mirror of
https://github.com/cwinfo/yggdrasil-go.git
synced 2024-11-23 03:11:35 +00:00
Fix #413 by always generating public keys from private ones instead of trusting public keys supplied by config
This commit is contained in:
parent
a5152f1d44
commit
145a43e5f0
@ -15,6 +15,7 @@ import (
|
|||||||
"crypto/sha512"
|
"crypto/sha512"
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
|
|
||||||
|
"golang.org/x/crypto/curve25519"
|
||||||
"golang.org/x/crypto/ed25519"
|
"golang.org/x/crypto/ed25519"
|
||||||
"golang.org/x/crypto/nacl/box"
|
"golang.org/x/crypto/nacl/box"
|
||||||
|
|
||||||
@ -124,6 +125,15 @@ func Verify(pub *SigPubKey, msg []byte, sig *SigBytes) bool {
|
|||||||
return ed25519.Verify(pub[:], msg, sig[:])
|
return ed25519.Verify(pub[:], msg, sig[:])
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (p SigPrivKey) Public() SigPubKey {
|
||||||
|
priv := make(ed25519.PrivateKey, ed25519.PrivateKeySize)
|
||||||
|
copy(priv[:], p[:])
|
||||||
|
pub := priv.Public().(ed25519.PublicKey)
|
||||||
|
var sigPub SigPubKey
|
||||||
|
copy(sigPub[:], pub[:])
|
||||||
|
return sigPub
|
||||||
|
}
|
||||||
|
|
||||||
////////////////////////////////////////////////////////////////////////////////
|
////////////////////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
// NaCl-like crypto "box" (curve25519+xsalsa20+poly1305)
|
// NaCl-like crypto "box" (curve25519+xsalsa20+poly1305)
|
||||||
@ -204,6 +214,14 @@ func (n *BoxNonce) Increment() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (p BoxPrivKey) Public() BoxPubKey {
|
||||||
|
var boxPub [BoxPubKeyLen]byte
|
||||||
|
var boxPriv [BoxPrivKeyLen]byte
|
||||||
|
copy(boxPriv[:BoxPrivKeyLen], p[:BoxPrivKeyLen])
|
||||||
|
curve25519.ScalarBaseMult(&boxPub, &boxPriv)
|
||||||
|
return boxPub
|
||||||
|
}
|
||||||
|
|
||||||
// Used to subtract one nonce from another, staying in the range +- 64.
|
// Used to subtract one nonce from another, staying in the range +- 64.
|
||||||
// This is used by the nonce progression machinery to advance the bitmask of recently received packets (indexed by nonce), or to check the appropriate bit of the bitmask.
|
// This is used by the nonce progression machinery to advance the bitmask of recently received packets (indexed by nonce), or to check the appropriate bit of the bitmask.
|
||||||
// It's basically part of the machinery that prevents replays and duplicate packets.
|
// It's basically part of the machinery that prevents replays and duplicate packets.
|
||||||
|
@ -2,6 +2,7 @@ package yggdrasil
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
|
"errors"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
@ -46,28 +47,37 @@ func (c *Core) init() error {
|
|||||||
|
|
||||||
current, _ := c.config.Get()
|
current, _ := c.config.Get()
|
||||||
|
|
||||||
boxPubHex, err := hex.DecodeString(current.EncryptionPublicKey)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
boxPrivHex, err := hex.DecodeString(current.EncryptionPrivateKey)
|
boxPrivHex, err := hex.DecodeString(current.EncryptionPrivateKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
sigPubHex, err := hex.DecodeString(current.SigningPublicKey)
|
if len(boxPrivHex) < crypto.BoxPrivKeyLen {
|
||||||
if err != nil {
|
return errors.New("EncryptionPrivateKey is incorrect length")
|
||||||
return err
|
|
||||||
}
|
}
|
||||||
|
|
||||||
sigPrivHex, err := hex.DecodeString(current.SigningPrivateKey)
|
sigPrivHex, err := hex.DecodeString(current.SigningPrivateKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
if len(sigPrivHex) < crypto.SigPrivKeyLen {
|
||||||
|
return errors.New("SigningPrivateKey is incorrect length")
|
||||||
|
}
|
||||||
|
|
||||||
copy(c.boxPub[:], boxPubHex)
|
|
||||||
copy(c.boxPriv[:], boxPrivHex)
|
copy(c.boxPriv[:], boxPrivHex)
|
||||||
copy(c.sigPub[:], sigPubHex)
|
|
||||||
copy(c.sigPriv[:], sigPrivHex)
|
copy(c.sigPriv[:], sigPrivHex)
|
||||||
|
|
||||||
|
boxPub, sigPub := c.boxPriv.Public(), c.sigPriv.Public()
|
||||||
|
|
||||||
|
copy(c.boxPub[:], boxPub[:])
|
||||||
|
copy(c.sigPub[:], sigPub[:])
|
||||||
|
|
||||||
|
if bp := hex.EncodeToString(c.boxPub[:]); current.EncryptionPublicKey != bp {
|
||||||
|
c.log.Warnln("EncryptionPublicKey in config is incorrect, should be", bp)
|
||||||
|
}
|
||||||
|
if sp := hex.EncodeToString(c.sigPub[:]); current.SigningPublicKey != sp {
|
||||||
|
c.log.Warnln("SigningPublicKey in config is incorrect, should be", sp)
|
||||||
|
}
|
||||||
|
|
||||||
c.searches.init(c)
|
c.searches.init(c)
|
||||||
c.dht.init(c)
|
c.dht.init(c)
|
||||||
c.sessions.init(c)
|
c.sessions.init(c)
|
||||||
|
Loading…
Reference in New Issue
Block a user