From 3af92bea3653397aacb0afec83a88984daede8d9 Mon Sep 17 00:00:00 2001 From: jbhusson <jonah@elixxir.io> Date: Fri, 11 Nov 2022 07:32:49 -0500 Subject: [PATCH 1/4] Add endpoint for retrieving https cert, store in memory when https is initialized --- cmd/https.go | 19 ++++++++++++++++++- cmd/instance.go | 14 +++++++++++++- go.mod | 4 ++-- go.sum | 12 ++++++++---- 4 files changed, 41 insertions(+), 8 deletions(-) diff --git a/cmd/https.go b/cmd/https.go index 0771552d..22b1a29e 100644 --- a/cmd/https.go +++ b/cmd/https.go @@ -37,7 +37,8 @@ func (gw *Instance) StartHttpsServer() error { if err != nil { return err } - return nil + + return gw.SetGatewayTlsCertificate(cert) } // getHttpsCreds is a helper for getting the tls certificate and key to pass @@ -192,3 +193,19 @@ func signAcmeToken(rng io.Reader, gwRsa *rsa.PrivateKey, ipAddress, h.Write(tsBytes) return gwRsa.Sign(rng, h.Sum(nil), crypto.SignerOpts(hashType)) } + +func (gw *Instance) SetGatewayTlsCertificate(cert []byte) error { + rng := csprng.NewSystemRNG() + hashType := hash.CMixHash + h := hashType.New() + h.Write(cert) + sig, err := rsa.Sign(rng, gw.Comms.GetPrivateKey(), hashType, h.Sum(nil), rsa.NewDefaultOptions()) + if err != nil { + return err + } + gw.gatewayCert = &mixmessages.GatewayCertificate{ + Certificate: cert, + Signature: sig, + } + return nil +} diff --git a/cmd/instance.go b/cmd/instance.go index 96a80eba..64f7fd7e 100644 --- a/cmd/instance.go +++ b/cmd/instance.go @@ -125,7 +125,8 @@ type Instance struct { earliestRoundUpdateChan chan EarliestRound earliestRoundQuitChan chan struct{} - autoCert autocert.Client + autoCert autocert.Client + gatewayCert *pb.GatewayCertificate } // NewGatewayInstance initializes a gateway Handler interface @@ -221,9 +222,20 @@ func NewImplementation(instance *Instance) *gateway.Implementation { return instance.PutManyMessagesProxy(msgs, auth) } + impl.Functions.RequestTlsCert = func(message *pb.RequestGatewayCert) (*pb.GatewayCertificate, error) { + return instance.RequestTlsCert(message) + } + return impl } +func (gw *Instance) RequestTlsCert(_ *pb.RequestGatewayCert) (*pb.GatewayCertificate, error) { + if gw.gatewayCert == nil { + return nil, errors.New("Gateway HTTPS initialization has not finished yet") + } + return gw.gatewayCert, nil +} + // CreateNetworkInstance will generate a new network instance object given // properly formed ndf, partialNdf, connection, and Storage object func CreateNetworkInstance(conn *gateway.Comms, ndf, partialNdf *pb.NDF, ers *storage.Storage) ( diff --git a/go.mod b/go.mod index f10e577f..fa32a44a 100644 --- a/go.mod +++ b/go.mod @@ -10,10 +10,10 @@ require ( github.com/spf13/jwalterweatherman v1.1.0 github.com/spf13/viper v1.7.1 gitlab.com/elixxir/bloomfilter v0.0.0-20211222005329-7d931ceead6f - gitlab.com/elixxir/comms v0.0.4-0.20221110140409-7ca2e91d3e53 + gitlab.com/elixxir/comms v0.0.4-0.20221111122257-75d48fa55a4e gitlab.com/elixxir/crypto v0.0.7-0.20221108183134-3f4a29c68e97 gitlab.com/elixxir/primitives v0.0.3-0.20221108183049-7bdff545bf8e - gitlab.com/xx_network/comms v0.0.4-0.20221110140150-370b1ae16a75 + gitlab.com/xx_network/comms v0.0.4-0.20221110230330-3a63a3732f37 gitlab.com/xx_network/crypto v0.0.5-0.20221108182939-05998dc093e9 gitlab.com/xx_network/primitives v0.0.4-0.20221104175439-f0d440beacd9 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa diff --git a/go.sum b/go.sum index b2c9ba3d..d01bf140 100644 --- a/go.sum +++ b/go.sum @@ -507,14 +507,18 @@ github.com/zeebo/pcg v1.0.0/go.mod h1:09F0S9iiKrwn9rlI5yjLkmrug154/YRW6KnnXVDM/l github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= gitlab.com/elixxir/bloomfilter v0.0.0-20211222005329-7d931ceead6f h1:yXGvNBqzZwAhDYlSnxPRbgor6JWoOt1Z7s3z1O9JR40= gitlab.com/elixxir/bloomfilter v0.0.0-20211222005329-7d931ceead6f/go.mod h1:H6jztdm0k+wEV2QGK/KYA+MY9nj9Zzatux/qIvDDv3k= -gitlab.com/elixxir/comms v0.0.4-0.20221110140409-7ca2e91d3e53 h1:f9UqninjmUd6D5P5j47ItIoNfSbDGTQlByOXLs/nicw= -gitlab.com/elixxir/comms v0.0.4-0.20221110140409-7ca2e91d3e53/go.mod h1:m3xZgnjMDXSU5EAXzMFmadoK60BFOubk87v5CAOa7qI= +gitlab.com/elixxir/comms v0.0.4-0.20221110231102-817db722182d h1:skE289UBC9h4ZHGcoYBjY5jw6ebBVCHJLYO+3mtafDw= +gitlab.com/elixxir/comms v0.0.4-0.20221110231102-817db722182d/go.mod h1:h5F+vL264LE4LcgDvLWjLMF21pcclv0aiNVRPLvu1cM= +gitlab.com/elixxir/comms v0.0.4-0.20221111121748-27217ffaa8db h1:6MucofjMhIsMhVhZraICQ4AduE5y76kwHPenrToOLwo= +gitlab.com/elixxir/comms v0.0.4-0.20221111121748-27217ffaa8db/go.mod h1:h5F+vL264LE4LcgDvLWjLMF21pcclv0aiNVRPLvu1cM= +gitlab.com/elixxir/comms v0.0.4-0.20221111122257-75d48fa55a4e h1:Of89Ujlk1nSVKUAl7C9uEP8hnqe5veQUxgznt+T8j9I= +gitlab.com/elixxir/comms v0.0.4-0.20221111122257-75d48fa55a4e/go.mod h1:h5F+vL264LE4LcgDvLWjLMF21pcclv0aiNVRPLvu1cM= gitlab.com/elixxir/crypto v0.0.7-0.20221108183134-3f4a29c68e97 h1:xZFh1e1vq/j1DF61Bta3Wb4ePcCS+NHyk3ri3VcMOuk= gitlab.com/elixxir/crypto v0.0.7-0.20221108183134-3f4a29c68e97/go.mod h1:fhS9lyG4zNKC39Hd3YXPo9HYI0WnVz/JDTJw9nwnYHQ= gitlab.com/elixxir/primitives v0.0.3-0.20221108183049-7bdff545bf8e h1:U9aMSBhc2ShJEeCXHNoUPVwrxKAGRhbGZWsbqES8iGA= gitlab.com/elixxir/primitives v0.0.3-0.20221108183049-7bdff545bf8e/go.mod h1:KeMEPwtmA0zJpetvv5SeyOePIAzsBmQSwJ2nAHYnczw= -gitlab.com/xx_network/comms v0.0.4-0.20221110140150-370b1ae16a75 h1:11i8we7/UPY4/+VJko5Vkkkqhz6j6a12EnE9VRd+CS4= -gitlab.com/xx_network/comms v0.0.4-0.20221110140150-370b1ae16a75/go.mod h1:/zveWGwSqQbPhPSiGIbS3v78nga8nD5XD1oXr0vD/Zc= +gitlab.com/xx_network/comms v0.0.4-0.20221110230330-3a63a3732f37 h1:/NVxgd2Rqw2eN5MmdUp5Ix0qRzHCdKfUqd50TsprhmQ= +gitlab.com/xx_network/comms v0.0.4-0.20221110230330-3a63a3732f37/go.mod h1:/zveWGwSqQbPhPSiGIbS3v78nga8nD5XD1oXr0vD/Zc= gitlab.com/xx_network/crypto v0.0.5-0.20221108182939-05998dc093e9 h1:A/gYzA36bQxj6tRczs11JEUsWzaLmTRXN89tlqWEOUc= gitlab.com/xx_network/crypto v0.0.5-0.20221108182939-05998dc093e9/go.mod h1:0Bk5bSyAqH/GAU4CJ8Wbm24YkMoDVz4JF7585dAMkss= gitlab.com/xx_network/primitives v0.0.4-0.20221104175439-f0d440beacd9 h1:XE7OBn2gYmfLudiaWOl6LzYblZZqYIsScrSzJqPwymY= -- GitLab From 3e75e570a0280d247ed3129120341c863cbdb387 Mon Sep 17 00:00:00 2001 From: jbhusson <jonah@elixxir.io> Date: Fri, 11 Nov 2022 09:15:16 -0500 Subject: [PATCH 2/4] Better logging, move signing code to elixxir/crypto, pass der instead of pem to issue --- cmd/https.go | 50 +++++++++++++++++++------------------------------- go.mod | 8 ++++---- go.sum | 20 ++++++++------------ 3 files changed, 31 insertions(+), 47 deletions(-) diff --git a/cmd/https.go b/cmd/https.go index 22b1a29e..c0859f6d 100644 --- a/cmd/https.go +++ b/cmd/https.go @@ -1,13 +1,12 @@ package cmd import ( - "crypto" - "encoding/binary" "encoding/json" "fmt" "github.com/pkg/errors" + jww "github.com/spf13/jwalterweatherman" "gitlab.com/elixxir/comms/mixmessages" - "gitlab.com/elixxir/crypto/hash" + "gitlab.com/elixxir/crypto/gatewayHttps" rsa2 "gitlab.com/elixxir/crypto/rsa" "gitlab.com/elixxir/gateway/storage" "gitlab.com/xx_network/comms/connect" @@ -15,7 +14,6 @@ import ( "gitlab.com/xx_network/crypto/signature/rsa" "gitlab.com/xx_network/primitives/id" "gorm.io/gorm" - "io" "strings" "time" ) @@ -38,7 +36,7 @@ func (gw *Instance) StartHttpsServer() error { return err } - return gw.SetGatewayTlsCertificate(cert) + return gw.setGatewayTlsCertificate(cert) } // getHttpsCreds is a helper for getting the tls certificate and key to pass @@ -93,17 +91,19 @@ func (gw *Instance) getHttpsCreds() ([]byte, []byte, error) { dnsName := fmt.Sprintf(DnsTemplate, gw.Comms.GetId().String()) // Get ACME token - _, acmeToken, err := gw.autoCert.Request(dnsName) // TODO : do we need the key for anything? + chalDomain, challenge, err := gw.autoCert.Request(dnsName) if err != nil { return nil, nil, err } + jww.INFO.Printf("ADD TXT RECORD: %s\t%s\n", chalDomain, challenge) + ts := uint64(time.Now().UnixNano()) // Sign ACME token rng := csprng.NewSystemRNG() - sig, err := signAcmeToken(rng, gw.Comms.GetPrivateKey(), - gw.Params.PublicAddress, acmeToken, ts) + sig, err := gatewayHttps.SignAcmeToken(rng, gw.Comms.GetPrivateKey(), + gw.Params.PublicAddress, challenge, ts) if err != nil { return nil, nil, err } @@ -113,22 +113,23 @@ func (gw *Instance) getHttpsCreds() ([]byte, []byte, error) { &mixmessages.AuthorizerCertRequest{ GwID: gw.Comms.GetId().Bytes(), Timestamp: ts, - ACMEToken: acmeToken, + ACMEToken: challenge, Signature: sig, }) if err != nil { return nil, nil, err } - // TODO : do we need the der for something? - csrPem, _, err := gw.autoCert.CreateCSR(dnsName, gw.Params.HttpsEmail, + csrPem, csrDer, err := gw.autoCert.CreateCSR(dnsName, gw.Params.HttpsEmail, gw.Params.HttpsCountry, gw.Comms.GetId().String(), rng) if err != nil { return nil, nil, err } + jww.INFO.Printf("Received CSR from autocert:\n\t%s", string(csrPem)) + // Get issued certificate and key from autoCert - issuedCert, issuedKey, err := gw.autoCert.Issue(csrPem) + issuedCert, issuedKey, err := gw.autoCert.Issue(csrDer) if err != nil { return nil, nil, err } @@ -161,6 +162,7 @@ func storeHttpsCreds(cert, key []byte, db *storage.Storage) error { if err != nil { return err } + return db.UpsertState(&storage.State{ Key: CertificateStateKey, Value: string(marshalled), @@ -181,25 +183,11 @@ func loadHttpsCreds(db *storage.Storage) ([]byte, []byte, error) { return loaded.Cert, loaded.Key, nil } -// signAcmeToken creates the signature sent with an AuthorizerCertRequest -func signAcmeToken(rng io.Reader, gwRsa *rsa.PrivateKey, ipAddress, - acmeToken string, timestamp uint64) ([]byte, error) { - hashType := hash.CMixHash - h := hashType.New() - h.Write([]byte(ipAddress)) - h.Write([]byte(acmeToken)) - tsBytes := make([]byte, 8) - binary.BigEndian.PutUint64(tsBytes, timestamp) - h.Write(tsBytes) - return gwRsa.Sign(rng, h.Sum(nil), crypto.SignerOpts(hashType)) -} - -func (gw *Instance) SetGatewayTlsCertificate(cert []byte) error { - rng := csprng.NewSystemRNG() - hashType := hash.CMixHash - h := hashType.New() - h.Write(cert) - sig, err := rsa.Sign(rng, gw.Comms.GetPrivateKey(), hashType, h.Sum(nil), rsa.NewDefaultOptions()) +// Helper function which accepts the certificate used for https, signs it, +// and sets the GatewayCertificate on the Instance object to be sent when +// clients request it +func (gw *Instance) setGatewayTlsCertificate(cert []byte) error { + sig, err := gatewayHttps.SignGatewayCert(csprng.NewSystemRNG(), gw.Comms.GetPrivateKey(), cert) if err != nil { return err } diff --git a/go.mod b/go.mod index fa32a44a..42fdd47c 100644 --- a/go.mod +++ b/go.mod @@ -11,11 +11,11 @@ require ( github.com/spf13/viper v1.7.1 gitlab.com/elixxir/bloomfilter v0.0.0-20211222005329-7d931ceead6f gitlab.com/elixxir/comms v0.0.4-0.20221111122257-75d48fa55a4e - gitlab.com/elixxir/crypto v0.0.7-0.20221108183134-3f4a29c68e97 - gitlab.com/elixxir/primitives v0.0.3-0.20221108183049-7bdff545bf8e + gitlab.com/elixxir/crypto v0.0.7-0.20221111135704-4d60ed8f06d5 + gitlab.com/elixxir/primitives v0.0.3-0.20221110181119-e83320a48b13 gitlab.com/xx_network/comms v0.0.4-0.20221110230330-3a63a3732f37 - gitlab.com/xx_network/crypto v0.0.5-0.20221108182939-05998dc093e9 - gitlab.com/xx_network/primitives v0.0.4-0.20221104175439-f0d440beacd9 + gitlab.com/xx_network/crypto v0.0.5-0.20221110181048-76f0c556fe95 + gitlab.com/xx_network/primitives v0.0.4-0.20221110180011-fd6ea3058225 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa golang.org/x/net v0.0.0-20220822230855-b0a4917ee28c google.golang.org/grpc v1.49.0 diff --git a/go.sum b/go.sum index d01bf140..dfa41a92 100644 --- a/go.sum +++ b/go.sum @@ -507,22 +507,18 @@ github.com/zeebo/pcg v1.0.0/go.mod h1:09F0S9iiKrwn9rlI5yjLkmrug154/YRW6KnnXVDM/l github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= gitlab.com/elixxir/bloomfilter v0.0.0-20211222005329-7d931ceead6f h1:yXGvNBqzZwAhDYlSnxPRbgor6JWoOt1Z7s3z1O9JR40= gitlab.com/elixxir/bloomfilter v0.0.0-20211222005329-7d931ceead6f/go.mod h1:H6jztdm0k+wEV2QGK/KYA+MY9nj9Zzatux/qIvDDv3k= -gitlab.com/elixxir/comms v0.0.4-0.20221110231102-817db722182d h1:skE289UBC9h4ZHGcoYBjY5jw6ebBVCHJLYO+3mtafDw= -gitlab.com/elixxir/comms v0.0.4-0.20221110231102-817db722182d/go.mod h1:h5F+vL264LE4LcgDvLWjLMF21pcclv0aiNVRPLvu1cM= -gitlab.com/elixxir/comms v0.0.4-0.20221111121748-27217ffaa8db h1:6MucofjMhIsMhVhZraICQ4AduE5y76kwHPenrToOLwo= -gitlab.com/elixxir/comms v0.0.4-0.20221111121748-27217ffaa8db/go.mod h1:h5F+vL264LE4LcgDvLWjLMF21pcclv0aiNVRPLvu1cM= gitlab.com/elixxir/comms v0.0.4-0.20221111122257-75d48fa55a4e h1:Of89Ujlk1nSVKUAl7C9uEP8hnqe5veQUxgznt+T8j9I= gitlab.com/elixxir/comms v0.0.4-0.20221111122257-75d48fa55a4e/go.mod h1:h5F+vL264LE4LcgDvLWjLMF21pcclv0aiNVRPLvu1cM= -gitlab.com/elixxir/crypto v0.0.7-0.20221108183134-3f4a29c68e97 h1:xZFh1e1vq/j1DF61Bta3Wb4ePcCS+NHyk3ri3VcMOuk= -gitlab.com/elixxir/crypto v0.0.7-0.20221108183134-3f4a29c68e97/go.mod h1:fhS9lyG4zNKC39Hd3YXPo9HYI0WnVz/JDTJw9nwnYHQ= -gitlab.com/elixxir/primitives v0.0.3-0.20221108183049-7bdff545bf8e h1:U9aMSBhc2ShJEeCXHNoUPVwrxKAGRhbGZWsbqES8iGA= -gitlab.com/elixxir/primitives v0.0.3-0.20221108183049-7bdff545bf8e/go.mod h1:KeMEPwtmA0zJpetvv5SeyOePIAzsBmQSwJ2nAHYnczw= +gitlab.com/elixxir/crypto v0.0.7-0.20221111135704-4d60ed8f06d5 h1:GszYPY43ZYTyeMHxQfnZa/I9JnLjTuI5Ye5G2mzYvlE= +gitlab.com/elixxir/crypto v0.0.7-0.20221111135704-4d60ed8f06d5/go.mod h1:IqswRNqsGooEOt2tP1LzeAcBOccVW0aUiJFH5B7UGfg= +gitlab.com/elixxir/primitives v0.0.3-0.20221110181119-e83320a48b13 h1:U3tbClFN5BLYlAoMj+o6VWAs9akbFiJstMGCuk1aB94= +gitlab.com/elixxir/primitives v0.0.3-0.20221110181119-e83320a48b13/go.mod h1:DUnCTXYKgjpro5+6ITySKIf+qzW2vhW40IVHMimdsqw= gitlab.com/xx_network/comms v0.0.4-0.20221110230330-3a63a3732f37 h1:/NVxgd2Rqw2eN5MmdUp5Ix0qRzHCdKfUqd50TsprhmQ= gitlab.com/xx_network/comms v0.0.4-0.20221110230330-3a63a3732f37/go.mod h1:/zveWGwSqQbPhPSiGIbS3v78nga8nD5XD1oXr0vD/Zc= -gitlab.com/xx_network/crypto v0.0.5-0.20221108182939-05998dc093e9 h1:A/gYzA36bQxj6tRczs11JEUsWzaLmTRXN89tlqWEOUc= -gitlab.com/xx_network/crypto v0.0.5-0.20221108182939-05998dc093e9/go.mod h1:0Bk5bSyAqH/GAU4CJ8Wbm24YkMoDVz4JF7585dAMkss= -gitlab.com/xx_network/primitives v0.0.4-0.20221104175439-f0d440beacd9 h1:XE7OBn2gYmfLudiaWOl6LzYblZZqYIsScrSzJqPwymY= -gitlab.com/xx_network/primitives v0.0.4-0.20221104175439-f0d440beacd9/go.mod h1:rP/2IsqIFHapuIB4mstXKItvwoJRQ9Wlms/NGeutHsk= +gitlab.com/xx_network/crypto v0.0.5-0.20221110181048-76f0c556fe95 h1:rC6lx6sD6u617Qu0ZndKZQRjXuRkyrI9Q6Y0Ki+dnK4= +gitlab.com/xx_network/crypto v0.0.5-0.20221110181048-76f0c556fe95/go.mod h1:acWUBKCpae/XVaQF7J9RnLAlBT13i5r7gnON+mrIxBk= +gitlab.com/xx_network/primitives v0.0.4-0.20221110180011-fd6ea3058225 h1:TAn87e6Zt9KwcSnWKyIul5eu8T0RHY9FDubCGs3G0dw= +gitlab.com/xx_network/primitives v0.0.4-0.20221110180011-fd6ea3058225/go.mod h1:rP/2IsqIFHapuIB4mstXKItvwoJRQ9Wlms/NGeutHsk= gitlab.com/xx_network/ring v0.0.3-0.20220902183151-a7d3b15bc981 h1:1s0vX9BbkiD0IVXwr3LOaTBcq1wBrWcUWMBK0s8r0Z0= gitlab.com/xx_network/ring v0.0.3-0.20220902183151-a7d3b15bc981/go.mod h1:aLzpP2TiZTQut/PVHR40EJAomzugDdHXetbieRClXIM= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -- GitLab From 0f5201935fdb81c780dccd285166bd0e75501388 Mon Sep 17 00:00:00 2001 From: jbhusson <jonah@elixxir.io> Date: Fri, 11 Nov 2022 09:29:31 -0500 Subject: [PATCH 3/4] Add convert method for private keys --- cmd/https.go | 14 ++++---------- go.mod | 2 +- go.sum | 4 ++++ 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/cmd/https.go b/cmd/https.go index c0859f6d..e5b32188 100644 --- a/cmd/https.go +++ b/cmd/https.go @@ -6,12 +6,11 @@ import ( "github.com/pkg/errors" jww "github.com/spf13/jwalterweatherman" "gitlab.com/elixxir/comms/mixmessages" - "gitlab.com/elixxir/crypto/gatewayHttps" + crypto "gitlab.com/elixxir/crypto/gatewayHttps" rsa2 "gitlab.com/elixxir/crypto/rsa" "gitlab.com/elixxir/gateway/storage" "gitlab.com/xx_network/comms/connect" "gitlab.com/xx_network/crypto/csprng" - "gitlab.com/xx_network/crypto/signature/rsa" "gitlab.com/xx_network/primitives/id" "gorm.io/gorm" "strings" @@ -75,12 +74,7 @@ func (gw *Instance) getHttpsCreds() ([]byte, []byte, error) { return nil, nil, err } - // TODO there has to be a better way to do this - pk, err := rsa2.GetScheme().UnmarshalPrivateKeyPEM( - rsa.CreatePrivateKeyPem(gw.Comms.GetPrivateKey())) - if err != nil { - return nil, nil, err - } + pk := rsa2.GetScheme().Convert(&gw.Comms.GetPrivateKey().PrivateKey) err = gw.autoCert.Register(pk, eabCredResp.KeyId, eabCredResp.Key, gw.Params.HttpsEmail) if err != nil { @@ -102,7 +96,7 @@ func (gw *Instance) getHttpsCreds() ([]byte, []byte, error) { // Sign ACME token rng := csprng.NewSystemRNG() - sig, err := gatewayHttps.SignAcmeToken(rng, gw.Comms.GetPrivateKey(), + sig, err := crypto.SignAcmeToken(rng, gw.Comms.GetPrivateKey(), gw.Params.PublicAddress, challenge, ts) if err != nil { return nil, nil, err @@ -187,7 +181,7 @@ func loadHttpsCreds(db *storage.Storage) ([]byte, []byte, error) { // and sets the GatewayCertificate on the Instance object to be sent when // clients request it func (gw *Instance) setGatewayTlsCertificate(cert []byte) error { - sig, err := gatewayHttps.SignGatewayCert(csprng.NewSystemRNG(), gw.Comms.GetPrivateKey(), cert) + sig, err := crypto.SignGatewayCert(csprng.NewSystemRNG(), gw.Comms.GetPrivateKey(), cert) if err != nil { return err } diff --git a/go.mod b/go.mod index 42fdd47c..32820c53 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/spf13/viper v1.7.1 gitlab.com/elixxir/bloomfilter v0.0.0-20211222005329-7d931ceead6f gitlab.com/elixxir/comms v0.0.4-0.20221111122257-75d48fa55a4e - gitlab.com/elixxir/crypto v0.0.7-0.20221111135704-4d60ed8f06d5 + gitlab.com/elixxir/crypto v0.0.7-0.20221111142642-965dc5284c74 gitlab.com/elixxir/primitives v0.0.3-0.20221110181119-e83320a48b13 gitlab.com/xx_network/comms v0.0.4-0.20221110230330-3a63a3732f37 gitlab.com/xx_network/crypto v0.0.5-0.20221110181048-76f0c556fe95 diff --git a/go.sum b/go.sum index dfa41a92..dc9f2220 100644 --- a/go.sum +++ b/go.sum @@ -511,6 +511,10 @@ gitlab.com/elixxir/comms v0.0.4-0.20221111122257-75d48fa55a4e h1:Of89Ujlk1nSVKUA gitlab.com/elixxir/comms v0.0.4-0.20221111122257-75d48fa55a4e/go.mod h1:h5F+vL264LE4LcgDvLWjLMF21pcclv0aiNVRPLvu1cM= gitlab.com/elixxir/crypto v0.0.7-0.20221111135704-4d60ed8f06d5 h1:GszYPY43ZYTyeMHxQfnZa/I9JnLjTuI5Ye5G2mzYvlE= gitlab.com/elixxir/crypto v0.0.7-0.20221111135704-4d60ed8f06d5/go.mod h1:IqswRNqsGooEOt2tP1LzeAcBOccVW0aUiJFH5B7UGfg= +gitlab.com/elixxir/crypto v0.0.7-0.20221111142522-23f3548e86e5 h1:4UXg0TkPCx7gRwRzBG+ALFA/qclUO/9vh9hnDF37l+M= +gitlab.com/elixxir/crypto v0.0.7-0.20221111142522-23f3548e86e5/go.mod h1:IqswRNqsGooEOt2tP1LzeAcBOccVW0aUiJFH5B7UGfg= +gitlab.com/elixxir/crypto v0.0.7-0.20221111142642-965dc5284c74 h1:/WXijzZMhe3+GLLveQvLM5S1hyncLiJJuAjvTkJvM8Y= +gitlab.com/elixxir/crypto v0.0.7-0.20221111142642-965dc5284c74/go.mod h1:IqswRNqsGooEOt2tP1LzeAcBOccVW0aUiJFH5B7UGfg= gitlab.com/elixxir/primitives v0.0.3-0.20221110181119-e83320a48b13 h1:U3tbClFN5BLYlAoMj+o6VWAs9akbFiJstMGCuk1aB94= gitlab.com/elixxir/primitives v0.0.3-0.20221110181119-e83320a48b13/go.mod h1:DUnCTXYKgjpro5+6ITySKIf+qzW2vhW40IVHMimdsqw= gitlab.com/xx_network/comms v0.0.4-0.20221110230330-3a63a3732f37 h1:/NVxgd2Rqw2eN5MmdUp5Ix0qRzHCdKfUqd50TsprhmQ= -- GitLab From 911b8cc635d307464252d0742f069ef4c7ab24df Mon Sep 17 00:00:00 2001 From: jbhusson <jonah@elixxir.io> Date: Mon, 14 Nov 2022 13:15:23 -0500 Subject: [PATCH 4/4] rsa2 -> rsa --- cmd/https.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/https.go b/cmd/https.go index e5b32188..75cf717e 100644 --- a/cmd/https.go +++ b/cmd/https.go @@ -7,7 +7,7 @@ import ( jww "github.com/spf13/jwalterweatherman" "gitlab.com/elixxir/comms/mixmessages" crypto "gitlab.com/elixxir/crypto/gatewayHttps" - rsa2 "gitlab.com/elixxir/crypto/rsa" + "gitlab.com/elixxir/crypto/rsa" "gitlab.com/elixxir/gateway/storage" "gitlab.com/xx_network/comms/connect" "gitlab.com/xx_network/crypto/csprng" @@ -74,7 +74,7 @@ func (gw *Instance) getHttpsCreds() ([]byte, []byte, error) { return nil, nil, err } - pk := rsa2.GetScheme().Convert(&gw.Comms.GetPrivateKey().PrivateKey) + pk := rsa.GetScheme().Convert(&gw.Comms.GetPrivateKey().PrivateKey) err = gw.autoCert.Register(pk, eabCredResp.KeyId, eabCredResp.Key, gw.Params.HttpsEmail) if err != nil { -- GitLab