Skip to content
Snippets Groups Projects
Commit 28e3c60f authored by Peter J. Keleher's avatar Peter J. Keleher
Browse files

auto

parent 04bac8dd
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 19 additions and 18 deletions
p3.md
+ 19
18
View file @ 28e3c60f
# Project 3: Crypto # Project 3: Crypto
**Due: Oct 8, 2023, 11:59:59 pm, v1.01** **Due: Oct 8, 2023, 11:59:59 pm, v1.02**
v1.01 changes: v1.02 changes:
- added `putraw` command and text describing how to verify a signed binding. - added `putraw` command and text describing how to verify a signed binding.
- changed `go run blob.go` to `cli`. Create `cli` w/ `go build -o cli cli.go`.
### Overview ### Overview
...@@ -38,7 +39,7 @@ public key to verify the signatures. As you might expect, public keys ...@@ -38,7 +39,7 @@ public key to verify the signatures. As you might expect, public keys
are not secret, in fact they need to be widely disseminated in order are not secret, in fact they need to be widely disseminated in order
to be used. Private keys are secret. to be used. Private keys are secret.
- `go run blob.go genkeys`: Should generate a 2048-bit RSA private key using the `rsa` routine - `cli genkeys`: Should generate a 2048-bit RSA private key using the `rsa` routine
`GenerateKey`, and write to output file `key.private`. Write the corresponding public key `GenerateKey`, and write to output file `key.private`. Write the corresponding public key
to `key.public`. to `key.public`.
...@@ -115,9 +116,9 @@ add the signature on the end. ...@@ -115,9 +116,9 @@ add the signature on the end.
We define signing on anything in JSON. Let's start with an example file recipe: We define signing on anything in JSON. Let's start with an example file recipe:
``` ```
io> go run blob.go put blob.go io> cli put blob.go
sha256_32_TFBQWYJ7DGDPXPMYUQI7XJCF73FYCB27DP75EPMLBAHXT4JYATEA==== sha256_32_TFBQWYJ7DGDPXPMYUQI7XJCF73FYCB27DP75EPMLBAHXT4JYATEA====
io> go run blob.go desc last io> cli desc last
{ {
"Name": "blob.go", "Name": "blob.go",
"Size": 3228, "Size": 3228,
...@@ -135,9 +136,9 @@ io> go run blob.go desc last ...@@ -135,9 +136,9 @@ io> go run blob.go desc last
``` ```
Signing this blob gives us: Signing this blob gives us:
``` ```
io> go run blob.go -q key.private sign last io> cli -q key.private sign last
sha256_32_63W7EPA6FACLUPU6N2NPVE2IQBUXV7UKIYNXVHRZEKGZJG7EX3EA==== sha256_32_63W7EPA6FACLUPU6N2NPVE2IQBUXV7UKIYNXVHRZEKGZJG7EX3EA====
io> go run blob.go desc last io> cli desc last
{ {
"Name": "blob.go", "Name": "blob.go",
"Size": 3228, "Size": 3228,
...@@ -171,7 +172,7 @@ procedure for generating the signature should be followed exactly: ...@@ -171,7 +172,7 @@ procedure for generating the signature should be followed exactly:
exercise for the reader: exercise for the reader:
``` ```
io> go run blob.go -p key.public verify last io> cli -p key.public verify last
Verification of "sha256_32_63W7EPA6FACLUPU6N2NPVE2IQBUXV7UKIYNXVHRZEKGZJG7EX3EA====" w/ key.public succeeded Verification of "sha256_32_63W7EPA6FACLUPU6N2NPVE2IQBUXV7UKIYNXVHRZEKGZJG7EX3EA====" w/ key.public succeeded
``` ```
...@@ -219,9 +220,9 @@ The following command creates a binding: ...@@ -219,9 +220,9 @@ The following command creates a binding:
Say, for example, that we wish a permanent link to our server's status page. We can create an initial page as follows: Say, for example, that we wish a permanent link to our server's status page. We can create an initial page as follows:
``` ```
io:p3> go run blob.go put status.html io:p3> cli put status.html
sha256_32_ZQOZMQ7KQ3LHR3OCHSBIUIUITUM3HJRNGG6WMTXHSENUQN54PIZA==== sha256_32_ZQOZMQ7KQ3LHR3OCHSBIUIUITUM3HJRNGG6WMTXHSENUQN54PIZA====
io:p3> go run blob.go desc last io:p3> cli desc last
{ {
"Name": "status.html", "Name": "status.html",
"Size": 75, "Size": 75,
...@@ -246,9 +247,9 @@ The above work (w/ the http server listening to port 8000), but it's ...@@ -246,9 +247,9 @@ The above work (w/ the http server listening to port 8000), but it's
unwieldy and immutable. unwieldy and immutable.
