) {
   510  	jw := base.UnmarshalPayloadJSON().AtKey("body").AtKey("service")
   511  	sptf := base.unpacked.proofText
   512  
   513  	if jw.IsNil() {
   514  		ret, err = ParseSelfSigChainLink(base)
   515  		if err != nil {
   516  			return nil, err
   517  		}
   518  	} else if sb, err := ParseServiceBlock(jw, keybase1.ProofType_NONE); err != nil {
   519  		err = fmt.Errorf("%s @%s", err, base.ToDebugString())
   520  		return nil, err
   521  	} else if sb.social {
   522  		ret = NewSocialProofChainLink(base, sb.typ, sb.id, sptf)
   523  	} else {
   524  		ret = NewWebProofChainLink(base, sb.typ, sb.id, sptf)
   525  	}
   526  
   527  	return ret, nil
   528  }
   529  
   530  func remoteProofInsertIntoTable(l RemoteProofChainLink, tab *IdentityTable) {
   531  	tab.insertLink(l)
   532  	tab.insertRemoteProof(l)
   533  }
   534  
   535  //
   536  // =========================================================================
   537  
   538  // =========================================================================
   539  // TrackChainLink
   540  type TrackChainLink struct {
   541  	GenericChainLink
   542  	whomUsername  NormalizedUsername
   543  	whomUID       keybase1.UID
   544  	untrack       *UntrackChainLink
   545  	local         bool
   546  	tmpExpireTime time.Time // should only be relevant if local is set to true
   547  }
   548  
   549  func (l TrackChainLink) IsRemote() bool {
   550  	return !l.local
   551  }
   552  
   553  func ParseTrackChainLink(b GenericChainLink) (ret *TrackChainLink, err error) {
   554  	payload := b.UnmarshalPayloadJSON()
   555  	var tmp string
   556  	tmp, err = payload.AtPath("body.track.basics.username").GetString()
   557  	if err != nil {
   558  		err = fmt.Errorf("Bad track statement @%s: %s", b.ToDebugString(), err)
   559  		return
   560  	}
   561  	whomUsername := NewNormalizedUsername(tmp)
   562  
   563  	whomUID, err := GetUID(payload.AtPath("body.track.id"))
   564  	if err != nil {
   565  		err = fmt.Errorf("Bad track statement @%s: %s", b.ToDebugString(), err)
   566  		return
   567  	}
   568  
   569  	ret = &TrackChainLink{b, whomUsername, whomUID, nil, false, time.Time{}}
   570  	return
   571  }
   572  
   573  func (l *TrackChainLink) Type() string { return "track" }
   574  
   575  func (l *TrackChainLink) ToDisplayString() string {
   576  	return l.whomUsername.String()
   577  }
   578  
   579  func (l *TrackChainLink) GetTmpExpireTime() (ret time.Time) {
   580  	if l.local {
   581  		ret = l.tmpExpireTime
   582  	}
   583  	return ret
   584  }
   585  
   586  func (l *TrackChainLink) insertIntoTable(tab *IdentityTable) {
   587  	tab.insertLink(l)
   588  	tab.tracks[l.whomUsername] = append(tab.tracks[l.whomUsername], l)
   589  }
   590  
   591  type TrackedKey struct {
   592  	KID         keybase1.KID
   593  	Fingerprint *PGPFingerprint
   594  }
   595  
   596  func trackedKeyFromJSON(jw *jsonw.Wrapper) (TrackedKey, error) {
   597  	var ret TrackedKey
   598  	kid, err := GetKID(jw.AtKey("kid"))
   599  	if err != nil {
   600  		return TrackedKey{}, err
   601  	}
   602  	ret.KID = kid
   603  
   604  	// It's ok if key_fingerprint doesn't exist.  But if it does, then include it:
   605  	fp, err := GetPGPFingerprint(jw.AtKey("key_fingerprint"))
   606  	if err == nil && fp != nil {
   607  		ret.Fingerprint = fp
   608  	}
   609  	return ret, nil
   610  }
   611  
   612  func (l *TrackChainLink) GetTrackedKeys() ([]TrackedKey, error) {
   613  	// presumably order is important, so we'll only use the map as a set
   614  	// to deduplicate keys.
   615  	set := make(map[keybase1.KID]bool)
   616  
   617  	var res []TrackedKey
   618  
   619  	pgpKeysJSON := l.UnmarshalPayloadJSON().AtPath("body.track.pgp_keys")
   620  	if !pgpKeysJSON.IsNil() {
   621  		n, err := pgpKeysJSON.Len()
   622  		if err != nil {
   623  			return nil, err
   624  		}
   625  		for i := 0; i < n; i++ {
   626  			keyJSON := pgpKeysJSON.AtIndex(i)
   627  			tracked, err := trackedKeyFromJSON(keyJSON)
   628  			if err != nil {
   629  				return nil, err
   630  			}
   631  			if !set[tracked.KID] {
   632  				res = append(res, tracked)
   633  				set[tracked.KID] = true
   634  			}
   635  		}
   636  	}
   637  	return res, nil
   638  }
   639  
   640  func (l *TrackChainLink) GetEldestKID() (kid keybase1.KID, err error) {
   641  	keyJSON := l.UnmarshalPayloadJSON().AtPath("body.track.key")
   642  	if keyJSON.IsNil() {
   643  		return kid, nil
   644  	}
   645  	tracked, err := trackedKeyFromJSON(keyJSON)
   646  	if err != nil {
   647  		return kid, err
   648  	}
   649  	return tracked.KID, nil
   650  }
   651  
   652  func (l *TrackChainLink) GetTrackedUID() (keybase1.UID, error) {
   653  	return GetUID(l.UnmarshalPayloadJSON().AtPath("body.track.id"))
   654  }
   655  
   656  func (l *TrackChainLink) GetTrackedUsername() (NormalizedUsername, error) {
   657  	tmp, err := l.UnmarshalPayloadJSON().AtPath("body.track.basics.username").GetString()
   658  	if err != nil {
   659  		return NormalizedUsername(""), fmt.Errorf("no tracked username: %v", err)
   660  	}
   661  	return NewNormalizedUsername(tmp), err
   662  }
   663  
   664  func (l *TrackChainLink) IsRevoked() bool {
   665  	return l.revoked || l.untrack != nil
   666  }
   667  
   668  func (l *TrackChainLink) RemoteKeyProofs() *jsonw.Wrapper {
   669  	return l.UnmarshalPayloadJSON().AtPath("body.track.remote_proofs")
   670  }
   671  
   672  func (l *TrackChainLink) ToServiceBlocks() (ret []*ServiceBlock) {
   673  	w := l.RemoteKeyProofs()
   674  	ln, err := w.Len()
   675  	if err != nil {
   676  		return nil
   677  	}
   678  	for index := 0; index < ln; index++ {
   679  		proof := w.AtIndex(index).AtKey("remote_key_proof")
   680  		sb := convertTrackedProofToServiceBlock(l.G(), proof, index)
   681  		if sb != nil {
   682  			ret = append(ret, sb)
   683  		}
   684  	}
   685  	return ret
   686  }
   687  
   688  // Get the tail of the trackee's sigchain.
   689  func (l *TrackChainLink) GetTrackedLinkSeqno() (seqno keybase1.Seqno, err error) {
   690  	seqnoJSON := l.UnmarshalPayloadJSON().AtPath("body.track.seq_tail.seqno")
   691  	if seqnoJSON.IsNil() {
   692  		return seqno, nil
   693  	}
   694  	i64, err := seqnoJSON.GetInt64()
   695  	if err != nil {
   696  		return seqno, err
   697  	}
   698  	return keybase1.Seqno(i64), nil
   699  }
   700  
   701  // convertTrackedProofToServiceBlock will take a JSON stanza from a track statement, and convert it
   702  // to a ServiceBlock if it fails some important sanity checks. We check that the JSON stanza is
   703  // well-formed, and that it's not for a defunct proof type (like Coinbase). If all succeeds,
   704  // we output a service block that can entered into found-versus-tracked comparison logic.
