Merge branch 'master' of https://github.com/jedisct1/piknik

* 'master' of https://github.com/jedisct1/piknik: Do not use a hybrid configuration for testing In the server, use the key ID from the client
jedisct1 · Jul 23, 2016 · b855210 · b855210
2 parents 78fa809 + 43aa9bb
commit b855210
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 15 deletions.
diff --git a/auth.go b/auth.go
@@ -50,7 +50,7 @@ func auth2get(conf Conf, clientVersion byte, h1 []byte, opcode byte) []byte {
 }
 
 func auth2store(conf Conf, clientVersion byte, h1 []byte, opcode byte,
-	signature []byte) []byte {
+	encryptSkID []byte, signature []byte) []byte {
 	hf2, _ := blake2b.New(&blake2b.Config{
 		Key:    conf.Psk,
 		Person: []byte(DomainStr),
@@ -59,7 +59,7 @@ func auth2store(conf Conf, clientVersion byte, h1 []byte, opcode byte,
 	})
 	hf2.Write(h1)
 	hf2.Write([]byte{opcode})
-	hf2.Write(conf.EncryptSkID)
+	hf2.Write(encryptSkID)
 	hf2.Write(signature)
 	h2 := hf2.Sum(nil)
 

diff --git a/client.go b/client.go
@@ -48,7 +48,7 @@ func (client *Client) copyOperation(h1 []byte) {
 	ciphertext := ciphertextWithNonce[24:]
 	cipher.XORKeyStream(ciphertext, content)
 	signature := ed25519.Sign(conf.SignSk, ciphertextWithNonce)
-	h2 := auth2store(conf, client.version, h1, opcode, signature)
+	h2 := auth2store(conf, client.version, h1, opcode, conf.EncryptSkID, signature)
 	writer.WriteByte(opcode)
 	writer.Write(h2)
 	ciphertextWithNonceLen := uint64(len(ciphertextWithNonce))

diff --git a/server.go b/server.go
@@ -95,14 +95,16 @@ func (cnx *ClientConnection) storeOperation(h1 []byte) {
 			ciphertextWithNonceLen, conf.MaxLen, conf.MaxLen/(1024*1024))
 		return
 	}
-	encryptedSkID := rbuf[40:48]
+	encryptSkID := rbuf[40:48]
 	signature := rbuf[48:112]
 	opcode := byte('S')
-	wh2 := auth2store(conf, cnx.clientVersion, h1, opcode, signature)
+
+	wh2 := auth2store(conf, cnx.clientVersion, h1, opcode, encryptSkID, signature)
 	if subtle.ConstantTimeCompare(wh2, h2) != 1 {
 		return
 	}
 	ciphertextWithNonce := make([]byte, ciphertextWithNonceLen)
+
 	if _, err := io.ReadFull(reader, ciphertextWithNonce); err != nil {
 		log.Print(err)
 		return
@@ -113,7 +115,7 @@ func (cnx *ClientConnection) storeOperation(h1 []byte) {
 	h3 := auth3store(conf, cnx.clientVersion, h2)
 
 	storedContentRWMutex.Lock()
-	storedContent.encryptSkID = encryptedSkID
+	storedContent.encryptSkID = encryptSkID
 	storedContent.signature = signature
 	storedContent.ciphertextWithNonce = ciphertextWithNonce
 	storedContentRWMutex.Unlock()

diff --git a/test.sh b/test.sh
@@ -3,29 +3,35 @@
 set -e
 
 TMPDIR=${TMPDIR:-/tmp}
-PIKNIK="./piknik -config ${TMPDIR}/piknik-test.toml"
+PIKNIK_S="./piknik -config ${TMPDIR}/piknik-test-server.toml -server"
+PIKNIK_C="./piknik -config ${TMPDIR}/piknik-test-client.toml"
 
-cat > "${TMPDIR}/piknik-test.toml" <<EOT
-Connect   = "127.0.0.1:8076"
+cat > "${TMPDIR}/piknik-test-server.toml" <<EOT
 Listen    = "127.0.0.1:8076"
 Psk       = "627ea393638048bc0d5a7554ab58e41e5601e2f4975a214dfc53b500be462a9a"
 SignPk    = "c2e46983e667a37d7d8d69679f40f3a05eb8086337693d91dcaf8546d39ddb5e"
+EOT
+
+cat > "${TMPDIR}/piknik-test-client.toml" <<EOT
+Connect   = "127.0.0.1:8076"
+Psk       = "627ea393638048bc0d5a7554ab58e41e5601e2f4975a214dfc53b500be462a9a"
+SignPk    = "c2e46983e667a37d7d8d69679f40f3a05eb8086337693d91dcaf8546d39ddb5e"
 SignSk    = "7599dad4726247d301c00ce0dc0dbfb9144fa958b4e9db30209a8f9d840ac9ca"
 EncryptSk = "f313e1fd4ad5fee8841d40ca3d54e14041eb05bf7f4888ad8c800ceb61942db6"
 EOT
 
 go build
-$PIKNIK -server &
+$PIKNIK_S &
 pid=$!
 sleep 2
 dd if=/dev/urandom of=/tmp/pi bs=1000 count=1
-$PIKNIK -copy < /tmp/pi
-$PIKNIK -paste > /tmp/pi2
+$PIKNIK_C -copy < /tmp/pi
+$PIKNIK_C -paste > /tmp/pi2
 cmp /tmp/pi /tmp/pi2
-$PIKNIK | $PIKNIK -copy
-$PIKNIK -move > /tmp/pi2
+$PIKNIK_C | $PIKNIK_C -copy
+$PIKNIK_C -move > /tmp/pi2
 cmp /tmp/pi /tmp/pi2
-$PIKNIK && exit 1
+$PIKNIK_C && exit 1
 kill $pid
 
 echo