2023-07-09 14:30:30 -06:00
|
|
|
package graphvent
|
|
|
|
|
|
|
|
import (
|
2023-07-28 19:32:27 -06:00
|
|
|
"time"
|
|
|
|
"fmt"
|
2023-07-09 14:30:30 -06:00
|
|
|
"encoding/json"
|
2023-07-29 00:28:44 -06:00
|
|
|
"encoding/binary"
|
2023-07-28 19:32:27 -06:00
|
|
|
"crypto/sha512"
|
|
|
|
"crypto/ecdsa"
|
|
|
|
"crypto/ecdh"
|
|
|
|
"crypto/rand"
|
2023-07-29 00:28:44 -06:00
|
|
|
"crypto/aes"
|
|
|
|
"crypto/cipher"
|
2023-07-29 16:00:01 -06:00
|
|
|
"github.com/google/uuid"
|
2023-07-28 10:04:31 -06:00
|
|
|
)
|
|
|
|
|
2023-07-09 14:30:30 -06:00
|
|
|
type SignalDirection int
|
|
|
|
const (
|
2023-07-28 19:32:27 -06:00
|
|
|
StopSignalType SignalType = "STOP"
|
2023-08-04 19:47:17 -06:00
|
|
|
NewSignalType = "NEW"
|
2023-07-31 16:25:18 -06:00
|
|
|
StartSignalType = "START"
|
2023-07-30 23:42:47 -06:00
|
|
|
ErrorSignalType = "ERROR"
|
2023-07-28 19:32:27 -06:00
|
|
|
StatusSignalType = "STATUS"
|
|
|
|
LinkSignalType = "LINK"
|
|
|
|
LockSignalType = "LOCK"
|
|
|
|
ReadSignalType = "READ"
|
2023-08-01 14:09:29 -06:00
|
|
|
AuthorizedSignalType = "AUTHORIZED"
|
2023-07-28 19:32:27 -06:00
|
|
|
ReadResultSignalType = "READ_RESULT"
|
|
|
|
LinkStartSignalType = "LINK_START"
|
|
|
|
ECDHSignalType = "ECDH"
|
2023-07-29 11:03:41 -06:00
|
|
|
ECDHStateSignalType = "ECDH_STATE"
|
2023-07-29 00:28:44 -06:00
|
|
|
ECDHProxySignalType = "ECDH_PROXY"
|
2023-07-29 11:03:41 -06:00
|
|
|
GQLStateSignalType = "GQL_STATE"
|
2023-07-28 19:32:27 -06:00
|
|
|
|
2023-07-09 14:30:30 -06:00
|
|
|
Up SignalDirection = iota
|
|
|
|
Down
|
|
|
|
Direct
|
|
|
|
)
|
|
|
|
|
2023-07-26 15:08:14 -06:00
|
|
|
type SignalType string
|
2023-07-29 00:28:44 -06:00
|
|
|
func (signal_type SignalType) String() string { return string(signal_type) }
|
|
|
|
func (signal_type SignalType) Prefix() string { return "SIGNAL: " }
|
2023-07-26 15:08:14 -06:00
|
|
|
|
|
|
|
type Signal interface {
|
|
|
|
Serializable[SignalType]
|
2023-07-09 14:30:30 -06:00
|
|
|
Direction() SignalDirection
|
2023-07-31 18:29:26 -06:00
|
|
|
ID() uuid.UUID
|
2023-07-28 00:39:27 -06:00
|
|
|
Permission() Action
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
2023-07-31 18:29:26 -06:00
|
|
|
func WaitForResult(listener chan Signal, timeout time.Duration, id uuid.UUID) (Signal, error) {
|
2023-07-29 16:00:01 -06:00
|
|
|
timeout_channel := time.After(timeout)
|
2023-08-01 14:09:29 -06:00
|
|
|
select {
|
|
|
|
case result:=<-listener:
|
|
|
|
if result.ID() == id {
|
|
|
|
return result, nil
|
|
|
|
} else {
|
|
|
|
return result, fmt.Errorf("WRONG_ID: %s", result.ID())
|
2023-07-31 18:29:26 -06:00
|
|
|
}
|
2023-08-01 14:09:29 -06:00
|
|
|
case <-timeout_channel:
|
|
|
|
return nil, fmt.Errorf("timeout waiting for read response to %s", id)
|
2023-07-29 16:00:01 -06:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-07-28 19:32:27 -06:00
|
|
|
func WaitForSignal[S Signal](ctx * Context, listener *ListenerExt, timeout time.Duration, signal_type SignalType, check func(S)bool) (S, error) {
|
|
|
|
var zero S
|
2023-07-30 13:19:51 -06:00
|
|
|
var timeout_channel <- chan time.Time
|
|
|
|
if timeout > 0 {
|
|
|
|
timeout_channel = time.After(timeout)
|
|
|
|
}
|
2023-07-28 19:32:27 -06:00
|
|
|
for true {
|
|
|
|
select {
|
|
|
|
case signal := <- listener.Chan:
|
|
|
|
if signal == nil {
|
|
|
|
return zero, fmt.Errorf("LISTENER_CLOSED: %s", signal_type)
|
|
|
|
}
|
|
|
|
if signal.Type() == signal_type {
|
|
|
|
sig, ok := signal.(S)
|
|
|
|
if ok == true {
|
|
|
|
if check(sig) == true {
|
|
|
|
return sig, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
case <-timeout_channel:
|
|
|
|
return zero, fmt.Errorf("LISTENER_TIMEOUT: %s", signal_type)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return zero, fmt.Errorf("LOOP_ENDED")
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2023-07-09 14:30:30 -06:00
|
|
|
type BaseSignal struct {
|
2023-07-26 15:08:14 -06:00
|
|
|
SignalDirection SignalDirection `json:"direction"`
|
|
|
|
SignalType SignalType `json:"type"`
|
2023-07-31 20:53:56 -06:00
|
|
|
UUID uuid.UUID `json:"id"`
|
2023-07-31 18:29:26 -06:00
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *BaseSignal) Deserialize(ctx *Context, data []byte) error {
|
|
|
|
return json.Unmarshal(data, signal)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (signal *BaseSignal) ID() uuid.UUID {
|
2023-07-31 18:29:26 -06:00
|
|
|
return signal.UUID
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *BaseSignal) Type() SignalType {
|
2023-07-26 15:08:14 -06:00
|
|
|
return signal.SignalType
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *BaseSignal) Permission() Action {
|
2023-07-28 10:04:31 -06:00
|
|
|
return MakeAction(signal.Type())
|
2023-07-28 00:39:27 -06:00
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *BaseSignal) Direction() SignalDirection {
|
2023-07-26 15:08:14 -06:00
|
|
|
return signal.SignalDirection
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *BaseSignal) Serialize() ([]byte, error) {
|
2023-07-29 00:28:44 -06:00
|
|
|
return json.Marshal(signal)
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
2023-07-26 15:08:14 -06:00
|
|
|
func NewBaseSignal(signal_type SignalType, direction SignalDirection) BaseSignal {
|
2023-07-09 14:30:30 -06:00
|
|
|
signal := BaseSignal{
|
2023-07-31 18:29:26 -06:00
|
|
|
UUID: uuid.New(),
|
2023-07-26 15:08:14 -06:00
|
|
|
SignalDirection: direction,
|
|
|
|
SignalType: signal_type,
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
return signal
|
|
|
|
}
|
|
|
|
|
2023-07-26 15:08:14 -06:00
|
|
|
func NewDownSignal(signal_type SignalType) BaseSignal {
|
|
|
|
return NewBaseSignal(signal_type, Down)
|
2023-07-22 20:21:17 -06:00
|
|
|
}
|
|
|
|
|
2023-07-26 15:08:14 -06:00
|
|
|
func NewUpSignal(signal_type SignalType) BaseSignal {
|
|
|
|
return NewBaseSignal(signal_type, Up)
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
2023-07-26 15:08:14 -06:00
|
|
|
func NewDirectSignal(signal_type SignalType) BaseSignal {
|
|
|
|
return NewBaseSignal(signal_type, Direct)
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
2023-08-04 19:47:17 -06:00
|
|
|
var NewSignal = NewDirectSignal(NewSignalType)
|
2023-08-01 20:55:15 -06:00
|
|
|
var StartSignal = NewDirectSignal(StartSignalType)
|
