capnproto-rust icon indicating copy to clipboard operation
capnproto-rust copied to clipboard

Published 20 hours ago verified publisher icon capnproto

Canonicalize message on receive

Open sanderpick opened this issue 2 years ago • 5 comments

We have a client written in Go that is sending a struct and a signature to a server that uses capnproto-rust:

interface Publication {
	push @0 (tx :Tx, signature :Data);
}

In order to create the signature, we're doing something like this in Go:

func (s *Streamer) sign(tx streamercapnp.Tx) ([]byte, error) {
	bytes, err := capnp.Canonicalize(tx.ToPtr().Struct())
	if err != nil {
		return []byte{}, fmt.Errorf("canonicalize: %s", err)
	}

	hash := sha256.Sum256(bytes)
	signature, err := crypto.Sign(hash[:], s.privateKey)
	if err != nil {
		return []byte{}, fmt.Errorf("sign: %s", err)
	}

	return signature, nil
}

Now, on the Rust side we need to verify the signature. My thought was that we'd need to canonicalize Tx to get the signature payload. I see canonicalize test (https://github.com/capnproto/capnproto-rust/blob/master/capnp/tests/canonicalize.rs), but having a hard time understanding how I can do that in the server's push implementation. eg,

fn push(
    &mut self,
    params: publication::PushParams,
    mut results: publication::PushResults,
) -> Promise<(), Error> {
    let args = pry!(params.get());
    let txn = args.get_tx().unwrap();
    let sig = args.get_signature().unwrap();

    // how to get canonical Tx raw bytes? 
    
    Promise::ok(())
}

Thank you!

sanderpick avatar Aug 24 '23 18:08 sanderpick

The usual thing is to use the message::Reader::canonicalize() method: https://github.com/capnproto/capnproto-rust/blob/c702d16dd9c8b5acdf2ae8937c954171fb164d49/capnp/src/message.rs#L286-L297

But that only works if your data-to-canonicalize is the root struct of a message::Reader, which is not the case for you.

You need to do something like this:

        let size = txn.total_size()?.word_count;
        let mut message = capnp::message::Builder::new(capnp::message::HeapAllocator::new().first_segment_words(size as u32));
        message.set_root_canonical(root)?;
        let output_segments = message.get_segments_for_output();
        assert_eq!(1, output_segments.len());
        let output = output_segments[0];
        assert!((output.len() / BYTES_PER_WORD) as u64 <= size);
        let mut result = crate::Word::allocate_zeroed_vec(output.len() / BYTES_PER_WORD);
        crate::Word::words_to_bytes_mut(&mut result[..]).copy_from_slice(output);

Probably we should add a function to the capnp crate that does this.

dwrensha avatar Aug 24 '23 20:08 dwrensha

Thanks for the quick reply!

In my case, message.set_root_canonical(root)?; would be message.set_root_canonical(txn)?;? I get a panic with that at this assert: https://github.com/capnproto/capnproto-rust/blob/master/capnp/src/message.rs#L507. There are 2 segments, not 1. Perhaps an issue with the client. We are using SingleSegment to build Tx on the Go side.

sanderpick avatar Aug 24 '23 20:08 sanderpick

In my case, message.set_root_canonical(root)?; would be message.set_root_canonical(txn)?;? yes.

I get a panic with that at this assert:

What if you do

let size = txn.total_size()?.word_count + 1;

instead?

I thought that maybe the + 1 from canonicalize wasn't needed, but maybe it is.

dwrensha avatar Aug 24 '23 20:08 dwrensha

That works! Thank you :beers: Happy to try a PR for a built-in method if you want.

sanderpick avatar Aug 24 '23 21:08 sanderpick

Happy to try a PR for a built-in method if you want.

Up to you. I don't intend to implement it myself in the near future.

dwrensha avatar Aug 24 '23 21:08 dwrensha