Fixed encryption/decryption functions

fabiocolacio · Dec 7, 2018 · 0238dd4 · 0238dd4
1 parent 794fbe1
commit 0238dd4
Show file tree

Hide file tree

Showing 5 changed files with 114 additions and 33 deletions.
diff --git a/api/jwt.go b/api/jwt.go
@@ -0,0 +1,42 @@
+package api
+
+import(
+    "strings"
+    "encoding/json"
+    "github.com/fabiocolacio/mercury/server"
+    "encoding/base64"
+    "errors"
+    "fmt"
+    "bytes"
+)
+
+var(
+    ErrMalformedJWT = errors.New("Malformed JWT")
+)
+
+func UnwrapJWT(jwt []byte) (server.Session, error) {
+    var sess server.Session
+
+    elements := strings.Split(string(jwt), ".")
+    if len(elements) < 3 {
+        return sess, ErrMalformedJWT
+    }
+
+    payload := elements[1]
+    jsonObj := make([]byte, base64.URLEncoding.DecodedLen(len(payload)))
+
+    _, err := base64.URLEncoding.Decode(jsonObj, []byte(payload))
+    if err != nil {
+        return sess, err
+    }
+    jsonObj = bytes.Trim(jsonObj, "\x00")
+
+    fmt.Println(string(jsonObj))
+
+    err = json.Unmarshal(jsonObj, &sess)
+    if err != nil {
+        return sess, err
+    }
+
+    return sess, err
+}
diff --git a/api/requests.go b/api/requests.go
@@ -27,6 +27,28 @@ func SetHost(newHost string) {
     host = newHost
 }
 
+func Register(user, passwd string) error {
+    creds := map[string]string{
+        "Username": user,
+        "Password": passwd,
+    }
+
+    payload, err := json.Marshal(creds)
+    if err != nil {
+        return err
+    }
+
+    res, err := client.Post(host + "/register", "text/javascript", bytes.NewBuffer(payload))
+    if err != nil {
+        return err
+    }
+    if res.StatusCode != 200 {
+        return ErrLoginFailed
+    }
+
+    return nil
+}
+
 func Login(user, passwd string) ([]byte, error) {
     creds := map[string]string{
         "Username": user,
@@ -42,6 +64,10 @@ func Login(user, passwd string) ([]byte, error) {
     if err != nil {
         return nil, err
     }
+    if res.StatusCode != 200 {
+        return nil, ErrLoginFailed
+    }
+
     defer res.Body.Close()
     jwt, err := ioutil.ReadAll(res.Body)
     if err != nil {

diff --git a/crypto/eecdh.go b/crypto/eecdh.go
@@ -69,8 +69,9 @@ func EncryptMessage(clearText, priv []byte, ax, ay, bx, by *big.Int) (msg *Encry
         return nil, err
     }
 
-    // Create buffer for ciphertext
+    // Create buffers for ciphertexts
     cipherText := make([]byte, len(paddedClearText))
+    encryptedKey := make([]byte, len(hmacKey))
 
     // Create AES block cipher
     aesCipher, err := aes.NewCipher(aesKey)
@@ -88,11 +89,17 @@ func EncryptMessage(clearText, priv []byte, ax, ay, bx, by *big.Int) (msg *Encry
     cbc := cipher.NewCBCEncrypter(aesCipher, iv)
     cbc.CryptBlocks(cipherText, paddedClearText)
 
+    // Encrypt hmac key with CBC block encrypter
+    cbc = cipher.NewCBCEncrypter(aesCipher, iv)
+    cbc.CryptBlocks(encryptedKey, hmacKey)
+
     // Generate MAC tag for data
     mac := hmac.New(secureHash, hmacKey)
     mac.Write(cipherText)
     tag := mac.Sum(nil)
 
+    fmt.Println("hmac key", hmacKey)
+
     msg = &EncryptedMessage{
         Ax: ax.Bytes(),
         Ay: ay.Bytes(),
@@ -101,6 +108,7 @@ func EncryptMessage(clearText, priv []byte, ax, ay, bx, by *big.Int) (msg *Encry
         IV: iv,
         Msg: cipherText,
         Tag: tag,
+        Key: encryptedKey,
     }
 
     return msg, err
@@ -131,17 +139,20 @@ func (message *EncryptedMessage) Decrypt(priv []byte, sender bool) ([]byte, erro
         return nil, err
     }
 
-    // // Decrypt HMAC Key
-    // cbc := cipher.NewCBCDecrypter(aesCipher, message.IV)
-    // cbc.CryptBlocks(message.Key, message.Key)
+    fmt.Println("hmac key", message.Key)
+
+    // Decrypt HMAC Key
+    cbc := cipher.NewCBCDecrypter(aesCipher, message.IV)
+    cbc.CryptBlocks(message.Key, message.Key)
+    fmt.Println("hmac key", message.Key)
 
-    // // Compare MAC tags
-    // if !CheckMAC(message.Msg, message.Tag, message.Key) {
-    //     return nil, ErrUnexpectedMAC
-    // }
+    // Compare MAC tags
+    if !CheckMAC(message.Msg, message.Tag, message.Key) {
+        return nil, ErrUnexpectedMAC
+    }
 
     // Decrypt and unpad the payload
-    cbc := cipher.NewCBCDecrypter(aesCipher, message.IV)
+    cbc = cipher.NewCBCDecrypter(aesCipher, message.IV)
     cbc.CryptBlocks(message.Msg, message.Msg)
     msg, err := pkcs7Unpad(message.Msg, aes.BlockSize)
     if err != nil {

diff --git a/main b/main
diff --git a/main.go b/main.go
@@ -2,36 +2,16 @@ package main
 
 import(
     "fmt"
-
-//    "github.com/fabiocolacio/quicksilver/crypto"
-//    "crypto/elliptic"
-//    "crypto/rand"
-
+   "github.com/fabiocolacio/quicksilver/crypto"
+   "crypto/elliptic"
+   "crypto/rand"
     "log"
     "github.com/fabiocolacio/quicksilver/gui"
     "github.com/fabiocolacio/quicksilver/api"
     "github.com/gotk3/gotk3/gtk"
 )
 
 func main() {
-    jwt, err := api.Login("fabio", "fabio")
-    if err != nil {
-        log.Fatal(err)
-    }
-    fmt.Println(string(jwt))
-
-    gtk.Init(nil)
-
-    ui, err := gui.UINew()
-    if err != nil {
-        log.Fatal(err)
-    }
-
-    ui.Window.ShowAll()
-
-    gtk.Main()
-
-    /*
     pa, ax, ay, err := elliptic.GenerateKey(crypto.Curve, rand.Reader)
     if err != nil {
         fmt.Println(err)
@@ -56,5 +36,27 @@ func main() {
         fmt.Println(err)
     }
     fmt.Println(string(clear))
-    */
+
+    jwt, err := api.Login("fabio", "fabio")
+    if err != nil {
+        log.Fatal(err)
+    }
+    fmt.Println(string(jwt))
+
+    session, err := api.UnwrapJWT(jwt)
+    if err != nil {
+        log.Fatal(err)
+    }
+    fmt.Println(session)
+
+    gtk.Init(nil)
+
+    ui, err := gui.UINew()
+    if err != nil {
+        log.Fatal(err)
+    }
+
+    ui.Window.ShowAll()
+
+    gtk.Main()
 }