Exemplo n.º 1
0
// NewPublicKey reads the public key from a string.
func NewPublicKey(text string) (*PublicKey, error) {

	text = strings.TrimSpace(text)

	if !strings.HasPrefix(text, PUBLIC_KEY_TYPE) {
		return nil, ErrPublicKeyFormat
	}

	text = strings.TrimSpace(strings.TrimPrefix(text, PUBLIC_KEY_TYPE))

	b := buffer.NewBuffer(text)
	k := &PublicKey{}

	err := k.ReadBuffer(b)
	if err != nil {
		return nil, err
	}

	b.ScanEof()

	if b.Error != nil {
		return nil, b.Error
	}

	return k, nil
}
Exemplo n.º 2
0
// NewSignRequest reads a sign request from a string.
func NewSignRequest(text string) (*SignRequest, error) {

	text = strings.TrimSpace(text)

	if !strings.HasPrefix(text, SIGN_REQUEST_HEADER) {
		return nil, ErrSignRequestFormat
	}
	text = strings.TrimPrefix(text, SIGN_REQUEST_HEADER)

	if !strings.HasSuffix(text, SIGN_REQUEST_FOOTER) {
		return nil, ErrSignRequestFormat
	}
	text = strings.TrimSuffix(text, SIGN_REQUEST_FOOTER)

	split := strings.Split(text, "\n\n")
	if len(split) > 2 {
		return nil, ErrSignRequestFormat
	}

	base64 := split[len(split)-1]

	b := buffer.NewBuffer(base64)
	request := new(SignRequest)
	err := request.ReadBuffer(b)
	if err != nil {
		return nil, err
	}
	b.ScanEof()

	if b.Error != nil {
		return nil, b.Error
	}

	return request, nil
}
Exemplo n.º 3
0
// NewPartialKey reads a PartialKey from its string representation
func NewPartialKey(text string) (*PartialKey, error) {

	text = strings.TrimSpace(text)

	if !strings.HasPrefix(text, HEADER) {
		return nil, ErrPartialKeyFormat
	}
	text = strings.TrimPrefix(text, HEADER)

	if !strings.HasSuffix(text, FOOTER) {
		return nil, ErrPartialKeyFormat
	}
	text = strings.TrimSuffix(text, FOOTER)

	split := strings.Split(text, "\n\n")
	if len(split) > 2 {
		return nil, ErrPartialKeyFormat
	}

	base64 := strings.TrimSpace(split[len(split)-1])

	b := buffer.NewBuffer(base64)

	t := b.ScanString()
	e := b.ScanMPInt()
	n := b.ScanMPInt()
	d := b.ScanMPInt()
	b.ScanEof()

	if b.Error != nil {
		return nil, b.Error
	}

	if t != KEY_TYPE {
		return nil, ErrPartialKeyFormat
	}

	if e.Cmp(big.NewInt(EXPONENT)) != 0 {
		return nil, ErrPartialKeyWrongExponent
	}

	if d.Cmp(n) > 0 {
		println("Oops d")
		return nil, ErrPartialKeyWrongExponent
	}

	k := new(PartialKey)
	k.E = EXPONENT
	k.N = n
	k.D = d

	return k, nil
}
Exemplo n.º 4
0
func (O *Octokey) SignChallenge(challenge string, requestUrl string, signer Signer) (string, error) {
	a := AuthRequest{
		ChallengeBuffer:  buffer.NewBuffer(challenge),
		RequestUrl:       requestUrl,
		Username:         signer.Username(),
		ServiceName:      SERVICE_NAME,
		AuthMethod:       AUTH_METHOD,
		SigningAlgorithm: SIGNING_ALGORITHM,
	}

	return a.Sign(signer)
}
Exemplo n.º 5
0
func (c *Challenge) ReadFrom(s string, clientIp net.IP) {
	b := buffer.NewBuffer(s)
	currentTime := now()

	c.Version = b.ScanUint8()
	c.Timestamp = b.ScanTimestamp()
	c.ClientIp = b.ScanIP()
	c.Random = b.ScanVarBytes()
	c.Digest = b.ScanVarBytes()
	b.ScanEof()

	if b.Error != nil {
		c.Errors = append(c.Errors, b.Error)
		return
	}

	if c.Version != CHALLENGE_VERSION {
		c.Errors = append(c.Errors, errors.New("octokey/challenge: version mismatch"))
		return
	}

	if currentTime.Unix()+MAX_AGE < c.Timestamp.Unix() {
		c.Errors = append(c.Errors, errors.New("octokey/challenge: challenge too new"))
	}

	if currentTime.Unix()+MIN_AGE > c.Timestamp.Unix() {
		c.Errors = append(c.Errors, errors.New("octokey/challenge: challenge too old"))
	}

	if !c.ClientIp.Equal(clientIp) {
		c.Errors = append(c.Errors, errors.New("octokey/challenge: challenge IP mismatch"))
	}

	if len(c.Random) != RANDOM_SIZE {
		c.Errors = append(c.Errors, errors.New("octokey/challenge: challenge random mismatch"))
	}

	if !hmac.Equal(c.Digest, c.expectedDigest()) {
		c.Errors = append(c.Errors, errors.New("octokey/challenge: challenge HMAC mismatch"))
	}
}