Esempio n. 1
0
// encrypt reads data from r, encrypts it for identity to (with identity from
// as sender), and writes it to w.
func (ce *CryptEngine) encrypt(
	w io.Writer,
	from, to string,
	sign bool,
	nymAddress string,
	r io.Reader,
	statusfp *os.File,
) error {
	// map pseudonyms
	fromID, fromDomain, err := identity.MapPlus(from)
	if err != nil {
		return err
	}
	toID, err := identity.Map(to)
	if err != nil {
		return err
	}
	// get fromUID from keyDB
	fromUID, _, err := ce.keyDB.GetPrivateUID(fromID, true)
	if err != nil {
		return err
	}
	// get toUID from keyDB
	toUID, _, found, err := ce.keyDB.GetPublicUID(toID, math.MaxInt64) // TODO: use simpler API
	if err != nil {
		return err
	}
	if !found {
		return log.Errorf("not UID for '%s' found", toID)
	}
	// encrypt message
	senderLastKeychainHash, err := ce.keyDB.GetLastHashChainEntry(fromDomain)
	if err != nil {
		return err
	}
	var privateSigKey *[64]byte
	if sign {
		privateSigKey = fromUID.PrivateSigKey64()
	}
	args := &msg.EncryptArgs{
		Writer:                 w,
		From:                   fromUID,
		To:                     toUID,
		NymAddress:             nymAddress,
		SenderLastKeychainHash: senderLastKeychainHash,
		PrivateSigKey:          privateSigKey,
		Reader:                 r,
		Rand:                   cipher.RandReader,
		KeyStore:               ce,
	}
	nymAddress, err = msg.Encrypt(args)
	if err != nil {
		return err
	}
	// show nymaddress on status-fd
	fmt.Fprintf(statusfp, "NYMADDRESS:\t%s\n", nymAddress)
	return nil
}
Esempio n. 2
0
func (ce *CryptEngine) fetchKeyInit(pseudonym string) error {
	// map pseudonym
	id, domain, err := identity.MapPlus(pseudonym)
	if err != nil {
		return err
	}
	// get corresponding public ID
	msg, _, found, err := ce.keyDB.GetPublicUID(id, math.MaxInt64) // TODO: use simpler API
	if err != nil {
		return err
	}
	if !found {
		return log.Errorf("not UID for '%s' found", id)
	}
	// get SIGKEYHASH
	sigKeyHash, err := msg.SigKeyHash()
	if err != nil {
		return err
	}
	// get JSON-RPC client and capabilities
	client, _, err := ce.cache.Get(domain, ce.keydPort, ce.keydHost,
		ce.homedir, "KeyInitRepository.FetchKeyInit")
	if err != nil {
		return err
	}
	// call server
	content := make(map[string]interface{})
	content["SigKeyHash"] = sigKeyHash
	reply, err := client.JSONRPCRequest("KeyInitRepository.FetchKeyInit", content)
	if err != nil {
		return err
	}
	rep, ok := reply["KeyInit"].(string)
	if !ok {
		return log.Errorf("cryptengine: could not fetch key init for '%s'", sigKeyHash)
	}
	ki, err := uid.NewJSONKeyInit([]byte(rep))
	if err != nil {
		return err
	}
	// store public key init message
	if err := ce.keyDB.AddPublicKeyInit(ki); err != nil {
		return err
	}
	return nil
}
Esempio n. 3
0
// generate a new nym and store it in keydb.
func (ce *CryptEngine) generate(
	pseudonym string,
	keyserver bool,
	outputfp *os.File,
) error {
	// map pseudonym
	id, domain, err := identity.MapPlus(pseudonym)
	if err != nil {
		return err
	}
	// create new UID
	// TODO: allow different PFS preferences
	var lastEntry string
	if !keyserver {
		// no lastEntry, because this will be the first entry in hashchain
		lastEntry, err = ce.keyDB.GetLastHashChainEntry(domain)
		if err != nil {
			return err
		}
	}
	uid, err := uid.Create(id, false, "", "", uid.Strict, lastEntry,
		cipher.RandReader)
	if err != nil {
		return err
	}
	if !keyserver {
		// store UID in keyDB
		if err := ce.keyDB.AddPrivateUID(uid); err != nil {
			return err
		}
	} else {
		// a private key for the keyserver is not stored in the keyDB
		var out bytes.Buffer
		if err := json.Indent(&out, []byte(uid.JSON()), "", "  "); err != nil {
			return err
		}
		fmt.Fprintln(outputfp, out.String())
		if keyserver {
			fmt.Fprintf(outputfp, "{\"PRIVSIGKEY\": %q}\n", uid.PrivateSigKey())
		}
	}
	log.Infof("nym '%s' generated successfully", id)
	return nil
}
Esempio n. 4
0
func (ce *CryptEngine) flushKeyInit(pseudonym string) error {
	// map pseudonym
	id, domain, err := identity.MapPlus(pseudonym)
	if err != nil {
		return err
	}
	// get corresponding public ID
	msg, _, err := ce.keyDB.GetPrivateUID(id, true)
	if err != nil {
		return err
	}
	// get JSON-RPC client and capabilities
	client, _, err := ce.cache.Get(domain, ce.keydPort, ce.keydHost,
		ce.homedir, "KeyInitRepository.FlushKeyInit")
	if err != nil {
		return err
	}
	// call server
	content := make(map[string]interface{})
	nonce, signature := msg.SignNonce()
	content["SigPubKey"] = msg.UIDContent.SIGKEY.PUBKEY
	content["Nonce"] = nonce
	content["Signature"] = signature
	_, err = client.JSONRPCRequest("KeyInitRepository.FlushKeyInit", content)
	if err != nil {
		return err
	}
	/*
		rep, ok := reply["KeyInit"].(string)
		if !ok {
			return log.Errorf("cryptengine: could not fetch key init for '%s'", sigKeyHash)
		}
		_, err = uid.NewJSONKeyInit([]byte(rep))
		if err != nil {
			return err
		}
	*/
	return nil
}
Esempio n. 5
0
func (ce *CryptEngine) registerOrUpdate(
	pseudonym, token, command, verb string,
) error {
	// map pseudonym
	id, domain, err := identity.MapPlus(pseudonym)
	if err != nil {
		return err
	}
	// TODO: check token?
	// get UID from keyDB
	msg, messageReply, err := ce.keyDB.GetPrivateUID(id, false)
	if err != nil {
		return err
	}
	if messageReply != nil {
		return log.Errorf("cryptengine: UID has already been %s", verb)
	}
	// get JSON-RPC client and capabilities
	client, caps, err := ce.cache.Get(domain, ce.keydPort, ce.keydHost,
		ce.homedir, "KeyRepository."+command)
	if err != nil {
		return err
	}
	// register/update UID with key server
	content := make(map[string]interface{})
	content["UIDMessage"] = msg
	content["Token"] = token
	reply, err := client.JSONRPCRequest("KeyRepository."+command, content)
	if err != nil {
		return err
	}
	rep, ok := reply["UIDMessageReply"].(map[string]interface{})
	if !ok {
		return log.Errorf("cryptengine: %s reply has the wrong type", command)
	}

