From 021c15ebf84ef14e33e0340d3449e1091379b053 Mon Sep 17 00:00:00 2001 From: Dan Ballard Date: Thu, 6 Feb 2020 18:54:13 -0500 Subject: [PATCH] migrate to standalone op log and conectivity packages --- applications/auth.go | 14 +++--- applications/proof_of_work_app.go | 2 +- applications/token_app.go | 2 +- applications/tokenboard/client.go | 2 +- applications/tokenboard/server.go | 2 +- .../tokenboard/tokenboard_integration_test.go | 7 +-- go.mod | 14 ++++-- go.sum | 44 +++++++++++++------ networks/tor/BaseOnionService.go | 4 +- persistence/bolt_persistence.go | 2 +- persistence/bolt_persistence_test.go | 5 +++ primitives/auditable/auditablestore.go | 2 +- primitives/auditable/auditablestore_test.go | 2 +- primitives/identity.go | 5 ++- primitives/privacypass/token.go | 2 +- primitives/privacypass/token_test.go | 2 +- service.go | 4 +- testing/tapir_integration_test.go | 12 ++--- ...tapir_malicious_remote_integration_test.go | 12 ++--- testing/tests.sh | 1 + utils/crypto.go | 22 ++++++++++ 21 files changed, 109 insertions(+), 53 deletions(-) create mode 100644 utils/crypto.go diff --git a/applications/auth.go b/applications/auth.go index ab34d42..f8750ab 100644 --- a/applications/auth.go +++ b/applications/auth.go @@ -5,8 +5,8 @@ import ( "cwtch.im/tapir" "cwtch.im/tapir/primitives" "encoding/json" - "git.openprivacy.ca/openprivacy/libricochet-go/log" - "git.openprivacy.ca/openprivacy/libricochet-go/utils" + torProvider "git.openprivacy.ca/openprivacy/connectivity/tor" + "git.openprivacy.ca/openprivacy/log" "golang.org/x/crypto/ed25519" ) @@ -49,8 +49,8 @@ func (ea *AuthApp) Init(connection tapir.Connection) { // If we are an outbound connection we can perform an additional check to ensure that the server sent us back the correct long term // public key - if connection.IsOutbound() && utils.GetTorV3Hostname(remoteAuthMessage.LongTermPublicKey) != connection.Hostname() { - log.Errorf("The remote server (%v) has attempted to authenticate with a different public key %v", connection.Hostname(), utils.GetTorV3Hostname(remoteAuthMessage.LongTermPublicKey)) + if connection.IsOutbound() && torProvider.GetTorV3Hostname(remoteAuthMessage.LongTermPublicKey) != connection.Hostname() { + log.Errorf("The remote server (%v) has attempted to authenticate with a different public key %v", connection.Hostname(), torProvider.GetTorV3Hostname(remoteAuthMessage.LongTermPublicKey)) connection.Close() return } @@ -71,11 +71,11 @@ func (ea *AuthApp) Init(connection tapir.Connection) { if connection.IsOutbound() { outboundHostname = connection.ID().Hostname() - inboundHostname = utils.GetTorV3Hostname(remoteAuthMessage.LongTermPublicKey) + inboundHostname = torProvider.GetTorV3Hostname(remoteAuthMessage.LongTermPublicKey) outboundAuthMessage = challengeLocal inboundAuthMessage = challengeRemote } else { - outboundHostname = utils.GetTorV3Hostname(remoteAuthMessage.LongTermPublicKey) + outboundHostname = torProvider.GetTorV3Hostname(remoteAuthMessage.LongTermPublicKey) inboundHostname = connection.ID().Hostname() outboundAuthMessage = challengeRemote inboundAuthMessage = challengeLocal @@ -103,7 +103,7 @@ func (ea *AuthApp) Init(connection tapir.Connection) { // encryption key and the same transcript challenge. connection.Send(append(challengeBytes, []byte(connection.ID().Hostname())...)) remoteChallenge := connection.Expect() - assertedHostname := utils.GetTorV3Hostname(remoteAuthMessage.LongTermPublicKey) + assertedHostname := torProvider.GetTorV3Hostname(remoteAuthMessage.LongTermPublicKey) if subtle.ConstantTimeCompare(append(challengeBytes, []byte(assertedHostname)...), remoteChallenge) == 1 { connection.SetHostname(assertedHostname) connection.SetCapability(AuthCapability) diff --git a/applications/proof_of_work_app.go b/applications/proof_of_work_app.go index 697d78f..602f2f2 100644 --- a/applications/proof_of_work_app.go +++ b/applications/proof_of_work_app.go @@ -4,7 +4,7 @@ import ( "crypto/sha256" "cwtch.im/tapir" "cwtch.im/tapir/primitives/core" - "git.openprivacy.ca/openprivacy/libricochet-go/log" + "git.openprivacy.ca/openprivacy/log" ) // ProofOfWorkApplication forces the incoming connection to do proof of work before granting a capability diff --git a/applications/token_app.go b/applications/token_app.go index f46fc2a..11e4970 100644 --- a/applications/token_app.go +++ b/applications/token_app.go @@ -4,7 +4,7 @@ import ( "cwtch.im/tapir" "cwtch.im/tapir/primitives/privacypass" "encoding/json" - "git.openprivacy.ca/openprivacy/libricochet-go/log" + "git.openprivacy.ca/openprivacy/log" ) // TokenApplication provides Tokens for PoW diff --git a/applications/tokenboard/client.go b/applications/tokenboard/client.go index ba20785..13ed6fd 100644 --- a/applications/tokenboard/client.go +++ b/applications/tokenboard/client.go @@ -6,7 +6,7 @@ import ( "cwtch.im/tapir/primitives/auditable" "cwtch.im/tapir/primitives/privacypass" "encoding/json" - "git.openprivacy.ca/openprivacy/libricochet-go/log" + "git.openprivacy.ca/openprivacy/log" ) // NewTokenBoardClient generates a new Client for Token Board diff --git a/applications/tokenboard/server.go b/applications/tokenboard/server.go index c279031..54bd3cc 100644 --- a/applications/tokenboard/server.go +++ b/applications/tokenboard/server.go @@ -8,7 +8,7 @@ import ( "cwtch.im/tapir/primitives/auditable" "cwtch.im/tapir/primitives/privacypass" "encoding/json" - "git.openprivacy.ca/openprivacy/libricochet-go/log" + "git.openprivacy.ca/openprivacy/log" ) // NewTokenBoardServer generates new Server for Token Board diff --git a/applications/tokenboard/tokenboard_integration_test.go b/applications/tokenboard/tokenboard_integration_test.go index a16427a..61906bf 100644 --- a/applications/tokenboard/tokenboard_integration_test.go +++ b/applications/tokenboard/tokenboard_integration_test.go @@ -8,8 +8,9 @@ import ( "cwtch.im/tapir/primitives/auditable" "cwtch.im/tapir/primitives/privacypass" "errors" - "git.openprivacy.ca/openprivacy/libricochet-go/connectivity" - "git.openprivacy.ca/openprivacy/libricochet-go/log" + "git.openprivacy.ca/openprivacy/connectivity" + torProvider "git.openprivacy.ca/openprivacy/connectivity/tor" + "git.openprivacy.ca/openprivacy/log" "runtime" "sync" "testing" @@ -73,7 +74,7 @@ func TestTokenBoardApp(t *testing.T) { log.Infof("Number of goroutines open at start: %d", runtime.NumGoroutine()) // Connect to Tor var acn connectivity.ACN - acn, _ = connectivity.StartTor("./", "") + acn, _ = torProvider.NewTorACN("./", "") acn.WaitTillBootstrapped() // Generate Server Key diff --git a/go.mod b/go.mod index e2a0995..10637e0 100644 --- a/go.mod +++ b/go.mod @@ -1,12 +1,20 @@ module cwtch.im/tapir require ( - git.openprivacy.ca/openprivacy/libricochet-go v1.0.4 + git.openprivacy.ca/openprivacy/connectivity v1.1.0 + git.openprivacy.ca/openprivacy/log v1.0.0 + github.com/agl/ed25519 v0.0.0-20170116200512-5312a6153412 + github.com/davecgh/go-spew v1.1.1 // indirect github.com/gtank/merlin v0.1.1 github.com/gtank/ristretto255 v0.1.2 + github.com/kr/pretty v0.2.0 // indirect + github.com/stretchr/testify v1.4.0 // indirect go.etcd.io/bbolt v1.3.3 - golang.org/x/crypto v0.0.0-20190513172903-22d7a77e9e5f - golang.org/x/sync v0.0.0-20190423024810-112230192c58 // indirect + golang.org/x/crypto v0.0.0-20200206161412-a0c6ece9d31a + golang.org/x/net v0.0.0-20200202094626-16171245cfb2 // indirect + golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5 // indirect + gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect + gopkg.in/yaml.v2 v2.2.8 // indirect ) go 1.13 diff --git a/go.sum b/go.sum index c5a1a2a..2f94ef5 100644 --- a/go.sum +++ b/go.sum @@ -1,17 +1,24 @@ -git.openprivacy.ca/openprivacy/libricochet-go v1.0.4 h1:GWLMJ5jBSIC/gFXzdbbeVz7fIAn2FTgW8+wBci6/3Ek= -git.openprivacy.ca/openprivacy/libricochet-go v1.0.4/go.mod h1:yMSG1gBaP4f1U+RMZXN85d29D39OK5s8aTpyVRoH5FY= +git.openprivacy.ca/openprivacy/connectivity v1.1.0 h1:9PEeKuPdoIRYeA62BUkBW2BfK4KqKEXz1fvUxZoP4xs= +git.openprivacy.ca/openprivacy/connectivity v1.1.0/go.mod h1:4P8mirZZslKbo2zBrXXVjgEdqGwHo/6qoFBwFQW6d6E= +git.openprivacy.ca/openprivacy/log v1.0.0 h1:Rvqm1weUdR4AOnJ79b1upHCc9vC/QF1rhSD2Um7sr1Y= +git.openprivacy.ca/openprivacy/log v1.0.0/go.mod h1:gGYK8xHtndRLDymFtmjkG26GaMQNgyhioNS82m812Iw= github.com/agl/ed25519 v0.0.0-20170116200512-5312a6153412 h1:w1UutsfOrms1J05zt7ISrnJIXKzwaspym5BTKGx93EI= github.com/agl/ed25519 v0.0.0-20170116200512-5312a6153412/go.mod h1:WPjqKcmVOxf0XSf3YxCJs6N6AOSrOx3obionmG7T0y0= -github.com/cretz/bine v0.1.0 h1:1/fvhLE+fk0bPzjdO5Ci+0ComYxEMuB1JhM4X5skT3g= -github.com/cretz/bine v0.1.0/go.mod h1:6PF6fWAvYtwjRGkAuDEJeWNOv3a2hUouSP/yRYXmvHw= +github.com/cretz/bine v0.1.1-0.20200124154328-f9f678b84cca h1:Q2r7AxHdJwWfLtBZwvW621M3sPqxPc6ITv2j1FGsYpw= +github.com/cretz/bine v0.1.1-0.20200124154328-f9f678b84cca/go.mod h1:6PF6fWAvYtwjRGkAuDEJeWNOv3a2hUouSP/yRYXmvHw= github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/gtank/merlin v0.1.1 h1:eQ90iG7K9pOhtereWsmyRJ6RAwcP4tHTDBHXNg+u5is= github.com/gtank/merlin v0.1.1/go.mod h1:T86dnYJhcGOh5BjZFCJWTDeTK7XW8uE+E21Cy/bIQ+s= github.com/gtank/ristretto255 v0.1.2 h1:JEqUCPA1NvLq5DwYtuzigd7ss8fwbYay9fi4/5uMzcc= github.com/gtank/ristretto255 v0.1.2/go.mod h1:Ph5OpO6c7xKUGROZfWVLiJf9icMDwUeIvY4OmlYW69o= +github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/mimoo/StrobeGo v0.0.0-20181016162300-f8f6d4d2b643 h1:hLDRPB66XQT/8+wG9WsDpiCvZf1yKO7sz7scAjSlBa0= github.com/mimoo/StrobeGo v0.0.0-20181016162300-f8f6d4d2b643/go.mod h1:43+3pMjjKimDBf5Kr4ZFNGbLql1zKkbImw+fZbw3geM= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -19,19 +26,30 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= go.etcd.io/bbolt v1.3.3 h1:MUGmc65QhB3pIlaQ5bB4LwqSj6GIonVJXpZiaKNyaKk= go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -golang.org/x/crypto v0.0.0-20190128193316-c7b33c32a30b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190513172903-22d7a77e9e5f h1:R423Cnkcp5JABoeemiGEPlt9tHXFfw5kvc0yqlxRPWo= -golang.org/x/crypto v0.0.0-20190513172903-22d7a77e9e5f/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/crypto v0.0.0-20200204104054-c9f3fb736b72 h1:+ELyKg6m8UBf0nPFSqD0mi7zUfwPyXo23HNjMnXPz7w= +golang.org/x/crypto v0.0.0-20200204104054-c9f3fb736b72/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20200206161412-a0c6ece9d31a