diff options
| author | Alex Auvolat <alex@adnab.me> | 2018-10-11 17:25:31 +0200 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2018-10-11 17:25:31 +0200 |
| commit | e5a7330d0526efb592e200ab96c3f33585ae8d02 (patch) | |
| tree | 906651f53e17002b32e3db3d77bca2918bf62c47 /shard/lib/net/tcpconn.ex | |
| parent | 1646bc57eae9880fd408d23ca692364dc6fd6442 (diff) | |
| download | shard-e5a7330d0526efb592e200ab96c3f33585ae8d02.tar.gz shard-e5a7330d0526efb592e200ab96c3f33585ae8d02.zip | |
Initial support for private conversations
Diffstat (limited to 'shard/lib/net/tcpconn.ex')
| -rw-r--r-- | shard/lib/net/tcpconn.ex | 42 |
1 files changed, 28 insertions, 14 deletions
diff --git a/shard/lib/net/tcpconn.ex b/shard/lib/net/tcpconn.ex index 476c426..25dc839 100644 --- a/shard/lib/net/tcpconn.ex +++ b/shard/lib/net/tcpconn.ex @@ -96,8 +96,7 @@ defmodule SNet.TCPConn do auth: nil, } - {cli_longterm_pk, srv_list_pk} -> - [srv_longterm_pk] = srv_list_pk + %SNet.Auth{my_pk: cli_longterm_pk, his_pk: srv_longterm_pk} -> cli_longterm_sk = Shard.Keys.get_sk cli_longterm_pk sh_sec_aB = :enacl.curve25519_scalarmult(cli_eph_sk, :enacl.crypto_sign_ed25519_public_to_curve25519(srv_longterm_pk)) @@ -148,12 +147,13 @@ defmodule SNet.TCPConn do |> Map.put(:peer_info, {:inet, addr, port}) |> Map.put(:my_port, state.my_port) - if GenServer.call(SNet.Manager, {:peer_up, self(), state.peer_info, state.auth}) == :redundant do - exit :redundant + case GenServer.call(SNet.Manager, {:peer_up, self(), state.peer_info, state.auth}) do + :ok -> + Logger.info "New peer: #{print_id state} at #{inspect addr}:#{port}" + {:noreply, state} + :redundant -> + exit :redundant end - - Logger.info "New peer: #{print_id state} at #{inspect addr}:#{port}" - {:noreply, state} end def handle_cast(:server_handshake, state) do @@ -209,9 +209,22 @@ defmodule SNet.TCPConn do _ -> # Client authenticates - srv_longterm_pk = state.my_auth # TODO this is not ok + srv_longterm_pk = Enum.find( + Shard.Keys.list_identities(), + fn srv_longterm_pk -> + srv_longterm_sk = Shard.Keys.get_sk srv_longterm_pk + sh_sec_aB = :enacl.curve25519_scalarmult(:enacl.crypto_sign_ed25519_secret_to_curve25519(srv_longterm_sk), cli_eph_pk) + key3 = :crypto.hash(:sha256, net_key <> sh_sec_ab <> sh_sec_aB) + case :enacl.secretbox_open(cli_auth, <<0 :: 24*8>>, key3) do + {:ok, _cli_auth_plain} -> true + _ -> false + end + end) + + if srv_longterm_pk == nil do + exit :bad_auth + end srv_longterm_sk = Shard.Keys.get_sk srv_longterm_pk - sh_sec_aB = :enacl.curve25519_scalarmult(:enacl.crypto_sign_ed25519_secret_to_curve25519(srv_longterm_sk), cli_eph_pk) key3 = :crypto.hash(:sha256, net_key <> sh_sec_ab <> sh_sec_aB) @@ -262,12 +275,13 @@ defmodule SNet.TCPConn do |> Map.put(:peer_info, {:inet, addr, his_port}) |> Map.put(:my_port, state.my_port) - if GenServer.call(SNet.Manager, {:peer_up, self(), state.peer_info, state.auth}) == :redundant do - exit :redundant + case GenServer.call(SNet.Manager, {:peer_up, self(), state.peer_info, state.auth}) do + :ok -> + Logger.info "New peer: #{print_id state} at #{inspect state.peer_info} (#{port})" + {:noreply, state} + :redundant -> + exit(:redundant) end - - Logger.info "New peer: #{print_id state} at #{inspect state.peer_info} (#{port})" - {:noreply, state} end def handle_cast({:send_msg, msg}, state) do |