   705  // The `index` provided is what index this JSON stanza is in the overall track statement.
   706  func convertTrackedProofToServiceBlock(g *GlobalContext, proof *jsonw.Wrapper, index int) (ret *ServiceBlock) {
   707  	var i, t int
   708  	var err error
   709  	i, err = proof.AtKey("state").GetInt()
   710  	if err != nil {
   711  		g.Log.Warning("Bad 'state' in track statement: %s", err)
   712  		return nil
   713  	}
   714  	t, err = proof.AtKey("proof_type").GetInt()
   715  	if err != nil {
   716  		g.Log.Warning("Bad 'proof_type' in track statement: %s", err)
   717  		return nil
   718  	}
   719  	proofType := keybase1.ProofType(t)
   720  	if isProofTypeDefunct(g, proofType) {
   721  		g.Log.Debug("Ignoring now defunct proof type %q at index=%d", proofType, index)
   722  		return nil
   723  	}
   724  	ret, err = ParseServiceBlock(proof.AtKey("check_data_json"), proofType)
   725  	if err != nil {
   726  		g.Log.Warning("Bad remote_key_proof.check_data_json: %s", err)
   727  		return nil
   728  	}
   729  
   730  	ret.proofState = keybase1.ProofState(i)
   731  	if ret.proofState != keybase1.ProofState_OK {
   732  		g.Log.Debug("Including broken proof at index=%d (proof state=%d)", index, ret.proofState)
   733  	}
   734  	return ret
   735  }
   736  
   737  func (l *TrackChainLink) DoOwnNewLinkFromServerNotifications(g *GlobalContext) {
   738  	g.Log.Debug("Post notification for new TrackChainLink")
   739  	g.NotifyRouter.HandleTrackingChanged(l.whomUID, l.whomUsername, true)
   740  }
   741  
   742  //
   743  // =========================================================================
   744  
   745  // =========================================================================
   746  // EldestChainLink
   747  //
   748  
   749  type EldestChainLink struct {
   750  	GenericChainLink
   751  	kid    keybase1.KID
   752  	device *Device
   753  }
   754  
   755  func ParseEldestChainLink(b GenericChainLink) (ret *EldestChainLink, err error) {
   756  	var kid keybase1.KID
   757  	var device *Device
   758  
   759  	payload := b.UnmarshalPayloadJSON()
   760  	if kid, err = GetKID(payload.AtPath("body.key.kid")); err != nil {
   761  		err = ChainLinkError{fmt.Sprintf("Bad eldest statement @%s: %s", b.ToDebugString(), err)}
   762  		return
   763  	}
   764  
   765  	if jw := payload.AtPath("body.device"); !jw.IsNil() {
   766  		if device, err = ParseDevice(jw, b.GetCTime()); err != nil {
   767  			return
   768  		}
   769  	}
   770  
   771  	ret = &EldestChainLink{b, kid, device}
   772  	return
   773  }
   774  
   775  func (s *EldestChainLink) GetDelegatedKid() keybase1.KID { return s.kid }
   776  func (s *EldestChainLink) GetRole() KeyRole              { return DLGSibkey }
   777  func (s *EldestChainLink) Type() string                  { return string(DelegationTypeEldest) }
   778  func (s *EldestChainLink) ToDisplayString() string       { return s.kid.String() }
   779  func (s *EldestChainLink) GetDevice() *Device            { return s.device }
   780  func (s *EldestChainLink) GetPGPFullHash() string        { return s.extractPGPFullHash("key") }
   781  func (s *EldestChainLink) insertIntoTable(tab *IdentityTable) {
   782  	tab.insertLink(s)
   783  }
   784  
   785  //
   786  // =========================================================================
   787  
   788  // =========================================================================
   789  // SibkeyChainLink
   790  //
   791  
   792  type SibkeyChainLink struct {
   793  	GenericChainLink
   794  	kid        keybase1.KID
   795  	device     *Device
   796  	reverseSig string
   797  }
   798  
   799  func ParseSibkeyChainLink(b GenericChainLink) (ret *SibkeyChainLink, err error) {
   800  	var kid keybase1.KID
   801  	var device *Device
   802  
   803  	payload := b.UnmarshalPayloadJSON()
   804  	if kid, err = GetKID(payload.AtPath("body.sibkey.kid")); err != nil {
   805  		err = ChainLinkError{fmt.Sprintf("Bad sibkey statement @%s: %s", b.ToDebugString(), err)}
   806  		return
   807  	}
   808  
   809  	var rs string
   810  	if rs, err = payload.AtPath("body.sibkey.reverse_sig").GetString(); err != nil {
   811  		err = ChainLinkError{fmt.Sprintf("Missing reverse_sig in sibkey delegation: @%s: %s",
   812  			b.ToDebugString(), err)}
   813  		return
   814  	}
   815  
   816  	if jw := payload.AtPath("body.device"); !jw.IsNil() {
   817  		if device, err = ParseDevice(jw, b.GetCTime()); err != nil {
   818  			return
   819  		}
   820  	}
   821  
   822  	ret = &SibkeyChainLink{b, kid, device, rs}
   823  	return
   824  }
   825  
   826  func (s *SibkeyChainLink) GetDelegatedKid() keybase1.KID { return s.kid }
   827  func (s *SibkeyChainLink) GetRole() KeyRole              { return DLGSibkey }
   828  func (s *SibkeyChainLink) Type() string                  { return string(DelegationTypeSibkey) }
   829  func (s *SibkeyChainLink) ToDisplayString() string       { return s.kid.String() }
   830  func (s *SibkeyChainLink) GetDevice() *Device            { return s.device }
   831  func (s *SibkeyChainLink) GetPGPFullHash() string        { return s.extractPGPFullHash("sibkey") }
   832  func (s *SibkeyChainLink) insertIntoTable(tab *IdentityTable) {
   833  	tab.insertLink(s)
   834  }
   835  
   836  //-------------------------------------
   837  
   838  func makeDeepCopy(w *jsonw.Wrapper) (ret *jsonw.Wrapper, err error) {
   839  	var b []byte
   840  	if b, err = w.Marshal(); err != nil {
   841  		return nil, err
   842  	}
   843  	return jsonw.Unmarshal(b)
   844  }
   845  
   846  //-------------------------------------
   847  
   848  // VerifyReverseSig checks a SibkeyChainLink's reverse signature using the ComputedKeyFamily provided.
   849  func (s *SibkeyChainLink) VerifyReverseSig(ckf ComputedKeyFamily) (err error) {
   850  	var key GenericKey
   851  
   852  	if key, err = ckf.FindKeyWithKIDUnsafe(s.GetDelegatedKid()); err != nil {
   853  		return err
   854  	}
   855  
   856  	return VerifyReverseSig(s.G(), key, "body.sibkey.reverse_sig", s.UnmarshalPayloadJSON(), s.reverseSig)
   857  }
   858  
   859  //
   860  // =========================================================================
   861  // SubkeyChainLink
   862  
   863  type SubkeyChainLink struct {
   864  	GenericChainLink
   865  	kid       keybase1.KID
   866  	parentKid keybase1.KID
   867  }
   868  
   869  func ParseSubkeyChainLink(b GenericChainLink) (ret *SubkeyChainLink, err error) {
   870  	var kid, pkid keybase1.KID
   871  	payload := b.UnmarshalPayloadJSON()
   872  	if kid, err = GetKID(payload.AtPath("body.subkey.kid")); err != nil {
   873  		err = ChainLinkError{fmt.Sprintf("Can't get KID for subkey @%s: %s", b.ToDebugString(), err)}
   874  	} else if pkid, err = GetKID(payload.AtPath("body.subkey.parent_kid")); err != nil {
   875  		err = ChainLinkError{fmt.Sprintf("Can't get parent_kid for subkey @%s: %s", b.ToDebugString(), err)}
   876  	} else {
   877  		ret = &SubkeyChainLink{b, kid, pkid}
   878  	}
   879  	return
   880  }
   881  
   882  func (s *SubkeyChainLink) Type() string                  { return string(DelegationTypeSubkey) }
   883  func (s *SubkeyChainLink) ToDisplayString() string       { return s.kid.String() }
   884  func (s *SubkeyChainLink) GetRole() KeyRole              { return DLGSubkey }
   885  func (s *SubkeyChainLink) GetDelegatedKid() keybase1.KID { return s.kid }
   886  func (s *SubkeyChainLink) GetParentKid() keybase1.KID    { return s.parentKid }
   887  func (s *SubkeyChainLink) insertIntoTable(tab *IdentityTable) {
   888  	tab.insertLink(s)
   889  }
   890  
   891  //
   892  // =========================================================================
   893  
   894  // =========================================================================
   895  // PerUserKeyChainLink
   896  
   897  type PerUserKeyChainLink struct {
   898  	GenericChainLink
   899  	// KID of the signing key derived from the per-user-secret.
   900  	sigKID keybase1.KID
   901  	// KID of the encryption key derived from the per-user-secret.
   902  	encKID     keybase1.KID
   903  	generation keybase1.PerUserKeyGeneration
   904  	reverseSig string
   905  }
   906  
   907  func ParsePerUserKeyChainLink(b GenericChainLink) (ret *PerUserKeyChainLink, err error) {
   908  	var sigKID, encKID keybase1.KID
   909  	var g int
   910  	var reverseSig string
   911  	section := b.UnmarshalPayloadJSON().AtPath("body.per_user_key")
   912  	if sigKID, err = GetKID(section.AtKey("signing_kid")); err != nil {
   913  		err = ChainLinkError{fmt.Sprintf("Can't get signing KID for per_user_secret: @%s: %s", b.ToDebugString(), err)}
   914  	} else if encKID, err = GetKID(section.AtKey("encryption_kid")); err != nil {
   915  		err = ChainLinkError{fmt.Sprintf("Can't get encryption KID for per_user_secret: @%s: %s", b.ToDebugString(), err)}
   916  	} else if g, err = section.AtKey("generation").GetInt(); err != nil {
   917  		err = ChainLinkError{fmt.Sprintf("Can't get generation for per_user_secret @%s: %s", b.ToDebugString(), err)}
   918  	} else if reverseSig, err = section.AtKey("reverse_sig").GetString(); err != nil {
   919  		err = ChainLinkError{fmt.Sprintf("Missing reverse_sig in per-user-key section: @%s: %s", b.ToDebugString(), err)}
   920  	} else {
   921  		ret = &PerUserKeyChainLink{b, sigKID, encKID, keybase1.PerUserKeyGeneration(g), reverseSig}
   922  	}
   923  	return ret, err
   924  }
   925  
   926  func (s *PerUserKeyChainLink) Type() string { return string(LinkTypePerUserKey) }
   927  func (s *PerUserKeyChainLink) ToDisplayString() string {
   928  	return s.sigKID.String() + " + " + s.encKID.String()
   929  }
   930  
   931  // Don't consider per-user-keys as normal delegations. Because they have
   932  // multiple kids and initially can't delegate further. They are handled
   933  // separately by the sigchain loader.
   934  func (s *PerUserKeyChainLink) GetRole() KeyRole                    { return DLGNone }
   935  func (s *PerUserKeyChainLink) GetDelegatedKid() (res keybase1.KID) { return }
   936  func (s *PerUserKeyChainLink) insertIntoTable(tab *IdentityTable) {
   937  	tab.insertLink(s)
   938  }
   939  
   940  func (s *PerUserKeyChainLink) ToPerUserKey() keybase1.PerUserKey {
   941  	return keybase1.PerUserKey{
   942  		Gen:         int(s.generation),
   943  		Seqno:       s.GetSeqno(),
   944  		SigKID:      s.sigKID,
   945  		EncKID:      s.encKID,
   946  		SignedByKID: s.GetKID(),
   947  	}
   948  }
   949  
   950  //-------------------------------------
   951  
   952  // VerifyReverseSig checks a SibkeyChainLink's reverse signature using the ComputedKeyFamily provided.
   953  func (s *PerUserKeyChainLink) VerifyReverseSig(_ ComputedKeyFamily) (err error) {
   954  	key, err := ImportNaclSigningKeyPairFromHex(s.sigKID.String())
   955  	if err != nil {
   956  		return fmt.Errorf("Invalid per-user signing KID: %s", s.sigKID)
   957  	}
   958  
   959  	return VerifyReverseSig(s.G(), key, "body.per_user_key.reverse_sig", s.UnmarshalPayloadJSON(), s.reverseSig)
   960  }
   961  
   962  //
   963  // =========================================================================
   964  // PGPUpdateChainLink
   965  //
   966  
   967  // PGPUpdateChainLink represents a chain link which marks a new version of a
   968  // PGP key as current. The KID and a new full hash are included in the
   969  // pgp_update section of the body.
   970  type PGPUpdateChainLink struct {
   971  	GenericChainLink
   972  	kid keybase1.KID
   973  }
   974  
   975  // ParsePGPUpdateChainLink creates a PGPUpdateChainLink from a GenericChainLink
   976  // and verifies that its pgp_update section contains a KID and full_hash
   977  func ParsePGPUpdateChainLink(b GenericChainLink) (ret *PGPUpdateChainLink, err error) {
   978  	var kid keybase1.KID
   979  
   980  	pgpUpdate := b.UnmarshalPayloadJSON().AtPath("body.pgp_update")
   981  
   982  	if pgpUpdate.IsNil() {
   983  		err = ChainLinkError{fmt.Sprintf("missing pgp_update section @%s", b.ToDebugString())}
   984  		return
   985  	}
   986  
   987  	if kid, err = GetKID(pgpUpdate.AtKey("kid")); err != nil {
   988  		err = ChainLinkError{fmt.Sprintf("Missing kid @%s: %s", b.ToDebugString(), err)}
   989  		return
   990  	}
   991  
   992  	ret = &PGPUpdateChainLink{b, kid}
   993  
   994  	if fh := ret.GetPGPFullHash(); fh == "" {
   995  		err = ChainLinkError{fmt.Sprintf("Missing full_hash @%s", b.ToDebugString())}
   996  		ret = nil
   997  		return
   998  	}
   999  
  1000  	return
  1001  }
  1002  
  1003  func (l *PGPUpdateChainLink) Type() string                       { return string(DelegationTypePGPUpdate) }
  1004  func (l *PGPUpdateChainLink) ToDisplayString() string            { return l.kid.String() }
  1005  func (l *PGPUpdateChainLink) GetPGPFullHash() string             { return l.extractPGPFullHash("pgp_update") }
  1006  func (l *PGPUpdateChainLink) insertIntoTable(tab *IdentityTable) { tab.insertLink(l) }
  1007  
  1008  //
  1009  // =========================================================================
  1010  //
  1011  
  1012  type DeviceChainLink struct {
  1013  	GenericChainLink
  1014  	device *Device
  1015  }
  1016  
  1017  func ParseDeviceChainLink(b GenericChainLink) (ret *DeviceChainLink, err error) {
  1018  	var dobj *Device
  1019  	if dobj, err = ParseDevice(b.UnmarshalPayloadJSON().AtPath("body.device"), b.GetCTime()); err != nil {
  1020  	} else {
  1021  		ret = &DeviceChainLink{b, dobj}
  1022  	}
  1023  	return
  1024  }
  1025  
  1026  func (s *DeviceChainLink) GetDevice() *Device { return s.device }
  1027  func (s *DeviceChainLink) insertIntoTable(tab *IdentityTable) {
  1028  	tab.insertLink(s)
  1029  }
  1030  
  1031  //
  1032  // =========================================================================
  1033  // WalletStellarChainLink
  1034  
  1035  type WalletStellarChainLink struct {
  1036  	GenericChainLink
  1037  	addressKID keybase1.KID
  1038  	reverseSig string
  1039  	address    string
  1040  	network    string
  1041  	name       string
  1042  }
  1043  
  1044  func ParseWalletStellarChainLink(b GenericChainLink) (ret *WalletStellarChainLink, err error) {
  1045  	ret = &WalletStellarChainLink{GenericChainLink: b}
  1046  	mkErr := func(format string, args ...interface{}) error {
  1047  		return ChainLinkError{fmt.Sprintf(format, args...) + fmt.Sprintf(" @%s", b.ToDebugString())}
  1048  	}
  1049  	bodyW := b.UnmarshalPayloadJSON()
  1050  	walletSection := bodyW.AtPath("body.wallet")
  1051  	walletKeySection := bodyW.AtPath("body.wallet_key")
  1052  	ret.addressKID, err = GetKID(walletKeySection.AtKey("kid"))
  1053  	if err != nil {
  1054  		return nil, mkErr("Can't get address KID: %v", err)
  1055  	}
  1056  	ret.reverseSig, err = walletKeySection.AtKey("reverse_sig").GetString()
  1057  	if err != nil {
  1058  		return nil, mkErr("Missing reverse_sig: %v", err)
  1059  	}
  1060  	ret.address, err = walletSection.AtKey("address").GetString()
  1061  	if err != nil {
  1062  		return nil, mkErr("Can't get address: %v", err)
  1063  	}
  1064  	ret.network, err = walletSection.AtKey("network").GetString()
  1065  	if err != nil {
  1066  		return nil, mkErr("Can't get address network: %v", err)
  1067  	}
  1068  	nameOption := walletSection.AtKey("name")
  1069  	if !nameOption.IsNil() {
  1070  		ret.name, err = nameOption.GetString()
  1071  		if err != nil {
  1072  			return nil, mkErr("Can't get account name: %v", err)
  1073  		}
  1074  	}
  1075  
  1076  	// Check the network and that the keys match.
  1077  	if ret.network != string(WalletNetworkStellar) {
  1078  		return nil, mkErr("Unsupported wallet network '%v'", ret.network)
  1079  	}
  1080  	accountKey, err := MakeNaclSigningKeyPairFromStellarAccountID(stellar1.AccountID(ret.address))
  1081  	if err != nil {
  1082  		return nil, mkErr("Invalid stellar account address: '%v'", ret.address)
  1083  	}
  1084  	if !ret.addressKID.Equal(accountKey.GetKID()) {
  1085  		return nil, mkErr("Mismatched wallet keys: '%v' <-/-> '%v", ret.addressKID, ret.address)
  1086  	}
  1087  
  1088  	return ret, nil
  1089  }
  1090  
  1091  func (s *WalletStellarChainLink) Type() string { return string(LinkTypeWalletStellar) }
  1092  func (s *WalletStellarChainLink) ToDisplayString() string {
  1093  	return fmt.Sprintf("%v %v %v %v", s.network, s.name, s.address, s.addressKID.String())
  1094  }
  1095  func (s *WalletStellarChainLink) insertIntoTable(tab *IdentityTable) {
  1096  	tab.insertLink(s)
  1097  	if tab.stellar == nil || tab.stellar.GetSeqno() <= s.GetSeqno() {
  1098  		tab.stellar = s
  1099  	}
  1100  }
  1101  
  1102  // VerifyReverseSig checks a SibkeyChainLink's reverse signature using the ComputedKeyFamily provided.
  1103  func (s *WalletStellarChainLink) VerifyReverseSig(_ ComputedKeyFamily) (err error) {
  1104  	key, err := ImportNaclSigningKeyPairFromHex(s.addressKID.String())
  1105  	if err != nil {
  1106  		return fmt.Errorf("Invalid wallet reverse signing KID: %s", s.addressKID)
  1107  	}
  1108  
  1109  	return VerifyReverseSig(s.G(), key, "body.wallet_key.reverse_sig", s.UnmarshalPayloadJSON(), s.reverseSig)
  1110  }
  1111  
  1112  func (s *WalletStellarChainLink) Display(m MetaContext, ui IdentifyUI) error {
  1113  	// First get an up to date user card, since hiding the Stellar address affects it.
  1114  	card, err := UserCard(m, s.GetUID(), true)
  1115  	if err != nil {
  1116  		m.Info("Could not get usercard, so skipping displaying stellar chain link: %s.", err)
  1117  		return nil
  1118  	}
  1119  	selfUID := m.G().Env.GetUID()
  1120  	if selfUID.IsNil() {
  1121  		m.G().Log.Warning("Could not get self UID for api")
  1122  	}
  1123  	if card.StellarHidden && !selfUID.Equal(s.GetUID()) {
  1124  		return nil
  1125  	}
  1126  	return ui.DisplayStellarAccount(m, keybase1.StellarAccount{
  1127  		AccountID:         s.address,
  1128  		FederationAddress: fmt.Sprintf("%s*keybase.io", s.GetUsername()),
  1129  		SigID:             s.GetSigID(),
  1130  		Hidden:            card.StellarHidden,
  1131  	})
  1132  }
  1133  
  1134  //
  1135  // =========================================================================
  1136  // UntrackChainLink
  1137  
  1138  type UntrackChainLink struct {
  1139  	GenericChainLink
  1140  	whomUsername NormalizedUsername
  1141  	whomUID      keybase1.UID
  1142  }
  1143  
  1144  func ParseUntrackChainLink(b GenericChainLink) (ret *UntrackChainLink, err error) {
  1145  	var tmp string
  1146  	payload := b.UnmarshalPayloadJSON()
  1147  	tmp, err = payload.AtPath("body.untrack.basics.username").GetString()
  1148  	if err != nil {
  1149  		err = fmt.Errorf("Bad track statement @%s: %s", b.ToDebugString(), err)
  1150  		return
  1151  	}
  1152  	whomUsername := NewNormalizedUsername(tmp)
  1153  
  1154  	whomUID, err := GetUID(payload.AtPath("body.untrack.id"))
  1155  	if err != nil {
  1156  		err = fmt.Errorf("Bad track statement @%s: %s", b.ToDebugString(), err)
  1157  		return
  1158  	}
  1159  
  1160  	ret = &UntrackChainLink{b, whomUsername, whomUID}
  1161  	return
  1162  }
  1163  
  1164  func (u *UntrackChainLink) insertIntoTable(tab *IdentityTable) {
  1165  	tab.insertLink(u)
  1166  	if list, found := tab.tracks[u.whomUsername]; !found {
  1167  		u.G().Log.Debug("| Useless untrack of %s; no previous tracking statement found",
  1168  			u.whomUsername)
  1169  	} else {
  1170  		for _, obj := range list {
  1171  			obj.untrack = u
  1172  		}
  1173  	}
  1174  }
  1175  
  1176  func (u *UntrackChainLink) ToDisplayString() string {
  1177  	return u.whomUsername.String()
  1178  }
  1179  
  1180  func (u *UntrackChainLink) Type() string { return "untrack" }
  1181  
  1182  func (u *UntrackChainLink) IsRevocationIsh() bool { return true }
  1183  
  1184  func (u *UntrackChainLink) DoOwnNewLinkFromServerNotifications(g *GlobalContext) {
  1185  	g.Log.Debug("Post notification for new UntrackChainLink")
  1186  	g.NotifyRouter.HandleTrackingChanged(u.whomUID, u.whomUsername, false)
  1187  }
  1188  
  1189  //
  1190  // =========================================================================
  1191  
  1192  // =========================================================================
  1193  // CryptocurrencyChainLink
  1194  
  1195  type CryptocurrencyChainLink struct {
  1196  	GenericChainLink
  1197  	pkhash  []byte
  1198  	address string
  1199  	typ     CryptocurrencyType
  1200  }
  1201  
  1202  func (c CryptocurrencyChainLink) GetAddress() string {
  1203  	return c.address
  1204  }
  1205  
  1206  func ParseCryptocurrencyChainLink(b GenericChainLink) (
  1207  	cl *CryptocurrencyChainLink, err error) {
  1208  
  1209  	jw := b.UnmarshalPayloadJSON().AtPath("body.cryptocurrency")
  1210  	var styp, addr string
  1211  	var pkhash []byte
  1212  
  1213  	jw.AtKey("type").GetStringVoid(&styp, &err)
  1214  	jw.AtKey("address").GetStringVoid(&addr, &err)
  1215  
  1216  	if err != nil {
  1217  		return
  1218  	}
  1219  
  1220  	var typ CryptocurrencyType
  1221  	typ, pkhash, err = CryptocurrencyParseAndCheck(addr)
  1222  	if err != nil {
  1223  		err = fmt.Errorf("At signature %s: %s", b.ToDebugString(), err)
  1224  		return
  1225  	}
  1226  	if styp != typ.String() {
  1227  		err = fmt.Errorf("Got %q type but wanted %q at: %s", styp, typ.String(), b.ToDebugString())
  1228  		return
  1229  	}
  1230  
  1231  	cl = &CryptocurrencyChainLink{b, pkhash, addr, typ}
  1232  	return
  1233  }
  1234  
  1235  func (c *CryptocurrencyChainLink) Type() string { return "cryptocurrency" }
  1236  
  1237  func (c *CryptocurrencyChainLink) ToDisplayString() string { return c.address }
  1238  
  1239  func (c *CryptocurrencyChainLink) insertIntoTable(tab *IdentityTable) {
  1240  	tab.insertLink(c)
  1241  	tab.cryptocurrency = append(tab.cryptocurrency, c)
  1242  }
  1243  
  1244  func (c CryptocurrencyChainLink) Display(m MetaContext, ui IdentifyUI) error {
  1245  	return ui.DisplayCryptocurrency(m, c.Export())
  1246  }
  1247  
  1248  //
  1249  // =========================================================================
  1250  
  1251  // =========================================================================
  1252  // RevokeChainLink
  1253  
  1254  type RevokeChainLink struct {
  1255  	GenericChainLink
  1256  	device *Device
  1257  }
  1258  
  1259  func ParseRevokeChainLink(b GenericChainLink) (ret *RevokeChainLink, err error) {
  1260  	var device *Device
  1261  	if jw := b.UnmarshalPayloadJSON().AtPath("body.device"); !jw.IsNil() {
  1262  		if device, err = ParseDevice(jw, b.GetCTime()); err != nil {
  1263  			return
  1264  		}
  1265  	}
  1266  	ret = &RevokeChainLink{b, device}
  1267  	return
  1268  }
  1269  
  1270  func (r *RevokeChainLink) Type() string { return "revoke" }
  1271  
  1272  func (r *RevokeChainLink) ToDisplayString() string {
  1273  	v := r.GetRevocations()
  1274  	list := make([]string, len(v))
  1275  	for i, s := range v {
  1276  		list[i] = s.String()
  1277  	}
  1278  	return strings.Join(list, ",")
  1279  }
  1280  
  1281  func (r *RevokeChainLink) IsRevocationIsh() bool { return true }
  1282  
  1283  func (r *RevokeChainLink) insertIntoTable(tab *IdentityTable) {
  1284  	tab.insertLink(r)
  1285  }
  1286  
  1287  func (r *RevokeChainLink) GetDevice() *Device { return r.device }
  1288  
  1289  //
  1290  // =========================================================================
  1291  
  1292  // =========================================================================
  1293  // SelfSigChainLink
  1294  
  1295  type SelfSigChainLink struct {
  1296  	GenericChainLink
  1297  	device *Device
  1298  }
  1299  
  1300  func (s *SelfSigChainLink) Type() string { return "self" }
  1301  
  1302  func (s *SelfSigChainLink) ToDisplayString() string { return s.unpacked.username }
  1303  
  1304  func (s *SelfSigChainLink) insertIntoTable(tab *IdentityTable) {
  1305  	tab.insertLink(s)
  1306  }
  1307  func (s *SelfSigChainLink) DisplayPriorityKey() string { return s.TableKey() }
  1308  func (s *SelfSigChainLink) TableKey() string           { return "keybase" }
  1309  func (s *SelfSigChainLink) LastWriterWins() bool       { return true }
  1310  func (s *SelfSigChainLink) GetRemoteUsername() string  { return s.GetUsername() }
  1311  func (s *SelfSigChainLink) GetHostname() string        { return "" }
  1312  func (s *SelfSigChainLink) GetProtocol() string        { return "" }
  1313  func (s *SelfSigChainLink) ProofText() string          { return "" }
  1314  
  1315  func (s *SelfSigChainLink) GetPGPFullHash() string { return s.extractPGPFullHash("key") }
  1316  
  1317  func (s *SelfSigChainLink) DisplayCheck(m MetaContext, ui IdentifyUI, lcr LinkCheckResult) error {
  1318  	return nil
  1319  }
  1320  
  1321  func (s *SelfSigChainLink) CheckDataJSON() *jsonw.Wrapper { return nil }
  1322  
  1323  func (s *SelfSigChainLink) ToTrackingStatement(keybase1.ProofState) (*jsonw.Wrapper, error) {
  1324  	return nil, nil
  1325  }
  1326  
  1327  func (s *SelfSigChainLink) ToIDString() string { return s.GetUsername() }
  1328  func (s *SelfSigChainLink) ToKeyValuePair() (string, string) {
  1329  	return s.TableKey(), s.GetUsername()
  1330  }
  1331  
  1332  func (s *SelfSigChainLink) ComputeTrackDiff(tl *TrackLookup) TrackDiff { return nil }
  1333  
  1334  func (s *SelfSigChainLink) GetProofType() keybase1.ProofType { return keybase1.ProofType_KEYBASE }
  1335  
  1336  func (s *SelfSigChainLink) ParseDevice() (err error) {
  1337  	if jw := s.UnmarshalPayloadJSON().AtPath("body.device"); !jw.IsNil() {
  1338  		s.device, err = ParseDevice(jw, s.GetCTime())
  1339  	}
  1340  	return err
  1341  }
  1342  
  1343  func (s *SelfSigChainLink) GetDevice() *Device {
  1344  	return s.device
  1345  }
  1346  
  1347  func ParseSelfSigChainLink(base GenericChainLink) (ret *SelfSigChainLink, err error) {
  1348  	ret = &SelfSigChainLink{base, nil}
  1349  	if err = ret.ParseDevice(); err != nil {
  1350  		ret = nil
  1351  	}
  1352  	return
  1353  }
  1354  
  1355  //
  1356  // =========================================================================
  1357  
  1358  // =========================================================================
  1359  
  1360  type IdentityTable struct {
  1361  	Contextified
  1362  	sigChain         *SigChain
  1363  	revocations      map[keybase1.SigIDMapKey]bool
  1364  	links            map[keybase1.SigIDMapKey]TypedChainLink
  1365  	remoteProofLinks *RemoteProofLinks
  1366  	tracks           map[NormalizedUsername][]*TrackChainLink
  1367  	Order            []TypedChainLink
  1368  	sigHints         *SigHints
  1369  	cryptocurrency   []*CryptocurrencyChainLink
  1370  	stellar          *WalletStellarChainLink
  1371  	checkResult      *CheckResult
  1372  	eldest           keybase1.KID
  1373  	hasStubs         bool
  1374  }
  1375  
  1376  func (idt *IdentityTable) GetActiveProofsFor(st ServiceType) (ret []RemoteProofChainLink) {
  1377  	return idt.remoteProofLinks.ForService(st)
  1378  }
  1379  
  1380  func (idt *IdentityTable) GetTrackMap() map[NormalizedUsername][]*TrackChainLink {
  1381  	return idt.tracks
  1382  }
  1383  
  1384  func (idt *IdentityTable) HasStubs() bool {
  1385  	return idt.hasStubs
  1386  }
  1387  
  1388  func (idt *IdentityTable) insertLink(l TypedChainLink) {
  1389  	idt.links[l.GetSigID().ToMapKey()] = l
  1390  	idt.Order = append(idt.Order, l)
  1391  	for _, rev := range l.GetRevocations() {
  1392  		idt.revocations[rev.ToMapKey()] = true
  1393  		if targ, found := idt.links[rev.ToMapKey()]; !found {
  1394  			idt.G().Log.Warning("Can't revoke signature %s @%s", rev, l.ToDebugString())
  1395  		} else {
  1396  			targ.markRevoked(l)
  1397  		}
  1398  	}
  1399  }
  1400  
  1401  func (idt *IdentityTable) MarkCheckResult(err ProofError) {
  1402  	idt.checkResult = NewNowCheckResult(idt.G(), err)
  1403  }
  1404  
  1405  func NewTypedChainLink(cl *ChainLink) (ret TypedChainLink, w Warning) {
  1406  	if ret = cl.typed; ret != nil {
  1407  		return
  1408  	}
  1409  
  1410  	base := GenericChainLink{cl}
  1411  
  1412  	s, err := cl.UnmarshalPayloadJSON().AtKey("body").AtKey("type").GetString()
  1413  	if len(s) == 0 || err != nil {
  1414  		err = fmt.Errorf("No type in signature @%s", base.ToDebugString())
  1415  	} else {
  1416  		switch s {
  1417  		case string(DelegationTypeEldest):
  1418  			ret, err = ParseEldestChainLink(base)
  1419  		case "web_service_binding":
  1420  			ret, err = ParseWebServiceBinding(base)
  1421  		case "track":
  1422  			ret, err = ParseTrackChainLink(base)
  1423  		case "untrack":
  1424  			ret, err = ParseUntrackChainLink(base)
  1425  		case "cryptocurrency":
  1426  			ret, err = ParseCryptocurrencyChainLink(base)
  1427  		case "revoke":
  1428  			ret, err = ParseRevokeChainLink(base)
  1429  		case string(DelegationTypeSibkey):
  1430  			ret, err = ParseSibkeyChainLink(base)
  1431  		case string(DelegationTypeSubkey):
  1432  			ret, err = ParseSubkeyChainLink(base)
  1433  		case string(DelegationTypePGPUpdate):
  1434  			ret, err = ParsePGPUpdateChainLink(base)
  1435  		case "per_user_key":
  1436  			ret, err = ParsePerUserKeyChainLink(base)
  1437  		case "device":
  1438  			ret, err = ParseDeviceChainLink(base)
  1439  		case string(LinkTypeWalletStellar):
  1440  			ret, err = ParseWalletStellarChainLink(base)
  1441  		case string(LinkTypeWotVouch):
  1442  			ret, err = ParseWotVouch(base)
  1443  		case string(LinkTypeWotReact):
  1444  			ret, err = ParseWotReact(base)
  1445  		default:
  1446  			err = fmt.Errorf("Unknown signature type %s @%s", s, base.ToDebugString())
  1447  		}
  1448  	}
  1449  
  1450  	if err != nil {
  1451  		w = ErrorToWarning(err)
  1452  		ret = &base
  1453  	}
  1454  
  1455  	cl.typed = ret
  1456  
  1457  	// Basically we never fail, since worse comes to worse, we treat
  1458  	// unknown signatures as "generic" and can still display them
  1459  	return ret, w
  1460  }
  1461  
  1462  func NewIdentityTable(m MetaContext, eldest keybase1.KID, sc *SigChain, h *SigHints) (*IdentityTable, error) {
  1463  	ret := &IdentityTable{
  1464  		Contextified:     NewContextified(m.G()),
  1465  		sigChain:         sc,
  1466  		revocations:      make(map[keybase1.SigIDMapKey]bool),
  1467  		links:            make(map[keybase1.SigIDMapKey]TypedChainLink),
  1468  		remoteProofLinks: NewRemoteProofLinks(m.G()),
  1469  		tracks:           make(map[NormalizedUsername][]*TrackChainLink),
  1470  		sigHints:         h,
  1471  		eldest:           eldest,
  1472  	}
  1473  	err := ret.populate(m)
  1474  	return ret, err
  1475  }
  1476  
  1477  func (idt *IdentityTable) populate(m MetaContext) (err error) {
  1478  	defer m.Trace("IdentityTable#populate", &err)()
  1479  
  1480  	var links []*ChainLink
  1481  	if links, err = idt.sigChain.GetCurrentSubchain(m, idt.eldest); err != nil {
  1482  		return err
  1483  	}
  1484  
  1485  	for _, link := range links {
  1486  		isBad, reason, err := link.IsBad()
  1487  		if err != nil {
  1488  			return err
  1489  		}
  1490  		if isBad {
  1491  			m.Debug("Ignoring bad chain link with linkID %s: %s", link.LinkID(), reason)
  1492  			continue
  1493  		}
  1494  		if link.IsStubbed() {
  1495  			idt.hasStubs = true
  1496  			continue
  1497  		}
  1498  
  1499  		tcl, w := NewTypedChainLink(link)
  1500  		if w != nil {
  1501  			w.Warn(idt.G())
  1502  		}
  1503  		// If it's an unknown link type, then it's OK to ignore it
  1504  		if tcl == nil {
  1505  			continue
  1506  		}
  1507  		tcl.insertIntoTable(idt)
  1508  		if link.isOwnNewLinkFromServer {
  1509  			link.isOwnNewLinkFromServer = false
  1510  			tcl.DoOwnNewLinkFromServerNotifications(idt.G())
  1511  		}
  1512  	}
  1513  	return nil
  1514  }
  1515  
  1516  func isProofTypeDefunct(g *GlobalContext, typ keybase1.ProofType) bool {
  1517  	switch typ {
  1518  	case keybase1.ProofType_COINBASE:
  1519  		return true
  1520  	default:
  1521  		return false
  1522  	}
  1523  }
  1524  
  1525  func (idt *IdentityTable) insertRemoteProof(link RemoteProofChainLink) {
  1526  
  1527  	if isProofTypeDefunct(idt.G(), link.GetProofType()) {
  1528  		idt.G().Log.Debug("Ignoring now-defunct proof: %s", link.ToDebugString())
  1529  		return
  1530  	}
  1531  
  1532  	// note that the links in the identity table have no ProofError state.
  1533  	idt.remoteProofLinks.Insert(link, nil)
  1534  }
  1535  
  1536  func (idt *IdentityTable) VerifySelfSig(nun NormalizedUsername, uid keybase1.UID) bool {
  1537  	list := idt.Order
  1538  	ln := len(list)
  1539  	for i := ln - 1; i >= 0; i-- {
  1540  		link := list[i]
  1541  
  1542  		if link.IsRevoked() {
  1543  			continue
  1544  		}
  1545  		if NewNormalizedUsername(link.GetUsername()).Eq(nun) && link.GetUID().Equal(uid) {
  1546  			idt.G().Log.Debug("| Found self-signature for %s @%s", string(nun),
  1547  				link.ToDebugString())
  1548  			return true
  1549  		}
  1550  	}
  1551  	return false
  1552  }
  1553  
  1554  func (idt *IdentityTable) GetTrackList() (ret []*TrackChainLink) {
  1555  	for _, v := range idt.tracks {
  1556  		for i := len(v) - 1; i >= 0; i-- {
  1557  			link := v[i]
  1558  			if !link.IsRevoked() {
  1559  				ret = append(ret, link)
  1560  				break
  1561  			}
  1562  		}
  1563  	}
  1564  	return
  1565  }
  1566  
  1567  func (idt *IdentityTable) TrackChainLinkFor(username NormalizedUsername, uid keybase1.UID) (*TrackChainLink, error) {
  1568  	list, found := idt.tracks[username]
  1569  	if !found {
  1570  		return nil, nil
  1571  	}
  1572  	for i := len(list) - 1; i >= 0; i-- {
  1573  		link := list[i]
  1574  		if link.IsRevoked() {
  1575  			// noop; continue on!
  1576  			continue
  1577  		}
  1578  		uid2, err := link.GetTrackedUID()
  1579  		if err != nil {
  1580  			return nil, fmt.Errorf("Bad tracking statement for %s: %s", username, err)
  1581  		}
  1582  		if uid.NotEqual(uid2) {
  1583  			return nil, fmt.Errorf("Bad UID in tracking statement for %s: %s != %s", username, uid, uid2)
  1584  		}
  1585  		return link, nil
  1586  	}
  1587  	return nil, nil
  1588  }
  1589  
  1590  func (idt *IdentityTable) ActiveCryptocurrency(family CryptocurrencyFamily) *CryptocurrencyChainLink {
  1591  	tab := idt.cryptocurrency
  1592  	for i := len(tab) - 1; i >= 0; i-- {
  1593  		link := tab[i]
  1594  		if link.typ.ToCryptocurrencyFamily() == family {
  1595  			if link.IsRevoked() {
  1596  				return nil
  1597  			}
  1598  			return link
  1599  		}
  1600  	}
  1601  	return nil
  1602  }
  1603  
  1604  func (idt *IdentityTable) AllActiveCryptocurrency() []CryptocurrencyChainLink {
  1605  	var ret []CryptocurrencyChainLink
  1606  	for _, link := range idt.cryptocurrency {
  1607  		if !link.IsRevoked() {
  1608  			ret = append(ret, *link)
  1609  		}
  1610  	}
  1611  	return ret
  1612  }
  1613  
  1614  func (idt *IdentityTable) HasActiveCryptocurrencyFamily(family CryptocurrencyFamily) bool {
  1615  	for _, link := range idt.AllActiveCryptocurrency() {
  1616  		if link.typ.ToCryptocurrencyFamily() == family {
  1617  			return true
  1618  		}
  1619  	}
  1620  	return false
  1621  }
  1622  
  1623  func (idt *IdentityTable) GetRevokedCryptocurrencyForTesting() []CryptocurrencyChainLink {
  1624  	ret := []CryptocurrencyChainLink{}
  1625  	for _, link := range idt.cryptocurrency {
  1626  		if link.IsRevoked() {
  1627  			ret = append(ret, *link)
  1628  		}
  1629  	}
  1630  	return ret
  1631  }
  1632  
  1633  // Return the active stellar public address for a user.
  1634  // Returns nil if there is none or it has not been loaded.
  1635  func (idt *IdentityTable) StellarAccountID() *stellar1.AccountID {
  1636  	// Return the account ID of the latest link with the network set to stellar.
  1637  	if idt.stellar == nil {
  1638  		return nil
  1639  	}
  1640  	link := idt.stellar
  1641  	if link.network == string(WalletNetworkStellar) {
  1642  		// Something should have already validated link.address as a stellar account ID.
  1643  		tmp := stellar1.AccountID(link.address)
  1644  		return &tmp
  1645  	}
  1646  	return nil
  1647  }
  1648  
  1649  func (idt *IdentityTable) Len() int {
  1650  	return len(idt.Order)
  1651  }
  1652  
  1653  type CheckCompletedListener interface {
  1654  	CCLCheckCompleted(lcr *LinkCheckResult)
  1655  }
  1656  
  1657  type IdentifyTableMode int
  1658  
  1659  const (
  1660  	IdentifyTableModePassive IdentifyTableMode = iota
  1661  	IdentifyTableModeActive  IdentifyTableMode = iota
  1662  )
  1663  
  1664  func (idt *IdentityTable) Identify(m MetaContext, is IdentifyState, forceRemoteCheck bool, ui IdentifyUI, ccl CheckCompletedListener, itm IdentifyTableMode) error {
  1665  	errs := make(chan error, len(is.res.ProofChecks))
  1666  	for _, lcr := range is.res.ProofChecks {
  1667  		go func(l *LinkCheckResult) {
  1668  			errs <- idt.identifyActiveProof(m, l, is, forceRemoteCheck, ui, ccl, itm)
  1669  		}(lcr)
  1670  	}
  1671  
  1672  	allAcc := idt.AllActiveCryptocurrency()
  1673  	for _, acc := range allAcc {
  1674  		if err := acc.Display(m, ui); err != nil {
  1675  			return err
  1676  		}
  1677  	}
  1678  
  1679  	if stellar := idt.stellar; stellar != nil {
  1680  		if err := stellar.Display(m, ui); err != nil {
  1681  			return err
  1682  		}
  1683  	}
  1684  
  1685  	for i := 0; i < len(is.res.ProofChecks); i++ {
  1686  		err := <-errs
  1687  		if err != nil {
  1688  			return err
  1689  		}
  1690  	}
  1691  
  1692  	return nil
  1693  }
  1694  
  1695  // =========================================================================
  1696  
  1697  func (idt *IdentityTable) identifyActiveProof(m MetaContext, lcr *LinkCheckResult, is IdentifyState, forceRemoteCheck bool, ui IdentifyUI, ccl CheckCompletedListener, itm IdentifyTableMode) error {
  1698  	idt.proofRemoteCheck(m, is.HasPreviousTrack(), forceRemoteCheck, lcr, itm)
  1699  	if ccl != nil {
  1700  		ccl.CCLCheckCompleted(lcr)
  1701  	}
  1702  	return lcr.link.DisplayCheck(m, ui, *lcr)
  1703  }
  1704  
  1705  type LinkCheckResult struct {
  1706  	hint *SigHint
  1707  	// The client checker fills this in with any knowledge it has about hint
  1708  	// metadata if it is able to derive it without server help. This value is
  1709  	// preferred to the plain old server-trust `hint`
  1710  	verifiedHint         *SigHint
  1711  	cached               *CheckResult
  1712  	err                  ProofError
  1713  	snoozedErr           ProofError
  1714  	diff                 TrackDiff
  1715  	remoteDiff           TrackDiff
  1716  	link                 RemoteProofChainLink
  1717  	trackedProofState    keybase1.ProofState
  1718  	tmpTrackedProofState keybase1.ProofState
  1719  	tmpTrackExpireTime   time.Time
  1720  	position             int
  1721  	torWarning           bool
  1722  }
  1723  
  1724  func (l LinkCheckResult) GetDiff() TrackDiff        { return l.diff }
  1725  func (l LinkCheckResult) GetError() error           { return l.err }
  1726  func (l LinkCheckResult) GetProofError() ProofError { return l.err }
  1727  func (l LinkCheckResult) GetHint() *SigHint {
  1728  	if l.verifiedHint != nil {
  1729  		return l.verifiedHint
  1730  	}
  1731  	return l.hint
  1732  }
  1733  func (l LinkCheckResult) GetCached() *CheckResult       { return l.cached }
  1734  func (l LinkCheckResult) GetPosition() int              { return l.position }
  1735  func (l LinkCheckResult) GetTorWarning() bool           { return l.torWarning }
  1736  func (l LinkCheckResult) GetLink() RemoteProofChainLink { return l.link }
  1737  func (l LinkCheckResult) GetRemoteDiff() TrackDiff      { return l.remoteDiff }
  1738  
  1739  // ComputeRemoteDiff takes as input three tracking results: the permanent track,
  1740  // the local temporary track, and the one it observed remotely. It favors the
  1741  // permanent track but will roll back to the temporary track if needs be.
  1742  func (idt *IdentityTable) ComputeRemoteDiff(tracked, trackedTmp, observed keybase1.ProofState) (ret TrackDiff) {
  1743  	idt.G().Log.Debug("+ ComputeRemoteDiff(%v,%v,%v)", tracked, trackedTmp, observed)
  1744  	if observed == tracked {
  1745  		ret = TrackDiffNone{}
  1746  	} else if observed == trackedTmp {
  1747  		ret = TrackDiffNoneViaTemporary{}
  1748  	} else if observed == keybase1.ProofState_OK {
  1749  		ret = TrackDiffRemoteWorking{tracked}
  1750  	} else if tracked == keybase1.ProofState_OK {
  1751  		ret = TrackDiffRemoteFail{observed}
  1752  	} else {
  1753  		ret = TrackDiffRemoteChanged{tracked, observed}
  1754  	}
  1755  	idt.G().Log.Debug("- ComputeRemoteDiff(%v,%v,%v) -> (%+v,(%T))", tracked, trackedTmp, observed, ret, ret)
  1756  	return ret
  1757  }
  1758  
  1759  func (idt *IdentityTable) proofRemoteCheck(m MetaContext, hasPreviousTrack, forceRemoteCheck bool, res *LinkCheckResult, itm IdentifyTableMode) {
  1760  	p := res.link
  1761  
  1762  	m.Debug("+ RemoteCheckProof %s", p.ToDebugString())
  1763  	doCache := false
  1764  	pvlHashUsed := keybase1.MerkleStoreKitHash("")
  1765  	sid := p.GetSigID()
  1766  
  1767  	defer func() {
  1768  
  1769  		if hasPreviousTrack {
  1770  			observedProofState := ProofErrorToState(res.err)
  1771  			res.remoteDiff = idt.ComputeRemoteDiff(res.trackedProofState, res.tmpTrackedProofState, observedProofState)
  1772  
  1773  			// If the remote diff only worked out because of the temporary track, then
  1774  			// also update the local diff (i.e., the difference between what we tracked
  1775  			// and what Keybase is saying) accordingly.
  1776  			if _, ok := res.remoteDiff.(TrackDiffNoneViaTemporary); ok {
  1777  				res.diff = res.remoteDiff
  1778  			}
  1779  		}
  1780  
  1781  		if doCache {
  1782  			m.Debug("| Caching results under key=%s pvlHash=%s", sid, pvlHashUsed)
  1783  			if cacheErr := idt.G().ProofCache.Put(sid, res, pvlHashUsed); cacheErr != nil {
  1784  				m.Warning("proof cache put error: %s", cacheErr)
  1785  			}
  1786  		}
  1787  
  1788  		m.Debug("- RemoteCheckProof %s", p.ToDebugString())
  1789  	}()
  1790  
  1791  	pvlSource := idt.G().GetPvlSource()
  1792  	if pvlSource == nil {
  1793  		res.err = NewProofError(keybase1.ProofStatus_MISSING_PVL, "no pvl source for proof verification")
  1794  		return
  1795  	}
  1796  	pvlU, err := pvlSource.GetLatestEntry(m)
  1797  	if err != nil {
  1798  		res.err = NewProofError(keybase1.ProofStatus_MISSING_PVL, "error getting pvl: %s", err)
  1799  		return
  1800  	}
  1801  	pvlHashUsed = pvlU.Hash
  1802  
  1803  	res.hint = idt.sigHints.Lookup(sid)
  1804  	if res.hint == nil {
  1805  		res.err = NewProofError(keybase1.ProofStatus_NO_HINT, "No server-given hint for sig=%s", sid)
  1806  		return
  1807  	}
  1808  
  1809  	var pc ProofChecker
  1810  
  1811  	// Call the Global context's version of what a proof checker is. We might want to stub it out
  1812  	// for the purposes of testing.
  1813  	pc, res.err = MakeProofChecker(m, m.G().GetProofServices(), p)
  1814  
  1815  	if res.err != nil || pc == nil {
  1816  		return
  1817  	}
  1818  
  1819  	if m.G().Env.GetTorMode().Enabled() {
  1820  		if e := pc.GetTorError(); e != nil {
  1821  			res.torWarning = true
  1822  		}
  1823  	}
  1824  
  1825  	if !forceRemoteCheck {
  1826  		res.cached = m.G().ProofCache.Get(sid, pvlU.Hash)
  1827  		m.Debug("| Proof cache lookup for %s: %+v", sid, res.cached)
  1828  		if res.cached != nil && res.cached.Freshness() == keybase1.CheckResultFreshness_FRESH {
  1829  			res.err = res.cached.Status
  1830  			res.verifiedHint = res.cached.VerifiedHint
  1831  			m.Debug("| Early exit after proofCache hit for %s", sid)
  1832  			return
  1833  		}
  1834  	}
  1835  
  1836  	// From this point on in the function, we'll be putting our results into
  1837  	// cache (in the defer above).
  1838  	doCache = true
  1839  
  1840  	// ProofCheckerModeActive or Passive mainly decides whether we need to reach out to
  1841  	// self-hosted services. We want to avoid so doing when the user is acting passively
  1842  	// (such as when receiving a message).
  1843  	pcm := ProofCheckerModePassive
  1844  	if (hasPreviousTrack && res.trackedProofState != keybase1.ProofState_NONE && res.trackedProofState != keybase1.ProofState_UNCHECKED) || itm == IdentifyTableModeActive {
  1845  		pcm = ProofCheckerModeActive
  1846  	}
  1847  	var hint SigHint
  1848  	if res.hint != nil {
  1849  		hint = *res.hint
  1850  	}
  1851  	res.verifiedHint, res.err = pc.CheckStatus(m, hint, pcm, pvlU)
  1852  
  1853  	// If no error than all good
  1854  	if res.err == nil {
  1855  		return
  1856  	}
  1857  
  1858  	// If the error was soft, and we had a cached successful result that wasn't rancid,
  1859  	// then it's OK to stifle the error message for now.  We just have to be certain
  1860  	// not to cache it.
  1861  	if ProofErrorIsSoft(res.err) && res.cached != nil && res.cached.Status == nil &&
  1862  		res.cached.Freshness() != keybase1.CheckResultFreshness_RANCID {
  1863  		m.Debug("| Got soft error (%s) but returning success (last seen at %s)",
  1864  			res.err.Error(), res.cached.Time)
  1865  		res.snoozedErr = res.err
  1866  		res.err = nil
  1867  		doCache = false
  1868  		return
  1869  	}
  1870  
  1871  	m.Debug("| Check status (%s) failed with error: %s", p.ToDebugString(), res.err.Error())
  1872  }
  1873  
  1874  // VerifyReverseSig checks reverse signature using the key provided.
  1875  // does not modify `payload`.
  1876  // `path` is the path to the reverse sig spot to null before checking.
  1877  func VerifyReverseSig(g *GlobalContext, key GenericKey, path string, payload *jsonw.Wrapper, reverseSig string) (err error) {
  1878  	var p1, p2 []byte
  1879  	if p1, _, err = key.VerifyStringAndExtract(g.Log, reverseSig); err != nil {
  1880  		err = ReverseSigError{fmt.Sprintf("Failed to verify/extract sig: %s", err)}
  1881  		return err
  1882  	}
  1883  
  1884  	if p1, err = jsonw.Canonicalize(p1); err != nil {
  1885  		err = ReverseSigError{fmt.Sprintf("Failed to canonicalize json: %s", err)}
  1886  		return err
  1887  	}
  1888  
  1889  	// Make a deep copy. It's dangerous to try to mutate this thing
  1890  	// since other goroutines might be accessing it at the same time.
  1891  	var jsonCopy *jsonw.Wrapper
  1892  	if jsonCopy, err = makeDeepCopy(payload); err != nil {
  1893  		err = ReverseSigError{fmt.Sprintf("Failed to copy payload json: %s", err)}
  1894  		return err
  1895  	}
  1896  
  1897  	err = jsonCopy.SetValueAtPath(path, jsonw.NewNil())
  1898  	if err != nil {
  1899  		return err
  1900  	}
  1901  	if p2, err = jsonCopy.Marshal(); err != nil {
  1902  		err = ReverseSigError{fmt.Sprintf("Can't remarshal JSON statement: %s", err)}
  1903  		return err
  1904  	}
  1905  
  1906  	eq := FastByteArrayEq(p1, p2)
  1907  
  1908  	if !eq {
  1909  		err = ReverseSigError{fmt.Sprintf("JSON mismatch: %s != %s",
  1910  			string(p1), string(p2))}
  1911  		return err
  1912  	}
  1913  	return nil
  1914  }