tor-dam

tor distributed announce mechanism (not a dht)
git clone https://git.parazyd.org/tor-dam
Log | Files | Refs | README | LICENSE

commit 4c0fbc7aca051d61ded56822b17e017798c92420
parent 24156de26fb67ba8a61df74c94c7796ff98ebad2
Author: parazyd <parazyd@dyne.org>
Date:   Fri,  8 Dec 2017 13:46:39 +0100

Better error handling

Diffstat:
Mcmd/dam-client/main.go | 23++++++++++++++++-------
Mcmd/dam-dir/main.go | 1-
Mpkg/lib/crypto.go | 80++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------------------
Mpkg/lib/helpers.go | 26++++++++++++++++++--------
4 files changed, 89 insertions(+), 41 deletions(-)

diff --git a/cmd/dam-client/main.go b/cmd/dam-client/main.go @@ -29,20 +29,27 @@ type msgStruct struct { func main() { if _, err := os.Stat("private.key"); os.IsNotExist(err) { - key := lib.GenRsa(Bits) - lib.SavePriv(Privpath, key) - //lib.SavePub(Pubpath, key.PublicKey) + key, err := lib.GenRsa(Bits) + lib.CheckError(err) + _, err = lib.SavePriv(Privpath, key) + lib.CheckError(err) + //_, err := lib.SavePub(Pubpath, key.PublicKey) + lib.CheckError(err) } key, err := lib.LoadKeyFromFile(Privpath) lib.CheckError(err) - sig := lib.SignMsg([]byte(Postmsg), key) + sig, err := lib.SignMsg([]byte(Postmsg), key) + lib.CheckError(err) encodedSig := base64.StdEncoding.EncodeToString(sig) + onionAddr, err := lib.OnionFromPubkey(key.PublicKey) + lib.CheckError(err) + vals := map[string]string{ "nodetype": "node", - "address": lib.OnionFromPubkey(key.PublicKey), + "address": string(onionAddr), "message": Postmsg, "signature": encodedSig, "secret": "", @@ -54,7 +61,8 @@ func main() { lib.CheckError(err) log.Println("Sending request") - resp := lib.HTTPPost("http://localhost:8080/announce", jsonVal) + resp, err := lib.HTTPPost("http://localhost:8080/announce", jsonVal) + lib.CheckError(err) // Parse server's reply var m msgStruct @@ -82,7 +90,8 @@ func main() { lib.CheckError(err) log.Println("Sending back decrypted secret.") - resp = lib.HTTPPost("http://localhost:8080/announce", jsonVal) + resp, err := lib.HTTPPost("http://localhost:8080/announce", jsonVal) + lib.CheckError(err) decoder = json.NewDecoder(resp.Body) err = decoder.Decode(&m) lib.CheckError(err) diff --git a/cmd/dam-dir/main.go b/cmd/dam-dir/main.go @@ -130,7 +130,6 @@ func handlePost(rw http.ResponseWriter, request *http.Request) { if len(req["secret"]) == 88 { // Client sent a decrypted secret. - var correct = false localSec, err := RedisCli.HGet(n.Address, "secret").Result() lib.CheckError(err) diff --git a/pkg/lib/crypto.go b/pkg/lib/crypto.go @@ -20,39 +20,50 @@ import ( ) // GenRsa generates a private RSA keypair of a given bitSize int. -func GenRsa(bitSize int) *rsa.PrivateKey { +func GenRsa(bitSize int) (*rsa.PrivateKey, error) { log.Printf("Generating %d-bit RSA keypair...\n", bitSize) rng := rand.Reader key, err := rsa.GenerateKey(rng, bitSize) - CheckError(err) - - return key + if err != nil { + return nil, err + } + return key, nil } // SavePub saves a given RSA public key to a given filename. -func SavePub(filename string, pubkey rsa.PublicKey) { +func SavePub(filename string, pubkey rsa.PublicKey) (bool, error) { log.Printf("Writing pubkey to %s\n", filename) outfile, err := os.Create(filename) - CheckError(err) defer outfile.Close() + if err != nil { + return false, err + } asn1Bytes, err := asn1.Marshal(pubkey) - CheckError(err) + if err != nil { + return false, err + } var pemkey = &pem.Block{ Type: "RSA PUBLIC KEY", Bytes: asn1Bytes, } + err = pem.Encode(outfile, pemkey) - CheckError(err) + if err != nil { + return false, err + } + return true, nil } // SavePriv saves a given RSA private key to a given filename. -func SavePriv(filename string, privkey *rsa.PrivateKey) { +func SavePriv(filename string, privkey *rsa.PrivateKey) (bool, error) { log.Printf("Writing private key to %s\n", filename) outfile, err := os.Create(filename) - CheckError(err) defer outfile.Close() + if err != nil { + return false, err + } var pemkey = &pem.Block{ Type: "RSA PRIVATE KEY", @@ -60,14 +71,19 @@ func SavePriv(filename string, privkey *rsa.PrivateKey) { } err = pem.Encode(outfile, pemkey) - CheckError(err) + if err != nil { + return false, err + } + return true, nil } // LoadKeyFromFile loads a RSA private key from a given filename. func LoadKeyFromFile(filename string) (*rsa.PrivateKey, error) { log.Println("Loading RSA private key from", filename) dat, err := ioutil.ReadFile(filename) - CheckError(err) + if err != nil { + return nil, err + } block, _ := pem.Decode(dat) if block == nil { @@ -75,21 +91,25 @@ func LoadKeyFromFile(filename string) (*rsa.PrivateKey, error) { } priv, err := x509.ParsePKCS1PrivateKey(block.Bytes) - CheckError(err) + if err != nil { + return nil, err + } return priv, nil } // SignMsg signs a given []byte message using a given RSA private key. -func SignMsg(message []byte, privkey *rsa.PrivateKey) []byte { +func SignMsg(message []byte, privkey *rsa.PrivateKey) ([]byte, error) { log.Println("Signing message...") rng := rand.Reader hashed := sha512.Sum512(message) sig, err := rsa.SignPKCS1v15(rng, privkey, crypto.SHA512, hashed[:]) - CheckError(err) + if err != nil { + return nil, err + } - return sig + return sig, nil } // EncryptMsg encrypts a given []byte message using a given RSA public key. @@ -99,7 +119,9 @@ func EncryptMsg(message []byte, pubkey *rsa.PublicKey) ([]byte, error) { rng := rand.Reader msg, err := rsa.EncryptPKCS1v15(rng, pubkey, message) - CheckError(err) + if err != nil { + return nil, err + } return msg, nil } @@ -111,7 +133,9 @@ func DecryptMsg(message []byte, privkey *rsa.PrivateKey) ([]byte, error) { rng := rand.Reader msg, err := rsa.DecryptPKCS1v15(rng, privkey, message) - CheckError(err) + if err != nil { + return nil, err + } return msg, nil } @@ -124,8 +148,7 @@ func VerifyMsg(message []byte, signature []byte, pubkey *rsa.PublicKey) (bool, e hashed := sha512.Sum512(message) err := rsa.VerifyPKCS1v15(pubkey, crypto.SHA512, hashed[:], signature) if err != nil { - log.Println("Error:", err) - return false, nil + return false, err } log.Println("Signature valid") @@ -133,17 +156,22 @@ func VerifyMsg(message []byte, signature []byte, pubkey *rsa.PublicKey) (bool, e } // OnionFromPubkey generates a valid onion address from a given RSA pubkey. -func OnionFromPubkey(pubkey rsa.PublicKey) string { +func OnionFromPubkey(pubkey rsa.PublicKey) ([]byte, error) { asn1Bytes, err := asn1.Marshal(pubkey) - CheckError(err) + if err != nil { + return nil, err + } hashed := sha1.New() _, err = hashed.Write(asn1Bytes) - CheckError(err) + if err != nil { + return nil, err + } encoded := strings.ToLower(base32.StdEncoding.EncodeToString(hashed.Sum(nil)))[:16] + encoded += ".onion" - return encoded + ".onion" + return []byte(encoded), nil } // ParsePubkey parses a []byte form of a RSA public key and returns the proper @@ -154,7 +182,9 @@ func ParsePubkey(pubkey []byte) (*rsa.PublicKey, error) { block, _ := pem.Decode(pubkey) _, err := asn1.Unmarshal(block.Bytes, &pub) - CheckError(err) + if err != nil { + return nil, err + } ret = &pub return ret, nil diff --git a/pkg/lib/helpers.go b/pkg/lib/helpers.go @@ -23,7 +23,7 @@ const ProxyAddr = "127.0.0.1:9050" // CheckError is a handler for errors. func CheckError(err error) { if err != nil { - panic(err) + log.Fatalln(err) } } @@ -101,11 +101,13 @@ func ValidateReq(req map[string]string) ([]byte, bool) { // HTTPPost sends an HTTP POST request to the given host. It sends data as // application/json. -func HTTPPost(host string, data []byte) *http.Response { +func HTTPPost(host string, data []byte) (*http.Response, error) { socksify := false parsedHost, err := url.Parse(host) - CheckError(err) + if err != nil { + return nil, err + } hostname := parsedHost.Hostname() if strings.HasSuffix(hostname, ".onion") { socksify = true @@ -116,18 +118,24 @@ func HTTPPost(host string, data []byte) *http.Response { if socksify { log.Println("Detected a .onion request. Using SOCKS proxy.") dialer, err := proxy.SOCKS5("tcp", ProxyAddr, nil, proxy.Direct) - CheckError(err) + if err != nil { + return nil, err + } httpTransp.Dial = dialer.Dial } request, err := http.NewRequest("POST", host, bytes.NewBuffer(data)) - CheckError(err) + if err != nil { + return nil, err + } request.Header.Set("Content-Type", "application/json") resp, err := httpClient.Do(request) - CheckError(err) + if err != nil { + return nil, err + } - return resp + return resp, nil } // GenRandomASCII returns a random ASCII string of a given length. @@ -138,7 +146,9 @@ func GenRandomASCII(length int) (string, error) { return res, nil } num, err := rand.Int(rand.Reader, big.NewInt(int64(127))) - CheckError(err) + if err != nil { + return "", err + } n := num.Int64() if n > 32 && n < 127 {