aboutsummaryrefslogtreecommitdiffstats
path: root/p2p/crypto.go
diff options
context:
space:
mode:
authorzelig <viktor.tron@gmail.com>2015-01-29 11:16:10 +0800
committerFelix Lange <fjl@twurst.com>2015-02-06 07:00:36 +0800
commit2e48d39fc7fc9b8d65e9b6e0ce6863b9374f2233 (patch)
tree609695aeb3e57133af598d0f27c5bd961abc83e0 /p2p/crypto.go
parent488a04273639694399929b28c50eadf1bb34405b (diff)
downloadgo-tangerine-2e48d39fc7fc9b8d65e9b6e0ce6863b9374f2233.tar
go-tangerine-2e48d39fc7fc9b8d65e9b6e0ce6863b9374f2233.tar.gz
go-tangerine-2e48d39fc7fc9b8d65e9b6e0ce6863b9374f2233.tar.bz2
go-tangerine-2e48d39fc7fc9b8d65e9b6e0ce6863b9374f2233.tar.lz
go-tangerine-2e48d39fc7fc9b8d65e9b6e0ce6863b9374f2233.tar.xz
go-tangerine-2e48d39fc7fc9b8d65e9b6e0ce6863b9374f2233.tar.zst
go-tangerine-2e48d39fc7fc9b8d65e9b6e0ce6863b9374f2233.zip
key generation abstracted out, for testing with deterministic keys
Diffstat (limited to 'p2p/crypto.go')
-rw-r--r--p2p/crypto.go41
1 files changed, 36 insertions, 5 deletions
diff --git a/p2p/crypto.go b/p2p/crypto.go
index 6a2b99e93..cb0534cba 100644
--- a/p2p/crypto.go
+++ b/p2p/crypto.go
@@ -1,6 +1,7 @@
package p2p
import (
+ // "binary"
"crypto/ecdsa"
"crypto/rand"
"fmt"
@@ -38,6 +39,33 @@ func (self hexkey) String() string {
return fmt.Sprintf("(%d) %x", len(self), []byte(self))
}
+var nonceF = func(b []byte) (n int, err error) {
+ return rand.Read(b)
+}
+
+var step = 0
+var detnonceF = func(b []byte) (n int, err error) {
+ step++
+ copy(b, crypto.Sha3([]byte("privacy"+string(step))))
+ fmt.Printf("detkey %v: %v\n", step, hexkey(b))
+ return
+}
+
+var keyF = func() (priv *ecdsa.PrivateKey, err error) {
+ priv, err = ecdsa.GenerateKey(crypto.S256(), rand.Reader)
+ if err != nil {
+ return
+ }
+ return
+}
+
+var detkeyF = func() (priv *ecdsa.PrivateKey, err error) {
+ s := make([]byte, 32)
+ detnonceF(s)
+ priv = crypto.ToECDSA(s)
+ return
+}
+
/*
NewSecureSession(connection, privateKey, remotePublicKey, sessionToken, initiator) is called when the peer connection starts to set up a secure session by performing a crypto handshake.
@@ -53,7 +81,6 @@ NewSecureSession(connection, privateKey, remotePublicKey, sessionToken, initiato
It returns a secretRW which implements the MsgReadWriter interface.
*/
-
func NewSecureSession(conn io.ReadWriter, prvKey *ecdsa.PrivateKey, remotePubKeyS []byte, sessionToken []byte, initiator bool) (token []byte, rw *secretRW, err error) {
var auth, initNonce, recNonce []byte
var read int
@@ -178,7 +205,8 @@ func startHandshake(prvKey *ecdsa.PrivateKey, remotePubKeyS, sessionToken []byte
// allocate msgLen long message,
var msg []byte = make([]byte, msgLen)
initNonce = msg[msgLen-shaLen-1 : msgLen-1]
- if _, err = rand.Read(initNonce); err != nil {
+ fmt.Printf("init-nonce: ")
+ if _, err = nonceF(initNonce); err != nil {
return
}
// create known message
@@ -187,7 +215,8 @@ func startHandshake(prvKey *ecdsa.PrivateKey, remotePubKeyS, sessionToken []byte
var sharedSecret = Xor(sessionToken, initNonce)
// generate random keypair to use for signing
- if randomPrvKey, err = crypto.GenerateKey(); err != nil {
+ fmt.Printf("init-random-ecdhe-private-key: ")
+ if randomPrvKey, err = keyF(); err != nil {
return
}
// sign shared secret (message known to both parties): shared-secret
@@ -278,11 +307,13 @@ func respondToHandshake(auth []byte, prvKey *ecdsa.PrivateKey, remotePubKeyS, se
var resp = make([]byte, resLen)
// generate shaLen long nonce
respNonce = resp[pubLen : pubLen+shaLen]
- if _, err = rand.Read(respNonce); err != nil {
+ fmt.Printf("rec-nonce: ")
+ if _, err = nonceF(respNonce); err != nil {
return
}
// generate random keypair for session
- if randomPrivKey, err = crypto.GenerateKey(); err != nil {
+ fmt.Printf("rec-random-ecdhe-private-key: ")
+ if randomPrivKey, err = keyF(); err != nil {
return
}
// responder auth message