// verifyHost will anaylze the systempacket information and verify the signature
// It will return a ACK properly initialized with the right codes in it.
func verifyHost(pubKeyFile string) (net.Conn, Ack) {
// get the right public key
pub, host, err := cliutils.ReadPubKey(suite, pubKeyFile)
if err != nil {
dbg.Fatal("Could not read the public key from the file:", err)
}
dbg.Lvl1("Public key file read")
// Then get a connection
conn, err := net.Dial("tcp", host)
if err != nil {
dbg.Fatal("Error when getting the connection to the host:", err)
}
dbg.Lvl1("Verifier connected to the host. Validation in progress...")
// Get the system packet message
var sys SystemPacket
if err = suite.Read(conn, &sys); err != nil {
dbg.Fatal("Error when reading the system packet message from host:", err)
}
// Get the signature length first
var length int
if err := suite.Read(conn, &length); err != nil {
dbg.Fatal("Could not read length of the signature ...")
}
// Get the signature
sig := make([]byte, length)
if err := suite.Read(conn, &sig); err != nil {
dbg.Fatal("Error reading the signature:", err)
}
// First, encode the sys packet
var b bytes.Buffer
if err := suite.Write(&b, sys); err != nil {
dbg.Fatal("Error when encoding the syspacket to be verified:", err)
}
X := make([]abstract.Point, 1)
X[0] = pub
// Verify signature
var ack Ack
ack.Type = TYPE_SYS
ack.Code = SYS_EXIT
if _, err := anon.Verify(suite, b.Bytes(), anon.Set(X), nil, sig); err != nil {
// Wrong signature
ack.Code = SYS_WRONG_SIG
dbg.Lvl1("WARNING: signature provided is wrong.")
} else {
// verfiy SystemPacket itself
ack.Code = SYS_OK
dbg.Lvl1("Host's signature verified and system seems healty. OK")
}
return conn, ack
}
// readKeyPair will read both private and public files
// and returns a keypair containing the respective private and public keys
func readKeyFile(keyFile string) (config.KeyPair, string) {
sec, err := cliutils.ReadPrivKey(suite, namePriv(keyFile))
if err != nil {
dbg.Fatal("Could not read private key:", err)
}
pub, addr, err := cliutils.ReadPubKey(suite, namePub(keyFile))
if err != nil {
dbg.Fatal("Could not read public key:", err)
}
return config.KeyPair{
Suite: suite,
Secret: sec,
Public: pub,
}, addr
}
func createPeer(conf *app.ConfigConode, id int) *conode.Peer {
// Read the private / public keys + binded address
keybase := "testdata/key" + strconv.Itoa(id)
address := ""
if sec, err := cliutils.ReadPrivKey(suite, keybase+".priv"); err != nil {
dbg.Fatal("Error reading private key file :", err)
} else {
conf.Secret = sec
}
if pub, addr, err := cliutils.ReadPubKey(suite, keybase+".pub"); err != nil {
dbg.Fatal("Error reading public key file :", err)
} else {
conf.Public = pub
address = addr
}
return conode.NewPeer(address, conf)
}
// Run will launch the conode server. It takes a config file and a key file
// First parse the key + config file and then run the actual server
func Run(configFile, key string) {
var address string
// Read the global config
conf := &app.ConfigConode{}
if err := app.ReadTomlConfig(conf, configFile); err != nil {
dbg.Fatal("Could not read toml config:", err)
}
dbg.Lvl1("Configuration file read")
// Read the private / public keys + binded address
if sec, err := cliutils.ReadPrivKey(suite, namePriv(key)); err != nil {
dbg.Fatal("Error reading private key file:", err)
} else {
conf.Secret = sec
}
if pub, addr, err := cliutils.ReadPubKey(suite, namePub(key)); err != nil {
dbg.Fatal("Error reading public key file:", err)
} else {
conf.Public = pub
address = addr
}
peer := conode.NewPeer(address, conf)
peer.LoopRounds(RoundStatsType, maxRounds)
}
