Skip to content

GitLab

Commit 1439a53b authored by Juan Batiz-Benet's avatar Juan Batiz-Benet Committed by Brian Tiger Chow
Browse files
Options

handshake: bugfix (secure -> insecure chan) + logs

parent f41817c8
Hide whitespace changes
Inline Side-by-side
Showing with 9 additions and 2 deletions
crypto/spipe/handshake.go
View file @ 1439a53b
...@@ -5,6 +5,7 @@ package spipe ...@@ -5,6 +5,7 @@ package spipe
import ( import (
"bytes" "bytes"
"errors" "errors"
"fmt"
"strings" "strings"
"crypto/aes" "crypto/aes"
...@@ -48,6 +49,7 @@ func (s *SecurePipe) handshake() error { ...@@ -48,6 +49,7 @@ func (s *SecurePipe) handshake() error {
return err return err
} }
// u.DOut("handshake: %s <--> %s\n", s.local.ID.Pretty(), s.remote.ID.Pretty())
myPubKey, err := s.local.PubKey.Bytes() myPubKey, err := s.local.PubKey.Bytes()
if err != nil { if err != nil {
return err return err
...@@ -65,6 +67,7 @@ func (s *SecurePipe) handshake() error { ...@@ -65,6 +67,7 @@ func (s *SecurePipe) handshake() error {
return err return err
} }
// u.POut("sending encoded handshake\n")
s.insecure.Out <- encoded s.insecure.Out <- encoded
// Parse their Propose packet and generate an Exchange packet. // Parse their Propose packet and generate an Exchange packet.
...@@ -73,9 +76,10 @@ func (s *SecurePipe) handshake() error { ...@@ -73,9 +76,10 @@ func (s *SecurePipe) handshake() error {
select { select {
case <-s.ctx.Done(): case <-s.ctx.Done():
return ErrClosed return ErrClosed
case resp = <-s.Duplex.In: case resp = <-s.insecure.In:
} }
// u.POut("received encoded handshake\n")
proposeResp := new(Propose) proposeResp := new(Propose)
err = proto.Unmarshal(resp, proposeResp) err = proto.Unmarshal(resp, proposeResp)
if err != nil { if err != nil {
...@@ -98,6 +102,7 @@ func (s *SecurePipe) handshake() error { ...@@ -98,6 +102,7 @@ func (s *SecurePipe) handshake() error {
} else if s.remote.ID == nil { } else if s.remote.ID == nil {
s.remote.ID = remoteID s.remote.ID = remoteID
} }
// u.POut("Remote Peer Identified as %s\n", s.remote.ID.Pretty())
exchange, err := selectBest(SupportedExchanges, proposeResp.GetExchanges()) exchange, err := selectBest(SupportedExchanges, proposeResp.GetExchanges())
if err != nil { if err != nil {
...@@ -114,6 +119,7 @@ func (s *SecurePipe) handshake() error { ...@@ -114,6 +119,7 @@ func (s *SecurePipe) handshake() error {
return err return err
} }
// u.POut("Selected %s %s %s\n", exchange, cipherType, hashType)
epubkey, done, err := ci.GenerateEKeyPair(exchange) // Generate EphemeralPubKey epubkey, done, err := ci.GenerateEKeyPair(exchange) // Generate EphemeralPubKey
var handshake bytes.Buffer // Gather corpus to sign. var handshake bytes.Buffer // Gather corpus to sign.
...@@ -153,6 +159,7 @@ func (s *SecurePipe) handshake() error { ...@@ -153,6 +159,7 @@ func (s *SecurePipe) handshake() error {
theirHandshake.Write(encoded) theirHandshake.Write(encoded)
theirHandshake.Write(exchangeResp.GetEpubkey()) theirHandshake.Write(exchangeResp.GetEpubkey())
// u.POut("Remote Peer Identified as %s\n", s.remote.ID.Pretty())
ok, err := s.remote.PubKey.Verify(theirHandshake.Bytes(), exchangeResp.GetSignature()) ok, err := s.remote.PubKey.Verify(theirHandshake.Bytes(), exchangeResp.GetSignature())
if err != nil { if err != nil {
return err return err
...@@ -180,7 +187,7 @@ func (s *SecurePipe) handshake() error { ...@@ -180,7 +187,7 @@ func (s *SecurePipe) handshake() error {
select { select {
case <-s.ctx.Done(): case <-s.ctx.Done():
return ErrClosed return ErrClosed
case resp2 = <-s.Duplex.In: case resp2 = <-s.In:
} }
if bytes.Compare(resp2, finished) != 0 { if bytes.Compare(resp2, finished) != 0 {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment