Skip to content
Snippets Groups Projects
Commit 0c3644e0 authored by Josh Brooks's avatar Josh Brooks
Browse files

Fix bug in construction of session key

parent d50abc61
No related branches found
No related tags found
2 merge requests!53Release,!29Josh/databaseless
...@@ -177,22 +177,27 @@ func registerWithNode(sender *gateway.Sender, comms RegisterNodeCommsInterface, ...@@ -177,22 +177,27 @@ func registerWithNode(sender *gateway.Sender, comms RegisterNodeCommsInterface,
return errors.WithMessagef(err, "Failed to unmarshal client key response") return errors.WithMessagef(err, "Failed to unmarshal client key response")
} }
// Construct the session key
clientDhPub := store.GetDHPublicKey().Bytes()
h.Reset() h.Reset()
h.Write(keyResponse.NodeDHPubKey)
h.Write(clientDhPub) // Convert Node DH Public key to a cyclic.Int
sessionKey := h.Sum(nil) grp := store.GetGroup()
nodeDHPub := grp.NewIntFromBytes(keyResponse.NodeDHPubKey)
// Construct the session key
sessionKey := registration.GenerateBaseKey(grp,
nodeDHPub, store.GetDHPrivateKey(), h)
// Verify the HMAC // Verify the HMAC
h.Reset() h.Reset()
if !registration.VerifyClientHMAC(sessionKey, keyResponse.EncryptedClientKey, if !registration.VerifyClientHMAC(sessionKey.Bytes(), keyResponse.EncryptedClientKey,
h, keyResponse.EncryptedClientKeyHMAC) { h, keyResponse.EncryptedClientKeyHMAC) {
return errors.WithMessagef(err, "Failed to verify client HMAC") return errors.WithMessagef(err, "Failed to verify client HMAC")
} }
// Decrypt the client key // Decrypt the client key
clientKey, err := chacha.Decrypt(sessionKey, keyResponse.EncryptedClientKey) clientKey, err := chacha.Decrypt(sessionKey.Bytes(), keyResponse.EncryptedClientKey)
if err != nil { if err != nil {
return errors.WithMessagef(err, "Failed to decrypt client key") return errors.WithMessagef(err, "Failed to decrypt client key")
} }
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment