switched to eliptical strategy

2025-10-05 08:47:35 +08:00 · 2022-01-29 15:02:37 -05:00
parent 2d703dce7c
commit 410efbab50
10 changed files with 234 additions and 161 deletions
--- a/netclient/functions/join.go
+++ b/netclient/functions/join.go
@@ -3,7 +3,6 @@ package functions
 import (
 	"context"
 	"crypto/rand"
-	"crypto/rsa"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -21,6 +20,7 @@ import (
 	"github.com/gravitl/netmaker/netclient/ncutils"
 	"github.com/gravitl/netmaker/netclient/server"
 	"github.com/gravitl/netmaker/netclient/wireguard"
+	"golang.org/x/crypto/nacl/box"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 	"google.golang.org/grpc"
 )
@@ -44,21 +44,29 @@ func JoinNetwork(cfg config.ClientConfig, privateKey string) error {
 	if cfg.Node.Password == "" {
 		cfg.Node.Password = ncutils.GenPass()
 	}
-	var rsaPrivKey, errGen = rsa.GenerateKey(rand.Reader, ncutils.KEY_SIZE)
-	if errGen != nil {
-		return errGen
+	var trafficPubKey, trafficPrivKey, errT = box.GenerateKey(rand.Reader) // generate traffic keys
+	if errT != nil {
+		return errT
 	}
+
+	// == handle keys ==
 	if err = auth.StoreSecret(cfg.Node.Password, cfg.Node.Network); err != nil {
 		return err
 	}
-	var keyData, errKeyData = json.Marshal(&rsaPrivKey)
-	if errKeyData != nil {
-		return errKeyData
-	}
-	if err = auth.StoreTrafficKey(string(keyData), cfg.Node.Network); err != nil {
+
+	if err = auth.StoreTrafficKey(trafficPrivKey, cfg.Node.Network); err != nil {
 		return err
 	}

+	trafficPubKeyBytes, err := ncutils.ConvertKeyToBytes(trafficPubKey)
+	if err != nil {
+		return err
+	}
+
+	cfg.Node.TrafficKeys.Mine = trafficPubKeyBytes
+	cfg.Node.TrafficKeys.Server = nil
+	// == end handle keys ==
+
 	if cfg.Node.LocalRange != "" && cfg.Node.LocalAddress == "" {
 		log.Println("local vpn, getting local address from range: " + cfg.Node.LocalRange)
 		cfg.Node.LocalAddress = getLocalIP(cfg.Node)
@@ -135,12 +143,7 @@ func JoinNetwork(cfg config.ClientConfig, privateKey string) error {
 		Endpoint:            cfg.Node.Endpoint,
 		SaveConfig:          cfg.Node.SaveConfig,
 		UDPHolePunch:        cfg.Node.UDPHolePunch,
-		TrafficKeys: models.TrafficKeys{
-			Mine:   rsaPrivKey.PublicKey,
-			Mod:    *rsaPrivKey.PublicKey.N,
-			E:      rsaPrivKey.PublicKey.E,
-			Server: rsa.PublicKey{},
-		},
+		TrafficKeys:         cfg.Node.TrafficKeys,
 	}

 	ncutils.Log("joining " + cfg.Network + " at " + cfg.Server.GRPCAddress)