voidlizard
/
hbs2
mirror of https://github.com/voidlizard/hbs2
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

wip

This commit is contained in:
Sergey Ivanov 2023-07-12 23:24:37 +04:00
parent 9eed3a6d3f
commit e43f2c439d
4 changed files with 31 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
hbs2-core/lib/HBS2/Net/Proto/EncryptionHandshake.hs
View File

@ -85,7 +85,7 @@ sendBeginEncryptionExchange penv creds peer pubkey = do
request peer (BeginEncryptionExchange @e nonce0 sign pubkey) request peer (BeginEncryptionExchange @e nonce0 sign pubkey)
data EncryptionHandshakeAdapter e m s = EncryptionHandshakeAdapter data EncryptionHandshakeAdapter e m s = EncryptionHandshakeAdapter
{ encHandshake_considerPeerAsymmKey :: PeerAddr e -> Maybe (PeerData e) -> Maybe Encrypt.PublicKey -> m () { encHandshake_considerPeerAsymmKey :: Peer e -> Maybe (PeerData e) -> Maybe Encrypt.PublicKey -> m ()
} }
@ -121,11 +121,10 @@ encryptionHandshakeProto EncryptionHandshakeAdapter{..} penv = \case
ResetEncryptionKeys -> do ResetEncryptionKeys -> do
peer <- thatPeer proto peer <- thatPeer proto
paddr <- toPeerAddr peer
mpeerData <- find (KnownPeerKey peer) id mpeerData <- find (KnownPeerKey peer) id
-- TODO: check theirsign -- TODO: check theirsign
trace $ "EHSP ResetEncryptionKeys from" <+> viaShow (peer, paddr, mpeerData) trace $ "EHSP ResetEncryptionKeys from" <+> viaShow (peer, mpeerData)
encHandshake_considerPeerAsymmKey paddr mpeerData Nothing encHandshake_considerPeerAsymmKey peer mpeerData Nothing
creds <- getCredentials @s creds <- getCredentials @s
let ourpubkey = pubKeyFromKeypair @s $ view envAsymmetricKeyPair penv let ourpubkey = pubKeyFromKeypair @s $ view envAsymmetricKeyPair penv
@ -133,13 +132,10 @@ encryptionHandshakeProto EncryptionHandshakeAdapter{..} penv = \case
BeginEncryptionExchange nonce0 theirsign theirpubkey -> do BeginEncryptionExchange nonce0 theirsign theirpubkey -> do
peer <- thatPeer proto peer <- thatPeer proto
paddr <- toPeerAddr peer
mpeerData <- find (KnownPeerKey peer) id mpeerData <- find (KnownPeerKey peer) id
-- TODO: check theirsign -- TODO: check theirsign
trace $ "EHSP BeginEncryptionExchange from" <+> viaShow (peer, paddr, mpeerData) trace $ "EHSP BeginEncryptionExchange from" <+> viaShow (peer, mpeerData)
encHandshake_considerPeerAsymmKey paddr mpeerData (Just theirpubkey)
-- взять свои ключи -- взять свои ключи
creds <- getCredentials @s creds <- getCredentials @s
@ -150,21 +146,23 @@ encryptionHandshakeProto EncryptionHandshakeAdapter{..} penv = \case
let sign = makeSign @s (view peerSignSk creds) (unEENonce nonce0 <> (cs . serialise) ourpubkey) let sign = makeSign @s (view peerSignSk creds) (unEENonce nonce0 <> (cs . serialise) ourpubkey)
-- отправить обратно вместе с публичным ключом -- отправить обратно вместе с публичным ключом
-- отправится пока ещё в плоском виде
response (AckEncryptionExchange @e nonce0 sign ourpubkey) response (AckEncryptionExchange @e nonce0 sign ourpubkey)
emit PeerAsymmInfoKey (PeerAsymmPubKey peer theirpubkey) -- Только после этого прописываем его ключ у себя
encHandshake_considerPeerAsymmKey peer mpeerData (Just theirpubkey)
-- emit PeerAsymmInfoKey (PeerAsymmPubKey peer theirpubkey)
AckEncryptionExchange nonce0 theirsign theirpubkey -> do AckEncryptionExchange nonce0 theirsign theirpubkey -> do
peer <- thatPeer proto peer <- thatPeer proto
paddr <- toPeerAddr peer
mpeerData <- find (KnownPeerKey peer) id mpeerData <- find (KnownPeerKey peer) id
-- TODO: check theirsign -- TODO: check theirsign
trace $ "EHSP AckEncryptionExchange from" <+> viaShow (peer, paddr, mpeerData) trace $ "EHSP AckEncryptionExchange from" <+> viaShow (peer, mpeerData)
encHandshake_considerPeerAsymmKey paddr mpeerData (Just theirpubkey) -- Прописываем его ключ у себя
encHandshake_considerPeerAsymmKey peer mpeerData (Just theirpubkey)
emit PeerAsymmInfoKey (PeerAsymmPubKey peer theirpubkey) -- emit PeerAsymmInfoKey (PeerAsymmPubKey peer theirpubkey)
where where
proto = Proxy @(EncryptionHandshake e) proto = Proxy @(EncryptionHandshake e)