2023-07-27 15:27:14 -06:00
|
|
|
var StopSignal = NewDownSignal(StopSignalType)
|
2023-07-22 20:21:17 -06:00
|
|
|
|
|
|
|
type IDSignal struct {
|
|
|
|
BaseSignal
|
2023-07-31 18:31:32 -06:00
|
|
|
NodeID `json:"id"`
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *IDSignal) Serialize() ([]byte, error) {
|
|
|
|
return json.Marshal(signal)
|
2023-07-24 17:07:27 -06:00
|
|
|
}
|
|
|
|
|
2023-07-26 15:08:14 -06:00
|
|
|
func NewIDSignal(signal_type SignalType, direction SignalDirection, id NodeID) IDSignal {
|
2023-07-22 20:21:17 -06:00
|
|
|
return IDSignal{
|
2023-07-26 15:08:14 -06:00
|
|
|
BaseSignal: NewBaseSignal(signal_type, direction),
|
2023-07-31 18:31:32 -06:00
|
|
|
NodeID: id,
|
2023-07-22 20:21:17 -06:00
|
|
|
}
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
|
|
|
|
2023-07-30 23:42:47 -06:00
|
|
|
type StringSignal struct {
|
2023-07-28 19:32:27 -06:00
|
|
|
BaseSignal
|
2023-07-30 23:42:47 -06:00
|
|
|
Str string `json:"state"`
|
2023-07-24 17:07:27 -06:00
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *StringSignal) Serialize() ([]byte, error) {
|
2023-07-29 00:28:44 -06:00
|
|
|
return json.Marshal(&signal)
|
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
type ErrorSignal struct {
|
|
|
|
StringSignal
|
|
|
|
}
|
|
|
|
|
|
|
|
func (signal *ErrorSignal) Permission() Action {
|
|
|
|
return ErrorSignalAction
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewErrorSignal(req_id uuid.UUID, err string) ErrorSignal {
|
|
|
|
return ErrorSignal{
|
|
|
|
StringSignal{
|
|
|
|
NewDirectSignal(ErrorSignalType),
|
|
|
|
err,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-07-30 23:42:47 -06:00
|
|
|
type IDStringSignal struct {
|
2023-07-28 19:32:27 -06:00
|
|
|
BaseSignal
|
2023-07-31 18:29:26 -06:00
|
|
|
NodeID `json:"node_id"`
|
|
|
|
Str string `json:"string"`
|
2023-07-29 00:28:44 -06:00
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *IDStringSignal) Serialize() ([]byte, error) {
|
|
|
|
return json.Marshal(signal)
|
2023-07-28 19:32:27 -06:00
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *IDStringSignal) String() string {
|
2023-07-24 17:07:27 -06:00
|
|
|
ser, err := json.Marshal(signal)
|
|
|
|
if err != nil {
|
|
|
|
return "STATE_SER_ERR"
|
|
|
|
}
|
|
|
|
return string(ser)
|
2023-07-23 21:14:15 -06:00
|
|
|
}
|
|
|
|
|
2023-07-30 23:42:47 -06:00
|
|
|
func NewStatusSignal(status string, source NodeID) IDStringSignal {
|
|
|
|
return IDStringSignal{
|
2023-07-28 19:32:27 -06:00
|
|
|
BaseSignal: NewUpSignal(StatusSignalType),
|
2023-07-31 18:29:26 -06:00
|
|
|
NodeID: source,
|
2023-07-30 23:42:47 -06:00
|
|
|
Str: status,
|
2023-07-23 21:14:15 -06:00
|
|
|
}
|
2023-07-09 14:30:30 -06:00
|
|
|
}
|
2023-07-21 13:59:52 -06:00
|
|
|
|
2023-07-30 23:42:47 -06:00
|
|
|
func NewLinkSignal(state string) StringSignal {
|
|
|
|
return StringSignal{
|
2023-07-27 18:08:43 -06:00
|
|
|
BaseSignal: NewDirectSignal(LinkSignalType),
|
2023-07-30 23:42:47 -06:00
|
|
|
Str: state,
|
2023-07-27 16:21:27 -06:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-07-30 23:42:47 -06:00
|
|
|
func NewIDStringSignal(signal_type SignalType, direction SignalDirection, state string, id NodeID) IDStringSignal {
|
|
|
|
return IDStringSignal{
|
2023-07-30 10:09:04 -06:00
|
|
|
BaseSignal: NewBaseSignal(signal_type, direction),
|
2023-07-31 18:29:26 -06:00
|
|
|
NodeID: id,
|
2023-07-30 23:42:47 -06:00
|
|
|
Str: state,
|
2023-07-30 10:09:04 -06:00
|
|
|
}
|
2023-07-28 12:46:06 -06:00
|
|
|
}
|
|
|
|
|
2023-07-30 23:42:47 -06:00
|
|
|
func NewLinkStartSignal(link_type string, target NodeID) IDStringSignal {
|
|
|
|
return NewIDStringSignal(LinkStartSignalType, Direct, link_type, target)
|
2023-07-28 12:46:06 -06:00
|
|
|
}
|
|
|
|
|
2023-07-30 23:42:47 -06:00
|
|
|
func NewLockSignal(state string) StringSignal {
|
|
|
|
return StringSignal{
|
2023-07-27 18:37:06 -06:00
|
|
|
BaseSignal: NewDirectSignal(LockSignalType),
|
2023-07-30 23:42:47 -06:00
|
|
|
Str: state,
|
2023-07-27 18:37:06 -06:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *StringSignal) Permission() Action {
|
2023-07-30 23:42:47 -06:00
|
|
|
return MakeAction(signal.Type(), signal.Str)
|
2023-07-28 10:04:31 -06:00
|
|
|
}
|
|
|
|
|
2023-07-28 11:21:18 -06:00
|
|
|
type ReadSignal struct {
|
|
|
|
BaseSignal
|
|
|
|
Extensions map[ExtType][]string `json:"extensions"`
|
2023-07-21 13:59:52 -06:00
|
|
|
}
|
|
|
|
|
2023-08-01 14:09:29 -06:00
|
|
|
type AuthorizedSignal struct {
|
|
|
|
BaseSignal
|
|
|
|
Principal *ecdsa.PublicKey
|
|
|
|
Signal Signal
|
|
|
|
Signature []byte
|
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *AuthorizedSignal) Permission() Action {
|
2023-08-01 14:09:29 -06:00
|
|
|
return AuthorizedSignalAction
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewAuthorizedSignal(principal *ecdsa.PrivateKey, signal Signal) (AuthorizedSignal, error) {
|
|
|
|
sig_data, err := signal.Serialize()
|
|
|
|
if err != nil {
|
|
|
|
return AuthorizedSignal{}, err
|
|
|
|
}
|
|
|
|
|
|
|
|
sig_hash := sha512.Sum512(sig_data)
|
|
|
|
sig, err := ecdsa.SignASN1(rand.Reader, principal, sig_hash[:])
|
|
|
|
if err != nil {
|
|
|
|
return AuthorizedSignal{}, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return AuthorizedSignal{
|
|
|
|
BaseSignal: NewDirectSignal(AuthorizedSignalType),
|
|
|
|
Principal: &principal.PublicKey,
|
|
|
|
Signal: signal,
|
|
|
|
Signature: sig,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *ReadSignal) Serialize() ([]byte, error) {
|
|
|
|
return json.Marshal(signal)
|
2023-07-29 00:28:44 -06:00
|
|
|
}
|
|
|
|
|
2023-07-28 11:21:18 -06:00
|
|
|
func NewReadSignal(exts map[ExtType][]string) ReadSignal {
|
|
|
|
return ReadSignal{
|
|
|
|
BaseSignal: NewDirectSignal(ReadSignalType),
|
|
|
|
Extensions: exts,
|
2023-07-21 13:59:52 -06:00
|
|
|
}
|
|
|
|
}
|
2023-07-28 11:59:01 -06:00
|
|
|
|
|
|
|
type ReadResultSignal struct {
|
|
|
|
BaseSignal
|
2023-07-29 16:00:01 -06:00
|
|
|
NodeType
|
2023-07-28 11:59:01 -06:00
|
|
|
Extensions map[ExtType]map[string]interface{} `json:"extensions"`
|
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *ReadResultSignal) Permission() Action {
|
2023-07-31 19:22:33 -06:00
|
|
|
return ReadResultSignalAction
|
|
|
|
}
|
|
|
|
|
2023-07-29 16:00:01 -06:00
|
|
|
func NewReadResultSignal(req_id uuid.UUID, node_type NodeType, exts map[ExtType]map[string]interface{}) ReadResultSignal {
|
2023-07-28 11:59:01 -06:00
|
|
|
return ReadResultSignal{
|
2023-07-31 18:29:26 -06:00
|
|
|
BaseSignal: BaseSignal{
|
|
|
|
Direct,
|
|
|
|
ReadResultSignalType,
|
|
|
|
req_id,
|
|
|
|
},
|
2023-07-29 00:28:44 -06:00
|
|
|
NodeType: node_type,
|
2023-07-28 11:59:01 -06:00
|
|
|
Extensions: exts,
|
|
|
|
}
|
|
|
|
}
|
2023-07-28 12:46:06 -06:00
|
|
|
|
2023-07-28 19:32:27 -06:00
|
|
|
type ECDHSignal struct {
|
2023-07-30 23:42:47 -06:00
|
|
|
StringSignal
|
2023-07-28 19:32:27 -06:00
|
|
|
Time time.Time
|
|
|
|
ECDSA *ecdsa.PublicKey
|
|
|
|
ECDH *ecdh.PublicKey
|
|
|
|
Signature []byte
|
|
|
|
}
|
|
|
|
|
2023-07-29 00:28:44 -06:00
|
|
|
type ECDHSignalJSON struct {
|
2023-07-30 23:42:47 -06:00
|
|
|
StringSignal
|
2023-07-29 00:28:44 -06:00
|
|
|
Time time.Time `json:"time"`
|
|
|
|
ECDSA []byte `json:"ecdsa_pubkey"`
|
|
|
|
ECDH []byte `json:"ecdh_pubkey"`
|
|
|
|
Signature []byte `json:"signature"`
|
|
|
|
}
|
|
|
|
|
|
|
|
func (signal *ECDHSignal) MarshalJSON() ([]byte, error) {
|
|
|
|
return json.Marshal(&ECDHSignalJSON{
|
2023-07-30 23:42:47 -06:00
|
|
|
StringSignal: signal.StringSignal,
|
2023-07-29 00:28:44 -06:00
|
|
|
Time: signal.Time,
|
|
|
|
ECDH: signal.ECDH.Bytes(),
|
|
|
|
ECDSA: signal.ECDH.Bytes(),
|
|
|
|
Signature: signal.Signature,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func (signal *ECDHSignal) Serialize() ([]byte, error) {
|
|
|
|
return json.Marshal(signal)
|
2023-07-29 00:28:44 -06:00
|
|
|
}
|
|
|
|
|
2023-07-28 19:32:27 -06:00
|
|
|
func keyHash(now time.Time, ec_key *ecdh.PublicKey) ([]byte, error) {
|
|
|
|
time_bytes, err := now.MarshalJSON()
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
sig_data := append(ec_key.Bytes(), time_bytes...)
|
|
|
|
sig_hash := sha512.Sum512(sig_data)
|
|
|
|
|
|
|
|
return sig_hash[:], nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewECDHReqSignal(ctx *Context, node *Node) (ECDHSignal, *ecdh.PrivateKey, error) {
|
|
|
|
ec_key, err := ctx.ECDH.GenerateKey(rand.Reader)
|
|
|
|
if err != nil {
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
now := time.Now()
|
|
|
|
|
|
|
|
sig_hash, err := keyHash(now, ec_key.PublicKey())
|
|
|
|
if err != nil {
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
sig, err := ecdsa.SignASN1(rand.Reader, node.Key, sig_hash)
|
|
|
|
if err != nil {
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return ECDHSignal{
|
2023-07-30 23:42:47 -06:00
|
|
|
StringSignal: StringSignal{
|
2023-07-28 19:32:27 -06:00
|
|
|
BaseSignal: NewDirectSignal(ECDHSignalType),
|
2023-07-30 23:42:47 -06:00
|
|
|
Str: "req",
|
2023-07-28 19:32:27 -06:00
|
|
|
},
|
|
|
|
Time: now,
|
|
|
|
ECDSA: &node.Key.PublicKey,
|
|
|
|
ECDH: ec_key.PublicKey(),
|
|
|
|
Signature: sig,
|
|
|
|
}, ec_key, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
const DEFAULT_ECDH_WINDOW = time.Second
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func NewECDHRespSignal(ctx *Context, node *Node, req *ECDHSignal) (ECDHSignal, []byte, error) {
|
2023-07-28 19:32:27 -06:00
|
|
|
now := time.Now()
|
|
|
|
|
|
|
|
err := VerifyECDHSignal(now, req, DEFAULT_ECDH_WINDOW)
|
|
|
|
if err != nil {
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
ec_key, err := ctx.ECDH.GenerateKey(rand.Reader)
|
|
|
|
if err != nil {
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
shared_secret, err := ec_key.ECDH(req.ECDH)
|
|
|
|
if err != nil {
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
key_hash, err := keyHash(now, ec_key.PublicKey())
|
|
|
|
if err != nil {
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
sig, err := ecdsa.SignASN1(rand.Reader, node.Key, key_hash)
|
|
|
|
if err != nil {
|
|
|
|
return ECDHSignal{}, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return ECDHSignal{
|
2023-07-30 23:42:47 -06:00
|
|
|
StringSignal: StringSignal{
|
2023-07-28 19:32:27 -06:00
|
|
|
BaseSignal: NewDirectSignal(ECDHSignalType),
|
2023-07-30 23:42:47 -06:00
|
|
|
Str: "resp",
|
2023-07-28 19:32:27 -06:00
|
|
|
},
|
|
|
|
Time: now,
|
|
|
|
ECDSA: &node.Key.PublicKey,
|
|
|
|
ECDH: ec_key.PublicKey(),
|
|
|
|
Signature: sig,
|
|
|
|
}, shared_secret, nil
|
|
|
|
}
|
|
|
|
|
2023-08-01 20:55:15 -06:00
|
|
|
func VerifyECDHSignal(now time.Time, sig *ECDHSignal, window time.Duration) error {
|
2023-07-28 19:32:27 -06:00
|
|
|
earliest := now.Add(-window)
|
|
|
|
latest := now.Add(window)
|
|
|
|
|
|
|
|
if sig.Time.Compare(earliest) == -1 {
|
|
|
|
return fmt.Errorf("TIME_TOO_LATE: %+v", sig.Time)
|
|
|
|
} else if sig.Time.Compare(latest) == 1 {
|
|
|
|
return fmt.Errorf("TIME_TOO_EARLY: %+v", sig.Time)
|
|
|
|
}
|
|
|
|
|
|
|
|
sig_hash, err := keyHash(sig.Time, sig.ECDH)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
verified := ecdsa.VerifyASN1(sig.ECDSA, sig_hash, sig.Signature)
|
|
|
|
if verified == false {
|
|
|
|
return fmt.Errorf("VERIFY_FAIL")
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
2023-07-28 15:07:38 -06:00
|
|
|
|
2023-07-29 00:28:44 -06:00
|
|
|
type ECDHProxySignal struct {
|
|
|
|
BaseSignal
|
|
|
|
Source NodeID
|
|
|
|
Dest NodeID
|
|
|
|
IV []byte
|
|
|
|
Data []byte
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewECDHProxySignal(source, dest NodeID, signal Signal, shared_secret []byte) (ECDHProxySignal, error) {
|
|
|
|
if shared_secret == nil {
|
|
|
|
return ECDHProxySignal{}, fmt.Errorf("need shared_secret")
|
|
|
|
}
|
|
|
|
|
|
|
|
aes_key, err := aes.NewCipher(shared_secret[:32])
|
|
|
|
if err != nil {
|
|
|
|
return ECDHProxySignal{}, err
|
|
|
|
}
|
|
|
|
|
|
|
|
ser, err := SerializeSignal(signal, aes_key.BlockSize())
|
|
|
|
if err != nil {
|
|
|
|
return ECDHProxySignal{}, err
|
|
|
|
}
|
|
|
|
|
|
|
|
iv := make([]byte, aes_key.BlockSize())
|
|
|
|
n, err := rand.Reader.Read(iv)
|
|
|
|
if err != nil {
|
|
|
|
return ECDHProxySignal{}, err
|
|
|
|
} else if n != len(iv) {
|
|
|
|
return ECDHProxySignal{}, fmt.Errorf("Not enough bytes read for IV")
|
|
|
|
}
|
|
|
|
|
|
|
|
encrypter := cipher.NewCBCEncrypter(aes_key, iv)
|
|
|
|
encrypter.CryptBlocks(ser, ser)
|
|
|
|
|
|
|
|
return ECDHProxySignal{
|
|
|
|
BaseSignal: NewDirectSignal(ECDHProxySignalType),
|
|
|
|
Source: source,
|
|
|
|
Dest: dest,
|
|
|
|
IV: iv,
|
|
|
|
Data: ser,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
type SignalHeader struct {
|
|
|
|
Magic uint32
|
|
|
|
TypeHash uint64
|
|
|
|
Length uint64
|
|
|
|
}
|
|
|
|
|
|
|
|
const SIGNAL_SER_MAGIC uint32 = 0x753a64de
|
|
|
|
const SIGNAL_SER_HEADER_LENGTH = 20
|
|
|
|
func SerializeSignal(signal Signal, block_size int) ([]byte, error) {
|
|
|
|
signal_ser, err := signal.Serialize()
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
pad_req := 0
|
|
|
|
if block_size > 0 {
|
|
|
|
pad := block_size - ((SIGNAL_SER_HEADER_LENGTH + len(signal_ser)) % block_size)
|
|
|
|
if pad != block_size {
|
|
|
|
pad_req = pad
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
header := SignalHeader{
|
|
|
|
Magic: SIGNAL_SER_MAGIC,
|
|
|
|
TypeHash: Hash(signal.Type()),
|
|
|
|
Length: uint64(len(signal_ser) + pad_req),
|
|
|
|
}
|
|
|
|
|
|
|
|
ser := make([]byte, SIGNAL_SER_HEADER_LENGTH + len(signal_ser) + pad_req)
|
|
|
|
binary.BigEndian.PutUint32(ser[0:4], header.Magic)
|
|
|
|
binary.BigEndian.PutUint64(ser[4:12], header.TypeHash)
|
|
|
|
binary.BigEndian.PutUint64(ser[12:20], header.Length)
|
|
|
|
|
|
|
|
copy(ser[SIGNAL_SER_HEADER_LENGTH:], signal_ser)
|
|
|
|
|
|
|
|
return ser, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func ParseSignal(ctx *Context, data []byte) (Signal, error) {
|
|
|
|
if len(data) < SIGNAL_SER_HEADER_LENGTH {
|
|
|
|
return nil, fmt.Errorf("data shorter than header length")
|
|
|
|
}
|
|
|
|
|
|
|
|
header := SignalHeader{
|
|
|
|
Magic: binary.BigEndian.Uint32(data[0:4]),
|
|
|
|
TypeHash: binary.BigEndian.Uint64(data[4:12]),
|
|
|
|
Length: binary.BigEndian.Uint64(data[12:20]),
|
|
|
|
}
|
|
|
|
|
|
|
|
if header.Magic != SIGNAL_SER_MAGIC {
|
|
|
|
return nil, fmt.Errorf("signal magic mismatch 0x%x", header.Magic)
|
|
|
|
}
|
|
|
|
|
|
|
|
left := len(data) - SIGNAL_SER_HEADER_LENGTH
|
|
|
|
if int(header.Length) != left {
|
|
|
|
return nil, fmt.Errorf("signal length mismatch %d/%d", header.Length, left)
|
|
|
|
}
|
|
|
|
|
|
|
|
signal_def, exists := ctx.Signals[header.TypeHash]
|
|
|
|
if exists == false {
|
|
|
|
return nil, fmt.Errorf("0x%x is not a known signal type", header.TypeHash)
|
|
|
|
}
|
|
|
|
|
|
|
|
signal, err := signal_def.Load(ctx, data[SIGNAL_SER_HEADER_LENGTH:])
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return signal, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func ParseECDHProxySignal(ctx *Context, signal *ECDHProxySignal, shared_secret []byte) (Signal, error) {
|
|
|
|
if shared_secret == nil {
|
|
|
|
return nil, fmt.Errorf("need shared_secret")
|
|
|
|
}
|
|
|
|
|
|
|
|
aes_key, err := aes.NewCipher(shared_secret[:32])
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
decrypter := cipher.NewCBCDecrypter(aes_key, signal.IV)
|
|
|
|
decrypted := make([]byte, len(signal.Data))
|
|
|
|
decrypter.CryptBlocks(decrypted, signal.Data)
|
|
|
|
|
|
|
|
wrapped_signal, err := ParseSignal(ctx, decrypted)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return wrapped_signal, nil
|
|
|
|
}
|