func (h *InHandler) handleHello(n *xn.Node) (err error) { var ( m *XLatticeMsg msgN uint64 id, ck, sk, sig, salt []byte peer *xn.Peer ) m, err = h.readMsg() // message must be a Hello if err == nil { if m.GetOp() != XLatticeMsg_Hello { err = MissingHello } } if err == nil { // the message is a hello; is its NodeID that of a known peer? id = m.GetID() if id == nil { // DEBUG fmt.Printf("handleHello: message has no ID field\n") // END err = NilPeer } else { peer, err = n.FindPeer(id) if err == nil { if peer == nil { err = xn.NotAKnownPeer } else { h.Peer = peer } } } } // On any error up to here silently close the connection and delete // the handler. if err != nil { h.Cnx.Close() h = nil return } // message is a hello from a known peer ------------------------- // MsgN must be 1 msgN = m.GetMsgN() h.MsgN = msgN ck = m.GetCommsKey() // comms key as byte slice sk = m.GetSigKey() // sig key as byte slice salt = m.GetSalt() sig = m.GetSig() // digital signature var serCK, serSK []byte if h.MsgN != 1 { err = ExpectedMsgOne } if err == nil { peerID := peer.GetNodeID().Value() if !bytes.Equal(id, peerID) { fmt.Println("NOT SAME NODE ID") // XXX should log err = NotExpectedNodeID } } if err == nil { serCK, err = xc.RSAPubKeyToWire(peer.GetCommsPublicKey()) if err == nil { if !bytes.Equal(serCK, ck) { fmt.Println("NOT SAME COMMS KEY") // XXX should log err = NotExpectedCommsKey } } } if err == nil { serSK, err = xc.RSAPubKeyToWire(peer.GetSigPublicKey()) if err == nil { if !bytes.Equal(serSK, sk) { fmt.Println("NOT SAME SIG KEY") // XXX should log err = NotExpectedSigKey } } } if err == nil { sigPubKey := peer.GetSigPublicKey() d := sha1.New() d.Write(id) d.Write(ck) d.Write(sk) d.Write(salt) hash := d.Sum(nil) err = rsa.VerifyPKCS1v15(sigPubKey, cr.SHA1, hash, sig) } if err == nil { // Everything is good; so Ack, leaving cnx open. h.Peer.MarkUp() // we consider the peer live h.Peer.LastContact() err = h.simpleAck(msgN) } else { // Send the text of the error to the peer; the send itself // may of course cause an error, but we will ignore that. // The peer is NOT marked as up. h.errorReply(err) } return }