crypto Wrap/Unwrap
This commit is contained in:
parent
eaeb547938
commit
34965f610d
4
peer.go
4
peer.go
|
@ -7,9 +7,9 @@ import (
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
cmn "github.com/tendermint/tmlibs/common"
|
|
||||||
crypto "github.com/tendermint/go-crypto"
|
crypto "github.com/tendermint/go-crypto"
|
||||||
wire "github.com/tendermint/go-wire"
|
wire "github.com/tendermint/go-wire"
|
||||||
|
cmn "github.com/tendermint/tmlibs/common"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Peer could be marked as persistent, in which case you can use
|
// Peer could be marked as persistent, in which case you can use
|
||||||
|
@ -166,7 +166,7 @@ func (p *Peer) HandshakeTimeout(ourNodeInfo *NodeInfo, timeout time.Duration) er
|
||||||
|
|
||||||
if p.config.AuthEnc {
|
if p.config.AuthEnc {
|
||||||
// Check that the professed PubKey matches the sconn's.
|
// Check that the professed PubKey matches the sconn's.
|
||||||
if !peerNodeInfo.PubKey.Equals(p.PubKey()) {
|
if !peerNodeInfo.PubKey.Equals(p.PubKey().Wrap()) {
|
||||||
return fmt.Errorf("Ignoring connection with unmatching pubkey: %v vs %v",
|
return fmt.Errorf("Ignoring connection with unmatching pubkey: %v vs %v",
|
||||||
peerNodeInfo.PubKey, p.PubKey())
|
peerNodeInfo.PubKey, p.PubKey())
|
||||||
}
|
}
|
||||||
|
|
|
@ -87,7 +87,7 @@ func createOutboundPeerAndPerformHandshake(addr *NetAddress, config *PeerConfig)
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
err = p.HandshakeTimeout(&NodeInfo{
|
err = p.HandshakeTimeout(&NodeInfo{
|
||||||
PubKey: pk.PubKey().(crypto.PubKeyEd25519),
|
PubKey: pk.PubKey().Unwrap().(crypto.PubKeyEd25519),
|
||||||
Moniker: "host_peer",
|
Moniker: "host_peer",
|
||||||
Network: "testing",
|
Network: "testing",
|
||||||
Version: "123.123.123",
|
Version: "123.123.123",
|
||||||
|
@ -110,7 +110,7 @@ func (p *remotePeer) Addr() *NetAddress {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *remotePeer) PubKey() crypto.PubKeyEd25519 {
|
func (p *remotePeer) PubKey() crypto.PubKeyEd25519 {
|
||||||
return p.PrivKey.PubKey().(crypto.PubKeyEd25519)
|
return p.PrivKey.PubKey().Unwrap().(crypto.PubKeyEd25519)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *remotePeer) Start() {
|
func (p *remotePeer) Start() {
|
||||||
|
@ -138,7 +138,7 @@ func (p *remotePeer) accept(l net.Listener) {
|
||||||
golog.Fatalf("Failed to create a peer: %+v", err)
|
golog.Fatalf("Failed to create a peer: %+v", err)
|
||||||
}
|
}
|
||||||
err = peer.HandshakeTimeout(&NodeInfo{
|
err = peer.HandshakeTimeout(&NodeInfo{
|
||||||
PubKey: p.PrivKey.PubKey().(crypto.PubKeyEd25519),
|
PubKey: p.PrivKey.PubKey().Unwrap().(crypto.PubKeyEd25519),
|
||||||
Moniker: "remote_peer",
|
Moniker: "remote_peer",
|
||||||
Network: "testing",
|
Network: "testing",
|
||||||
Version: "123.123.123",
|
Version: "123.123.123",
|
||||||
|
|
|
@ -20,9 +20,9 @@ import (
|
||||||
"golang.org/x/crypto/nacl/secretbox"
|
"golang.org/x/crypto/nacl/secretbox"
|
||||||
"golang.org/x/crypto/ripemd160"
|
"golang.org/x/crypto/ripemd160"
|
||||||
|
|
||||||
. "github.com/tendermint/tmlibs/common"
|
|
||||||
"github.com/tendermint/go-crypto"
|
"github.com/tendermint/go-crypto"
|
||||||
"github.com/tendermint/go-wire"
|
"github.com/tendermint/go-wire"
|
||||||
|
. "github.com/tendermint/tmlibs/common"
|
||||||
)
|
)
|
||||||
|
|
||||||
// 2 + 1024 == 1026 total frame size
|
// 2 + 1024 == 1026 total frame size
|
||||||
|
@ -48,7 +48,7 @@ type SecretConnection struct {
|
||||||
// See docs/sts-final.pdf for more information.
|
// See docs/sts-final.pdf for more information.
|
||||||
func MakeSecretConnection(conn io.ReadWriteCloser, locPrivKey crypto.PrivKeyEd25519) (*SecretConnection, error) {
|
func MakeSecretConnection(conn io.ReadWriteCloser, locPrivKey crypto.PrivKeyEd25519) (*SecretConnection, error) {
|
||||||
|
|
||||||
locPubKey := locPrivKey.PubKey().(crypto.PubKeyEd25519)
|
locPubKey := locPrivKey.PubKey().Unwrap().(crypto.PubKeyEd25519)
|
||||||
|
|
||||||
// Generate ephemeral keys for perfect forward secrecy.
|
// Generate ephemeral keys for perfect forward secrecy.
|
||||||
locEphPub, locEphPriv := genEphKeys()
|
locEphPub, locEphPriv := genEphKeys()
|
||||||
|
@ -96,7 +96,7 @@ func MakeSecretConnection(conn io.ReadWriteCloser, locPrivKey crypto.PrivKeyEd25
|
||||||
}
|
}
|
||||||
|
|
||||||
// We've authorized.
|
// We've authorized.
|
||||||
sc.remPubKey = remPubKey.(crypto.PubKeyEd25519)
|
sc.remPubKey = remPubKey.Unwrap().(crypto.PubKeyEd25519)
|
||||||
return sc, nil
|
return sc, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -255,7 +255,7 @@ func genChallenge(loPubKey, hiPubKey *[32]byte) (challenge *[32]byte) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func signChallenge(challenge *[32]byte, locPrivKey crypto.PrivKeyEd25519) (signature crypto.SignatureEd25519) {
|
func signChallenge(challenge *[32]byte, locPrivKey crypto.PrivKeyEd25519) (signature crypto.SignatureEd25519) {
|
||||||
signature = locPrivKey.Sign(challenge[:]).(crypto.SignatureEd25519)
|
signature = locPrivKey.Sign(challenge[:]).Unwrap().(crypto.SignatureEd25519)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -270,7 +270,7 @@ func shareAuthSignature(sc *SecretConnection, pubKey crypto.PubKeyEd25519, signa
|
||||||
|
|
||||||
Parallel(
|
Parallel(
|
||||||
func() {
|
func() {
|
||||||
msgBytes := wire.BinaryBytes(authSigMessage{pubKey, signature})
|
msgBytes := wire.BinaryBytes(authSigMessage{pubKey.Wrap(), signature.Wrap()})
|
||||||
_, err1 = sc.Write(msgBytes)
|
_, err1 = sc.Write(msgBytes)
|
||||||
},
|
},
|
||||||
func() {
|
func() {
|
||||||
|
@ -294,7 +294,7 @@ func shareAuthSignature(sc *SecretConnection, pubKey crypto.PubKeyEd25519, signa
|
||||||
}
|
}
|
||||||
|
|
||||||
func verifyChallengeSignature(challenge *[32]byte, remPubKey crypto.PubKeyEd25519, remSignature crypto.SignatureEd25519) bool {
|
func verifyChallengeSignature(challenge *[32]byte, remPubKey crypto.PubKeyEd25519, remSignature crypto.SignatureEd25519) bool {
|
||||||
return remPubKey.VerifyBytes(challenge[:], remSignature)
|
return remPubKey.VerifyBytes(challenge[:], remSignature.Wrap())
|
||||||
}
|
}
|
||||||
|
|
||||||
//--------------------------------------------------------------------------------
|
//--------------------------------------------------------------------------------
|
||||||
|
|
|
@ -5,8 +5,8 @@ import (
|
||||||
"io"
|
"io"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
. "github.com/tendermint/tmlibs/common"
|
|
||||||
"github.com/tendermint/go-crypto"
|
"github.com/tendermint/go-crypto"
|
||||||
|
. "github.com/tendermint/tmlibs/common"
|
||||||
)
|
)
|
||||||
|
|
||||||
type dummyConn struct {
|
type dummyConn struct {
|
||||||
|
@ -33,9 +33,9 @@ func makeDummyConnPair() (fooConn, barConn dummyConn) {
|
||||||
func makeSecretConnPair(tb testing.TB) (fooSecConn, barSecConn *SecretConnection) {
|
func makeSecretConnPair(tb testing.TB) (fooSecConn, barSecConn *SecretConnection) {
|
||||||
fooConn, barConn := makeDummyConnPair()
|
fooConn, barConn := makeDummyConnPair()
|
||||||
fooPrvKey := crypto.GenPrivKeyEd25519()
|
fooPrvKey := crypto.GenPrivKeyEd25519()
|
||||||
fooPubKey := fooPrvKey.PubKey().(crypto.PubKeyEd25519)
|
fooPubKey := fooPrvKey.PubKey().Unwrap().(crypto.PubKeyEd25519)
|
||||||
barPrvKey := crypto.GenPrivKeyEd25519()
|
barPrvKey := crypto.GenPrivKeyEd25519()
|
||||||
barPubKey := barPrvKey.PubKey().(crypto.PubKeyEd25519)
|
barPubKey := barPrvKey.PubKey().Unwrap().(crypto.PubKeyEd25519)
|
||||||
|
|
||||||
Parallel(
|
Parallel(
|
||||||
func() {
|
func() {
|
||||||
|
|
|
@ -7,10 +7,10 @@ import (
|
||||||
"net"
|
"net"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
. "github.com/tendermint/tmlibs/common"
|
|
||||||
cfg "github.com/tendermint/go-config"
|
cfg "github.com/tendermint/go-config"
|
||||||
crypto "github.com/tendermint/go-crypto"
|
crypto "github.com/tendermint/go-crypto"
|
||||||
"github.com/tendermint/log15"
|
"github.com/tendermint/log15"
|
||||||
|
. "github.com/tendermint/tmlibs/common"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -154,7 +154,7 @@ func (sw *Switch) NodeInfo() *NodeInfo {
|
||||||
func (sw *Switch) SetNodePrivKey(nodePrivKey crypto.PrivKeyEd25519) {
|
func (sw *Switch) SetNodePrivKey(nodePrivKey crypto.PrivKeyEd25519) {
|
||||||
sw.nodePrivKey = nodePrivKey
|
sw.nodePrivKey = nodePrivKey
|
||||||
if sw.nodeInfo != nil {
|
if sw.nodeInfo != nil {
|
||||||
sw.nodeInfo.PubKey = nodePrivKey.PubKey().(crypto.PubKeyEd25519)
|
sw.nodeInfo.PubKey = nodePrivKey.PubKey().Unwrap().(crypto.PubKeyEd25519)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -213,7 +213,7 @@ func (sw *Switch) AddPeer(peer *Peer) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Avoid self
|
// Avoid self
|
||||||
if sw.nodeInfo.PubKey.Equals(peer.PubKey()) {
|
if sw.nodeInfo.PubKey.Equals(peer.PubKey().Wrap()) {
|
||||||
return errors.New("Ignoring connection from self")
|
return errors.New("Ignoring connection from self")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -531,7 +531,7 @@ func makeSwitch(i int, network, version string, initSwitch func(int, *Switch) *S
|
||||||
// TODO: let the config be passed in?
|
// TODO: let the config be passed in?
|
||||||
s := initSwitch(i, NewSwitch(cfg.NewMapConfig(nil)))
|
s := initSwitch(i, NewSwitch(cfg.NewMapConfig(nil)))
|
||||||
s.SetNodeInfo(&NodeInfo{
|
s.SetNodeInfo(&NodeInfo{
|
||||||
PubKey: privKey.PubKey().(crypto.PubKeyEd25519),
|
PubKey: privKey.PubKey().Unwrap().(crypto.PubKeyEd25519),
|
||||||
Moniker: Fmt("switch%d", i),
|
Moniker: Fmt("switch%d", i),
|
||||||
Network: network,
|
Network: network,
|
||||||
Version: version,
|
Version: version,
|
||||||
|
|
Loading…
Reference in New Issue