Make private key and public key lazy static variables
This commit is contained in:
parent
c50f58269f
commit
9671a6891f
|
@ -1121,6 +1121,7 @@ dependencies = [
|
|||
"hex",
|
||||
"hmac",
|
||||
"http",
|
||||
"lazy_static",
|
||||
"r2d2",
|
||||
"r2d2_sqlite",
|
||||
"regex",
|
||||
|
|
|
@ -10,6 +10,7 @@ curve25519-parser = "0.2"
|
|||
hex = "0.4"
|
||||
hmac = "0.10"
|
||||
http = "0.2"
|
||||
lazy_static = "1.4"
|
||||
regex = "1.4"
|
||||
rusqlite = "0.24"
|
||||
r2d2_sqlite = "0.17"
|
||||
|
|
|
@ -17,7 +17,7 @@ type HmacSha256 = Hmac<Sha256>;
|
|||
|
||||
const IV_SIZE: usize = 12;
|
||||
|
||||
pub async fn get_x25519_symmetric_key(public_key: Vec<u8>, private_key: x25519_dalek::StaticSecret) -> Result<Vec<u8>, warp::reject::Rejection> {
|
||||
pub async fn get_x25519_symmetric_key(public_key: Vec<u8>, private_key: &x25519_dalek::StaticSecret) -> Result<Vec<u8>, warp::reject::Rejection> {
|
||||
if public_key.len() != 32 {
|
||||
println!("Couldn't create symmetric key using public key of invalid length: {}.", hex::encode(public_key));
|
||||
return Err(warp::reject::custom(Error::DecryptionFailed));
|
||||
|
|
|
@ -9,7 +9,7 @@ mod storage;
|
|||
|
||||
#[tokio::main]
|
||||
async fn main() {
|
||||
let public_key = hex::encode(onion_requests::get_public_key().as_bytes());
|
||||
let public_key = hex::encode(onion_requests::PUBLIC_KEY.as_bytes());
|
||||
println!("The public key of this server is: {}", public_key);
|
||||
let pool = storage::pool();
|
||||
let conn = storage::conn(&pool).unwrap();
|
||||
|
|
|
@ -20,6 +20,19 @@ struct OnionRequestPayloadMetadata {
|
|||
pub ephemeral_key: String
|
||||
}
|
||||
|
||||
lazy_static::lazy_static! {
|
||||
|
||||
pub static ref PRIVATE_KEY: x25519_dalek::StaticSecret = {
|
||||
let bytes = include_bytes!("../x25519_private_key.pem");
|
||||
return curve25519_parser::parse_openssl_25519_privkey(bytes).unwrap();
|
||||
};
|
||||
|
||||
pub static ref PUBLIC_KEY: x25519_dalek::PublicKey = {
|
||||
let bytes = include_bytes!("../x25519_public_key.pem");
|
||||
return curve25519_parser::parse_openssl_25519_pubkey(bytes).unwrap();
|
||||
};
|
||||
}
|
||||
|
||||
pub async fn handle_onion_request(blob: warp::hyper::body::Bytes, pool: storage::DatabaseConnectionPool) -> Result<impl warp::Reply, Rejection> {
|
||||
let payload = parse_onion_request_payload(blob).await?;
|
||||
let plaintext = decrypt_onion_request_payload(payload).await?;
|
||||
|
@ -79,25 +92,13 @@ async fn parse_onion_request_payload(blob: warp::hyper::body::Bytes) -> Result<O
|
|||
|
||||
async fn decrypt_onion_request_payload(payload: OnionRequestPayload) -> Result<Vec<u8>, Rejection> {
|
||||
let ephemeral_key = hex::decode(payload.metadata.ephemeral_key).unwrap(); // Safe because it was validated in the parsing step
|
||||
let symmetric_key = crypto::get_x25519_symmetric_key(ephemeral_key, get_private_key()).await?;
|
||||
let symmetric_key = crypto::get_x25519_symmetric_key(ephemeral_key, &PRIVATE_KEY).await?;
|
||||
let plaintext = crypto::decrypt_aes_gcm(payload.ciphertext, symmetric_key).await?;
|
||||
return Ok(plaintext);
|
||||
}
|
||||
|
||||
// Utilities
|
||||
|
||||
// FIXME: get_private_key() and get_public_key() should be lazy static variables
|
||||
|
||||
fn get_private_key() -> x25519_dalek::StaticSecret {
|
||||
let bytes = include_bytes!("../x25519_private_key.pem");
|
||||
return curve25519_parser::parse_openssl_25519_privkey(bytes).unwrap();
|
||||
}
|
||||
|
||||
pub fn get_public_key() -> x25519_dalek::PublicKey {
|
||||
let bytes = include_bytes!("../x25519_public_key.pem");
|
||||
return curve25519_parser::parse_openssl_25519_pubkey(bytes).unwrap();
|
||||
}
|
||||
|
||||
fn as_le_u32(array: &[u8; 4]) -> u32 {
|
||||
((array[0] as u32) << 00) +
|
||||
((array[1] as u32) << 08) +
|
||||
|
|
Loading…
Reference in New Issue