We can use a *binding* to make the status mutable and easier to type/remember: We can use a *binding* to make the status mutable and easier to type/remember:
``` ```
io:p3> go run blob.go -p key.public -q key.private binding status last io:p3> cli -p key.public -q key.private binding status last
status status
io:p3> go run blob.go desc status io:p3> cli desc status
{ {
"Name": "status.html", "Name": "status.html",
"Size": 75, "Size": 75,
...@@ -304,7 +305,7 @@ rather than the binding itself. ...@@ -304,7 +305,7 @@ rather than the binding itself.
If `raw` is `true`, the binding itself should be returned. If `raw` is `true`, the binding itself should be returned.
``` ```
io:~/818/projects/p3/solution> go run blob.go dump status io:~/818/projects/p3/solution> cli dump status
{ {
"Name": "status", "Name": "status",
"Value": "sha256_32_55IEZUD6FH4FHUP5YCGXIP7SDGHZDY2RCKEV3EU45JUBLABVOZUA====", "Value": "sha256_32_55IEZUD6FH4FHUP5YCGXIP7SDGHZDY2RCKEV3EU45JUBLABVOZUA====",
...@@ -324,13 +325,13 @@ You can check your verification by using the following public key ...@@ -324,13 +325,13 @@ You can check your verification by using the following public key
**This is not what we want**, as this hash is of the public key file's recipe: **This is not what we want**, as this hash is of the public key file's recipe:
``` ```
io:~/818/projects/p3/solution> go run cli.go put key.public io:~/818/projects/p3/solution> go run cli put key.public
sha256_32_JUWSBINGL4PNJIKTUOSCJDXBHVBSDZYORGYTCCA52MP7W7QFZGIA==== sha256_32_JUWSBINGL4PNJIKTUOSCJDXBHVBSDZYORGYTCCA52MP7W7QFZGIA====
``` ```
**This is what we want:** the hash of the data in the key file **This is what we want:** the hash of the data in the key file
itself: itself:
``` ```
io:~/818/projects/p3/solution> go run cli.go putraw key.public io:~/818/projects/p3/solution> go run cli putraw key.public
sha256_32_VDFWNRKFDLDLFMN52A54NSYPPVKR2EXMUFGREHKNPGGCLIMY3SWQ==== sha256_32_VDFWNRKFDLDLFMN52A54NSYPPVKR2EXMUFGREHKNPGGCLIMY3SWQ====
``` ```
Note that this matches the public key hash in the status binding Note that this matches the public key hash in the status binding
...@@ -341,9 +342,9 @@ above. You can verify the signature now by creating ...@@ -341,9 +342,9 @@ above. You can verify the signature now by creating
A binding is updated by replacing it with a new binding using the same name. A binding is updated by replacing it with a new binding using the same name.
We can update the current status shown above by overwriting the `status` binding with a new blob name: We can update the current status shown above by overwriting the `status` binding with a new blob name:
``` ```
io:p3> go run blob.go put status2.html io:p3> cli put status2.html
sha256_32_XDZOUHLABSFPCFT456UMXZKKGODPOS4YKOMIGQZOKLQREYTOHJMQ==== sha256_32_XDZOUHLABSFPCFT456UMXZKKGODPOS4YKOMIGQZOKLQREYTOHJMQ====
io:p3> go run blob.go -p key.public -q key.private binding status last io:p3> cli -p key.public -q key.private binding status last
status status
io:p3> curl 'localhost:8000/status' io:p3> curl 'localhost:8000/status'
<center> <center>
...@@ -361,7 +362,7 @@ Assuming the public key is in the store, as described above, you will ...@@ -361,7 +362,7 @@ Assuming the public key is in the store, as described above, you will
not need to pass either key to the blob client at the command line. not need to pass either key to the blob client at the command line.
``` ```
io:~/818/projects/p3/solution> go run blob.go verifybinding status io:~/818/projects/p3/solution> cli verifybinding status
Verification of "status" w/ key.public succeeded Verification of "status" w/ key.public succeeded
``` ```
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment