forked from cwtch.im/cwtch
Cwtch_peer.go
Added missing imports and corrected NewCwtchPeer to implement the CwtchPeerInterface Corrected formatting Main.go Corrected formatting App.go Included missing arguments Cwtch_peer_test.go Included password arguments into tests Cwtch_peer_server_intergration_test.go Included password arguments into tests
This commit is contained in:
parent
966642c957
commit
8e55a77173
|
@ -34,7 +34,7 @@ func (app *Application) NewProfile(name string, filename string, password string
|
||||||
}
|
}
|
||||||
|
|
||||||
// SetProfile loads an existing profile from the given filename.
|
// SetProfile loads an existing profile from the given filename.
|
||||||
func (app *Application) SetProfile(filename string) error {
|
func (app *Application) SetProfile(filename string, password string) error {
|
||||||
profile, err := peer.LoadCwtchPeer(filename, password)
|
profile, err := peer.LoadCwtchPeer(filename, password)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
|
|
@ -9,8 +9,8 @@ import (
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"bytes"
|
"bytes"
|
||||||
"syscall"
|
|
||||||
"golang.org/x/crypto/ssh/terminal"
|
"golang.org/x/crypto/ssh/terminal"
|
||||||
|
"syscall"
|
||||||
)
|
)
|
||||||
|
|
||||||
var app app2.Application
|
var app app2.Application
|
||||||
|
@ -187,7 +187,7 @@ func main() {
|
||||||
fmt.Print("** WARNING: PASSWORDS CANNOT BE RECOVERED! **\n")
|
fmt.Print("** WARNING: PASSWORDS CANNOT BE RECOVERED! **\n")
|
||||||
|
|
||||||
password := ""
|
password := ""
|
||||||
failcount := 0;
|
failcount := 0
|
||||||
for ; failcount < 3; failcount++ {
|
for ; failcount < 3; failcount++ {
|
||||||
fmt.Print("Enter a password to encrypt the profile: ")
|
fmt.Print("Enter a password to encrypt the profile: ")
|
||||||
bytePassword, _ := terminal.ReadPassword(int(syscall.Stdin))
|
bytePassword, _ := terminal.ReadPassword(int(syscall.Stdin))
|
||||||
|
@ -197,25 +197,25 @@ func main() {
|
||||||
}
|
}
|
||||||
fmt.Print("\nRe-enter password: ")
|
fmt.Print("\nRe-enter password: ")
|
||||||
bytePassword2, _ := terminal.ReadPassword(int(syscall.Stdin))
|
bytePassword2, _ := terminal.ReadPassword(int(syscall.Stdin))
|
||||||
if(bytes.Equal(bytePassword, bytePassword2)){
|
if bytes.Equal(bytePassword, bytePassword2) {
|
||||||
password = string(bytePassword)
|
password = string(bytePassword)
|
||||||
break
|
break
|
||||||
}else{
|
} else {
|
||||||
fmt.Print("\nPASSWORDS DIDN'T MATCH! Try again.\n")
|
fmt.Print("\nPASSWORDS DIDN'T MATCH! Try again.\n")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(failcount >= 3){
|
if failcount >= 3 {
|
||||||
fmt.Printf("Error creating profile for %v: Your password entries must match!\n", commands[1])
|
fmt.Printf("Error creating profile for %v: Your password entries must match!\n", commands[1])
|
||||||
}else{
|
} else {
|
||||||
err := app.NewProfile(commands[1], commands[2], password)
|
err := app.NewProfile(commands[1], commands[2], password)
|
||||||
profilefile = commands[2]
|
profilefile = commands[2]
|
||||||
if err == nil {
|
if err == nil {
|
||||||
fmt.Printf("\nNew profile created for %v\n", commands[1])
|
fmt.Printf("\nNew profile created for %v\n", commands[1])
|
||||||
} else {
|
} else {
|
||||||
fmt.Printf("\nError creating profile for %v: %v\n", commands[1], err)
|
fmt.Printf("\nError creating profile for %v: %v\n", commands[1], err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
fmt.Printf("Error creating NewProfile, usage: %s\n", usages["new-profile"])
|
fmt.Printf("Error creating NewProfile, usage: %s\n", usages["new-profile"])
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
package peer
|
package peer
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/rand"
|
||||||
"crypto/rsa"
|
"crypto/rsa"
|
||||||
"cwtch.im/cwtch/model"
|
"cwtch.im/cwtch/model"
|
||||||
"cwtch.im/cwtch/peer/connections"
|
"cwtch.im/cwtch/peer/connections"
|
||||||
|
@ -9,11 +10,17 @@ import (
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"errors"
|
"errors"
|
||||||
"github.com/golang/protobuf/proto"
|
"fmt"
|
||||||
"git.openprivacy.ca/openprivacy/libricochet-go/application"
|
"git.openprivacy.ca/openprivacy/libricochet-go/application"
|
||||||
"git.openprivacy.ca/openprivacy/libricochet-go/channels"
|
"git.openprivacy.ca/openprivacy/libricochet-go/channels"
|
||||||
"git.openprivacy.ca/openprivacy/libricochet-go/connection"
|
"git.openprivacy.ca/openprivacy/libricochet-go/connection"
|
||||||
|
"github.com/golang/protobuf/proto"
|
||||||
|
"github.com/ulule/deepcopier"
|
||||||
"golang.org/x/crypto/ed25519"
|
"golang.org/x/crypto/ed25519"
|
||||||
|
"golang.org/x/crypto/nacl/secretbox"
|
||||||
|
"golang.org/x/crypto/pbkdf2"
|
||||||
|
"golang.org/x/crypto/sha3"
|
||||||
|
"io"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"log"
|
"log"
|
||||||
"strings"
|
"strings"
|
||||||
|
@ -67,18 +74,17 @@ type CwtchPeerInterface interface {
|
||||||
Shutdown()
|
Shutdown()
|
||||||
}
|
}
|
||||||
|
|
||||||
// CreateHash hashes the user's password to a length suitable for file encryption
|
// CreateKey derives a key and salt for use in encrypting the Profile
|
||||||
func CreateKey(key string) ([32]byte, [128]byte) {
|
func CreateKey(key string) ([32]byte, [128]byte) {
|
||||||
var salt [128]byte
|
var salt [128]byte
|
||||||
if _, err := io.ReadFull(rand.Reader, salt[:]);
|
if _, err := io.ReadFull(rand.Reader, salt[:]); err != nil {
|
||||||
err != nil {
|
panic(err)
|
||||||
panic(err)
|
}
|
||||||
}
|
dk := pbkdf2.Key([]byte(key), salt[:], 4096, 32, sha3.New512)
|
||||||
dk := pbkdf2.Key([]byte(key), salt[:], 4096, 32, sha3.New512)
|
|
||||||
|
|
||||||
var dkr [32]byte
|
var dkr [32]byte
|
||||||
copy(dkr[:], dk)
|
copy(dkr[:], dk)
|
||||||
return dkr, salt
|
return dkr, salt
|
||||||
}
|
}
|
||||||
|
|
||||||
//EncryptMessage takes a message and encrypts the message under the group key.
|
//EncryptMessage takes a message and encrypts the message under the group key.
|
||||||
|
@ -101,21 +107,21 @@ func EncryptProfile(p *cwtchPeer, password [32]byte) []byte {
|
||||||
}
|
}
|
||||||
|
|
||||||
//EncryptMessage takes a message and encrypts the message under the group key.
|
//EncryptMessage takes a message and encrypts the message under the group key.
|
||||||
func DecryptProfile(ciphertext []byte, password [32]byte) (error, *cwtchPeer){
|
func DecryptProfile(ciphertext []byte, password [32]byte) (error, *cwtchPeer) {
|
||||||
|
|
||||||
var decryptNonce [24]byte
|
var decryptNonce [24]byte
|
||||||
copy(decryptNonce[:], ciphertext[:24])
|
copy(decryptNonce[:], ciphertext[:24])
|
||||||
decrypted, ok := secretbox.Open(nil, ciphertext[24:], &decryptNonce, &password)
|
decrypted, ok := secretbox.Open(nil, ciphertext[24:], &decryptNonce, &password)
|
||||||
if ok {
|
if ok {
|
||||||
cp := &cwtchPeer{}
|
cp := &cwtchPeer{}
|
||||||
err := json.Unmarshal(decrypted, &cp)
|
err := json.Unmarshal(decrypted, &cp)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
return nil, cp
|
return nil, cp
|
||||||
} else {
|
} else {
|
||||||
return err, nil
|
return err, nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return fmt.Errorf("Failed to decrypt"), nil
|
return fmt.Errorf("Failed to decrypt"), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cp *cwtchPeer) setup() {
|
func (cp *cwtchPeer) setup() {
|
||||||
|
@ -139,7 +145,7 @@ func (cp *cwtchPeer) setup() {
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewCwtchPeer creates and returns a new CwtchPeer with the given name.
|
// NewCwtchPeer creates and returns a new CwtchPeer with the given name.