h1:aczoJ0HPNE92XKa7DrIzkNN6esOKO2TBwiiYoKcINhA= +golang.org/x/crypto v0.0.0-20200206161412-a0c6ece9d31a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2 h1:CCH4IOTTfewWjGOlSp+zGcjutRKlBEZQ6wTn8ozI/nI= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d h1:+R4KGOnez64A81RvjARKc4UT5/tI9ujCIVX+P5KiHuI= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5 h1:LfCXLvNmTYH9kEmVgqbnsWfruoXZIrh4YBgqVHtDvw0= +golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/networks/tor/BaseOnionService.go b/networks/tor/BaseOnionService.go index 6b2e620..ca27249 100644 --- a/networks/tor/BaseOnionService.go +++ b/networks/tor/BaseOnionService.go @@ -6,8 +6,8 @@ import ( "cwtch.im/tapir/primitives" "encoding/base64" "errors" - "git.openprivacy.ca/openprivacy/libricochet-go/connectivity" - "git.openprivacy.ca/openprivacy/libricochet-go/log" + "git.openprivacy.ca/openprivacy/connectivity" + "git.openprivacy.ca/openprivacy/log" "golang.org/x/crypto/ed25519" "sync" "time" diff --git a/persistence/bolt_persistence.go b/persistence/bolt_persistence.go index 701cc55..20d38f6 100644 --- a/persistence/bolt_persistence.go +++ b/persistence/bolt_persistence.go @@ -2,7 +2,7 @@ package persistence import ( "encoding/json" - "git.openprivacy.ca/openprivacy/libricochet-go/log" + "git.openprivacy.ca/openprivacy/log" bolt "go.etcd.io/bbolt" ) diff --git a/persistence/bolt_persistence_test.go b/persistence/bolt_persistence_test.go index b757474..b88d454 100644 --- a/persistence/bolt_persistence_test.go +++ b/persistence/bolt_persistence_test.go @@ -1,14 +1,19 @@ package persistence import ( + "os" "testing" ) func TestBoltPersistence_Open(t *testing.T) { + os.Remove("test.dbgi") var db Service db = new(BoltPersistence) db.Open("test.dbgi") db.Setup([]string{"tokens"}) + // 2020.02: Fails in WSL1 because of a mmap issue. + // https://github.com/microsoft/WSL/issues/4873 + // Scheduled to be fixed in the 20h1 Win10 release db.Persist("tokens", "random_value", true) var exists bool diff --git a/primitives/auditable/auditablestore.go b/primitives/auditable/auditablestore.go index 8a61440..a4574a2 100644 --- a/primitives/auditable/auditablestore.go +++ b/primitives/auditable/auditablestore.go @@ -8,7 +8,7 @@ import ( "cwtch.im/tapir/primitives/core" "encoding/base64" "errors" - "git.openprivacy.ca/openprivacy/libricochet-go/log" + "git.openprivacy.ca/openprivacy/log" "golang.org/x/crypto/ed25519" "sync" ) diff --git a/primitives/auditable/auditablestore_test.go b/primitives/auditable/auditablestore_test.go index f316fb4..2e0623f 100644 --- a/primitives/auditable/auditablestore_test.go +++ b/primitives/auditable/auditablestore_test.go @@ -4,7 +4,7 @@ import ( "cwtch.im/tapir/persistence" "cwtch.im/tapir/primitives" "fmt" - "git.openprivacy.ca/openprivacy/libricochet-go/log" + "git.openprivacy.ca/openprivacy/log" "os" "testing" ) diff --git a/primitives/identity.go b/primitives/identity.go index abb6a4f..54f7217 100644 --- a/primitives/identity.go +++ b/primitives/identity.go @@ -2,7 +2,8 @@ package primitives import ( "crypto/rand" - "git.openprivacy.ca/openprivacy/libricochet-go/utils" + "cwtch.im/tapir/utils" + torProvider "git.openprivacy.ca/openprivacy/connectivity/tor" "golang.org/x/crypto/ed25519" ) @@ -49,7 +50,7 @@ func (i *Identity) EDH(key ed25519.PublicKey) []byte { // Hostname provides the onion address associated with this Identity. func (i *Identity) Hostname() string { - return utils.GetTorV3Hostname(*i.edpubk) + return torProvider.GetTorV3Hostname(*i.edpubk) } // Sign produces a signature for a given message attributable to the given identity diff --git a/primitives/privacypass/token.go b/primitives/privacypass/token.go index 70ac785..8bc9a77 100644 --- a/primitives/privacypass/token.go +++ b/primitives/privacypass/token.go @@ -5,7 +5,7 @@ import ( "crypto/rand" "cwtch.im/tapir/primitives/core" "fmt" - "git.openprivacy.ca/openprivacy/libricochet-go/log" + "git.openprivacy.ca/openprivacy/log" ristretto "github.com/gtank/ristretto255" "golang.org/x/crypto/sha3" diff --git a/primitives/privacypass/token_test.go b/primitives/privacypass/token_test.go index cd15b09..bca04cd 100644 --- a/primitives/privacypass/token_test.go +++ b/primitives/privacypass/token_test.go @@ -3,7 +3,7 @@ package privacypass import ( "cwtch.im/tapir/persistence" "cwtch.im/tapir/primitives/core" - "git.openprivacy.ca/openprivacy/libricochet-go/log" + "git.openprivacy.ca/openprivacy/log" "github.com/gtank/ristretto255" "golang.org/x/crypto/sha3" "testing" diff --git a/service.go b/service.go index bc2a6bd..93913de 100644 --- a/service.go +++ b/service.go @@ -4,8 +4,8 @@ import ( "crypto/rand" "cwtch.im/tapir/primitives" "encoding/binary" - "git.openprivacy.ca/openprivacy/libricochet-go/connectivity" - "git.openprivacy.ca/openprivacy/libricochet-go/log" + "git.openprivacy.ca/openprivacy/connectivity" + "git.openprivacy.ca/openprivacy/log" "golang.org/x/crypto/ed25519" "golang.org/x/crypto/nacl/secretbox" "io" diff --git a/testing/tapir_integration_test.go b/testing/tapir_integration_test.go index e77aa9c..0734f77 100644 --- a/testing/tapir_integration_test.go +++ b/testing/tapir_integration_test.go @@ -5,9 +5,9 @@ import ( "cwtch.im/tapir/applications" "cwtch.im/tapir/networks/tor" "cwtch.im/tapir/primitives" - "git.openprivacy.ca/openprivacy/libricochet-go/connectivity" - "git.openprivacy.ca/openprivacy/libricochet-go/log" - "git.openprivacy.ca/openprivacy/libricochet-go/utils" + "git.openprivacy.ca/openprivacy/connectivity" + torProvider "git.openprivacy.ca/openprivacy/connectivity/tor" + "git.openprivacy.ca/openprivacy/log" "golang.org/x/crypto/ed25519" "runtime" "sync" @@ -61,7 +61,7 @@ func TestTapir(t *testing.T) { log.Infof("Number of goroutines open at start: %d", runtime.NumGoroutine()) // Connect to Tor var acn connectivity.ACN - acn, _ = connectivity.StartTor("./", "") + acn, _ = torProvider.NewTorACN("./", "") acn.WaitTillBootstrapped() // Generate Server Keys @@ -114,13 +114,13 @@ func genclient(acn connectivity.ACN) (tapir.Service, string) { // Client will Connect and launch it's own Echo App goroutine. func connectclient(client tapir.Service, key ed25519.PublicKey, group *sync.WaitGroup) { - client.Connect(utils.GetTorV3Hostname(key), new(SimpleApp)) + client.Connect(torProvider.GetTorV3Hostname(key), new(SimpleApp)) // Once connected, it shouldn't take long to authenticate and run the application. So for the purposes of this demo // we will wait a little while then exit. time.Sleep(time.Second * 5) - conn, _ := client.GetConnection(utils.GetTorV3Hostname(key)) + conn, _ := client.GetConnection(torProvider.GetTorV3Hostname(key)) log.Debugf("Client has Auth: %v", conn.HasCapability(applications.AuthCapability)) AuthSuccess = true group.Done() diff --git a/testing/tapir_malicious_remote_integration_test.go b/testing/tapir_malicious_remote_integration_test.go index 4262fff..946a1d1 100644 --- a/testing/tapir_malicious_remote_integration_test.go +++ b/testing/tapir_malicious_remote_integration_test.go @@ -5,9 +5,9 @@ import ( "cwtch.im/tapir/applications" "cwtch.im/tapir/networks/tor" "cwtch.im/tapir/primitives" - "git.openprivacy.ca/openprivacy/libricochet-go/connectivity" - "git.openprivacy.ca/openprivacy/libricochet-go/log" - "git.openprivacy.ca/openprivacy/libricochet-go/utils" + "git.openprivacy.ca/openprivacy/connectivity" + torProvider "git.openprivacy.ca/openprivacy/connectivity/tor" + "git.openprivacy.ca/openprivacy/log" "golang.org/x/crypto/ed25519" "runtime" "sync" @@ -22,7 +22,7 @@ func TestTapirMaliciousRemote(t *testing.T) { log.Infof("Number of goroutines open at start: %d", runtime.NumGoroutine()) // Connect to Tor var acn connectivity.ACN - acn, _ = connectivity.StartTor("./", "") + acn, _ = torProvider.NewTorACN("./", "") acn.WaitTillBootstrapped() // Generate Server Keys, not we generate two sets @@ -67,14 +67,14 @@ func TestTapirMaliciousRemote(t *testing.T) { // Client will Connect and launch it's own Echo App goroutine. func connectclientandfail(client tapir.Service, key ed25519.PublicKey, group *sync.WaitGroup, t *testing.T) { - client.Connect(utils.GetTorV3Hostname(key), new(applications.AuthApp)) + client.Connect(torProvider.GetTorV3Hostname(key), new(applications.AuthApp)) // Once connected, it shouldn't take long to authenticate and run the application. So for the purposes of this demo // we will wait a little while then exit. time.Sleep(time.Second * 5) log.Infof("Checking connection status...") - conn, err := client.GetConnection(utils.GetTorV3Hostname(key)) + conn, err := client.GetConnection(torProvider.GetTorV3Hostname(key)) if err == nil { group.Done() t.Fatalf("Connection should have failed! %v %v", conn, err) diff --git a/testing/tests.sh b/testing/tests.sh index f402dbe..cbb303d 100755 --- a/testing/tests.sh +++ b/testing/tests.sh @@ -4,6 +4,7 @@ set -e pwd go test -race ${1} -coverprofile=applications.cover.out -v ./applications go test -race ${1} -coverprofile=applications.tokenboard.cover.out -v ./applications/tokenboard +go test -race ${1} -coverprofile=persistence.cover.out -v ./persistence go test -race ${1} -coverprofile=primitives.cover.out -v ./primitives go test -race ${1} -coverprofile=primitives.auditable.cover.out -v ./primitives/auditable go test -race ${1} -coverprofile=primitives.core.cover.out -v ./primitives/core diff --git a/utils/crypto.go b/utils/crypto.go new file mode 100644 index 0000000..1e01942 --- /dev/null +++ b/utils/crypto.go @@ -0,0 +1,22 @@ +package utils + +import ( + "github.com/agl/ed25519/extra25519" + "golang.org/x/crypto/curve25519" + "golang.org/x/crypto/ed25519" +) + +// EDH implements diffie hellman using curve25519 keys derived from ed25519 keys +// NOTE: This uses a 3rd party library extra25519 as the key conversion is not in the core golang lib +// as such this definitely needs further review. +func EDH(privateKey ed25519.PrivateKey, remotePublicKey ed25519.PublicKey) [32]byte { + var privKeyBytes [64]byte + var remotePubKeyBytes [32]byte + copy(privKeyBytes[:], privateKey[:]) + copy(remotePubKeyBytes[:], remotePublicKey[:]) + var secret, curve25519priv, curve25519pub [32]byte + extra25519.PrivateKeyToCurve25519(&curve25519priv, &privKeyBytes) + extra25519.PublicKeyToCurve25519(&curve25519pub, &remotePubKeyBytes) + curve25519.ScalarMult(&secret, &curve25519priv, &curve25519pub) + return secret +}