ricochet-go/core/identity.go

package core

import (
	"crypto/rsa"
	"encoding/base64"
	"errors"
	"github.com/ricochet-im/ricochet-go/core/utils"
	protocol "github.com/s-rah/go-ricochet"
	"github.com/yawning/bulb/utils/pkcs1"
	"log"
	"sync"
)

// Identity represents the local user, including their contact address,
// and contains the contacts list.
type Identity struct {
	core *Ricochet

	mutex sync.Mutex

	address     string
	privateKey  *rsa.PrivateKey
	contactList *ContactList

	ConversationStream *utils.Publisher
}

func CreateIdentity(core *Ricochet) (*Identity, error) {
	me := &Identity{
		core:               core,
		ConversationStream: utils.CreatePublisher(),
	}

	if err := me.loadIdentity(); err != nil {
		log.Printf("Failed loading identity: %v", err)
		return nil, err
	}

	contactList, err := LoadContactList(core)
	if err != nil {
		log.Printf("Failed loading contact list: %v", err)
		return nil, err
	}
	me.contactList = contactList

	go me.publishService(me.privateKey)
	return me, nil
}

func (me *Identity) loadIdentity() error {
	config := me.core.Config.OpenRead()
	defer config.Close()

	if config.Identity.ServiceKey != "" {
		keyData, err := base64.StdEncoding.DecodeString(config.Identity.ServiceKey)
		if err != nil {
			return err
		}

		me.privateKey, _, err = pkcs1.DecodePrivateKeyDER(keyData)
		if err != nil {
			return err
		}
		me.address, err = utils.RicochetAddressFromKey(&me.privateKey.PublicKey)
		if err != nil {
			return err
		}

		log.Printf("Loaded identity %s", me.address)
	} else {
		log.Printf("Initializing new identity")
	}

	return nil
}

func (me *Identity) setPrivateKey(key *rsa.PrivateKey) error {
	me.mutex.Lock()
	defer me.mutex.Unlock()

	if me.privateKey != nil || me.address != "" {
		return errors.New("Cannot change private key on identity")
	}

	// Save key to config
	keyData, err := pkcs1.EncodePrivateKeyDER(key)
	if err != nil {
		return err
	}
	config := me.core.Config.OpenWrite()
	config.Identity.ServiceKey = base64.StdEncoding.EncodeToString(keyData)
	config.Save()

	// Update Identity
	me.address, err = utils.RicochetAddressFromKey(&key.PublicKey)
	if err != nil {
		return err
	}
	me.privateKey = key

	log.Printf("Created new identity %s", me.address)
	return nil
}

type identityService struct {
	Identity   *Identity
	MyHostname string
}

func (is *identityService) OnNewConnection(oc *protocol.OpenConnection) {
	log.Printf("Inbound connection accepted")
	oc.MyHostname = is.MyHostname
	// XXX Should have pre-auth handling, timeouts
	identity := is.Identity
	handler := &ProtocolConnection{
		Conn: oc,
		GetContactByHostname: func(hostname string) *Contact {
			return identity.ContactList().ContactByAddress("ricochet:" + hostname)
		},
	}
	go oc.Process(handler)
}

func (is *identityService) OnFailedConnection(err error) {
	log.Printf("Inbound connection failed: %v", err)
}

// BUG(special): No error handling for failures under publishService
func (me *Identity) publishService(key *rsa.PrivateKey) {
	// This call will block until a control connection is available and the
	// ADD_ONION command has returned. After creating the listener, it will
	// be automatically re-published if the control connection is lost and
	// later reconnected.
	service, listener, err := me.core.Network.NewOnionListener(9878, key)
	if err != nil {
		log.Printf("Identity listener failed: %v", err)
		// XXX handle
		return
	}

	if key == nil {
		if service.PrivateKey == nil {
			log.Printf("Setting private key failed: no key returned")
			// XXX handle
			return
		}

		err := me.setPrivateKey(service.PrivateKey.(*rsa.PrivateKey))
		if err != nil {
			log.Printf("Setting private key failed: %v", err)
			// XXX handle
			return
		}
	}

	log.Printf("Identity service published, accepting connections")
	is := &identityService{
		Identity:   me,
		MyHostname: me.Address()[9:],
	}

	err = protocol.Serve(listener, is)
	if err != nil {
		log.Printf("Identity listener failed: %v", err)
		// XXX handle
		return
	}
}

func (me *Identity) Address() string {
	return me.address
}

func (me *Identity) ContactList() *ContactList {
	return me.contactList
}

func (me *Identity) PrivateKey() rsa.PrivateKey {
	return *me.privateKey
}
Skeleton of core API 2016-07-01 05:18:55 +02:00			`package core`

