diff --git a/derp/derp_client.go b/derp/derp_client.go index fef5120f4..1917724d1 100644 --- a/derp/derp_client.go +++ b/derp/derp_client.go @@ -6,35 +6,35 @@ package derp import ( "bufio" - "crypto/rand" + crand "crypto/rand" "encoding/json" "fmt" "io" "net" "time" - "golang.org/x/crypto/curve25519" "golang.org/x/crypto/nacl/box" + "tailscale.com/types/key" "tailscale.com/types/logger" ) type Client struct { - serverKey [32]byte - privateKey [32]byte // TODO(crawshaw): make this wgcfg.PrivateKey? - publicKey [32]byte + serverKey key.Public // of the DERP server; not a machine or node key + privateKey key.Private + publicKey key.Public // of privateKey logf logger.Logf netConn net.Conn conn *bufio.ReadWriter } -func NewClient(privateKey [32]byte, netConn net.Conn, conn *bufio.ReadWriter, logf logger.Logf) (*Client, error) { +func NewClient(privateKey key.Private, netConn net.Conn, conn *bufio.ReadWriter, logf logger.Logf) (*Client, error) { c := &Client{ privateKey: privateKey, + publicKey: privateKey.Public(), logf: logf, netConn: netConn, conn: conn, } - curve25519.ScalarBaseMult(&c.publicKey, &c.privateKey) if err := c.recvServerKey(); err != nil { return nil, fmt.Errorf("derp.Client: failed to receive server key: %v", err) @@ -83,7 +83,7 @@ func (c *Client) recvServerInfo() (*serverInfo, error) { if _, err := io.ReadFull(c.conn, msgbox); err != nil { return nil, fmt.Errorf("msgbox: %v", err) } - msg, ok := box.Open(nil, msgbox, &nonce, &c.serverKey, &c.privateKey) + msg, ok := box.Open(nil, msgbox, &nonce, c.serverKey.B32(), c.privateKey.B32()) if !ok { return nil, fmt.Errorf("msgbox: cannot open len=%d with server key %x", msgLen, c.serverKey[:]) } @@ -96,11 +96,11 @@ func (c *Client) recvServerInfo() (*serverInfo, error) { func (c *Client) sendClientKey() error { var nonce [24]byte - if _, err := rand.Read(nonce[:]); err != nil { + if _, err := crand.Read(nonce[:]); err != nil { return err } msg := []byte("{}") // no clientInfo for now - msgbox := box.Seal(nil, msg, &nonce, &c.serverKey, &c.privateKey) + msgbox := box.Seal(nil, msg, &nonce, c.serverKey.B32(), c.privateKey.B32()) if _, err := c.conn.Write(c.publicKey[:]); err != nil { return err diff --git a/tailcfg/tailcfg.go b/tailcfg/tailcfg.go index ad127d155..ac8ba922e 100644 --- a/tailcfg/tailcfg.go +++ b/tailcfg/tailcfg.go @@ -31,8 +31,10 @@ type RoleID ID type CapabilityID ID +// MachineKey is the curve25519 public key for a machine. type MachineKey [32]byte +// MachineKey is the curve25519 public key for a node. type NodeKey [32]byte type Group struct { diff --git a/types/key/key.go b/types/key/key.go new file mode 100644 index 000000000..576714797 --- /dev/null +++ b/types/key/key.go @@ -0,0 +1,30 @@ +// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package key defines some types related to curve25519 keys. +package key + +import "golang.org/x/crypto/curve25519" + +// Private represents a curve25519 private key. +type Private [32]byte + +// B32 returns k as the *[32]byte type that's used by the +// golang.org/x/crypto packages. This allocates; it might +// not be appropriate for performance-sensitive paths. +func (k Private) B32() *[32]byte { return (*[32]byte)(&k) } + +// Public represents a curve25519 public key. +type Public [32]byte + +// B32 returns k as the *[32]byte type that's used by the +// golang.org/x/crypto packages. This allocates; it might +// not be appropriate for performance-sensitive paths. +func (k Public) B32() *[32]byte { return (*[32]byte)(&k) } + +func (k Private) Public() Public { + var pub [32]byte + curve25519.ScalarBaseMult(&pub, (*[32]byte)(&k)) + return Public(pub) +}