2023-07-09 14:30:30 -06:00
|
|
|
package graphvent
|
|
|
|
|
|
|
|
|
|
import (
|
2023-07-28 19:32:27 -06:00
|
|
|
"time"
|
|
|
|
|
"fmt"
|
2023-07-09 14:30:30 -06:00
|
|
|
"encoding/json"
|
2023-07-29 00:28:44 -06:00
|
|
|
"encoding/binary"
|
2023-08-06 12:47:47 -06:00
|
|
|
"crypto"
|
|
|
|
|
"crypto/ed25519"
|
2023-07-28 19:32:27 -06:00
|
|
|
"crypto/ecdh"
|
|
|
|
|
"crypto/rand"
|
2023-07-29 00:28:44 -06:00
|
|
|
"crypto/aes"
|
|
|
|
|
"crypto/cipher"
|
2023-07-29 16:00:01 -06:00
|
|
|
"github.com/google/uuid"
|
2023-07-28 10:04:31 -06:00
|
|
|
)
|
|
|
|
|
|
2023-07-09 14:30:30 -06:00
|
|
|
type SignalDirection int
|
|
|
|
|
const (
|
2023-08-10 23:43:10 -06:00
|
|
|
StopSignalType = SignalType("STOP")
|
|
|
|
|
NewSignalType = SignalType("NEW")
|
|
|
|
|
StartSignalType = SignalType("START")
|
|
|
|
|
ErrorSignalType = SignalType("ERROR")
|
|
|
|
|
StatusSignalType = SignalType("STATUS")
|
|
|
|
|
LinkSignalType = SignalType("LINK")
|
|
|
|
|
LockSignalType = SignalType("LOCK")
|
|
|
|
|
ReadSignalType = SignalType("READ")
|
|
|
|
|
ReadResultSignalType = SignalType("READ_RESULT")
|
|
|
|
|
LinkStartSignalType = SignalType("LINK_START")
|
|
|
|
|
ECDHSignalType = SignalType("ECDH")
|
|
|
|
|
ECDHProxySignalType = SignalType("ECDH_PROXY")
|
|
|
|
|
GQLStateSignalType = SignalType("GQL_STATE")
|
|
|
|
|
ACLTimeoutSignalType = SignalType("ACL_TIMEOUT")
|
2023-07-28 19:32:27 -06:00
|
|
|
|
2023-07-09 14:30:30 -06:00
|
|
|
Up SignalDirection = iota
|
|
|
|
|
Down
|
|
|
|
|
Direct
|
|
|
|
|
)
|
|
|
|
|
|
2023-07-26 15:08:14 -06:00
|
|
|
type SignalType string
|
2023-07-29 00:28:44 -06:00
|
|
|
func (signal_type SignalType) String() string { return string(signal_type) }
|
|
|
|
|
func (signal_type SignalType) Prefix() string { return "SIGNAL: " }
|
2023-07-26 15:08:14 -06:00
|
|
|
|
|
|
|
|
type Signal interface {
|
|
|
|
|
Serializable[SignalType]
|
2023-08-07 20:26:02 -06:00
|
|
|
String() string
|
2023-07-09 14:30:30 -06:00
|
|
|
Direction() SignalDirection
|
2023-07-31 18:29:26 -06:00
|
|
|
ID() uuid.UUID
|
2023-08-10 23:43:10 -06:00
|
|
|
ReqID() uuid.UUID
|
|
|
|
|
Permission() Tree
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-08 14:00:17 -06:00
|
|
|
func WaitForSignal[S Signal](ctx * Context, listener chan Signal, timeout time.Duration, signal_type SignalType, check func(S)bool) (S, error) {
|
2023-07-28 19:32:27 -06:00
|
|
|
var zero S
|
2023-07-30 13:19:51 -06:00
|
|
|
var timeout_channel <- chan time.Time
|
|
|
|
|
if timeout > 0 {
|
|
|
|
|
timeout_channel = time.After(timeout)
|
|
|
|
|
}
|
2023-07-28 19:32:27 -06:00
|
|
|
for true {
|
|
|
|
|
select {
|
2023-08-08 14:00:17 -06:00
|
|
|
case signal := <- listener:
|
|
|
|
|
if signal == nil {
|
2023-07-28 19:32:27 -06:00
|
|
|
return zero, fmt.Errorf("LISTENER_CLOSED: %s", signal_type)
|
|
|
|
|
}
|
2023-08-08 14:00:17 -06:00
|
|
|
if signal.Type() == signal_type {
|
|
|
|
|
sig, ok := signal.(S)
|
2023-07-28 19:32:27 -06:00
|
|
|
if ok == true {
|
|
|
|
|
if check(sig) == true {
|
|
|
|
|
return sig, nil
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
case <-timeout_channel:
|
|
|
|
|
return zero, fmt.Errorf("LISTENER_TIMEOUT: %s", signal_type)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return zero, fmt.Errorf("LOOP_ENDED")
|
|
|
|
|
}
|
|
|
|
|
|
2023-07-09 14:30:30 -06:00
|
|
|
type BaseSignal struct {
|
2023-07-26 15:08:14 -06:00
|
|
|
SignalDirection SignalDirection `json:"direction"`
|
|
|
|
|
SignalType SignalType `json:"type"`
|
2023-07-31 20:53:56 -06:00
|
|
|
UUID uuid.UUID `json:"id"`
|
2023-08-10 23:43:10 -06:00
|
|
|
ReqUUID uuid.UUID `json:"req_uuid"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (signal *BaseSignal) ReqID() uuid.UUID {
|
|
|
|
|
return signal.ReqUUID
|
2023-07-31 18:29:26 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
func (signal *BaseSignal) String() string {
|
|
|
|
|
ser, _ := json.Marshal(signal)
|
|
|
|
|
return string(ser)
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *BaseSignal) Deserialize(ctx *Context, data []byte) error {
|
|
|
|
|
return json.Unmarshal(data, signal)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (signal *BaseSignal) ID() uuid.UUID {
|
2023-07-31 18:29:26 -06:00
|
|
|
return signal.UUID
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *BaseSignal) Type() SignalType {
|
2023-07-26 15:08:14 -06:00
|
|
|
return signal.SignalType
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-10 23:43:10 -06:00
|
|
|
func (signal *BaseSignal) Permission() Tree {
|
|
|
|
|
return Tree{
|
|
|
|
|
string(signal.Type()): Tree{},
|
|
|
|
|
}
|
2023-07-28 00:39:27 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *BaseSignal) Direction() SignalDirection {
|
2023-07-26 15:08:14 -06:00
|
|
|
return signal.SignalDirection
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *BaseSignal) Serialize() ([]byte, error) {
|
2023-07-29 00:28:44 -06:00
|
|
|
return json.Marshal(signal)
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
|
2023-07-26 15:08:14 -06:00
|
|
|
func NewBaseSignal(signal_type SignalType, direction SignalDirection) BaseSignal {
|
2023-08-10 23:43:10 -06:00
|
|
|
id := uuid.New()
|
|
|
|
|
signal := BaseSignal{
|
|
|
|
|
UUID: id,
|
|
|
|
|
ReqUUID: id,
|
|
|
|
|
SignalDirection: direction,
|
|
|
|
|
SignalType: signal_type,
|
|
|
|
|
}
|
|
|
|
|
return signal
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func NewRespSignal(id uuid.UUID, signal_type SignalType, direction SignalDirection) BaseSignal {
|
2023-07-09 14:30:30 -06:00
|
|
|
signal := BaseSignal{
|
2023-07-31 18:29:26 -06:00
|
|
|
UUID: uuid.New(),
|
2023-08-10 23:43:10 -06:00
|
|
|
ReqUUID: id,
|
2023-07-26 15:08:14 -06:00
|
|
|
SignalDirection: direction,
|
|
|
|
|
SignalType: signal_type,
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
return signal
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
var NewSignal = NewBaseSignal(NewSignalType, Direct)
|
|
|
|
|
var StartSignal = NewBaseSignal(StartSignalType, Direct)
|
|
|
|
|
var StopSignal = NewBaseSignal(StopSignalType, Direct)
|
2023-07-22 20:21:17 -06:00
|
|
|
|
|
|
|
|
type IDSignal struct {
|
|
|
|
|
BaseSignal
|
2023-07-31 18:31:32 -06:00
|
|
|
NodeID `json:"id"`
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *IDSignal) Serialize() ([]byte, error) {
|
|
|
|
|
return json.Marshal(signal)
|
2023-07-24 17:07:27 -06:00
|
|
|
}
|
|
|
|
|
|
2023-07-30 23:42:47 -06:00
|
|
|
type StringSignal struct {
|
2023-07-28 19:32:27 -06:00
|
|
|
BaseSignal
|
2023-07-30 23:42:47 -06:00
|
|
|
Str string `json:"state"`
|
2023-07-24 17:07:27 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
func (signal *StringSignal) String() string {
|
|
|
|
|
ser, _ := json.Marshal(signal)
|
|
|
|
|
return string(ser)
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *StringSignal) Serialize() ([]byte, error) {
|
2023-07-29 00:28:44 -06:00
|
|
|
return json.Marshal(&signal)
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
type ErrorSignal struct {
|
2023-08-10 23:43:10 -06:00
|
|
|
BaseSignal
|
2023-08-07 20:26:02 -06:00
|
|
|
Error string
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (signal *ErrorSignal) String() string {
|
|
|
|
|
ser, _ := json.Marshal(signal)
|
|
|
|
|
return string(ser)
|
2023-08-01 20:55:15 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
func NewErrorSignal(req_id uuid.UUID, err string) Signal {
|
|
|
|
|
return &ErrorSignal{
|
2023-08-10 23:43:10 -06:00
|
|
|
NewRespSignal(req_id, ErrorSignalType, Direct),
|
2023-08-07 20:26:02 -06:00
|
|
|
err,
|
2023-08-01 20:55:15 -06:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-10 23:43:10 -06:00
|
|
|
func NewACLTimeoutSignal(req_id uuid.UUID) Signal {
|
|
|
|
|
sig := NewRespSignal(req_id, ACLTimeoutSignalType, Direct)
|
|
|
|
|
return &sig
|
|
|
|
|
}
|
|
|
|
|
|
2023-07-30 23:42:47 -06:00
|
|
|
type IDStringSignal struct {
|
2023-07-28 19:32:27 -06:00
|
|
|
BaseSignal
|
2023-08-07 20:26:02 -06:00
|
|
|
NodeID NodeID `json:"node_id"`
|
2023-07-31 18:29:26 -06:00
|
|
|
Str string `json:"string"`
|
2023-07-29 00:28:44 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *IDStringSignal) String() string {
|
2023-08-07 20:26:02 -06:00
|
|
|
ser, _ := json.Marshal(signal)
|
2023-07-24 17:07:27 -06:00
|
|
|
return string(ser)
|
2023-07-23 21:14:15 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
func (signal *IDStringSignal) Serialize() ([]byte, error) {
|
|
|
|
|
return json.Marshal(signal)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func NewStatusSignal(status string, source NodeID) Signal {
|
|
|
|
|
return &IDStringSignal{
|
|
|
|
|
BaseSignal: NewBaseSignal(StatusSignalType, Up),
|
2023-07-31 18:29:26 -06:00
|
|
|
NodeID: source,
|
2023-07-30 23:42:47 -06:00
|
|
|
Str: status,
|
2023-07-23 21:14:15 -06:00
|
|
|
}
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
2023-07-21 13:59:52 -06:00
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
func NewLinkSignal(state string) Signal {
|
|
|
|
|
return &StringSignal{
|
|
|
|
|
BaseSignal: NewBaseSignal(LinkSignalType, Direct),
|
2023-07-30 23:42:47 -06:00
|
|
|
Str: state,
|
2023-07-27 16:21:27 -06:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
func NewLinkStartSignal(link_type string, target NodeID) Signal {
|
|
|
|
|
return &IDStringSignal{
|
|
|
|
|
NewBaseSignal(LinkStartSignalType, Direct),
|
|
|
|
|
target,
|
|
|
|
|
link_type,
|
2023-07-30 10:09:04 -06:00
|
|
|
}
|
2023-07-28 12:46:06 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
func NewLockSignal(state string) Signal {
|
|
|
|
|
return &StringSignal{
|
|
|
|
|
NewBaseSignal(LockSignalType, Direct),
|
|
|
|
|
state,
|
2023-07-27 18:37:06 -06:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-10 23:43:10 -06:00
|
|
|
func (signal *StringSignal) Permission() Tree {
|
|
|
|
|
return Tree{
|
|
|
|
|
string(signal.Type()): Tree{
|
|
|
|
|
signal.Str: Tree{},
|
|
|
|
|
},
|
|
|
|
|
}
|
2023-07-28 10:04:31 -06:00
|
|
|
}
|
|
|
|
|
|
2023-07-28 11:21:18 -06:00
|
|
|
type ReadSignal struct {
|
|
|
|
|
BaseSignal
|
|
|
|
|
Extensions map[ExtType][]string `json:"extensions"`
|
2023-07-21 13:59:52 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *ReadSignal) Serialize() ([]byte, error) {
|
|
|
|
|
return json.Marshal(signal)
|
2023-07-29 00:28:44 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-08 14:00:17 -06:00
|
|
|
func NewReadSignal(exts map[ExtType][]string) *ReadSignal {
|
|
|
|
|
return &ReadSignal{
|
2023-08-07 20:26:02 -06:00
|
|
|
NewBaseSignal(ReadSignalType, Direct),
|
|
|
|
|
exts,
|
2023-07-21 13:59:52 -06:00
|
|
|
}
|
|
|
|
|
}
|
2023-07-28 11:59:01 -06:00
|
|
|
|
2023-08-10 23:43:10 -06:00
|
|
|
func (signal *ReadSignal) Permission() Tree {
|
|
|
|
|
ret := Tree{}
|
|
|
|
|
for ext, fields := range(signal.Extensions) {
|
|
|
|
|
field_tree := Tree{}
|
|
|
|
|
for _, field := range(fields) {
|
|
|
|
|
field_tree[field] = Tree{}
|
|
|
|
|
}
|
|
|
|
|
ret[ext.String()] = field_tree
|
|
|
|
|
}
|
|
|
|
|
return Tree{ReadSignalType.String(): ret}
|
|
|
|
|
}
|
|
|
|
|
|
2023-07-28 11:59:01 -06:00
|
|
|
type ReadResultSignal struct {
|
2023-08-10 23:43:10 -06:00
|
|
|
BaseSignal
|
|
|
|
|
NodeID NodeID
|
|
|
|
|
NodeType NodeType
|
2023-07-28 11:59:01 -06:00
|
|
|
Extensions map[ExtType]map[string]interface{} `json:"extensions"`
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-10 23:43:10 -06:00
|
|
|
func (signal *ReadResultSignal) Permission() Tree {
|
|
|
|
|
return Tree{
|
|
|
|
|
ReadResultSignalType.String(): Tree{},
|
|
|
|
|
}
|
2023-07-31 19:22:33 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-10 23:43:10 -06:00
|
|
|
func NewReadResultSignal(req_id uuid.UUID, node_id NodeID, node_type NodeType, exts map[ExtType]map[string]interface{}) Signal {
|
2023-08-07 20:26:02 -06:00
|
|
|
return &ReadResultSignal{
|
2023-08-10 23:43:10 -06:00
|
|
|
NewRespSignal(req_id, ReadResultSignalType, Direct),
|
|
|
|
|
node_id,
|
2023-08-07 20:26:02 -06:00
|
|
|
node_type,
|
|
|
|
|
exts,
|
2023-07-28 11:59:01 -06:00
|
|
|
}
|
|
|
|
|
}
|
2023-07-28 12:46:06 -06:00
|
|
|
|
2023-07-28 19:32:27 -06:00
|
|
|
type ECDHSignal struct {
|
2023-07-30 23:42:47 -06:00
|
|
|
StringSignal
|
2023-07-28 19:32:27 -06:00
|
|
|
Time time.Time
|
2023-08-06 12:47:47 -06:00
|
|
|
EDDSA ed25519.PublicKey
|
2023-07-28 19:32:27 -06:00
|
|
|
ECDH *ecdh.PublicKey
|
|
|
|
|
Signature []byte
|
|
|
|
|
}
|
|
|
|
|
|
2023-07-29 00:28:44 -06:00
|
|
|
type ECDHSignalJSON struct {
|
2023-07-30 23:42:47 -06:00
|
|
|
StringSignal
|
2023-07-29 00:28:44 -06:00
|
|
|
Time time.Time `json:"time"`
|
2023-08-06 12:47:47 -06:00