|
||||||
func NewCwtchPeer(name string, password string) *cwtchPeer {
|
func NewCwtchPeer(name string, password string) CwtchPeerInterface {
|
||||||
cp := new(cwtchPeer)
|
cp := new(cwtchPeer)
|
||||||
cp.Profile = model.GenerateNewProfile(name)
|
cp.Profile = model.GenerateNewProfile(name)
|
||||||
cp.setup()
|
cp.setup()
|
||||||
|
@ -153,7 +159,7 @@ func NewCwtchPeer(name string, password string) *cwtchPeer {
|
||||||
func (cp *cwtchPeer) Save(profilefile string) error {
|
func (cp *cwtchPeer) Save(profilefile string) error {
|
||||||
cp.mutex.Lock()
|
cp.mutex.Lock()
|
||||||
encryptedbytes := EncryptProfile(cp, cp.password)
|
encryptedbytes := EncryptProfile(cp, cp.password)
|
||||||
encryptedbytes = append(cp.salt[:],encryptedbytes...)
|
encryptedbytes = append(cp.salt[:], encryptedbytes...)
|
||||||
err := ioutil.WriteFile(profilefile, encryptedbytes, 0600)
|
err := ioutil.WriteFile(profilefile, encryptedbytes, 0600)
|
||||||
cp.profilefile = profilefile
|
cp.profilefile = profilefile
|
||||||
cp.mutex.Unlock()
|
cp.mutex.Unlock()
|
||||||
|
@ -173,13 +179,13 @@ func LoadCwtchPeer(profilefile string, password string) (*cwtchPeer, error) {
|
||||||
|
|
||||||
err, cp := DecryptProfile(encryptedbytes, dkr)
|
err, cp := DecryptProfile(encryptedbytes, dkr)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
cp.setup()
|
cp.setup()
|
||||||
cp.profilefile = profilefile
|
cp.profilefile = profilefile
|
||||||
cp.password = dkr
|
cp.password = dkr
|
||||||
return cp, nil
|
return cp, nil
|
||||||
} else {
|
} else {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// ImportGroup intializes a group from an imported source rather than a peer invite
|
// ImportGroup intializes a group from an imported source rather than a peer invite
|
||||||
|
|
|
@ -6,10 +6,10 @@ import (
|
||||||
|
|
||||||
func TestCwtchPeerGenerate(t *testing.T) {
|
func TestCwtchPeerGenerate(t *testing.T) {
|
||||||
|
|
||||||
alice := NewCwtchPeer("alice")
|
alice := NewCwtchPeer("alice","testpass")
|
||||||
alice.Save("./test_profile")
|
alice.Save("./test_profile")
|
||||||
|
|
||||||
aliceLoaded, err := LoadCwtchPeer("./test_profile")
|
aliceLoaded, err := LoadCwtchPeer("./test_profile","testpass")
|
||||||
if err != nil || aliceLoaded.GetProfile().Name != "alice" {
|
if err != nil || aliceLoaded.GetProfile().Name != "alice" {
|
||||||
t.Errorf("something went wrong saving and loading profiles %v %v", err, aliceLoaded)
|
t.Errorf("something went wrong saving and loading profiles %v %v", err, aliceLoaded)
|
||||||
}
|
}
|
||||||
|
|
|
@ -143,17 +143,17 @@ func TestCwtchPeerIntegration(t *testing.T) {
|
||||||
// ***** Peer setup *****
|
// ***** Peer setup *****
|
||||||
|
|
||||||
fmt.Println("Creating Alice...")
|
fmt.Println("Creating Alice...")
|
||||||
alice := peer.NewCwtchPeer("Alice")
|
alice := peer.NewCwtchPeer("Alice","alicepass")
|
||||||
go alice.Listen()
|
go alice.Listen()
|
||||||
fmt.Println("Alice created:", alice.GetProfile().Onion)
|
fmt.Println("Alice created:", alice.GetProfile().Onion)
|
||||||
|
|
||||||
fmt.Println("Creating Bob...")
|
fmt.Println("Creating Bob...")
|
||||||
bob := peer.NewCwtchPeer("Bob")
|
bob := peer.NewCwtchPeer("Bob","bobpass")
|
||||||
go bob.Listen()
|
go bob.Listen()
|
||||||
fmt.Println("Bob created:", bob.GetProfile().Onion)
|
fmt.Println("Bob created:", bob.GetProfile().Onion)
|
||||||
|
|
||||||
fmt.Println("Creating Carol...")
|
fmt.Println("Creating Carol...")
|
||||||
carol := peer.NewCwtchPeer("Carol")
|
carol := peer.NewCwtchPeer("Carol","carolpass")
|
||||||
go carol.Listen()
|
go carol.Listen()
|
||||||
fmt.Println("Carol created:", carol.GetProfile().Onion)
|
fmt.Println("Carol created:", carol.GetProfile().Onion)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue