tImplement client-side secret decryption - tordam - A library for peer discovery inside the Tor network
(HTM) git clone https://git.parazyd.org/tordam
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit 9ccd7d978c8cd941c256558a0604e173bcefadf8
(DIR) parent 7c47b35dce0cd702516e30b03032ca06f5630978
(HTM) Author: parazyd <parazyd@dyne.org>
Date: Thu, 7 Dec 2017 22:32:38 +0100
Implement client-side secret decryption
Diffstat:
M go/dam/dam.go | 11 +++++++++++
M go/ddir/ddir.go | 6 +++++-
M go/lib/crypto.go | 13 +++++++++++++
3 files changed, 29 insertions(+), 1 deletion(-)
---
(DIR) diff --git a/go/dam/dam.go b/go/dam/dam.go
t@@ -69,4 +69,15 @@ func main() {
log.Println("Unsuccessful reply from directory.")
log.Fatalln("Server replied:", m.Secret)
}
+
+ if resp.StatusCode == 200 {
+ log.Println("Successful reply from directory.")
+ decodedSecret, err := base64.StdEncoding.DecodeString(m.Secret)
+ lib.CheckError(err)
+
+ decrypted, err := lib.DecryptMsg([]byte(decodedSecret), key)
+ lib.CheckError(err)
+
+ log.Println(string(decrypted))
+ }
}
(DIR) diff --git a/go/ddir/ddir.go b/go/ddir/ddir.go
t@@ -63,11 +63,15 @@ func handlePost(rw http.ResponseWriter, request *http.Request) {
randString, err := lib.GenRandomASCII(64)
lib.CheckError(err)
+ // FIXME: delete this line after debug mode
+ log.Println("Secret:", randString)
+
secret, err := lib.EncryptMsg([]byte(randString), pubkey)
lib.CheckError(err)
+ encodedSecret := base64.StdEncoding.EncodeToString(secret)
ret := map[string]string{
- "secret": string(secret),
+ "secret": encodedSecret,
}
jsonVal, err := json.Marshal(ret)
lib.CheckError(err)
(DIR) diff --git a/go/lib/crypto.go b/go/lib/crypto.go
t@@ -93,6 +93,7 @@ func SignMsg(message []byte, privkey *rsa.PrivateKey) []byte {
}
// EncryptMsg encrypts a given []byte message using a given RSA public key.
+// Returns the encrypted message in []byte form.
func EncryptMsg(message []byte, pubkey *rsa.PublicKey) ([]byte, error) {
log.Println("Encrypting message...")
rng := rand.Reader
t@@ -103,6 +104,18 @@ func EncryptMsg(message []byte, pubkey *rsa.PublicKey) ([]byte, error) {
return msg, nil
}
+// DecryptMsg decrypts a given []byte message using a given RSA private key.
+// Returns the decrypted message in []byte form.
+func DecryptMsg(message []byte, privkey *rsa.PrivateKey) ([]byte, error) {
+ log.Println("Decrypting message...")
+ rng := rand.Reader
+
+ msg, err := rsa.DecryptPKCS1v15(rng, privkey, message)
+ CheckError(err)
+
+ return msg, nil
+}
+
// VerifyMsg verifies a []byte message and []byte signature against a given
// RSA pubkey.
func VerifyMsg(message []byte, signature []byte, pubkey *rsa.PublicKey) (bool, error) {