예제 #1
0
파일: crypto.go 프로젝트: qbit/client
// SignED25519 signs the given message with the current user's private
// signing key.
func SignED25519(g *libkb.GlobalContext, getSecretUI func() libkb.SecretUI, arg keybase1.SignED25519Arg) (ret keybase1.ED25519SignatureInfo, err error) {
	signingKey, err := getMySecretKey(g, getSecretUI, libkb.DeviceSigningKeyType, arg.Reason)
	if err != nil {
		return
	}

	kp, ok := signingKey.(libkb.NaclSigningKeyPair)
	if !ok || kp.Private == nil {
		err = libkb.KeyCannotSignError{}
		return
	}

	sig := *kp.Private.Sign(arg.Msg)
	publicKey := kp.Public
	ret = keybase1.ED25519SignatureInfo{
		Sig:       keybase1.ED25519Signature(sig),
		PublicKey: keybase1.ED25519PublicKey(publicKey),
	}
	return
}
예제 #2
0
func (fc FakeCryptoClient) Call(ctx context.Context, s string, args interface{}, res interface{}) error {
	switch s {
	case "keybase.1.crypto.signED25519":
		if err := fc.maybeWaitOnChannel(ctx); err != nil {
			return err
		}
		arg := args.([]interface{})[0].(keybase1.SignED25519Arg)
		sigInfo, err := fc.Local.Sign(context.Background(), arg.Msg)
		if err != nil {
			return err
		}
		sigRes := res.(*keybase1.ED25519SignatureInfo)
		// Normally, we'd have to validate all the parameters
		// in sigInfo, but since this is used in tests only,
		// there's no need.
		var ed25519Signature keybase1.ED25519Signature
		copy(ed25519Signature[:], sigInfo.Signature)
		publicKey :=
			libkb.KIDToNaclSigningKeyPublic(sigInfo.VerifyingKey.kid.ToBytes())
		*sigRes = keybase1.ED25519SignatureInfo{
			Sig:       ed25519Signature,
			PublicKey: keybase1.ED25519PublicKey(*publicKey),
		}
		return nil

	case "keybase.1.crypto.unboxBytes32":
		if err := fc.maybeWaitOnChannel(ctx); err != nil {
			return err
		}
		arg := args.([]interface{})[0].(keybase1.UnboxBytes32Arg)
		publicKey := MakeTLFEphemeralPublicKey(arg.PeersPublicKey)
		encryptedClientHalf := EncryptedTLFCryptKeyClientHalf{
			Version:       EncryptionSecretbox,
			EncryptedData: arg.EncryptedBytes32[:],
			Nonce:         arg.Nonce[:],
		}
		clientHalf, err := fc.Local.DecryptTLFCryptKeyClientHalf(
			context.Background(), publicKey, encryptedClientHalf)
		if err != nil {
			return err
		}
		res := res.(*keybase1.Bytes32)
		*res = clientHalf.data
		return nil

	case "keybase.1.crypto.unboxBytes32Any":
		if err := fc.maybeWaitOnChannel(ctx); err != nil {
			return err
		}
		arg := args.([]interface{})[0].(keybase1.UnboxBytes32AnyArg)
		keys := make([]EncryptedTLFCryptKeyClientAndEphemeral, 0, len(arg.Bundles))
		for _, k := range arg.Bundles {
			ePublicKey := MakeTLFEphemeralPublicKey(k.PublicKey)
			encryptedClientHalf := EncryptedTLFCryptKeyClientHalf{
				Version:       EncryptionSecretbox,
				EncryptedData: make([]byte, len(k.Ciphertext)),
				Nonce:         make([]byte, len(k.Nonce)),
			}
			copy(encryptedClientHalf.EncryptedData, k.Ciphertext[:])
			copy(encryptedClientHalf.Nonce, k.Nonce[:])
			keys = append(keys, EncryptedTLFCryptKeyClientAndEphemeral{
				EPubKey:    ePublicKey,
				ClientHalf: encryptedClientHalf,
				PubKey:     MakeCryptPublicKey(k.Kid),
			})
		}
		clientHalf, index, err := fc.Local.DecryptTLFCryptKeyClientHalfAny(
			context.Background(), keys, arg.PromptPaper)
		if err != nil {
			return err
		}
		res := res.(*keybase1.UnboxAnyRes)
		res.Plaintext = clientHalf.data
		res.Index = index
		res.Kid = keys[index].PubKey.kidContainer.kid
		return nil

	default:
		return fmt.Errorf("Unknown call: %s %v %v", s, args, res)
	}
}