	// marshal the unstructured UIDMessageReply into a JSON byte array
	jsn, err := json.Marshal(rep)
	if err != nil {
		return err
	}
	// unmarshal the JSON byte array back into a UIDMessageReply
	msgReply, err := uid.NewJSONReply(string(jsn))
	if err != nil {
		return err
	}

	// store reply first to have proof, if the key server is cheating
	if err := ce.keyDB.AddPrivateUIDReply(msg, msgReply); err != nil {
		return err
	}

	// verify reply
	// TODO: keyserver can return more than one SIGPUBKEY
	if err := msgReply.VerifySrvSig(msg, caps.SIGPUBKEYS[0]); err != nil {
		return err
	}

	log.Infof("nym '%s' %s successfully", id, verb)
	return nil
}
Esempio n. 6
0
func (ce *CtrlEngine) uidNew(
	c *cli.Context,
	minDelay, maxDelay int32,
	host string,
) error {
	// make sure the ID is well-formed
	unmapped := c.String("id")
	id, domain, err := identity.MapPlus(unmapped)
	if err != nil {
		return err
	}

	// sync corresponding hashchain
	if id != "keyserver" {
		if err := ce.upkeepHashchain(c, domain, c.String("host")); err != nil {
			return err
		}
	}

	// check that ID has not been registered already by the same user
	unmappedID, _, err := ce.msgDB.GetNym(id)
	if err != nil {
		return err
	}
	if unmappedID != "" {
		return log.Error(ErrUserIDOwned)
	}

	// check that ID has not been registered already by other user
	err = mutecryptHashchainSearch(c, id, c.String("host"), ce.passphrase)
	if err == nil {
		return log.Error(ErrUserIDTaken)
	}

	// get token from wallet
	token, err := wallet.GetToken(ce.client, def.AccdUsage, def.AccdOwner)
	if err != nil {
		return err
	}

	// register account for  UID
	_, privkey, err := ed25519.GenerateKey(cipher.RandReader)
	if err != nil {
		return log.Error(err)
	}
	server, err := mixclient.PayAccount(privkey, token.Token, "", def.CACert)
	if err != nil {
		ce.client.UnlockToken(token.Hash)
		return log.Error(err)
	}
	ce.client.DelToken(token.Hash)

	// generate secret for account
	var secret [64]byte
	if _, err := io.ReadFull(cipher.RandReader, secret[:]); err != nil {
		return err
	}

	// get mixaddress and nymaddress for KeyInit message
	expire := times.ThirtyDaysLater() // TODO: make this settable
	singleUse := false                // TODO correct?
	var pubkey [ed25519.PublicKeySize]byte
	copy(pubkey[:], privkey[32:])
	mixaddress, nymaddress, err := util.NewNymAddress(domain, secret[:], expire,
		singleUse, minDelay, maxDelay, id, &pubkey, server, def.CACert)
	if err != nil {
		return err
	}

	// generate UID
	err = mutecryptNewUID(c, ce.passphrase, id, domain, host, mixaddress,
		nymaddress, ce.client)
	if err != nil {
		return err
	}

	// save name mapping
	if err := ce.msgDB.AddNym(id, unmapped, c.String("full-name")); err != nil {
		return err
	}

	// register account for UID
	err = ce.msgDB.AddAccount(id, "", privkey, server, &secret,
		minDelay, maxDelay)
	if err != nil {
		return err
	}

	// set active UID, if this was the first UID
	active, err := ce.msgDB.GetValue(msgdb.ActiveUID)
	if err != nil {
		return err
	}
	if active == "" {
		if err := ce.msgDB.AddValue(msgdb.ActiveUID, unmapped); err != nil {
			return err
		}
	}
	return nil
}
Esempio n. 7
0
func (ce *CryptEngine) addKeyInit(pseudonym, mixaddress, nymaddress, token string) error {
	// map pseudonym
	id, domain, err := identity.MapPlus(pseudonym)
	if err != nil {
		return err
	}
	// TODO: check token?
	// generate KeyInit
	msg, _, err := ce.keyDB.GetPrivateUID(id, true)
	if err != nil {
		return err
	}
	// TODO: fix parameter!
	ki, pubKeyHash, privateKey, err := msg.KeyInit(0,
		uint64(times.NinetyDaysLater()), 0, true, domain, mixaddress,
		nymaddress, cipher.RandReader)
	if err != nil {
		return err
	}
	var (
		kis          []*uid.KeyInit
		pubKeyHashes []string
		privateKeys  []string
		tokens       []string
	)
	kis = append(kis, ki)
	pubKeyHashes = append(pubKeyHashes, pubKeyHash)
	privateKeys = append(privateKeys, privateKey)
	tokens = append(tokens, token)
	// get JSON-RPC client and capabilities
	client, caps, err := ce.cache.Get(domain, ce.keydPort, ce.keydHost,
		ce.homedir, "KeyInitRepository.AddKeyInit")
	if err != nil {
		return err
	}
	// call server
	content := make(map[string]interface{})
	content["SigPubKey"] = msg.UIDContent.SIGKEY.PUBKEY
	content["KeyInits"] = kis
	content["Tokens"] = tokens
	reply, err := client.JSONRPCRequest("KeyInitRepository.AddKeyInit", content)
	if err != nil {
		return err
	}
	// verify server signatures
	sigs, ok := reply["Signatures"].([]interface{})
	if !ok {
		return log.Errorf("cryptengine: could not add key inits for '%s'", msg.UIDContent.IDENTITY)
	}
	if len(kis) != len(sigs) {
		return log.Error("cryptengine: number of returned signatures does not equal number of sent key init messages")
	}
	for i, ki := range kis {
		sig, ok := sigs[i].(string)
		if !ok {
			return log.Error("cryptengine: signature is not a string")
		}
		// TODO: keyserver can return more than one SIGPUBKEY
		if err := ki.VerifySrvSig(sig, caps.SIGPUBKEYS[0]); err != nil {
			return err
		}
	}
	// store server key init messages and server signatures
	for i, ki := range kis {
		sig := sigs[i].(string) // cast has been checked already above
		if err := ce.keyDB.AddPrivateKeyInit(ki, pubKeyHashes[i], msg.SigPubKey(), privateKeys[i], sig); err != nil {
			return err
		}
	}
	return nil
}
Esempio n. 8
0
func (ce *CryptEngine) lookupHashChain(id string) error {
	// map identity
	mappedID, domain, err := identity.MapPlus(id)
	if err != nil {
		return err
	}
	// get JSON-RPC client
	client, _, err := ce.cache.Get(domain, ce.keydPort, ce.keydHost, ce.homedir,
		"KeyHashchain.LookupUID")
	if err != nil {
		return err
	}
	// Call KeyHashchain.LookupUID
	content := make(map[string]interface{})
	content["Identity"] = mappedID
	reply, err := client.JSONRPCRequest("KeyHashchain.LookupUID", content)
	if err != nil {
		return err
	}
	hcPositions, ok := reply["HCPositions"].([]interface{})
	if !ok {
		if _, ok := reply["HCPositions"].(interface{}); !ok {
			return log.Errorf("lookup found no entry of id '%s'", id)
		}
		return log.Error("cryptengine: lookup ID reply has the wrong type")
	}
	var TYPE, NONCE, HashID, CrUID, UIDIndex []byte
	var matchFound bool
	for k, v := range hcPositions {
		hcPosFloat, ok := v.(float64)
		if !ok {
			return log.Errorf("cryptengine: lookup ID reply position entry %d has the wrong type", k)
		}
		hcPos := uint64(hcPosFloat)
		hcEntry, err := ce.keyDB.GetHashChainEntry(domain, hcPos)
		if err != nil {
			return err
		}
		_, TYPE, NONCE, HashID, CrUID, UIDIndex, err = hashchain.SplitEntry(hcEntry)
		if err != nil {
			return err
		}
		if !bytes.Equal(TYPE, hashchain.Type) {
			return log.Error("cryptengine: invalid entry type")
		}

		// Compute k1, k2 = CKDF(NONCE)
		k1, k2 := cipher.CKDF(NONCE)

		// Compute: HashIDTest = HASH(k1 | Identity)
		tmp := make([]byte, len(k1)+len(mappedID))
		copy(tmp, k1)
		copy(tmp[len(k1):], mappedID)
		HashIDTest := cipher.SHA256(tmp)

		// If NOT: HashID == HashIDTest: Continue
		if !bytes.Equal(HashID, HashIDTest) {
			return log.Error("cryptengine: lookup ID returned bogus position")
		}
		log.Debugf("cryptengine: UIDIndex=%s", base64.Encode(UIDIndex))

		// Check UID already exists in keyDB
		_, pos, found, err := ce.keyDB.GetPublicUID(mappedID, hcPos)
		if err != nil {
			return err
		}
		if found && pos == hcPos {
			// UID exists already -> skip entry
			matchFound = true
			continue
		}

		// Compute: IDKEY = HASH(k2 | Identity)
		tmp = make([]byte, len(k2)+len(mappedID))
		copy(tmp, k2)
		copy(tmp[len(k2):], mappedID)
		IDKEY := cipher.SHA256(tmp)

		// Fetch from Key Repository: UIDMessageReply = GET(UIDIndex)
		msgReply, err := ce.fetchUID(domain, UIDIndex)
		if err != nil {
			return err
		}

		// Decrypt UIDHash = AES_256_CBC_Decrypt( IDKEY, CrUID)
		UIDHash := cipher.AES256CBCDecrypt(IDKEY, CrUID)
		log.Debugf("cryptengine: UIDHash=%s", base64.Encode(UIDHash))

		// Decrypt UIDMessageReply.UIDMessage with UIDHash
		index, uid, err := msgReply.Decrypt(UIDHash)
		if err != nil {
			return err
		}
		log.Debugf("cryptengine: UIDMessage=%s", uid.JSON())

		// Check index
		if !bytes.Equal(index, UIDIndex) {
			return log.Errorf("cryptengine: index != UIDIndex")
		}

		// Verify self signature
		if err := uid.VerifySelfSig(); err != nil {
			return log.Error(err)
		}

		// Verify server signature
		if err := ce.verifyServerSig(uid, msgReply, hcPos); err != nil {
			return err
		}

		// TODO: make sure the whole chain of UIDMessages is valid

		// Store UIDMessage
		if err := ce.keyDB.AddPublicUID(uid, hcPos); err != nil {
			return err
		}
		matchFound = true

		// If no further entry can be found, the latest UIDMessage entry has been found
	}

	if matchFound {
		return nil
	}

	return log.Errorf("lookup found no entry of id '%s'", id)
}
Esempio n. 9
0
// searchHashChain searches the local hash chain corresponding to the given id
// for the id. It talks to the corresponding key server to retrieve necessary
// UIDMessageReplys and stores found UIDMessages in the local keyDB.
func (ce *CryptEngine) searchHashChain(id string, searchOnly bool) error {
	// map identity
	mappedID, domain, err := identity.MapPlus(id)
	if err != nil {
		return err
	}
	// make sure we have a hashchain for the given domain
	max, found, err := ce.keyDB.GetLastHashChainPos(domain)
	if err != nil {
		return err
	}
	if !found {
		return log.Errorf("no hash chain entries found for domain '%s'", domain)
	}

	var TYPE, NONCE, HashID, CrUID, UIDIndex []byte
	var matchFound bool
	for i := uint64(0); i <= max; i++ {
		hcEntry, err := ce.keyDB.GetHashChainEntry(domain, i)
		if err != nil {
			return err
		}
		log.Debugf("cryptengine: search hash chain entry %d: %s", i, hcEntry)

		_, TYPE, NONCE, HashID, CrUID, UIDIndex, err = hashchain.SplitEntry(hcEntry)
		if err != nil {
			return err
		}
		if !bytes.Equal(TYPE, hashchain.Type) {
			return log.Error("cryptengine: invalid hash chain entry type")
		}

		// Compute k1, k2 = CKDF(NONCE)
		k1, k2 := cipher.CKDF(NONCE)

		// Compute: HashIDTest = HASH(k1 | Identity)
		tmp := make([]byte, len(k1)+len(mappedID))
		copy(tmp, k1)
		copy(tmp[len(k1):], mappedID)
		HashIDTest := cipher.SHA256(tmp)

		// If NOT: HashID == HashIDTest: Continue
		if !bytes.Equal(HashID, HashIDTest) {
			continue
		}
		if searchOnly {
			return nil
		}
		log.Debugf("cryptengine: UIDIndex=%s", base64.Encode(UIDIndex))

		// Check UID already exists in keyDB
		_, pos, found, err := ce.keyDB.GetPublicUID(mappedID, i)
		if err != nil {
			return err
		}
		if found && pos == i {
			// UID exists already -> skip entry
			matchFound = true
			continue
		}

		// Compute: IDKEY = HASH(k2 | Identity)
		tmp = make([]byte, len(k2)+len(mappedID))
		copy(tmp, k2)
		copy(tmp[len(k2):], mappedID)
		IDKEY := cipher.SHA256(tmp)

		// Fetch from Key Repository: UIDMessageReply = GET(UIDIndex)
		msgReply, err := ce.fetchUID(domain, UIDIndex)
		if err != nil {
			return err
		}

		// Decrypt UIDHash = AES_256_CBC_Decrypt( IDKEY, CrUID)
		UIDHash := cipher.AES256CBCDecrypt(IDKEY, CrUID)
		log.Debugf("cryptengine: UIDHash=%s", base64.Encode(UIDHash))

		// Decrypt UIDMessageReply.UIDMessage with UIDHash
		index, uid, err := msgReply.Decrypt(UIDHash)
		if err != nil {
			return err
		}
		log.Debugf("cryptengine: UIDMessage=%s", uid.JSON())

		// Check index
		if !bytes.Equal(index, UIDIndex) {
			return log.Errorf("cryptengine: index != UIDIndex")
		}

		// Verify self signature
		if err := uid.VerifySelfSig(); err != nil {
			return log.Error(err)
		}

		// Verify server signature
		if err := ce.verifyServerSig(uid, msgReply, i); err != nil {
			return err
		}

		// TODO: make sure the whole chain of UIDMessages is valid

		// Store UIDMessage
		if err := ce.keyDB.AddPublicUID(uid, i); err != nil {
			return err
		}
		matchFound = true

		// If no further entry can be found, the latest UIDMessage entry has been found
	}

	if matchFound {
		return nil
	}

	return log.Errorf("no hash chain entry found of id '%s'", id)
}