libricochet-go/utils/crypto.go

package utils

import (
	"crypto/rand"
	"crypto/rsa"
	"crypto/x509"
	"encoding/pem"
	"errors"
	"git.openprivacy.ca/openprivacy/asaur/utils/pkcs1"
	"github.com/agl/ed25519/extra25519"
	"golang.org/x/crypto/curve25519"
	"golang.org/x/crypto/ed25519"
	"io/ioutil"
	"math"
	"math/big"
)

const (
	// InvalidPrivateKeyFileError is a library error, thrown when the given key file fials to load
	InvalidPrivateKeyFileError = Error("InvalidPrivateKeyFileError")

	// RicochetKeySize - tor onion services currently use rsa key sizes of 1024 bits
	RicochetKeySize = 1024
)

// GetRandNumber is a helper function which returns a random integer, this is
// currently mostly used to generate messageids
func GetRandNumber() *big.Int {
	num, err := rand.Int(rand.Reader, big.NewInt(math.MaxUint32))
	// If we can't generate random numbers then panicking is probably
	// the best option.
	CheckError(err)
	return num
}

// EDH implements diffie hellman using curve25519 keys derived from ed25519 keys
// NOTE: This uses a 3rd party library extra25519 as the key conversion is not in the core golang lib
// as such this definitely needs further review.
func EDH(privateKey ed25519.PrivateKey, remotePublicKey ed25519.PublicKey) [32]byte {
	var privKeyBytes [64]byte
	var remotePubKeyBytes [32]byte
	copy(privKeyBytes[:], privateKey[:])
	copy(remotePubKeyBytes[:], remotePublicKey[:])
	var secret, curve25519priv, curve25519pub [32]byte
	extra25519.PrivateKeyToCurve25519(&curve25519priv, &privKeyBytes)
	extra25519.PublicKeyToCurve25519(&curve25519pub, &remotePubKeyBytes)
	curve25519.ScalarMult(&secret, &curve25519priv, &curve25519pub)
	return secret
}

// GeneratePrivateKey generates a new private key for use
func GeneratePrivateKey() (*rsa.PrivateKey, error) {
	privateKey, err := rsa.GenerateKey(rand.Reader, RicochetKeySize)
	if err != nil {
		return nil, errors.New("Could not generate key: " + err.Error())
	}
	privateKeyDer := x509.MarshalPKCS1PrivateKey(privateKey)
	return x509.ParsePKCS1PrivateKey(privateKeyDer)
}

// LoadPrivateKeyFromFile loads a private key from a file...
func LoadPrivateKeyFromFile(filename string) (*rsa.PrivateKey, error) {
	pemData, err := ioutil.ReadFile(filename)
	if err != nil {
		return nil, err
	}

	return ParsePrivateKey(pemData)
}

// ParsePrivateKey Convert a private key string to a usable private key
func ParsePrivateKey(pemData []byte) (*rsa.PrivateKey, error) {
	block, _ := pem.Decode(pemData)
	if block == nil || block.Type != "RSA PRIVATE KEY" {
		return nil, InvalidPrivateKeyFileError
	}

	return x509.ParsePKCS1PrivateKey(block.Bytes)
}

// PrivateKeyToString turns a private key into storable string
func PrivateKeyToString(privateKey *rsa.PrivateKey) string {
	privateKeyBlock := pem.Block{
		Type:    "RSA PRIVATE KEY",
		Headers: nil,
		Bytes:   x509.MarshalPKCS1PrivateKey(privateKey),
	}

	return string(pem.EncodeToMemory(&privateKeyBlock))
}

// return an onion address from a private key
func GetOnionAddress(privateKey *rsa.PrivateKey) (string, error) {
	addr, err := pkcs1.OnionAddr(&privateKey.PublicKey)
	if err != nil {
		return "", err
	} else if addr == "" {
		return "", OnionAddressGenerationError
	}
	return addr, nil
}
Brand new API v0.2 2017-05-02 23:33:51 +00:00			`package utils`

			`import (`
Formatting + Checking Connection Error in Echobot 2017-11-02 23:43:11 +00:00			`"crypto/rand"`
Brand new API v0.2 2017-05-02 23:33:51 +00:00			`"crypto/rsa"`
			`"crypto/x509"`
			`"encoding/pem"`
Add more crypto/utils and extend SetupOnion to support unix sockets 2017-08-14 15:43:33 +00:00			`"errors"`
forking bulb 2018-10-09 01:48:37 +00:00			`"git.openprivacy.ca/openprivacy/asaur/utils/pkcs1"`
check current onion descriptors on old versions of tor to see if they're out-of-sync 2018-10-09 19:55:42 +00:00			`"github.com/agl/ed25519/extra25519"`
v3 onions 2018-09-22 20:12:08 +00:00			`"golang.org/x/crypto/curve25519"`
			`"golang.org/x/crypto/ed25519"`
Formatting + Checking Connection Error in Echobot 2017-11-02 23:43:11 +00:00			`"io/ioutil"`
Adding RandNumber util to simplify chatchannel logic 2018-01-12 18:02:15 +00:00			`"math"`
			`"math/big"`
Brand new API v0.2 2017-05-02 23:33:51 +00:00			`)`

First Cut of Applications + Bugs, Formatting 2017-07-04 18:29:11 +00:00			`const (`
More golint fixing in utils 2018-01-08 19:01:23 +00:00			`// InvalidPrivateKeyFileError is a library error, thrown when the given key file fials to load`
First Cut of Applications + Bugs, Formatting 2017-07-04 18:29:11 +00:00			`InvalidPrivateKeyFileError = Error("InvalidPrivateKeyFileError")`
More golint fixing in utils 2018-01-08 19:01:23 +00:00
			`// RicochetKeySize - tor onion services currently use rsa key sizes of 1024 bits`
			`RicochetKeySize = 1024`
First Cut of Applications + Bugs, Formatting 2017-07-04 18:29:11 +00:00			`)`

fmt and travis update 2018-05-09 19:40:07 +00:00			`// GetRandNumber is a helper function which returns a random integer, this is`
Commenting 2018-01-17 18:18:46 +00:00			`// currently mostly used to generate messageids`
Adding RandNumber util to simplify chatchannel logic 2018-01-12 18:02:15 +00:00			`func GetRandNumber() *big.Int {`
Fixing gofmt 2018-01-12 18:04:20 +00:00			`num, err := rand.Int(rand.Reader, big.NewInt(math.MaxUint32))`
			`// If we can't generate random numbers then panicking is probably`
			`// the best option.`
			`CheckError(err)`
			`return num`
Adding RandNumber util to simplify chatchannel logic 2018-01-12 18:02:15 +00:00			`}`

v3 onions 2018-09-22 20:12:08 +00:00			`// EDH implements diffie hellman using curve25519 keys derived from ed25519 keys`
			`// NOTE: This uses a 3rd party library extra25519 as the key conversion is not in the core golang lib`
			`// as such this definitely needs further review.`
			`func EDH(privateKey ed25519.PrivateKey, remotePublicKey ed25519.PublicKey) [32]byte {`
			`var privKeyBytes [64]byte`
			`var remotePubKeyBytes [32]byte`
			`copy(privKeyBytes[:], privateKey[:])`
			`copy(remotePubKeyBytes[:], remotePublicKey[:])`
			`var secret, curve25519priv, curve25519pub [32]byte`
			`extra25519.PrivateKeyToCurve25519(&curve25519priv, &privKeyBytes)`
			`extra25519.PublicKeyToCurve25519(&curve25519pub, &remotePubKeyBytes)`
			`curve25519.ScalarMult(&secret, &curve25519priv, &curve25519pub)`
			`return secret`
			`}`

