aiolabs/lightning-pub
2
0
Fork 0
Code Issues 9 Pull requests 4 Projects Releases Packages Wiki Activity Actions

Merge pull request #490 from shocknet/bug/bad-mac-debug

Browse source 
Better Encryption logs for debugging
This commit is contained in:
CapDog 2021-10-26 09:02:12 -04:00 committed by GitHub
commit 8146bf6d7c
3 changed files with 27 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

22
src/server.js
View file

@ -124,6 +124,12 @@ const server = program => {
const deviceId = req.headers['encryption-device-id']
const oldSend = res.send
console.log({
deviceId,
encryptionDisabled: process.env.SHOCK_ENCRYPTION_ECC === 'false',
unprotectedRoute: nonEncryptedRoutes.includes(req.path)
})
if (
nonEncryptedRoutes.includes(req.path) ||
process.env.SHOCK_ENCRYPTION_ECC === 'false'
@ -403,16 +409,18 @@ const server = program => {
})
}
if(process.env.ALLOW_UNLOCKED_LND === 'true'){
const codes = await Storage.valuesWithKeyMatch(/^UnlockedAccessSecrets\//u)
if(codes.length === 0){
if (process.env.ALLOW_UNLOCKED_LND === 'true') {
const codes = await Storage.valuesWithKeyMatch(
/^UnlockedAccessSecrets\//u
)
if (codes.length === 0) {
const code = ECC.generateRandomString(12)
await Storage.setItem(`UnlockedAccessSecrets/${code}`, false)
await Storage.setItem(`FirstAccessSecret`, code)
logger.info("the access code is:"+code)
} else if(codes.length === 1 && codes[0] === false){
const firstCode = await Storage.getItem("FirstAccessSecret")
logger.info("the access code is:"+firstCode)
logger.info('the access code is:' + code)
} else if (codes.length === 1 && codes[0] === false) {
const firstCode = await Storage.getItem('FirstAccessSecret')
logger.info('the access code is:' + firstCode)
}
}
serverInstance.listen(serverPort, serverHost)

8
utils/ECC/crypto.js
View file

@ -8,6 +8,7 @@ const FieldError = require("../fieldError")
* @prop {Buffer} iv
* @prop {Buffer} mac
* @prop {Buffer} ephemPublicKey
* @prop {any?} metadata
*/
/**
@ -16,6 +17,7 @@ const FieldError = require("../fieldError")
* @prop {string} iv
* @prop {string} mac
* @prop {string} ephemPublicKey
* @prop {any?} metadata
*/
const generateRandomString = (length = 16) =>
@ -70,7 +72,8 @@ const convertToEncryptedMessageResponse = (encryptedMessage) => {
ciphertext: convertBufferToBase64(encryptedMessage.ciphertext),
iv: convertBufferToBase64(encryptedMessage.iv),
mac: convertBufferToBase64(encryptedMessage.mac),
ephemPublicKey: convertBufferToBase64(encryptedMessage.ephemPublicKey)
ephemPublicKey: convertBufferToBase64(encryptedMessage.ephemPublicKey),
metadata: encryptedMessage.metadata
};
}
@ -105,7 +108,8 @@ const convertToEncryptedMessage = (encryptedMessage) => {
ciphertext: convertBase64ToBuffer(encryptedMessage.ciphertext),
iv: convertBase64ToBuffer(encryptedMessage.iv),
mac: convertBase64ToBuffer(encryptedMessage.mac),
ephemPublicKey: convertBase64ToBuffer(encryptedMessage.ephemPublicKey)
ephemPublicKey: convertBase64ToBuffer(encryptedMessage.ephemPublicKey),
metadata: encryptedMessage.metadata
};
}
throw new FieldError({

8
utils/ECC/index.js
View file

@ -134,7 +134,11 @@ const encryptMessage = async ({ message = '', deviceId }) => {
ciphertext: encryptedMessage.ciphertext,
iv: encryptedMessage.iv,
mac: encryptedMessage.mac,
ephemPublicKey: encryptedMessage.ephemPublicKey
ephemPublicKey: encryptedMessage.ephemPublicKey,
metadata: {
_deviceId: deviceId,
_publicKey: publicKey
}
}
return convertToEncryptedMessageResponse(encryptedMessageResponse)
@ -143,7 +147,7 @@ const encryptMessage = async ({ message = '', deviceId }) => {
/**
* Decrypts the specified message using the API keypair
* associated with the specified deviceId
* @param {{ encryptedMessage: EncryptedMessage, deviceId: string }} arg0
* @param {{ encryptedMessage: import('./crypto').EncryptedMessageResponse, deviceId: string }} arg0
*/
const decryptMessage = async ({ encryptedMessage, deviceId }) => {
const keyPair = nodeKeyPairs.get(deviceId)