From 1896264f8c43dfe257d4efdca32ece3c3d1619b9 Mon Sep 17 00:00:00 2001 From: Leonard Lyubich Date: Fri, 15 May 2020 16:05:02 +0300 Subject: [PATCH] service: add owner key to a signed payload of SessionToken --- service/token.go | 8 +++++--- service/token_test.go | 27 +++++++++++++++++++++++++++ 2 files changed, 32 insertions(+), 3 deletions(-) diff --git a/service/token.go b/service/token.go index 2497718a..a5dd5da3 100644 --- a/service/token.go +++ b/service/token.go @@ -174,11 +174,11 @@ func NewVerifiedSessionToken(token SessionToken) DataWithSignature { } } -func tokenInfoSize(v SessionKeySource) int { +func tokenInfoSize(v SessionTokenInfo) int { if v == nil { return 0 } - return fixedTokenDataSize + len(v.GetSessionKey()) + return fixedTokenDataSize + len(v.GetSessionKey()) + len(v.GetOwnerKey()) } // Fills passed buffer with signing token information bytes. @@ -208,7 +208,9 @@ func copyTokenSignedData(buf []byte, token SessionTokenInfo) { tokenEndianness.PutUint64(buf[off:], token.ExpirationEpoch()) off += 8 - copy(buf[off:], token.GetSessionKey()) + off += copy(buf[off:], token.GetSessionKey()) + + copy(buf[off:], token.GetOwnerKey()) } // SignedData concatenates signed data with session token information. Returns concatenation result. diff --git a/service/token_test.go b/service/token_test.go index e8599e76..43e380d7 100644 --- a/service/token_test.go +++ b/service/token_test.go @@ -77,6 +77,16 @@ func TestTokenGettersSetters(t *testing.T) { require.Equal(t, key, tok.GetSessionKey()) } + { + key := make([]byte, 10) + _, err := rand.Read(key) + require.NoError(t, err) + + tok.SetOwnerKey(key) + + require.Equal(t, key, tok.GetOwnerKey()) + } + { // Signature sig := make([]byte, 10) _, err := rand.Read(sig) @@ -126,6 +136,11 @@ func TestSignToken(t *testing.T) { require.NoError(t, err) token.SetSessionKey(sessionKey) + ownerKey := make([]byte, 10) + _, err = rand.Read(ownerKey[:]) + require.NoError(t, err) + token.SetOwnerKey(ownerKey) + signedToken := NewSignedSessionToken(token) verifiedToken := NewVerifiedSessionToken(token) @@ -211,6 +226,18 @@ func TestSignToken(t *testing.T) { token.SetSessionKey(sessionKey) }, }, + { // Owner key + corrupt: func() { + ownerKey := token.GetOwnerKey() + ownerKey[0]++ + token.SetOwnerKey(ownerKey) + }, + restore: func() { + ownerKey := token.GetOwnerKey() + ownerKey[0]-- + token.SetOwnerKey(ownerKey) + }, + }, } for _, v := range items {