More golint fixing in utils 2018-01-08 19:01:23 +00:00			`// GeneratePrivateKey generates a new private key for use`
Add more crypto/utils and extend SetupOnion to support unix sockets 2017-08-14 15:43:33 +00:00			`func GeneratePrivateKey() (*rsa.PrivateKey, error) {`
More golint fixing in utils 2018-01-08 19:01:23 +00:00			`privateKey, err := rsa.GenerateKey(rand.Reader, RicochetKeySize)`
Add more crypto/utils and extend SetupOnion to support unix sockets 2017-08-14 15:43:33 +00:00			`if err != nil {`
			`return nil, errors.New("Could not generate key: " + err.Error())`
			`}`
			`privateKeyDer := x509.MarshalPKCS1PrivateKey(privateKey)`
			`return x509.ParsePKCS1PrivateKey(privateKeyDer)`
			`}`

Brand new API v0.2 2017-05-02 23:33:51 +00:00			`// LoadPrivateKeyFromFile loads a private key from a file...`
			`func LoadPrivateKeyFromFile(filename string) (*rsa.PrivateKey, error) {`
			`pemData, err := ioutil.ReadFile(filename)`
			`if err != nil {`
			`return nil, err`
			`}`

Add more crypto/utils and extend SetupOnion to support unix sockets 2017-08-14 15:43:33 +00:00			`return ParsePrivateKey(pemData)`
			`}`

More golint fixing in utils 2018-01-08 19:01:23 +00:00			`// ParsePrivateKey Convert a private key string to a usable private key`
Add more crypto/utils and extend SetupOnion to support unix sockets 2017-08-14 15:43:33 +00:00			`func ParsePrivateKey(pemData []byte) (*rsa.PrivateKey, error) {`
Brand new API v0.2 2017-05-02 23:33:51 +00:00			`block, _ := pem.Decode(pemData)`
			`if block == nil \|\| block.Type != "RSA PRIVATE KEY" {`
First Cut of Applications + Bugs, Formatting 2017-07-04 18:29:11 +00:00			`return nil, InvalidPrivateKeyFileError`
Brand new API v0.2 2017-05-02 23:33:51 +00:00			`}`

			`return x509.ParsePKCS1PrivateKey(block.Bytes)`
			`}`
Add more crypto/utils and extend SetupOnion to support unix sockets 2017-08-14 15:43:33 +00:00
More golint fixing in utils 2018-01-08 19:01:23 +00:00			`// PrivateKeyToString turns a private key into storable string`
Add more crypto/utils and extend SetupOnion to support unix sockets 2017-08-14 15:43:33 +00:00			`func PrivateKeyToString(privateKey *rsa.PrivateKey) string {`
			`privateKeyBlock := pem.Block{`
Formatting + Checking Connection Error in Echobot 2017-11-02 23:43:11 +00:00			`Type: "RSA PRIVATE KEY",`
Add more crypto/utils and extend SetupOnion to support unix sockets 2017-08-14 15:43:33 +00:00			`Headers: nil,`
Formatting + Checking Connection Error in Echobot 2017-11-02 23:43:11 +00:00			`Bytes: x509.MarshalPKCS1PrivateKey(privateKey),`
Add more crypto/utils and extend SetupOnion to support unix sockets 2017-08-14 15:43:33 +00:00			`}`

			`return string(pem.EncodeToMemory(&privateKeyBlock))`
			`}`
add util to get onion address from private key (#39) * add util to get onion address from private key * PR comments: added test, using go-ricochet errors, function argument a privateKey * remove unnecesary cast and variable 2018-05-01 01:03:06 +00:00
			`// return an onion address from a private key`
			`func GetOnionAddress(privateKey *rsa.PrivateKey) (string, error) {`
			`addr, err := pkcs1.OnionAddr(&privateKey.PublicKey)`
			`if err != nil {`
			`return "", err`
			`} else if addr == "" {`
			`return "", OnionAddressGenerationError`
			`}`
			`return addr, nil`
fmt and travis update 2018-05-09 19:40:07 +00:00			`}`