-
Notifications
You must be signed in to change notification settings - Fork 7
/
intro.go
74 lines (61 loc) · 1.69 KB
/
intro.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
// Copyright 2016 David Lazar. All rights reserved.
// Use of this source code is governed by the GNU AGPL
// license that can be found in the LICENSE file.
package alpenhorn
import (
"bytes"
"crypto/ed25519"
"encoding/binary"
"unsafe"
"vuvuzela.io/alpenhorn/pkg"
"vuvuzela.io/crypto/bls"
)
const (
sizeIntro = int(unsafe.Sizeof(introduction{}))
)
type introduction struct {
Username [64]byte
DHPublicKey [32]byte
DialingRound uint32
LongTermKey [32]byte
Signature [64]byte
ServerMultisig [32]byte
}
func (i *introduction) MarshalBinary() ([]byte, error) {
buf := new(bytes.Buffer)
if err := binary.Write(buf, binary.BigEndian, i); err != nil {
return nil, err
}
return buf.Bytes(), nil
}
func (i *introduction) UnmarshalBinary(data []byte) error {
buf := bytes.NewReader(data)
return binary.Read(buf, binary.BigEndian, i)
}
func (i *introduction) Verify(serverKeys []*bls.PublicKey) bool {
longTermKey := ed25519.PublicKey(i.LongTermKey[:])
msgs := make([][]byte, len(serverKeys))
for j, key := range serverKeys {
attestation := &pkg.Attestation{
AttestKey: key,
UserIdentity: &i.Username,
UserLongTermKey: longTermKey,
}
msgs[j] = attestation.Marshal()
}
ok1 := bls.VerifyCompressed(serverKeys, msgs, &i.ServerMultisig)
ok2 := ed25519.Verify(longTermKey, i.msg(), i.Signature[:])
return ok1 && ok2
}
func (i *introduction) Sign(key ed25519.PrivateKey) {
sig := ed25519.Sign(key, i.msg())
copy(i.Signature[:], sig)
}
func (i *introduction) msg() []byte {
buf := new(bytes.Buffer)
buf.WriteString("Introduction")
buf.Write(i.Username[:])
buf.Write(i.DHPublicKey[:])
binary.Write(buf, binary.BigEndian, i.DialingRound)
return buf.Bytes()
}