zishuo/netmaker
1
0
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-10-05 08:47:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

chunked

Browse Source
This commit is contained in:
0xdcarns
2022-01-29 00:11:11 -05:00
parent c748594c02
commit a058db2102
3 changed files with 65 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
mq/util.go
View File

@@ -1,6 +1,8 @@
package mq package mq
import ( import (
"fmt"
"github.com/gravitl/netmaker/logger" "github.com/gravitl/netmaker/logger"
"github.com/gravitl/netmaker/logic" "github.com/gravitl/netmaker/logic"
"github.com/gravitl/netmaker/netclient/ncutils" "github.com/gravitl/netmaker/netclient/ncutils"
@@ -12,7 +14,7 @@ func decryptMsg(nodeid string, msg []byte) ([]byte, error) {
if trafficErr != nil { if trafficErr != nil {
return nil, trafficErr return nil, trafficErr
} }
return ncutils.DecryptWithPrivateKey(msg, &trafficKey), nil return ncutils.DestructMessage(string(msg), &trafficKey), nil
} }
func encrypt(nodeid string, dest string, msg []byte) ([]byte, error) { func encrypt(nodeid string, dest string, msg []byte) ([]byte, error) {
@@ -20,11 +22,11 @@ func encrypt(nodeid string, dest string, msg []byte) ([]byte, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
encrypted, encryptErr := ncutils.EncryptWithPublicKey(msg, &node.TrafficKeys.Mine) encrypted := ncutils.BuildMessage(msg, &node.TrafficKeys.Mine)
if encryptErr != nil { if encrypted == "" {
return nil, encryptErr return nil, fmt.Errorf("could not encrypt message")
} }
return encrypted, nil return []byte(encrypted), nil
} }
func publish(nodeid string, dest string, msg []byte) error { func publish(nodeid string, dest string, msg []byte) error {

8
netclient/functions/daemon.go
View File

@@ -371,9 +371,9 @@ func Hello(cfg *config.ClientConfig, network string) {
func publish(cfg *config.ClientConfig, dest string, msg []byte) error { func publish(cfg *config.ClientConfig, dest string, msg []byte) error {
client := SetupMQTT(cfg) client := SetupMQTT(cfg)
defer client.Disconnect(250) defer client.Disconnect(250)
encrypted, encryptErr := ncutils.EncryptWithPublicKey(msg, &cfg.Node.TrafficKeys.Server) encrypted := ncutils.BuildMessage(msg, &cfg.Node.TrafficKeys.Server)
if encryptErr != nil { if encrypted == "" {
return encryptErr return fmt.Errorf("could not encrypt message")
} }
if token := client.Publish(dest, 0, false, encrypted); token.Wait() && token.Error() != nil { if token := client.Publish(dest, 0, false, encrypted); token.Wait() && token.Error() != nil {
return token.Error() return token.Error()
@@ -394,7 +394,7 @@ func decryptMsg(cfg *config.ClientConfig, msg []byte) ([]byte, error) {
if err := json.Unmarshal([]byte(diskKey), &trafficKey); err != nil { if err := json.Unmarshal([]byte(diskKey), &trafficKey); err != nil {
return nil, err return nil, err
} }
return ncutils.DecryptWithPrivateKey(msg, &trafficKey), nil return ncutils.DestructMessage(string(msg), &trafficKey), nil
} }
func shouldResub(currentServers, newServers []models.ServerAddr) bool { func shouldResub(currentServers, newServers []models.ServerAddr) bool {

60
netclient/ncutils/netclientutils.go
View File

@@ -550,23 +550,71 @@ func ServerAddrSliceContains(slice []models.ServerAddr, item models.ServerAddr)
return false return false
} }
// EncryptWithPublicKey encrypts data with public key // DestructMessage - reconstruct original message through chunks
func EncryptWithPublicKey(msg []byte, pub *rsa.PublicKey) ([]byte, error) { func DestructMessage(builtMsg string, priv *rsa.PrivateKey) []byte {
var chunks = strings.Split(builtMsg, ",")
var totalMessage = make([]byte, len(builtMsg))
for _, chunk := range chunks {
var bytes = decryptWithPrivateKey([]byte(chunk), priv)
if bytes == nil {
return nil
}
totalMessage = append(totalMessage, bytes...)
}
return totalMessage
}
// BuildMessage Build a message for publishing
func BuildMessage(originalMessage []byte, pub *rsa.PublicKey) string {
chunks := getSliceChunks(originalMessage, 2048)
var message = ""
for i := 0; i < len(chunks); i++ {
var encryptedText, encryptErr = encryptWithPublicKey(chunks[i], pub)
if encryptErr != nil {
return ""
}
message += string(encryptedText)
if i < len(chunks)-1 {
message += ","
}
}
return message
}
func getSliceChunks(slice []byte, chunkSize int) [][]byte {
var chunks [][]byte
for i := 0; i < len(slice); i += chunkSize {
lastByte := i + chunkSize
if lastByte > len(slice) {
lastByte = len(slice)
}
chunks = append(chunks, slice[i:lastByte])
}
return chunks
}
// encryptWithPublicKey encrypts data with public key
func encryptWithPublicKey(msg []byte, pub *rsa.PublicKey) ([]byte, error) {
if pub == nil { if pub == nil {
return nil, errors.New("invalid public key when decrypting") return nil, errors.New("invalid public key when decrypting")
} }
hash := sha512.New() hash := sha512.New()
ciphertext, err := rsa.EncryptOAEP(hash, crand.Reader, pub, msg, nil) ciphertext, err := rsa.EncryptOAEP(hash, crand.Reader, pub, msg, []byte(""))
if err != nil { if err != nil {
return nil, err return nil, err
} }
return ciphertext, nil return ciphertext, nil
} }
// DecryptWithPrivateKey decrypts data with private key // decryptWithPrivateKey decrypts data with private key
func DecryptWithPrivateKey(ciphertext []byte, priv *rsa.PrivateKey) []byte { func decryptWithPrivateKey(ciphertext []byte, priv *rsa.PrivateKey) []byte {
hash := sha512.New() hash := sha512.New()
plaintext, err := rsa.DecryptOAEP(hash, crand.Reader, priv, ciphertext, nil) plaintext, err := rsa.DecryptOAEP(hash, crand.Reader, priv, ciphertext, []byte(""))
if err != nil { if err != nil {
return nil return nil
} }