|
|
|
EDDSA []byte `json:"ecdsa_pubkey"`
|
2023-07-29 00:28:44 -06:00
|
|
|
ECDH []byte `json:"ecdh_pubkey"`
|
|
|
|
|
Signature []byte `json:"signature"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (signal *ECDHSignal) MarshalJSON() ([]byte, error) {
|
|
|
|
|
return json.Marshal(&ECDHSignalJSON{
|
2023-07-30 23:42:47 -06:00
|
|
|
StringSignal: signal.StringSignal,
|
2023-07-29 00:28:44 -06:00
|
|
|
Time: signal.Time,
|
|
|
|
|
ECDH: signal.ECDH.Bytes(),
|
2023-08-06 12:47:47 -06:00
|
|
|
EDDSA: signal.ECDH.Bytes(),
|
2023-07-29 00:28:44 -06:00
|
|
|
Signature: signal.Signature,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *ECDHSignal) Serialize() ([]byte, error) {
|
|
|
|
|
return json.Marshal(signal)
|
2023-07-29 00:28:44 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
func NewECDHReqSignal(node *Node) (Signal, *ecdh.PrivateKey, error) {
|
|
|
|
|
ec_key, err := ECDH.GenerateKey(rand.Reader)
|
2023-07-28 19:32:27 -06:00
|
|
|
if err != nil {
|
2023-08-07 20:26:02 -06:00
|
|
|
return nil, nil, err
|
2023-07-28 19:32:27 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
now := time.Now()
|
2023-08-06 12:47:47 -06:00
|
|
|
time_bytes, err := now.MarshalJSON()
|
2023-07-28 19:32:27 -06:00
|
|
|
if err != nil {
|
2023-08-07 20:26:02 -06:00
|
|
|
return nil, nil, err
|
2023-07-28 19:32:27 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-06 12:47:47 -06:00
|
|
|
sig_data := append(ec_key.PublicKey().Bytes(), time_bytes...)
|
|
|
|
|
|
|
|
|
|
sig, err := node.Key.Sign(rand.Reader, sig_data, crypto.Hash(0))
|
2023-07-28 19:32:27 -06:00
|
|
|
if err != nil {
|
2023-08-07 20:26:02 -06:00
|
|
|
return nil, nil, err
|
2023-07-28 19:32:27 -06:00
|
|
|
}
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
return &ECDHSignal{
|
2023-07-30 23:42:47 -06:00
|
|
|
StringSignal: StringSignal{
|
2023-08-07 20:26:02 -06:00
|
|
|
BaseSignal: NewBaseSignal(ECDHSignalType, Direct),
|
2023-07-30 23:42:47 -06:00
|
|
|
Str: "req",
|
2023-07-28 19:32:27 -06:00
|
|
|
},
|
|
|
|
|
Time: now,
|
2023-08-06 12:47:47 -06:00
|
|
|
EDDSA: node.Key.Public().(ed25519.PublicKey),
|
2023-07-28 19:32:27 -06:00
|
|
|
ECDH: ec_key.PublicKey(),
|
|
|
|
|
Signature: sig,
|
|
|
|
|
}, ec_key, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const DEFAULT_ECDH_WINDOW = time.Second
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
func NewECDHRespSignal(node *Node, req *ECDHSignal) (ECDHSignal, []byte, error) {
|
2023-07-28 19:32:27 -06:00
|
|
|
now := time.Now()
|
|
|
|
|
|
|
|
|
|
err := VerifyECDHSignal(now, req, DEFAULT_ECDH_WINDOW)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
ec_key, err := ECDH.GenerateKey(rand.Reader)
|
2023-07-28 19:32:27 -06:00
|
|
|
if err != nil {
|
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
shared_secret, err := ec_key.ECDH(req.ECDH)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-06 12:47:47 -06:00
|
|
|
time_bytes, err := now.MarshalJSON()
|
2023-07-28 19:32:27 -06:00
|
|
|
if err != nil {
|
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-06 12:47:47 -06:00
|
|
|
sig_data := append(ec_key.PublicKey().Bytes(), time_bytes...)
|
|
|
|
|
|
|
|
|
|
sig, err := node.Key.Sign(rand.Reader, sig_data, crypto.Hash(0))
|
2023-07-28 19:32:27 -06:00
|
|
|
if err != nil {
|
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ECDHSignal{
|
2023-07-30 23:42:47 -06:00
|
|
|
StringSignal: StringSignal{
|
2023-08-07 20:26:02 -06:00
|
|
|
BaseSignal: NewBaseSignal(ECDHSignalType, Direct),
|
2023-07-30 23:42:47 -06:00
|
|
|
Str: "resp",
|
2023-07-28 19:32:27 -06:00
|
|
|
},
|
|
|
|
|
Time: now,
|
2023-08-06 12:47:47 -06:00
|
|
|
EDDSA: node.Key.Public().(ed25519.PublicKey),
|
2023-07-28 19:32:27 -06:00
|
|
|
ECDH: ec_key.PublicKey(),
|
|
|
|
|
Signature: sig,
|
|
|
|
|
}, shared_secret, nil
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func VerifyECDHSignal(now time.Time, sig *ECDHSignal, window time.Duration) error {
|
2023-07-28 19:32:27 -06:00
|
|
|
earliest := now.Add(-window)
|
|
|
|
|
latest := now.Add(window)
|
|
|
|
|
|
|
|
|
|
if sig.Time.Compare(earliest) == -1 {
|
|
|
|
|
return fmt.Errorf("TIME_TOO_LATE: %+v", sig.Time)
|
|
|
|
|
} else if sig.Time.Compare(latest) == 1 {
|
|
|
|
|
return fmt.Errorf("TIME_TOO_EARLY: %+v", sig.Time)
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-06 12:47:47 -06:00
|
|
|
time_bytes, err := sig.Time.MarshalJSON()
|
2023-07-28 19:32:27 -06:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-06 12:47:47 -06:00
|
|
|
sig_data := append(sig.ECDH.Bytes(), time_bytes...)
|
|
|
|
|
|
|
|
|
|
verified := ed25519.Verify(sig.EDDSA, sig_data, sig.Signature)
|
2023-07-28 19:32:27 -06:00
|
|
|
if verified == false {
|
2023-08-06 12:47:47 -06:00
|
|
|
return fmt.Errorf("Failed to verify signature")
|
2023-07-28 19:32:27 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2023-07-28 15:07:38 -06:00
|
|
|
|
2023-07-29 00:28:44 -06:00
|
|
|
type ECDHProxySignal struct {
|
|
|
|
|
BaseSignal
|
|
|
|
|
Source NodeID
|
|
|
|
|
Dest NodeID
|
|
|
|
|
IV []byte
|
|
|
|
|
Data []byte
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
func NewECDHProxySignal(source, dest NodeID, signal Signal, shared_secret []byte) (Signal, error) {
|
2023-07-29 00:28:44 -06:00
|
|
|
if shared_secret == nil {
|
2023-08-07 20:26:02 -06:00
|
|
|
return nil, fmt.Errorf("need shared_secret")
|
2023-07-29 00:28:44 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
aes_key, err := aes.NewCipher(shared_secret[:32])
|
|
|
|
|
if err != nil {
|
2023-08-07 20:26:02 -06:00
|
|
|
return nil, err
|
2023-07-29 00:28:44 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ser, err := SerializeSignal(signal, aes_key.BlockSize())
|
|
|
|
|
if err != nil {
|
2023-08-07 20:26:02 -06:00
|
|
|
return nil, err
|
2023-07-29 00:28:44 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
iv := make([]byte, aes_key.BlockSize())
|
|
|
|
|
n, err := rand.Reader.Read(iv)
|
|
|
|
|
if err != nil {
|
2023-08-07 20:26:02 -06:00
|
|
|
return nil, err
|
2023-07-29 00:28:44 -06:00
|
|
|
} else if n != len(iv) {
|
2023-08-07 20:26:02 -06:00
|
|
|
return nil, fmt.Errorf("Not enough bytes read for IV")
|
2023-07-29 00:28:44 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
encrypter := cipher.NewCBCEncrypter(aes_key, iv)
|
|
|
|
|
encrypter.CryptBlocks(ser, ser)
|
|
|
|
|
|
2023-08-07 20:26:02 -06:00
|
|
|
return &ECDHProxySignal{
|
|
|
|
|
BaseSignal: NewBaseSignal(ECDHProxySignalType, Direct),
|
2023-07-29 00:28:44 -06:00
|
|
|
Source: source,
|
|
|
|
|
Dest: dest,
|
|
|
|
|
IV: iv,
|
|
|
|
|
Data: ser,
|
|
|
|
|
}, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type SignalHeader struct {
|
|
|
|
|
Magic uint32
|
|
|
|
|
TypeHash uint64
|
|
|
|
|
Length uint64
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const SIGNAL_SER_MAGIC uint32 = 0x753a64de
|
|
|
|
|
const SIGNAL_SER_HEADER_LENGTH = 20
|
|
|
|
|
func SerializeSignal(signal Signal, block_size int) ([]byte, error) {
|
|
|
|
|
signal_ser, err := signal.Serialize()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pad_req := 0
|
|
|
|
|
if block_size > 0 {
|
|
|
|
|
pad := block_size - ((SIGNAL_SER_HEADER_LENGTH + len(signal_ser)) % block_size)
|
|
|
|
|
if pad != block_size {
|
|
|
|
|
pad_req = pad
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
header := SignalHeader{
|
|
|
|
|
Magic: SIGNAL_SER_MAGIC,
|
|
|
|
|
TypeHash: Hash(signal.Type()),
|
|
|
|
|
Length: uint64(len(signal_ser) + pad_req),
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ser := make([]byte, SIGNAL_SER_HEADER_LENGTH + len(signal_ser) + pad_req)
|
|
|
|
|
binary.BigEndian.PutUint32(ser[0:4], header.Magic)
|
|
|
|
|
binary.BigEndian.PutUint64(ser[4:12], header.TypeHash)
|
|
|
|
|
binary.BigEndian.PutUint64(ser[12:20], header.Length)
|
|
|
|
|
|
|
|
|
|
copy(ser[SIGNAL_SER_HEADER_LENGTH:], signal_ser)
|
|
|
|
|
|
|
|
|
|
return ser, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func ParseSignal(ctx *Context, data []byte) (Signal, error) {
|
|
|
|
|
if len(data) < SIGNAL_SER_HEADER_LENGTH {
|
|
|
|
|
return nil, fmt.Errorf("data shorter than header length")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
header := SignalHeader{
|
|
|
|
|
Magic: binary.BigEndian.Uint32(data[0:4]),
|
|
|
|
|
TypeHash: binary.BigEndian.Uint64(data[4:12]),
|
|
|
|
|
Length: binary.BigEndian.Uint64(data[12:20]),
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if header.Magic != SIGNAL_SER_MAGIC {
|
|
|
|
|
return nil, fmt.Errorf("signal magic mismatch 0x%x", header.Magic)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
left := len(data) - SIGNAL_SER_HEADER_LENGTH
|
|
|
|
|
if int(header.Length) != left {
|
|
|
|
|
return nil, fmt.Errorf("signal length mismatch %d/%d", header.Length, left)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
signal_def, exists := ctx.Signals[header.TypeHash]
|
|
|
|
|
if exists == false {
|
|
|
|
|
return nil, fmt.Errorf("0x%x is not a known signal type", header.TypeHash)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
signal, err := signal_def.Load(ctx, data[SIGNAL_SER_HEADER_LENGTH:])
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return signal, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func ParseECDHProxySignal(ctx *Context, signal *ECDHProxySignal, shared_secret []byte) (Signal, error) {
|
|
|
|
|
if shared_secret == nil {
|
|
|
|
|
return nil, fmt.Errorf("need shared_secret")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
aes_key, err := aes.NewCipher(shared_secret[:32])
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
decrypter := cipher.NewCBCDecrypter(aes_key, signal.IV)
|
|
|
|
|
decrypted := make([]byte, len(signal.Data))
|
|
|
|
|
decrypter.CryptBlocks(decrypted, signal.Data)
|
|
|
|
|
|
|
|
|
|
wrapped_signal, err := ParseSignal(ctx, decrypted)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return wrapped_signal, nil
|
|
|
|
|
}
|
