mirror of https://github.com/oxen-io/lokinet
Merge remote-tracking branch 'origin/dev' into deb08-bionic
commit
259bf12a6f
@ -0,0 +1 @@
|
||||
*.private
|
@ -0,0 +1,35 @@
|
||||
#!/usr/bin/env python3
|
||||
"""
|
||||
keygen tool for lokinet
|
||||
"""
|
||||
|
||||
from argparse import ArgumentParser as AP
|
||||
from base64 import b32encode
|
||||
|
||||
from nacl.signing import SigningKey
|
||||
|
||||
def base32z(data):
|
||||
""" base32 z encode """
|
||||
return b32encode(data).translate(
|
||||
bytes.maketrans(
|
||||
b'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567',
|
||||
b'ybndrfg8ejkmcpqxot1uwisza345h769')).decode().rstrip('=')
|
||||
|
||||
|
||||
def main():
|
||||
"""
|
||||
main function for keygen
|
||||
"""
|
||||
argparser = AP()
|
||||
argparser.add_argument('--keyfile', type=str, required=True, help='place to put generated keys')
|
||||
args = argparser.parse_args()
|
||||
secret = SigningKey.generate()
|
||||
with open(args.keyfile, 'wb') as wfile:
|
||||
wfile.write(b'd1:s64:')
|
||||
wfile.write(secret.encode())
|
||||
wfile.write(secret.verify_key.encode())
|
||||
wfile.write(b'e')
|
||||
print("{}.loki".format(base32z(secret.verify_key.encode())))
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
@ -0,0 +1,14 @@
|
||||
# lokinet key generator
|
||||
|
||||
requires:
|
||||
|
||||
* python3.7 or higher
|
||||
* pynacl
|
||||
|
||||
usage:
|
||||
|
||||
```bash
|
||||
./keygen.py --keyfile somekeyfile.private
|
||||
```
|
||||
|
||||
this will overwrite the keyfile with new keys
|
@ -1 +1 @@
|
||||
Subproject commit 0ac1d48bc8058bab4f10aeb3010343084f7a37d0
|
||||
Subproject commit 53481cdfa9b0dc8d6dbbf04803401298754d7f44
|
@ -0,0 +1,80 @@
|
||||
#include <router/route_poker.hpp>
|
||||
#include <router/abstractrouter.hpp>
|
||||
#include <net/route.hpp>
|
||||
#include <service/context.hpp>
|
||||
#include <unordered_set>
|
||||
|
||||
namespace llarp
|
||||
{
|
||||
void
|
||||
RoutePoker::AddRoute(huint32_t ip)
|
||||
{
|
||||
if (m_CurrentGateway.h == 0)
|
||||
return;
|
||||
m_PokedRoutes.emplace(ip, m_CurrentGateway);
|
||||
net::AddRoute(ip.ToString(), m_CurrentGateway.ToString());
|
||||
}
|
||||
|
||||
void
|
||||
RoutePoker::DelRoute(huint32_t ip)
|
||||
{
|
||||
const auto itr = m_PokedRoutes.find(ip);
|
||||
if (itr == m_PokedRoutes.end())
|
||||
return;
|
||||
net::DelRoute(itr->first.ToString(), itr->second.ToString());
|
||||
m_PokedRoutes.erase(itr);
|
||||
}
|
||||
|
||||
RoutePoker::~RoutePoker()
|
||||
{
|
||||
for (const auto& [ip, gateway] : m_PokedRoutes)
|
||||
net::DelRoute(ip.ToString(), gateway.ToString());
|
||||
}
|
||||
|
||||
std::optional<huint32_t>
|
||||
RoutePoker::GetDefaultGateway(const AbstractRouter& router) const
|
||||
{
|
||||
const auto ep = router.hiddenServiceContext().GetDefault();
|
||||
const auto gateways = net::GetGatewaysNotOnInterface(ep->GetIfName());
|
||||
huint32_t addr{};
|
||||
if (not gateways.empty())
|
||||
addr.FromString(gateways[0]);
|
||||
return addr;
|
||||
}
|
||||
|
||||
void
|
||||
RoutePoker::Update(const AbstractRouter& router)
|
||||
{
|
||||
const auto maybe = GetDefaultGateway(router);
|
||||
if (not maybe.has_value())
|
||||
{
|
||||
LogError("Network is down");
|
||||
return;
|
||||
}
|
||||
const huint32_t gateway = *maybe;
|
||||
if (m_CurrentGateway != gateway)
|
||||
{
|
||||
LogInfo("found default gateway: ", gateway);
|
||||
// unpoke current routes
|
||||
std::unordered_set<huint32_t> holes;
|
||||
|
||||
for (const auto& [ip, gw] : m_PokedRoutes)
|
||||
{
|
||||
// save hole
|
||||
holes.emplace(ip);
|
||||
// unpoke route
|
||||
net::DelRoute(ip.ToString(), gw.ToString());
|
||||
}
|
||||
m_PokedRoutes.clear();
|
||||
|
||||
m_CurrentGateway = gateway;
|
||||
for (const auto& ip : holes)
|
||||
{
|
||||
AddRoute(ip);
|
||||
}
|
||||
|
||||
const auto ep = router.hiddenServiceContext().GetDefault();
|
||||
net::AddDefaultRouteViaInterface(ep->GetIfName());
|
||||
}
|
||||
}
|
||||
} // namespace llarp
|
@ -0,0 +1,31 @@
|
||||
#pragma once
|
||||
|
||||
#include <unordered_map>
|
||||
#include <string>
|
||||
#include <net/net_int.hpp>
|
||||
|
||||
namespace llarp
|
||||
{
|
||||
struct AbstractRouter;
|
||||
|
||||
struct RoutePoker
|
||||
{
|
||||
void
|
||||
AddRoute(huint32_t ip);
|
||||
|
||||
void
|
||||
DelRoute(huint32_t ip);
|
||||
|
||||
~RoutePoker();
|
||||
|
||||
void
|
||||
Update(const AbstractRouter& router);
|
||||
|
||||
private:
|
||||
std::optional<huint32_t>
|
||||
GetDefaultGateway(const AbstractRouter& router) const;
|
||||
|
||||
std::unordered_map<huint32_t, huint32_t> m_PokedRoutes;
|
||||
huint32_t m_CurrentGateway;
|
||||
};
|
||||
} // namespace llarp
|
@ -1,49 +1,125 @@
|
||||
#include <gtest/gtest.h>
|
||||
#include <catch2/catch.hpp>
|
||||
|
||||
#include <crypto/crypto.hpp>
|
||||
#include <crypto/crypto_libsodium.hpp>
|
||||
#include <llarp_test.hpp>
|
||||
#include <router_contact.hpp>
|
||||
#include <net/net_int.hpp>
|
||||
|
||||
using namespace ::llarp;
|
||||
using namespace ::testing;
|
||||
namespace
|
||||
{
|
||||
llarp::sodium::CryptoLibSodium crypto;
|
||||
llarp::CryptoManager cmanager(&crypto);
|
||||
}
|
||||
|
||||
static const byte_t DEF_VALUE[] = "unittest";
|
||||
namespace llarp
|
||||
{
|
||||
|
||||
struct RCTest : public test::LlarpTest<>
|
||||
TEST_CASE("RouterContact Sign and Verify", "[RC][RouterContact][signature][sign][verify]")
|
||||
{
|
||||
using RC_t = RouterContact;
|
||||
using SecKey_t = SecretKey;
|
||||
RouterContact rc;
|
||||
|
||||
SecretKey sign;
|
||||
cmanager.instance()->identity_keygen(sign);
|
||||
|
||||
RCTest() : oldval(NetID::DefaultValue())
|
||||
{
|
||||
NetID::DefaultValue() = NetID(DEF_VALUE);
|
||||
}
|
||||
SecretKey encr;
|
||||
cmanager.instance()->encryption_keygen(encr);
|
||||
|
||||
~RCTest()
|
||||
{
|
||||
NetID::DefaultValue() = oldval;
|
||||
}
|
||||
rc.enckey = encr.toPublic();
|
||||
rc.pubkey = sign.toPublic();
|
||||
|
||||
const NetID oldval;
|
||||
};
|
||||
REQUIRE(rc.Sign(sign));
|
||||
REQUIRE(rc.Verify(time_now_ms()));
|
||||
}
|
||||
|
||||
TEST_F(RCTest, TestSignVerify)
|
||||
TEST_CASE("RouterContact Decode Version 1", "[RC][RouterContact][V1]")
|
||||
{
|
||||
NetID netid(DEF_VALUE);
|
||||
RC_t rc;
|
||||
SecKey_t encr;
|
||||
SecKey_t sign;
|
||||
RouterContact rc;
|
||||
|
||||
SecretKey sign;
|
||||
cmanager.instance()->identity_keygen(sign);
|
||||
|
||||
SecretKey encr;
|
||||
cmanager.instance()->encryption_keygen(encr);
|
||||
|
||||
rc.version = 1;
|
||||
|
||||
rc.enckey = encr.toPublic();
|
||||
rc.pubkey = sign.toPublic();
|
||||
ASSERT_TRUE(rc.netID == netid);
|
||||
ASSERT_TRUE(rc.netID == NetID::DefaultValue());
|
||||
|
||||
EXPECT_CALL(m_crypto, sign(_, sign, _)).WillOnce(Return(true));
|
||||
EXPECT_CALL(m_crypto, verify(_, _, _)).WillOnce(Return(true));
|
||||
REQUIRE(rc.Sign(sign));
|
||||
|
||||
std::array<byte_t, 5000> encoded_buffer;
|
||||
llarp_buffer_t encoded_llarp(encoded_buffer);
|
||||
|
||||
rc.BEncode(&encoded_llarp);
|
||||
|
||||
encoded_llarp.sz = encoded_llarp.cur - encoded_llarp.base;
|
||||
encoded_llarp.cur = encoded_llarp.base;
|
||||
|
||||
RouterContact decoded_rc;
|
||||
|
||||
REQUIRE(decoded_rc.BDecode(&encoded_llarp));
|
||||
|
||||
REQUIRE(decoded_rc.Verify(time_now_ms()));
|
||||
|
||||
ASSERT_TRUE(rc.Sign(sign));
|
||||
ASSERT_TRUE(rc.Verify(time_now_ms()));
|
||||
REQUIRE(decoded_rc == rc);
|
||||
}
|
||||
|
||||
TEST_CASE("RouterContact Decode Mixed Versions", "[RC][RouterContact]")
|
||||
{
|
||||
RouterContact rc1, rc2, rc3, rc4;
|
||||
|
||||
rc1.version = 0;
|
||||
rc2.version = 1;
|
||||
rc3.version = 0;
|
||||
rc4.version = 1;
|
||||
|
||||
SecretKey sign1, sign2, sign3, sign4;
|
||||
cmanager.instance()->identity_keygen(sign1);
|
||||
cmanager.instance()->identity_keygen(sign2);
|
||||
cmanager.instance()->identity_keygen(sign3);
|
||||
cmanager.instance()->identity_keygen(sign4);
|
||||
|
||||
SecretKey encr1, encr2, encr3, encr4;
|
||||
cmanager.instance()->encryption_keygen(encr1);
|
||||
cmanager.instance()->encryption_keygen(encr2);
|
||||
cmanager.instance()->encryption_keygen(encr3);
|
||||
cmanager.instance()->encryption_keygen(encr4);
|
||||
|
||||
rc1.enckey = encr1.toPublic();
|
||||
rc2.enckey = encr2.toPublic();
|
||||
rc3.enckey = encr3.toPublic();
|
||||
rc4.enckey = encr4.toPublic();
|
||||
rc1.pubkey = sign1.toPublic();
|
||||
rc2.pubkey = sign2.toPublic();
|
||||
rc3.pubkey = sign3.toPublic();
|
||||
rc4.pubkey = sign4.toPublic();
|
||||
|
||||
REQUIRE(rc1.Sign(sign1));
|
||||
REQUIRE(rc2.Sign(sign2));
|
||||
REQUIRE(rc3.Sign(sign3));
|
||||
REQUIRE(rc4.Sign(sign4));
|
||||
|
||||
std::vector<RouterContact> rc_vec;
|
||||
rc_vec.push_back(rc1);
|
||||
rc_vec.push_back(rc2);
|
||||
rc_vec.push_back(rc3);
|
||||
rc_vec.push_back(rc4);
|
||||
|
||||
std::array<byte_t, 20000> encoded_buffer;
|
||||
llarp_buffer_t encoded_llarp(encoded_buffer);
|
||||
|
||||
BEncodeWriteList(rc_vec.begin(), rc_vec.end(), &encoded_llarp);
|
||||
encoded_llarp.sz = encoded_llarp.cur - encoded_llarp.base;
|
||||
encoded_llarp.cur = encoded_llarp.base;
|
||||
|
||||
std::vector<RouterContact> rc_vec_out;
|
||||
|
||||
BEncodeReadList(rc_vec_out, &encoded_llarp);
|
||||
|
||||
REQUIRE(rc_vec.size() == rc_vec_out.size());
|
||||
for (size_t i=0; i<4; i++)
|
||||
REQUIRE(rc_vec[i] == rc_vec_out[i]);
|
||||
}
|
||||
|
||||
} // namespace llarp
|
||||
|
Loading…
Reference in New Issue