core: Load identity from config Also, slightly refactor Ricochet to be an interface to get the various top-level components, and let the implementation define it (such as backend's RicochetCore RPC type) 2016-08-30 03:49:30 +02:00			`import (`
			`"crypto/rsa"`
			`"encoding/base64"`
			`"errors"`
Change imports after moving repository 2016-10-17 06:26:35 +02:00			`"github.com/ricochet-im/ricochet-go/core/utils"`
core: RPC and config for outbound contact requests 2016-10-27 21:57:04 +02:00			`protocol "github.com/s-rah/go-ricochet"`
core: Load identity from config Also, slightly refactor Ricochet to be an interface to get the various top-level components, and let the implementation define it (such as backend's RicochetCore RPC type) 2016-08-30 03:49:30 +02:00			`"github.com/yawning/bulb/utils/pkcs1"`
			`"log"`
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`"sync"`
core: Load identity from config Also, slightly refactor Ricochet to be an interface to get the various top-level components, and let the implementation define it (such as backend's RicochetCore RPC type) 2016-08-30 03:49:30 +02:00			`)`
Skeleton of core API 2016-07-01 05:18:55 +02:00
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`// Identity represents the local user, including their contact address,`
			`// and contains the contacts list.`
core: Load identity from config Also, slightly refactor Ricochet to be an interface to get the various top-level components, and let the implementation define it (such as backend's RicochetCore RPC type) 2016-08-30 03:49:30 +02:00			`type Identity struct {`
core: Change the 'Ricochet' API again 2016-09-11 06:57:54 +02:00			`core *Ricochet`
core: Load contacts from config 2016-08-30 04:46:41 +02:00
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`mutex sync.Mutex`
Skeleton of core API 2016-07-01 05:18:55 +02:00
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`address string`
			`privateKey *rsa.PrivateKey`
Skeleton of core API 2016-07-01 05:18:55 +02:00			`contactList *ContactList`
core: More of the conversation implementation Improved parts of the conversation implementation, moved the conversation event monitor to Identity, added event monitor population, and other minor changes. 2016-10-16 02:04:19 +02:00
			`ConversationStream *utils.Publisher`
Skeleton of core API 2016-07-01 05:18:55 +02:00			`}`

core: Change the 'Ricochet' API again 2016-09-11 06:57:54 +02:00			`func CreateIdentity(core Ricochet) (Identity, error) {`
core: Load contacts from config 2016-08-30 04:46:41 +02:00			`me := &Identity{`
core: More of the conversation implementation Improved parts of the conversation implementation, moved the conversation event monitor to Identity, added event monitor population, and other minor changes. 2016-10-16 02:04:19 +02:00			`core: core,`
			`ConversationStream: utils.CreatePublisher(),`
core: Load contacts from config 2016-08-30 04:46:41 +02:00			`}`

core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`if err := me.loadIdentity(); err != nil {`
			`log.Printf("Failed loading identity: %v", err)`
core: Load contacts from config 2016-08-30 04:46:41 +02:00			`return nil, err`
			`}`

			`contactList, err := LoadContactList(core)`
			`if err != nil {`
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`log.Printf("Failed loading contact list: %v", err)`
core: Load contacts from config 2016-08-30 04:46:41 +02:00			`return nil, err`
			`}`
			`me.contactList = contactList`
core: Load identity from config Also, slightly refactor Ricochet to be an interface to get the various top-level components, and let the implementation define it (such as backend's RicochetCore RPC type) 2016-08-30 03:49:30 +02:00
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`go me.publishService(me.privateKey)`
core: Load contacts from config 2016-08-30 04:46:41 +02:00			`return me, nil`
			`}`

			`func (me *Identity) loadIdentity() error {`
core: Change the 'Ricochet' API again 2016-09-11 06:57:54 +02:00			`config := me.core.Config.OpenRead()`
core: Load identity from config Also, slightly refactor Ricochet to be an interface to get the various top-level components, and let the implementation define it (such as backend's RicochetCore RPC type) 2016-08-30 03:49:30 +02:00			`defer config.Close()`
core: Load contacts from config 2016-08-30 04:46:41 +02:00
core: Load identity from config Also, slightly refactor Ricochet to be an interface to get the various top-level components, and let the implementation define it (such as backend's RicochetCore RPC type) 2016-08-30 03:49:30 +02:00			`if config.Identity.ServiceKey != "" {`
			`keyData, err := base64.StdEncoding.DecodeString(config.Identity.ServiceKey)`
			`if err != nil {`
core: Load contacts from config 2016-08-30 04:46:41 +02:00			`return err`
core: Load identity from config Also, slightly refactor Ricochet to be an interface to get the various top-level components, and let the implementation define it (such as backend's RicochetCore RPC type) 2016-08-30 03:49:30 +02:00			`}`

			`me.privateKey, _, err = pkcs1.DecodePrivateKeyDER(keyData)`
			`if err != nil {`
core: Load contacts from config 2016-08-30 04:46:41 +02:00			`return err`
core: Load identity from config Also, slightly refactor Ricochet to be an interface to get the various top-level components, and let the implementation define it (such as backend's RicochetCore RPC type) 2016-08-30 03:49:30 +02:00			`}`
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`me.address, err = utils.RicochetAddressFromKey(&me.privateKey.PublicKey)`
core: Load identity from config Also, slightly refactor Ricochet to be an interface to get the various top-level components, and let the implementation define it (such as backend's RicochetCore RPC type) 2016-08-30 03:49:30 +02:00			`if err != nil {`
core: Load contacts from config 2016-08-30 04:46:41 +02:00			`return err`
core: Load identity from config Also, slightly refactor Ricochet to be an interface to get the various top-level components, and let the implementation define it (such as backend's RicochetCore RPC type) 2016-08-30 03:49:30 +02:00			`}`
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00
			`log.Printf("Loaded identity %s", me.address)`
			`} else {`
			`log.Printf("Initializing new identity")`
			`}`

			`return nil`
			`}`

			`func (me Identity) setPrivateKey(key rsa.PrivateKey) error {`
			`me.mutex.Lock()`
			`defer me.mutex.Unlock()`

			`if me.privateKey != nil \|\| me.address != "" {`
			`return errors.New("Cannot change private key on identity")`
			`}`

			`// Save key to config`
			`keyData, err := pkcs1.EncodePrivateKeyDER(key)`
			`if err != nil {`
			`return err`
			`}`
			`config := me.core.Config.OpenWrite()`
			`config.Identity.ServiceKey = base64.StdEncoding.EncodeToString(keyData)`
			`config.Save()`

			`// Update Identity`
			`me.address, err = utils.RicochetAddressFromKey(&key.PublicKey)`
			`if err != nil {`
			`return err`
Skeleton of core API 2016-07-01 05:18:55 +02:00			`}`
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`me.privateKey = key`
Skeleton of core API 2016-07-01 05:18:55 +02:00
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`log.Printf("Created new identity %s", me.address)`
core: Load contacts from config 2016-08-30 04:46:41 +02:00			`return nil`
Skeleton of core API 2016-07-01 05:18:55 +02:00			`}`

core: Adapt to protocol API changes 2016-10-10 02:31:26 +02:00			`type identityService struct {`
			`Identity *Identity`
			`MyHostname string`
			`}`

			`func (is identityService) OnNewConnection(oc protocol.OpenConnection) {`
			`log.Printf("Inbound connection accepted")`
			`oc.MyHostname = is.MyHostname`
			`// XXX Should have pre-auth handling, timeouts`
			`identity := is.Identity`
			`handler := &ProtocolConnection{`
			`Conn: oc,`
			`GetContactByHostname: func(hostname string) *Contact {`
			`return identity.ContactList().ContactByAddress("ricochet:" + hostname)`
			`},`
			`}`
			`go oc.Process(handler)`
			`}`

			`func (is *identityService) OnFailedConnection(err error) {`
			`log.Printf("Inbound connection failed: %v", err)`
			`}`

core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`// BUG(special): No error handling for failures under publishService`
			`func (me Identity) publishService(key rsa.PrivateKey) {`
core: Attach protocol connections to Contact 2016-09-16 02:32:58 +02:00			`// This call will block until a control connection is available and the`
			`// ADD_ONION command has returned. After creating the listener, it will`
			`// be automatically re-published if the control connection is lost and`
			`// later reconnected.`
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`service, listener, err := me.core.Network.NewOnionListener(9878, key)`
			`if err != nil {`
			`log.Printf("Identity listener failed: %v", err)`
			`// XXX handle`
			`return`
			`}`

			`if key == nil {`
core: Attach protocol connections to Contact 2016-09-16 02:32:58 +02:00			`if service.PrivateKey == nil {`
			`log.Printf("Setting private key failed: no key returned")`
			`// XXX handle`
			`return`
			`}`

core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`err := me.setPrivateKey(service.PrivateKey.(*rsa.PrivateKey))`
			`if err != nil {`
			`log.Printf("Setting private key failed: %v", err)`
			`// XXX handle`
			`return`
			`}`
			`}`

			`log.Printf("Identity service published, accepting connections")`
core: Adapt to protocol API changes 2016-10-10 02:31:26 +02:00			`is := &identityService{`
			`Identity: me,`
			`MyHostname: me.Address()[9:],`
			`}`

			`err = protocol.Serve(listener, is)`
			`if err != nil {`
			`log.Printf("Identity listener failed: %v", err)`
			`// XXX handle`
			`return`
			`}`
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00			`}`

Skeleton of core API 2016-07-01 05:18:55 +02:00			`func (me *Identity) Address() string {`
			`return me.address`
			`}`

			`func (me Identity) ContactList() ContactList {`
			`return me.contactList`
			`}`
core: Add protocol from s-rah and accept inbound connections Start using Sarah's protocol implementation (plus some patches to be merged there), publish the local onion service, and handle inbound connections. 2016-09-11 06:35:03 +02:00
			`func (me *Identity) PrivateKey() rsa.PrivateKey {`
			`return *me.privateKey`
			`}`