github.com/keybase/client/go@v0.0.0-20241007131713-f10651d043c8/libkb/merkle_reset_chain.go (about) 1 package libkb 2 3 import ( 4 sha512 "crypto/sha512" 5 json "encoding/json" 6 fmt "fmt" 7 8 keybase1 "github.com/keybase/client/go/protocol/keybase1" 9 jsonw "github.com/keybase/go-jsonw" 10 ) 11 12 type resetLinkAndHash struct { 13 link keybase1.ResetLink 14 hash keybase1.SHA512 15 } 16 17 type unverifiedResetChain []resetLinkAndHash 18 19 func importResetLinkAndHash(s string) (ret *resetLinkAndHash, err error) { 20 b := []byte(s) 21 hash := sha512.Sum512(b) 22 var link keybase1.ResetLink 23 err = json.Unmarshal(b, &link) 24 if err != nil { 25 return nil, err 26 } 27 ret = &resetLinkAndHash{ 28 hash: hash[:], 29 link: link, 30 } 31 return ret, nil 32 } 33 34 func importResetChainFromServer(m MetaContext, jw *jsonw.Wrapper) (urc unverifiedResetChain, err error) { 35 defer m.VTrace(VLog1, "importResetChainFromServer", &err)() 36 if jw == nil || jw.IsNil() { 37 return nil, nil 38 } 39 var ret unverifiedResetChain 40 chainLen, err := jw.Len() 41 if err != nil { 42 return nil, err 43 } 44 for i := 0; i < chainLen; i++ { 45 s, err := jw.AtIndex(i).GetString() 46 if err != nil { 47 return nil, err 48 } 49 link, err := importResetLinkAndHash(s) 50 if err != nil { 51 return nil, err 52 } 53 ret = append(ret, *link) 54 } 55 return ret, nil 56 } 57 58 func parseV2LeafResetChainTail(jw *jsonw.Wrapper) (*MerkleResets, error) { 59 if jw == nil || jw.IsNil() { 60 return nil, nil 61 } 62 l, err := jw.Len() 63 if err != nil { 64 return nil, err 65 } 66 if l == 0 { 67 return nil, nil 68 } 69 if l != 2 { 70 return nil, MerkleClientError{m: "bad reset chain tail; expecting 2 items", t: merkleErrorBadResetChain} 71 } 72 var ct MerkleResetChainTail 73 if err := jw.AtIndex(0).UnmarshalAgain(&ct.Seqno); err != nil { 74 return nil, err 75 } 76 if err := jw.AtIndex(1).UnmarshalAgain(&ct.Hash); err != nil { 77 return nil, err 78 } 79 ret := &MerkleResets{chainTail: ct} 80 return ret, nil 81 } 82 83 type MerkleResetChainTail struct { 84 Seqno keybase1.Seqno 85 Hash keybase1.SHA512 86 } 87 88 type MerkleResets struct { 89 chainTail MerkleResetChainTail 90 chain []keybase1.ResetLink 91 } 92 93 func (mr *MerkleResets) verifyAndLoad(m MetaContext, urc unverifiedResetChain) (err error) { 94 95 // Don't even bother to do a CVTrace if the user hasn't reset at all 96 if mr == nil { 97 return nil 98 } 99 100 defer m.VTrace(VLog1, "MerkleResets#verifyAndLoad", &err)() 101 102 mkerr := func(f string, a ...interface{}) error { 103 return MerkleClientError{m: fmt.Sprintf(f, a...), t: merkleErrorBadResetChain} 104 } 105 106 hashEq := func(a, b keybase1.SHA512) bool { 107 if a == nil || b == nil { 108 return (a == nil && b == nil) 109 } 110 return a.Eq(b) 111 } 112 113 if int(mr.chainTail.Seqno) != len(urc) { 114 err = mkerr("bad reset chain length: %d != %d", int(mr.chainTail.Seqno), len(urc)) 115 return err 116 } 117 118 // Verify the chain starting at the tail and going to the front. 119 curr := mr.chainTail.Hash 120 last := true 121 foundDelete := false 122 lastWasDelete := false 123 124 for i := len(urc) - 1; i >= 0; i-- { 125 resetSeqno := i + 1 126 link := urc[i].link 127 hash := urc[i].hash 128 if !hashEq(curr, hash) { 129 err = mkerr("hash chain mismatch at seqno %d", resetSeqno) 130 return err 131 } 132 if int(link.ResetSeqno) != resetSeqno { 133 err = mkerr("wrong seqno at seqno %d", resetSeqno) 134 return err 135 } 136 if link.Type == keybase1.ResetType_DELETE { 137 if last { 138 lastWasDelete = true 139 } 140 foundDelete = true 141 } 142 curr = link.Prev.Reset 143 last = false 144 } 145 146 // NOTE(max) 2018-03-19 147 // We should have checked that deletes were only visible at the end of the reset chain. 148 // However, there was a bug in the migrate script, and if you had an account that did 149 // several resets and then a delete, all were marked as deletes! This check isn't ideal, but 150 // it's good enough -- we just want to make sure that a delete is indeed a tombstone, 151 // and that if there are any deletes in the chain, then the last must be a delete. 152 if foundDelete && !lastWasDelete { 153 err = mkerr("found a delete that didn't tombstone the user") 154 return err 155 } 156 157 if curr != nil { 158 err = mkerr("expected first link in reset chain to have a null prev") 159 return err 160 } 161 162 // It all verified, now load it up, going front to back. 163 for _, e := range urc { 164 mr.chain = append(mr.chain, e.link) 165 } 166 167 return nil 168 }