From 6d0925f20f0907a6b8295c43ae82039ca18ee224 Mon Sep 17 00:00:00 2001 From: Noah Metz Date: Wed, 19 Jul 2023 14:50:42 -0600 Subject: [PATCH] Added signature to auth response --- gql.go | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/gql.go b/gql.go index 2ba6391..5be7c83 100644 --- a/gql.go +++ b/gql.go @@ -62,6 +62,7 @@ func NewAuthReqJSON(curve ecdh.Curve, id *ecdsa.PrivateKey) (AuthReqJSON, *ecdh. type AuthRespJSON struct { Granted time.Time `json:"granted"` ECDHPubkey []byte `json:"echd_server"` + Signature []byte `json:"signature"` } func NewAuthRespJSON(thread *GQLThread, req AuthReqJSON) (AuthRespJSON, []byte, error) { @@ -110,14 +111,27 @@ func NewAuthRespJSON(thread *GQLThread, req AuthReqJSON) (AuthRespJSON, []byte, return AuthRespJSON{}, nil, err } + ec_key_pub := ec_key.PublicKey().Bytes() + + granted := time.Now() + time_ser, _ := granted.MarshalJSON() + resp_sig_data := append(ec_key_pub, time_ser...) + resp_sig_hash := sha512.Sum512(resp_sig_data) + + resp_sig, err := ecdsa.SignASN1(rand.Reader, thread.Key, resp_sig_hash[:]) + if err != nil { + return AuthRespJSON{}, nil, err + } + shared_secret, err := ec_key.ECDH(remote) if err != nil { return AuthRespJSON{}, nil, err } return AuthRespJSON{ - Granted: time.Now(), - ECDHPubkey: ec_key.PublicKey().Bytes(), + Granted: granted, + ECDHPubkey: ec_key_pub, + Signature: resp_sig, }, shared_secret, nil }