8
hbs2-peer/app/Brains.hs
View File

@ -610,7 +610,7 @@ insertPeerAsymmKey :: forall e m .
, MonadIO m , MonadIO m
) )
=> BasicBrains e => BasicBrains e
-> PeerAddr e -> Peer e
-> Encrypt.PublicKey -> Encrypt.PublicKey
-> m () -> m ()
@ -630,7 +630,7 @@ insertPeerSymmKey :: forall e m .
, MonadIO m , MonadIO m
) )
=> BasicBrains e => BasicBrains e
-> PeerAddr e -> Peer e
-> Encrypt.CombinedKey -> Encrypt.CombinedKey
-> m () -> m ()
@ -646,7 +646,7 @@ insertPeerSymmKey br peer hSymmKey = do
|] (show $ pretty peer, show hSymmKey) |] (show $ pretty peer, show hSymmKey)
deletePeerAsymmKey :: forall e m . (e ~ L4Proto, MonadIO m) deletePeerAsymmKey :: forall e m . (e ~ L4Proto, MonadIO m)
=> BasicBrains e -> PeerAddr e -> m () => BasicBrains e -> Peer e -> m ()
deletePeerAsymmKey br peer = deletePeerAsymmKey br peer =
void $ liftIO $ execute (view brainsDb br) [qc| void $ liftIO $ execute (view brainsDb br) [qc|
@ -655,7 +655,7 @@ deletePeerAsymmKey br peer =
|] (Only (show $ pretty peer)) |] (Only (show $ pretty peer))
deletePeerSymmKey :: forall e m . (e ~ L4Proto, MonadIO m) deletePeerSymmKey :: forall e m . (e ~ L4Proto, MonadIO m)
=> BasicBrains e -> PeerAddr e -> m () => BasicBrains e -> Peer e -> m ()
deletePeerSymmKey br peer = deletePeerSymmKey br peer =
void $ liftIO $ execute (view brainsDb br) [qc| void $ liftIO $ execute (view brainsDb br) [qc|

10
hbs2-peer/app/PeerMain.hs
View File

@ -650,13 +650,13 @@ runPeer opts = U.handle (\e -> myException e
( MonadIO m ( MonadIO m
) => EncryptionHandshakeAdapter L4Proto m s ) => EncryptionHandshakeAdapter L4Proto m s
encryptionHshakeAdapter = EncryptionHandshakeAdapter encryptionHshakeAdapter = EncryptionHandshakeAdapter
{ encHandshake_considerPeerAsymmKey = \addr mpeerData -> \case { encHandshake_considerPeerAsymmKey = \peer mpeerData -> \case
Nothing -> do Nothing -> do
deletePeerAsymmKey brains addr deletePeerAsymmKey brains peer
deletePeerSymmKey brains addr deletePeerSymmKey brains peer
Just pk -> do Just pk -> do
insertPeerAsymmKey brains addr pk insertPeerAsymmKey brains peer pk
insertPeerSymmKey brains addr $ insertPeerSymmKey brains peer $
genCommonSecret @s genCommonSecret @s
(privKeyFromKeypair @s (view envAsymmetricKeyPair penv)) (privKeyFromKeypair @s (view envAsymmetricKeyPair penv))
pk pk

10
hbs2-peer/app/ProxyMessaging.hs
View File

@ -151,6 +151,16 @@ receiveFromProxyMessaging bus _ = liftIO do
encKeys <- (liftIO . readTVarIO) (view proxyEncryptionKeys bus) encKeys <- (liftIO . readTVarIO) (view proxyEncryptionKeys bus)
fmap (w, ) <$> dfm whom (Map.lookup whom encKeys) msg fmap (w, ) <$> dfm whom (Map.lookup whom encKeys) msg
-- Здесь:
-- 1. У нас есть ключ сессии и мы не смогли расшифровать -> do
-- удаляем у себя ключ
-- отправляем sendResetEncryptionKeys
-- 2. У нас нет ключа сессии -> do
-- просто передаём сообщение как есть
-- В протоколе пингов:
-- 1. Если слишком долго нет ответа на ping, то удаляем у себя ключ, отправляем sendResetEncryptionKeys
-- TODO: -- TODO:
-- Если мы не смогли, по любой причине, расшифровать сообщение, -- Если мы не смогли, по любой причине, расшифровать сообщение,
-- то нужно стереть у себя ключ -- то нужно стереть у себя ключ