tordam

A library for peer discovery inside the Tor network
git clone https://git.parazyd.org/tordam
Log | Files | Refs | README | LICENSE
commit 9ccd7d978c8cd941c256558a0604e173bcefadf8
parent 7c47b35dce0cd702516e30b03032ca06f5630978
Author: parazyd <parazyd@dyne.org>
Date:   Thu,  7 Dec 2017 22:32:38 +0100

Implement client-side secret decryption

Diffstat:

Mgo/dam/dam.go | 11+++++++++++


Mgo/ddir/ddir.go | 6+++++-


Mgo/lib/crypto.go | 13+++++++++++++


3 files changed, 29 insertions(+), 1 deletion(-)

diff --git a/go/dam/dam.go b/go/dam/dam.go
@@ -69,4 +69,15 @@ func main() {
 		log.Println("Unsuccessful reply from directory.")
 		log.Fatalln("Server replied:", m.Secret)
 	}
+
+	if resp.StatusCode == 200 {
+		log.Println("Successful reply from directory.")
+		decodedSecret, err := base64.StdEncoding.DecodeString(m.Secret)
+		lib.CheckError(err)
+
+		decrypted, err := lib.DecryptMsg([]byte(decodedSecret), key)
+		lib.CheckError(err)
+
+		log.Println(string(decrypted))
+	}
 }
diff --git a/go/ddir/ddir.go b/go/ddir/ddir.go
@@ -63,11 +63,15 @@ func handlePost(rw http.ResponseWriter, request *http.Request) {
 		randString, err := lib.GenRandomASCII(64)
 		lib.CheckError(err)
 
+		// FIXME: delete this line after debug mode
+		log.Println("Secret:", randString)
+
 		secret, err := lib.EncryptMsg([]byte(randString), pubkey)
 		lib.CheckError(err)
 
+		encodedSecret := base64.StdEncoding.EncodeToString(secret)
 		ret := map[string]string{
-			"secret": string(secret),
+			"secret": encodedSecret,
 		}
 		jsonVal, err := json.Marshal(ret)
 		lib.CheckError(err)
diff --git a/go/lib/crypto.go b/go/lib/crypto.go
@@ -93,6 +93,7 @@ func SignMsg(message []byte, privkey *rsa.PrivateKey) []byte {
 }
 
 // EncryptMsg encrypts a given []byte message using a given RSA public key.
+// Returns the encrypted message in []byte form.
 func EncryptMsg(message []byte, pubkey *rsa.PublicKey) ([]byte, error) {
 	log.Println("Encrypting message...")
 	rng := rand.Reader
@@ -103,6 +104,18 @@ func EncryptMsg(message []byte, pubkey *rsa.PublicKey) ([]byte, error) {
 	return msg, nil
 }
 
+// DecryptMsg decrypts a given []byte message using a given RSA private key.
+// Returns the decrypted message in []byte form.
+func DecryptMsg(message []byte, privkey *rsa.PrivateKey) ([]byte, error) {
+	log.Println("Decrypting message...")
+	rng := rand.Reader
+
+	msg, err := rsa.DecryptPKCS1v15(rng, privkey, message)
+	CheckError(err)
+
+	return msg, nil
+}
+
 // VerifyMsg verifies a []byte message and []byte signature against a given
 // RSA pubkey.
 func VerifyMsg(message []byte, signature []byte, pubkey *rsa.PublicKey) (bool, error) {