115 lines
2.6 KiB
Go
115 lines
2.6 KiB
Go
package common
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto/ed25519"
|
|
"crypto/x509"
|
|
"encoding/base64"
|
|
"encoding/pem"
|
|
"errors"
|
|
"fmt"
|
|
"oc-discovery/conf"
|
|
"oc-discovery/models"
|
|
"os"
|
|
|
|
"cloud.o-forge.io/core/oc-lib/models/peer"
|
|
"github.com/libp2p/go-libp2p/core/crypto"
|
|
"github.com/libp2p/go-libp2p/core/pnet"
|
|
)
|
|
|
|
func VerifyPeer(peers []*peer.Peer, event models.Event) error {
|
|
if len(peers) == 0 {
|
|
return errors.New("no peer found")
|
|
}
|
|
p := peers[0]
|
|
if p.Relation == peer.BLACKLIST { // if peer is blacklisted... quit...
|
|
return errors.New("peer is blacklisted")
|
|
}
|
|
pubKey, err := PubKeyFromString(p.PublicKey) // extract pubkey from pubkey str
|
|
if err != nil {
|
|
return errors.New("pubkey is malformed")
|
|
}
|
|
data, err := event.ToRawByte()
|
|
if err != nil {
|
|
return err
|
|
} // extract byte from raw event excluding signature.
|
|
if ok, _ := pubKey.Verify(data, event.Signature); !ok { // then verify if pubkey sign this message...
|
|
return errors.New("check signature failed")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func Sign(priv crypto.PrivKey, data []byte) ([]byte, error) {
|
|
return priv.Sign(data)
|
|
}
|
|
|
|
func Verify(pub crypto.PubKey, data, sig []byte) (bool, error) {
|
|
return pub.Verify(data, sig)
|
|
}
|
|
|
|
func LoadKeyFromFilePrivate() (crypto.PrivKey, error) {
|
|
path := conf.GetConfig().PrivateKeyPath
|
|
fmt.Println("extract " + path)
|
|
data, err := os.ReadFile(path)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
fmt.Println(data)
|
|
block, _ := pem.Decode(data)
|
|
fmt.Println(block.Bytes)
|
|
keyAny, err := x509.ParsePKCS8PrivateKey(block.Bytes)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
edKey, ok := keyAny.(ed25519.PrivateKey)
|
|
if !ok {
|
|
return nil, fmt.Errorf("not an ed25519 key")
|
|
}
|
|
return crypto.UnmarshalEd25519PrivateKey(edKey)
|
|
}
|
|
|
|
func LoadKeyFromFilePublic() (crypto.PubKey, error) {
|
|
path := conf.GetConfig().PublicKeyPath
|
|
fmt.Println("extract " + path)
|
|
data, err := os.ReadFile(path)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
block, _ := pem.Decode(data)
|
|
keyAny, err := x509.ParsePKIXPublicKey(block.Bytes)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
edKey, ok := keyAny.(ed25519.PublicKey)
|
|
if !ok {
|
|
return nil, fmt.Errorf("not an ed25519 key")
|
|
}
|
|
// Try to unmarshal as libp2p private key (supports ed25519, rsa, etc.)
|
|
return crypto.UnmarshalEd25519PublicKey(edKey)
|
|
}
|
|
|
|
func LoadPSKFromFile() (pnet.PSK, error) {
|
|
path := conf.GetConfig().PSKPath
|
|
data, err := os.ReadFile(path)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
psk, err := pnet.DecodeV1PSK(bytes.NewReader(data))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
fmt.Println("PSK found.")
|
|
return psk, nil
|
|
}
|
|
|
|
func PubKeyFromString(s string) (crypto.PubKey, error) {
|
|
data, err := base64.StdEncoding.DecodeString(s)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return crypto.UnmarshalPublicKey(data)
|
|
}
|