func GetLibbitcoinServers(cfgPath string) ([]libbitcoin.Server, error) { servers := []libbitcoin.Server{} file, err := ioutil.ReadFile(cfgPath) if err != nil { return servers, err } var cfg interface{} json.Unmarshal(file, &cfg) wallet := cfg.(map[string]interface{})["Wallet"] for _, s := range wallet.(map[string]interface{})["LibbitcoinServers"].([]interface{}) { encodedKey := s.(map[string]interface{})["PublicKey"].(string) if encodedKey != "" { b, _ := base64.StdEncoding.DecodeString(encodedKey) encodedKey = zmq4.Z85encode(string(b)) } server := libbitcoin.Server{ Url: s.(map[string]interface{})["Url"].(string), PublicKey: encodedKey, } servers = append(servers, server) } return servers, nil }
func TestSecurityCurve(t *testing.T) { time.Sleep(100 * time.Millisecond) var handler, server, client *zmq.Socket defer func() { for _, s := range []*zmq.Socket{handler} { if s != nil { s.SetLinger(0) s.Close() } } }() if _, minor, _ := zmq.Version(); minor >= 1 && !zmq.HasCurve() { t.Skip("Curve not available") } // Generate new keypairs for this test client_public, client_secret, err := zmq.NewCurveKeypair() if err != nil { t.Fatal("NewCurveKeypair:", err) } server_public, server_secret, err := zmq.NewCurveKeypair() if err != nil { t.Fatal("NewCurveKeypair:", err) } handler, err = zmq.NewSocket(zmq.REP) if err != nil { t.Fatal("NewSocket:", err) } err = handler.Bind("inproc://zeromq.zap.01") if err != nil { t.Fatal("handler.Bind:", err) } doHandler := func(state zmq.State) error { msg, err := handler.RecvMessage(0) if err != nil { return err // Terminating } version := msg[0] sequence := msg[1] // domain := msg[2] // address := msg[3] identity := msg[4] mechanism := msg[5] client_key := msg[6] client_key_text := zmq.Z85encode(client_key) if version != "1.0" { return errors.New("version != 1.0") } if mechanism != "CURVE" { return errors.New("mechanism != CURVE") } if identity != "IDENT" { return errors.New("identity != IDENT") } if client_key_text == client_public { handler.SendMessage(version, sequence, "200", "OK", "anonymous", "") } else { handler.SendMessage(version, sequence, "400", "Invalid client public key", "", "") } return nil } doQuit := func(i interface{}) error { err := handler.Close() handler = nil if err != nil { t.Error("handler.Close:", err) } return errors.New("Quit") } quit := make(chan interface{}) reactor := zmq.NewReactor() reactor.AddSocket(handler, zmq.POLLIN, doHandler) reactor.AddChannel(quit, 0, doQuit) go func() { reactor.Run(100 * time.Millisecond) quit <- true }() defer func() { quit <- true <-quit close(quit) }() // Server socket will accept connections server, err = zmq.NewSocket(zmq.DEALER) if err != nil { t.Fatal("NewSocket:", err) } err = server.SetCurveServer(1) if err != nil { t.Fatal("server.SetCurveServer(1):", err) } err = server.SetCurveSecretkey(server_secret) if err != nil { t.Fatal("server.SetCurveSecretkey:", err) } err = server.SetIdentity("IDENT") if err != nil { t.Fatal("server.SetIdentity:", err) } server.Bind("tcp://127.0.0.1:9998") if err != nil { t.Fatal("server.Bind:", err) } err = server.SetRcvtimeo(time.Second) if err != nil { t.Fatal("server.SetRcvtimeo:", err) } // Check CURVE security with valid credentials client, err = zmq.NewSocket(zmq.DEALER) if err != nil { t.Fatal("NewSocket:", err) } err = client.SetCurveServerkey(server_public) if err != nil { t.Fatal("client.SetCurveServerkey:", err) } err = client.SetCurvePublickey(client_public) if err != nil { t.Fatal("client.SetCurvePublickey:", err) } err = client.SetCurveSecretkey(client_secret) if err != nil { t.Fatal("client.SetCurveSecretkey:", err) } err = client.Connect("tcp://127.0.0.1:9998") if err != nil { t.Fatal("client.Connect:", err) } msg, err := bounce(server, client) if err != nil { t.Error(msg, err) } err = client.Close() client = nil if err != nil { t.Fatal("client.Close:", err) } time.Sleep(100 * time.Millisecond) // Check CURVE security with a garbage server key // This will be caught by the curve_server class, not passed to ZAP garbage_key := "0000111122223333444455556666777788889999" client, err = zmq.NewSocket(zmq.DEALER) if err != nil { t.Fatal("NewSocket:", err) } err = client.SetCurveServerkey(garbage_key) if err != nil { t.Fatal("client.SetCurveServerkey:", err) } err = client.SetCurvePublickey(client_public) if err != nil { t.Fatal("client.SetCurvePublickey:", err) } err = client.SetCurveSecretkey(client_secret) if err != nil { t.Fatal("client.SetCurveSecretkey:", err) } err = client.Connect("tcp://127.0.0.1:9998") if err != nil { t.Fatal("client.Connect:", err) } err = client.SetRcvtimeo(time.Second) if err != nil { t.Fatal("client.SetRcvtimeo:", err) } _, err = bounce(server, client) if err == nil { t.Error("Expected failure, got success") } client.SetLinger(0) err = client.Close() client = nil if err != nil { t.Fatal("client.Close:", err) } time.Sleep(100 * time.Millisecond) // Check CURVE security with a garbage client secret key // This will be caught by the curve_server class, not passed to ZAP client, err = zmq.NewSocket(zmq.DEALER) if err != nil { t.Fatal("NewSocket:", err) } err = client.SetCurveServerkey(server_public) if err != nil { t.Fatal("client.SetCurveServerkey:", err) } err = client.SetCurvePublickey(garbage_key) if err != nil { t.Fatal("client.SetCurvePublickey:", err) } err = client.SetCurveSecretkey(client_secret) if err != nil { t.Fatal("client.SetCurveSecretkey:", err) } err = client.Connect("tcp://127.0.0.1:9998") if err != nil { t.Fatal("client.Connect:", err) } err = client.SetRcvtimeo(time.Second) if err != nil { t.Fatal("client.SetRcvtimeo:", err) } _, err = bounce(server, client) if err == nil { t.Error("Expected failure, got success") } client.SetLinger(0) err = client.Close() client = nil if err != nil { t.Fatal("client.Close:", err) } time.Sleep(100 * time.Millisecond) // Check CURVE security with a garbage client secret key // This will be caught by the curve_server class, not passed to ZAP client, err = zmq.NewSocket(zmq.DEALER) if err != nil { t.Fatal("NewSocket:", err) } err = client.SetCurveServerkey(server_public) if err != nil { t.Fatal("client.SetCurveServerkey:", err) } err = client.SetCurvePublickey(client_public) if err != nil { t.Fatal("client.SetCurvePublickey:", err) } err = client.SetCurveSecretkey(garbage_key) if err != nil { t.Fatal("client.SetCurveSecretkey:", err) } err = client.Connect("tcp://127.0.0.1:9998") if err != nil { t.Fatal("client.Connect:", err) } err = client.SetRcvtimeo(time.Second) if err != nil { t.Fatal("client.SetRcvtimeo:", err) } _, err = bounce(server, client) if err == nil { t.Error("Expected failure, got success") } client.SetLinger(0) err = client.Close() client = nil if err != nil { t.Fatal("client.Close:", err) } time.Sleep(100 * time.Millisecond) // Check CURVE security with bogus client credentials // This must be caught by the ZAP handler bogus_public, bogus_secret, _ := zmq.NewCurveKeypair() client, err = zmq.NewSocket(zmq.DEALER) if err != nil { t.Fatal("NewSocket:", err) } err = client.SetCurveServerkey(server_public) if err != nil { t.Fatal("client.SetCurveServerkey:", err) } err = client.SetCurvePublickey(bogus_public) if err != nil { t.Fatal("client.SetCurvePublickey:", err) } err = client.SetCurveSecretkey(bogus_secret) if err != nil { t.Fatal("client.SetCurveSecretkey:", err) } err = client.Connect("tcp://127.0.0.1:9998") if err != nil { t.Fatal("client.Connect:", err) } err = client.SetRcvtimeo(time.Second) if err != nil { t.Fatal("client.SetRcvtimeo:", err) } _, err = bounce(server, client) if err == nil { t.Error("Expected failure, got success") } client.SetLinger(0) err = client.Close() client = nil if err != nil { t.Fatal("client.Close:", err) } // Shutdown err = server.Close() server = nil if err != nil { t.Error("server.Close:", err) } }
func Example_test_security_curve() { time.Sleep(100 * time.Millisecond) // Generate new keypairs for this test client_public, client_secret, err := zmq.NewCurveKeypair() if checkErr(err) { return } server_public, server_secret, err := zmq.NewCurveKeypair() if checkErr(err) { return } handler, err := zmq.NewSocket(zmq.REP) if checkErr(err) { return } err = handler.Bind("inproc://zeromq.zap.01") if checkErr(err) { return } doHandler := func(state zmq.State) error { msg, err := handler.RecvMessage(0) if err != nil { return err // Terminating } version := msg[0] sequence := msg[1] // domain := msg[2] // address := msg[3] identity := msg[4] mechanism := msg[5] client_key := msg[6] client_key_text := zmq.Z85encode(client_key) if version != "1.0" { return errors.New("version != 1.0") } if mechanism != "CURVE" { return errors.New("mechanism != CURVE") } if identity != "IDENT" { return errors.New("identity != IDENT") } if client_key_text == client_public { handler.SendMessage(version, sequence, "200", "OK", "anonymous", "") } else { handler.SendMessage(version, sequence, "400", "Invalid client public key", "", "") } return nil } doQuit := func(i interface{}) error { err := handler.Close() checkErr(err) fmt.Println("Handler closed") return errors.New("Quit") } quit := make(chan interface{}) reactor := zmq.NewReactor() reactor.AddSocket(handler, zmq.POLLIN, doHandler) reactor.AddChannel(quit, 0, doQuit) go func() { reactor.Run(100 * time.Millisecond) fmt.Println("Reactor finished") quit <- true }() defer func() { quit <- true <-quit close(quit) }() // Server socket will accept connections server, err := zmq.NewSocket(zmq.DEALER) if checkErr(err) { return } err = server.SetCurveServer(1) if checkErr(err) { return } err = server.SetCurveSecretkey(server_secret) if checkErr(err) { return } err = server.SetIdentity("IDENT") if checkErr(err) { return } server.Bind("tcp://127.0.0.1:9998") if checkErr(err) { return } err = server.SetRcvtimeo(time.Second) if checkErr(err) { return } // Check CURVE security with valid credentials client, err := zmq.NewSocket(zmq.DEALER) if checkErr(err) { return } err = client.SetCurveServerkey(server_public) if checkErr(err) { return } err = client.SetCurvePublickey(client_public) if checkErr(err) { return } err = client.SetCurveSecretkey(client_secret) if checkErr(err) { return } err = client.Connect("tcp://127.0.0.1:9998") if checkErr(err) { return } bounce(server, client, false) err = client.Close() if checkErr(err) { return } time.Sleep(100 * time.Millisecond) // Check CURVE security with a garbage server key // This will be caught by the curve_server class, not passed to ZAP garbage_key := "0000111122223333444455556666777788889999" client, err = zmq.NewSocket(zmq.DEALER) if checkErr(err) { return } err = client.SetCurveServerkey(garbage_key) if checkErr(err) { return } err = client.SetCurvePublickey(client_public) if checkErr(err) { return } err = client.SetCurveSecretkey(client_secret) if checkErr(err) { return } err = client.Connect("tcp://127.0.0.1:9998") if checkErr(err) { return } err = client.SetRcvtimeo(time.Second) if checkErr(err) { return } bounce(server, client, true) client.SetLinger(0) err = client.Close() if checkErr(err) { return } time.Sleep(100 * time.Millisecond) // Check CURVE security with a garbage client secret key // This will be caught by the curve_server class, not passed to ZAP client, err = zmq.NewSocket(zmq.DEALER) if checkErr(err) { return } err = client.SetCurveServerkey(server_public) if checkErr(err) { return } err = client.SetCurvePublickey(garbage_key) if checkErr(err) { return } err = client.SetCurveSecretkey(client_secret) if checkErr(err) { return } err = client.Connect("tcp://127.0.0.1:9998") if checkErr(err) { return } err = client.SetRcvtimeo(time.Second) if checkErr(err) { return } bounce(server, client, true) client.SetLinger(0) err = client.Close() if checkErr(err) { return } time.Sleep(100 * time.Millisecond) // Check CURVE security with a garbage client secret key // This will be caught by the curve_server class, not passed to ZAP client, err = zmq.NewSocket(zmq.DEALER) if checkErr(err) { return } err = client.SetCurveServerkey(server_public) if checkErr(err) { return } err = client.SetCurvePublickey(client_public) if checkErr(err) { return } err = client.SetCurveSecretkey(garbage_key) if checkErr(err) { return } err = client.Connect("tcp://127.0.0.1:9998") if checkErr(err) { return } err = client.SetRcvtimeo(time.Second) if checkErr(err) { return } bounce(server, client, true) client.SetLinger(0) err = client.Close() if checkErr(err) { return } time.Sleep(100 * time.Millisecond) // Check CURVE security with bogus client credentials // This must be caught by the ZAP handler bogus_public, bogus_secret, _ := zmq.NewCurveKeypair() client, err = zmq.NewSocket(zmq.DEALER) if checkErr(err) { return } err = client.SetCurveServerkey(server_public) if checkErr(err) { return } err = client.SetCurvePublickey(bogus_public) if checkErr(err) { return } err = client.SetCurveSecretkey(bogus_secret) if checkErr(err) { return } err = client.Connect("tcp://127.0.0.1:9998") if checkErr(err) { return } err = client.SetRcvtimeo(time.Second) if checkErr(err) { return } bounce(server, client, true) client.SetLinger(0) err = client.Close() if checkErr(err) { return } // Shutdown err = server.Close() checkErr(err) fmt.Println("Done") // Output: // 5 error // 5 error // 5 error // 5 error // Done // Handler closed // Reactor finished }