From 27aef01ba665a14924ece95d5ef4674e3945ef7e Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 13 Sep 2016 21:10:16 -0400 Subject: eliminate half the bloom filters, using HMAC to verify RequestIDs Simplifies code, uses less memory, and don't need to protect against flooding generation of RequestIDs, since the server does not store them at all. Note that the RequestIDSecret is only stored in ram, so restarting the server will invalidate any RequestIds given out before. It would be possible now to store that on disk to avoid that problem, but probably not worth it. --- HTTP.hs | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'HTTP.hs') diff --git a/HTTP.hs b/HTTP.hs index e5e4d85..70d857d 100644 --- a/HTTP.hs +++ b/HTTP.hs @@ -59,6 +59,8 @@ instance ToJSON t => ToJSON (POWGuarded t) instance FromJSON t => FromJSON (POWGuarded t) instance ToJSON ProofOfWorkRequirement instance FromJSON ProofOfWorkRequirement +instance ToJSON RequestID +instance FromJSON RequestID instance ToJSON RandomSalt instance FromJSON RandomSalt @@ -85,12 +87,19 @@ instance FromJSON StorableObject where -- ProofOfWork contains an arbitrary bytestring and is base64 encoded in -- the query string. instance ToHttpApiData ProofOfWork where - toUrlPiece (ProofOfWork b (RandomSalt s)) = s <> ":" <> b64 b + toUrlPiece (ProofOfWork b rid) = + fromRandomSalt (randomSalt rid) + <> ":" <> requestHMAC rid + <> ":" <> b64 b instance FromHttpApiData ProofOfWork where parseUrlPiece t = do - let (s, rest) = T.break (/= ':') t - b <- unb64 (T.drop 1 rest) - return (ProofOfWork b (RandomSalt s)) + let (salt, rest) = T.break (/= ':') t + let (hmac, rest') = T.break (/= ':') rest + b <- unb64 (T.drop 1 rest') + return $ ProofOfWork b $ RequestID + { randomSalt = RandomSalt salt + , requestHMAC = hmac + } b64 :: B.ByteString -> Text b64 v = T.decodeUtf8 $ Raaz.toByteString (Raaz.encode v :: Raaz.Base64) -- cgit v1.2.3