-
Notifications
You must be signed in to change notification settings - Fork 0
/
partial_signer.go
64 lines (50 loc) · 1.38 KB
/
partial_signer.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
package octokey
import (
"errors"
"io/ioutil"
"math/big"
"net/http"
"reflect"
"strings"
)
// A PartialSigner uses an escrow server to partially sign an mRSA request.
// Internally it sends a SignRequest to the server and expects a SignRequest
// response (which it could forward on to further servers if necessary)
type PartialSigner struct {
Url string
Key *PublicKey
}
// PartialDecrypt is used by the mrsa.Session to actually perform decryption.
func (ps *PartialSigner) PartialDecrypt(c *big.Int) (*big.Int, error) {
request := new(SignRequest)
request.Key = ps.Key
request.M = c
resp, err := ps.makeRequest(request.String())
if err != nil {
return nil, err
}
response, err := NewSignRequest(resp)
if err != nil {
return nil, err
}
if !reflect.DeepEqual(response.Key, request.Key) {
return nil, errors.New("octokey/partial_signer: invalid response")
}
return response.M, nil
}
// makeRequest sends a sign reqquest to the mRSA escrow server and returns
// the resulting sign request
func (ps *PartialSigner) makeRequest(str string) (string, error) {
res, err := http.Post(ps.Url, "octokey/sign-request", strings.NewReader(str))
if err != nil {
return "", err
}
if res.StatusCode != 200 {
return "", errors.New("octokey/partial_signer: got non-200 response")
}
body, err := ioutil.ReadAll(res.Body)
if err != nil {
return "", err
}
return string(body), nil
}