-
Notifications
You must be signed in to change notification settings - Fork 2
/
grpc.go
102 lines (80 loc) · 2.14 KB
/
grpc.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
package wgephemeralpeer
import (
"context"
"errors"
"time"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
ggrpc "google.golang.org/grpc"
"google.golang.org/grpc/credentials/insecure"
"github.com/mullvad/wgephemeralpeer/internal/grpc"
)
var (
ErrMissingPostQuantumResponse = errors.New("missing post quantum response")
)
const grpcAddress = "10.64.0.1:1337"
func (ep *ephemeralPeer) register(publicKey, ephemeralPublicKey *wgtypes.Key) (*wgtypes.Key, error) {
ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)
defer cancel()
conn, err := ggrpc.DialContext(
ctx,
grpcAddress,
ggrpc.WithTransportCredentials(insecure.NewCredentials()),
ggrpc.WithBlock(),
)
if err != nil {
return nil, err
}
defer conn.Close()
c := grpc.NewEphemeralPeerClient(conn)
req := ep.getRegisterRequest(publicKey, ephemeralPublicKey)
resp, err := c.RegisterPeerV1(ctx, req)
if err != nil {
return nil, err
}
if req.PostQuantum != nil && resp.PostQuantum == nil {
return nil, ErrMissingPostQuantumResponse
}
if resp.PostQuantum != nil {
pskBytes, err := ep.generatePSK(resp.PostQuantum.Ciphertexts)
if err != nil {
return nil, err
}
psk, err := wgtypes.NewKey(pskBytes)
if err != nil {
return nil, err
}
return &psk, nil
}
return nil, nil
}
func (ep *ephemeralPeer) getRegisterRequest(publicKey, ephemeralPublicKey *wgtypes.Key) *grpc.EphemeralPeerRequestV1 {
req := grpc.EphemeralPeerRequestV1{
WgParentPubkey: publicKey[:],
WgEphemeralPeerPubkey: ephemeralPublicKey[:],
}
if len(ep.kems) > 0 {
req.PostQuantum = ep.getRegisterPQRequest()
}
if ep.daita {
req.Daita = &grpc.DaitaRequestV1{ActivateDaita: true}
}
return &req
}
func (ep *ephemeralPeer) getRegisterPQRequest() *grpc.PostQuantumRequestV1 {
var kp []*grpc.KemPubkeyV1
for _, k := range ep.kems {
kp = append(kp, &grpc.KemPubkeyV1{
AlgorithmName: getAlgorithmName(k.scheme.Name()),
KeyData: k.publicKey,
})
}
return &grpc.PostQuantumRequestV1{KemPubkeys: kp}
}
func getAlgorithmName(name string) string {
switch name {
case "mceliece460896":
return "Classic-McEliece-460896f-round3"
default:
return name
}
}