tor-dam

tor distributed announce mechanism (not a dht)
git clone https://git.parazyd.org/tor-dam
Log | Files | Refs | README | LICENSE

commit 9ccd7d978c8cd941c256558a0604e173bcefadf8
parent 7c47b35dce0cd702516e30b03032ca06f5630978
Author: parazyd <parazyd@dyne.org>
Date:   Thu,  7 Dec 2017 22:32:38 +0100

Implement client-side secret decryption

Diffstat:
Mgo/dam/dam.go | 11+++++++++++
Mgo/ddir/ddir.go | 6+++++-
Mgo/lib/crypto.go | 13+++++++++++++
3 files changed, 29 insertions(+), 1 deletion(-)

diff --git a/go/dam/dam.go b/go/dam/dam.go @@ -69,4 +69,15 @@ func main() { log.Println("Unsuccessful reply from directory.") log.Fatalln("Server replied:", m.Secret) } + + if resp.StatusCode == 200 { + log.Println("Successful reply from directory.") + decodedSecret, err := base64.StdEncoding.DecodeString(m.Secret) + lib.CheckError(err) + + decrypted, err := lib.DecryptMsg([]byte(decodedSecret), key) + lib.CheckError(err) + + log.Println(string(decrypted)) + } } diff --git a/go/ddir/ddir.go b/go/ddir/ddir.go @@ -63,11 +63,15 @@ func handlePost(rw http.ResponseWriter, request *http.Request) { randString, err := lib.GenRandomASCII(64) lib.CheckError(err) + // FIXME: delete this line after debug mode + log.Println("Secret:", randString) + secret, err := lib.EncryptMsg([]byte(randString), pubkey) lib.CheckError(err) + encodedSecret := base64.StdEncoding.EncodeToString(secret) ret := map[string]string{ - "secret": string(secret), + "secret": encodedSecret, } jsonVal, err := json.Marshal(ret) lib.CheckError(err) diff --git a/go/lib/crypto.go b/go/lib/crypto.go @@ -93,6 +93,7 @@ func SignMsg(message []byte, privkey *rsa.PrivateKey) []byte { } // EncryptMsg encrypts a given []byte message using a given RSA public key. +// Returns the encrypted message in []byte form. func EncryptMsg(message []byte, pubkey *rsa.PublicKey) ([]byte, error) { log.Println("Encrypting message...") rng := rand.Reader @@ -103,6 +104,18 @@ func EncryptMsg(message []byte, pubkey *rsa.PublicKey) ([]byte, error) { return msg, nil } +// DecryptMsg decrypts a given []byte message using a given RSA private key. +// Returns the decrypted message in []byte form. +func DecryptMsg(message []byte, privkey *rsa.PrivateKey) ([]byte, error) { + log.Println("Decrypting message...") + rng := rand.Reader + + msg, err := rsa.DecryptPKCS1v15(rng, privkey, message) + CheckError(err) + + return msg, nil +} + // VerifyMsg verifies a []byte message and []byte signature against a given // RSA pubkey. func VerifyMsg(message []byte, signature []byte, pubkey *rsa.PublicKey) (bool, error) {