Added encrytion and dectription via PayloadManager
This commit is contained in:
Samuel Hawksby-Robinson
parent
566db2e3df
commit
36f62a3f64
|
|
@ -1,14 +1,11 @@
|
|||
package server
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/btcsuite/btcutil/base58"
|
||||
"github.com/stretchr/testify/suite"
|
||||
|
||||
"github.com/status-im/status-go/protocol/common"
|
||||
)
|
||||
|
||||
func TestCerts(t *testing.T) {
|
||||
|
|
@ -56,15 +53,3 @@ func (s *CertsSuite) TestGenerateX509Cert() {
|
|||
s.Require().Equal(defaultIP.String(), c2.IPAddresses[0].String())
|
||||
s.Require().Nil(c2.DNSNames)
|
||||
}
|
||||
|
||||
func (s *CertsSuite) Test() {
|
||||
text := []byte("I am a test")
|
||||
|
||||
cypher, err := common.Encrypt(text, s.PK.D.Bytes(), rand.Reader)
|
||||
s.Require().NoError(err)
|
||||
s.Require().NotEqual(text, cypher)
|
||||
|
||||
out, err := common.Decrypt(cypher, s.PK.D.Bytes())
|
||||
s.Require().NoError(err)
|
||||
s.Require().Equal(text, out)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@ type PairingClient struct {
|
|||
baseAddress *url.URL
|
||||
certPEM []byte
|
||||
privateKey *ecdsa.PrivateKey
|
||||
aesKey []byte
|
||||
serverMode Mode
|
||||
payload *PayloadManager
|
||||
}
|
||||
|
|
@ -45,7 +44,7 @@ func NewPairingClient(c *ConnectionParams) (*PairingClient, error) {
|
|||
},
|
||||
}
|
||||
|
||||
ek, err := makeEncryptionKey(c.privateKey)
|
||||
pm, err := NewPayloadManager(c.privateKey)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -55,14 +54,13 @@ func NewPairingClient(c *ConnectionParams) (*PairingClient, error) {
|
|||
baseAddress: u,
|
||||
certPEM: certPem,
|
||||
privateKey: c.privateKey,
|
||||
aesKey: ek,
|
||||
serverMode: c.serverMode,
|
||||
payload: new(PayloadManager),
|
||||
payload: pm,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (s *PairingClient) MountPayload(data []byte) {
|
||||
s.payload.Mount(data)
|
||||
func (c *PairingClient) MountPayload(data []byte) error {
|
||||
return c.payload.Mount(data)
|
||||
}
|
||||
|
||||
func (c *PairingClient) PairAccount() error {
|
||||
|
|
@ -93,8 +91,10 @@ func (c *PairingClient) receiveAccountData() error {
|
|||
return err
|
||||
}
|
||||
|
||||
content, _ := ioutil.ReadAll(resp.Body)
|
||||
c.payload.Receive(content)
|
||||
payload, err := ioutil.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
return c.payload.Receive(payload)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
package server
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"database/sql"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
|
|
@ -143,23 +142,24 @@ func handleIPFS(downloader *ipfs.Downloader, logger *zap.Logger) func(w http.Res
|
|||
|
||||
func handlePairingReceive(ps *PairingServer) func(w http.ResponseWriter, r *http.Request) {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
content, err := ioutil.ReadAll(r.Body)
|
||||
ps.logger.Error("ioutil.ReadAll(r.Body)", zap.Error(err))
|
||||
ps.payload.Receive(content)
|
||||
payload, err := ioutil.ReadAll(r.Body)
|
||||
if err != nil {
|
||||
ps.logger.Error("ioutil.ReadAll(r.Body)", zap.Error(err))
|
||||
}
|
||||
|
||||
err = ps.payload.Receive(payload)
|
||||
if err != nil {
|
||||
ps.logger.Error("ps.payload.Receive(payload)", zap.Error(err))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func handlePairingSend(ps *PairingServer) func(w http.ResponseWriter, r *http.Request) {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
w.Header().Set("Content-Type", "application/octet-stream")
|
||||
|
||||
b := make([]byte, 32)
|
||||
_, err := rand.Read(b)
|
||||
_, err := w.Write(ps.payload.ToSend())
|
||||
if err != nil {
|
||||
w.Write([]byte(err.Error()))
|
||||
ps.logger.Error("w.Write(ps.payload.ToSend())", zap.Error(err))
|
||||
}
|
||||
|
||||
ps.payload.Mount(b)
|
||||
w.Write(b)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,13 +3,13 @@ package server
|
|||
import (
|
||||
"crypto/rand"
|
||||
"encoding/hex"
|
||||
"github.com/stretchr/testify/suite"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/stretchr/testify/require"
|
||||
"github.com/stretchr/testify/suite"
|
||||
)
|
||||
|
||||
func TestGetOutboundIPSuite(t *testing.T) {
|
||||
|
|
@ -49,17 +49,17 @@ func makeThingToSay() (string, error) {
|
|||
return hex.EncodeToString(b), nil
|
||||
}
|
||||
|
||||
func (goip *GetOutboundIPSuite) TestGetOutboundIPWithFullServerE2e(t *testing.T) {
|
||||
goip.PS.SetHandlers(HandlerPatternMap{"/hello": testHandler(t)})
|
||||
func (s *GetOutboundIPSuite) TestGetOutboundIPWithFullServerE2e(t *testing.T) {
|
||||
s.PS.SetHandlers(HandlerPatternMap{"/hello": testHandler(t)})
|
||||
|
||||
err := goip.PS.Start()
|
||||
err := s.PS.Start()
|
||||
require.NoError(t, err)
|
||||
|
||||
// Give time for the sever to be ready, hacky I know, I'll iron this out
|
||||
time.Sleep(100 * time.Millisecond)
|
||||
|
||||
// Server generates a QR code connection string
|
||||
cp, err := goip.PS.MakeConnectionParams()
|
||||
cp, err := s.PS.MakeConnectionParams()
|
||||
require.NoError(t, err)
|
||||
|
||||
qr, err := cp.ToString()
|
||||
|
|
|
|||
|
|
@ -1,22 +1,63 @@
|
|||
package server
|
||||
|
||||
import (
|
||||
"crypto/ecdsa"
|
||||
"crypto/rand"
|
||||
|
||||
"github.com/status-im/status-go/protocol/common"
|
||||
)
|
||||
|
||||
type Payload struct {
|
||||
plain []byte
|
||||
encrypted []byte
|
||||
}
|
||||
|
||||
type PayloadManager struct {
|
||||
toSend []byte
|
||||
received []byte
|
||||
aesKey []byte
|
||||
toSend *Payload
|
||||
received *Payload
|
||||
}
|
||||
|
||||
func (pm *PayloadManager) Mount(data []byte) {
|
||||
pm.toSend = data
|
||||
func NewPayloadManager(pk *ecdsa.PrivateKey) (*PayloadManager, error) {
|
||||
ek, err := makeEncryptionKey(pk)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return &PayloadManager{ek, new(Payload), new(Payload)}, nil
|
||||
}
|
||||
|
||||
func (pm *PayloadManager) Receive(data []byte) {
|
||||
pm.received = data
|
||||
func (pm *PayloadManager) Mount(data []byte) error {
|
||||
ep, err := common.Encrypt(data, pm.aesKey, rand.Reader)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
pm.toSend.plain = data
|
||||
pm.toSend.encrypted = ep
|
||||
return nil
|
||||
}
|
||||
|
||||
func (pm *PayloadManager) Receive(data []byte) error {
|
||||
pd, err := common.Decrypt(data, pm.aesKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
pm.received.encrypted = data
|
||||
pm.received.plain = pd
|
||||
return nil
|
||||
}
|
||||
|
||||
func (pm *PayloadManager) ToSend() []byte {
|
||||
return pm.toSend
|
||||
return pm.toSend.encrypted
|
||||
}
|
||||
|
||||
func (pm *PayloadManager) Received() []byte {
|
||||
return pm.received
|
||||
return pm.received.plain
|
||||
}
|
||||
|
||||
func (pm *PayloadManager) ResetPayload() {
|
||||
pm.toSend = new(Payload)
|
||||
pm.received = new(Payload)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,7 +11,6 @@ type PairingServer struct {
|
|||
Server
|
||||
|
||||
pk *ecdsa.PrivateKey
|
||||
aesKey []byte
|
||||
mode Mode
|
||||
payload *PayloadManager
|
||||
}
|
||||
|
|
@ -25,7 +24,7 @@ type Config struct {
|
|||
|
||||
// NewPairingServer returns a *NewPairingServer init from the given *Config
|
||||
func NewPairingServer(config *Config) (*PairingServer, error) {
|
||||
ek, err := makeEncryptionKey(config.PK)
|
||||
pm, err := NewPayloadManager(config.PK)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -35,9 +34,8 @@ func NewPairingServer(config *Config) (*PairingServer, error) {
|
|||
config.Hostname,
|
||||
),
|
||||
pk: config.PK,
|
||||
aesKey: ek,
|
||||
mode: config.Mode,
|
||||
payload: new(PayloadManager)}, nil
|
||||
payload: pm}, nil
|
||||
}
|
||||
|
||||
// MakeConnectionParams generates a *ConnectionParams based on the Server's current state
|
||||
|
|
@ -68,8 +66,8 @@ func (s *PairingServer) MakeConnectionParams() (*ConnectionParams, error) {
|
|||
return NewConnectionParams(netIP, s.port, s.pk, s.cert.Leaf.NotBefore, s.mode), nil
|
||||
}
|
||||
|
||||
func (s *PairingServer) MountPayload(data []byte) {
|
||||
s.payload.Mount(data)
|
||||
func (s *PairingServer) MountPayload(data []byte) error {
|
||||
return s.payload.Mount(data)
|
||||
}
|
||||
|
||||
func (s *PairingServer) StartPairing() error {
|
||||
|
|
|
|||
|
|
@ -36,7 +36,8 @@ func (s *PairingServerSuite) TestPairingServer_StartPairing() {
|
|||
s.Require().NoError(err)
|
||||
|
||||
if m == Sending {
|
||||
s.PS.MountPayload(data)
|
||||
err := s.PS.MountPayload(data)
|
||||
s.Require().NoError(err)
|
||||
}
|
||||
|
||||
err = s.PS.StartPairing()
|
||||
|
|
@ -60,16 +61,27 @@ func (s *PairingServerSuite) TestPairingServer_StartPairing() {
|
|||
s.Require().NoError(err)
|
||||
|
||||
if m == Receiving {
|
||||
c.MountPayload(data)
|
||||
err := c.MountPayload(data)
|
||||
s.Require().NoError(err)
|
||||
}
|
||||
|
||||
err = c.PairAccount()
|
||||
s.Require().NoError(err)
|
||||
|
||||
s.Require().Equal(s.PS.payload.ToSend(), c.payload.Received())
|
||||
s.Require().Equal(s.PS.payload.Received(), c.payload.ToSend())
|
||||
switch m {
|
||||
case Receiving:
|
||||
s.Require().Equal(data, s.PS.payload.Received())
|
||||
s.Require().Equal(s.PS.payload.received.encrypted, c.payload.toSend.encrypted)
|
||||
s.Require().Nil(s.PS.payload.ToSend())
|
||||
s.Require().Nil(c.payload.Received())
|
||||
case Sending:
|
||||
s.Require().Equal(c.payload.Received(), data)
|
||||
s.Require().Equal(c.payload.received.encrypted, s.PS.payload.toSend.encrypted)
|
||||
s.Require().Nil(c.payload.ToSend())
|
||||
s.Require().Nil(s.PS.payload.Received())
|
||||
}
|
||||
|
||||
// Reset the server's PayloadManager
|
||||
s.PS.payload = new(PayloadManager)
|
||||
s.PS.payload.ResetPayload()
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue