Server now returns paired == 1
This commit is contained in:
@@ -3,6 +3,7 @@ use axum::http::StatusCode;
|
||||
use axum::response::{IntoResponse, Response};
|
||||
use openssl::hash::MessageDigest;
|
||||
use openssl::sha::Sha256;
|
||||
use rand::Rng;
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
use openssl::pkey::{PKey, Private};
|
||||
@@ -79,7 +80,7 @@ async fn get_url(base_url: &mut url_constructor::UrlConstructor) -> Result<Strin
|
||||
let uuidv2_hex = hex::encode(uuidv2);
|
||||
|
||||
let url = base_url.param("uuid", uuidv2_hex).build();
|
||||
println!("Getting url: {url}");
|
||||
//println!("Getting url: {url}");
|
||||
|
||||
let mut http_builder = reqwest::Client::builder();
|
||||
http_builder = http_builder.user_agent("Mozilla/5.0");
|
||||
@@ -168,6 +169,9 @@ fn generate_challenge_response(
|
||||
)?;
|
||||
cipher_ctx.cipher_final(&mut client_challenge_response_data)?;
|
||||
|
||||
let client_challenge_response_data_hex = hex::encode(&client_challenge_response_data);
|
||||
//println!("client_challenge_response_data_hex: {client_challenge_response_data_hex}");
|
||||
|
||||
// Extract ASN.1 signature from certificate
|
||||
let asn_signature = cert.signature();
|
||||
let signature_data = asn_signature.as_slice();
|
||||
@@ -176,9 +180,13 @@ fn generate_challenge_response(
|
||||
let mut challenge_response =
|
||||
Vec::with_capacity(16 + signature_data.len() + client_secret_data.len());
|
||||
challenge_response.extend_from_slice(&client_challenge_response_data[32..32 + 16]);
|
||||
//challenge_response.extend_from_slice(&client_challenge_response_data[0..16]);
|
||||
challenge_response.extend_from_slice(signature_data);
|
||||
challenge_response.extend_from_slice(client_secret_data);
|
||||
|
||||
let challenge_response_hex = hex::encode(&challenge_response);
|
||||
//println!("challenge_response_hex: {challenge_response_hex}");
|
||||
|
||||
let mut hasher = Sha256::new();
|
||||
hasher.update(&challenge_response);
|
||||
let challenge_response_hash = hasher.finish().to_vec();
|
||||
@@ -228,9 +236,11 @@ async fn do_challenge(
|
||||
cert: &X509,
|
||||
) -> Result<ServerPairingSecret> {
|
||||
let aes_key = generate_aes_key(salt, pin).await;
|
||||
let aes_hex = hex::encode(&aes_key);
|
||||
//println!("aes_hex: {aes_hex}");
|
||||
|
||||
let client_challenge_response = get_server_challenge(base_url.clone(), &aes_key).await?;
|
||||
println!("{client_challenge_response:?}");
|
||||
//println!("{client_challenge_response:?}");
|
||||
|
||||
let challenge_response = generate_challenge_response(
|
||||
client_challenge_response.challengeresponse,
|
||||
@@ -274,10 +284,8 @@ pub async fn generate_pin() -> [u8; 4] {
|
||||
// TODO: reenable real RNG
|
||||
let mut rng = rand::rng();
|
||||
for i in 0..pin.len() {
|
||||
pin[i] = 5;
|
||||
//TODO: reenable random pin
|
||||
// pin[i] = rng.random_range(0..10);
|
||||
print!("{}", pin[i]);
|
||||
pin[i] = rng.random_range(48..58); // Generate ascii number 0-9
|
||||
print!("{}", pin[i] as char);
|
||||
}
|
||||
// Print as a four-digit, zero-padded integer
|
||||
println!("");
|
||||
@@ -388,7 +396,7 @@ pub async fn get_pair(Path((host, port)): Path<(String, u16)>) -> Response {
|
||||
return StatusCode::INTERNAL_SERVER_ERROR.into_response();
|
||||
}
|
||||
};
|
||||
println!("{server_cert:?}");
|
||||
//println!("{server_cert:?}");
|
||||
|
||||
// Do the challenge response process
|
||||
// This returns the pairing secret
|
||||
@@ -400,7 +408,7 @@ pub async fn get_pair(Path((host, port)): Path<(String, u16)>) -> Response {
|
||||
return StatusCode::INTERNAL_SERVER_ERROR.into_response();
|
||||
}
|
||||
};
|
||||
println!("{server_pairing_secret:?}");
|
||||
//println!("{server_pairing_secret:?}");
|
||||
|
||||
// Verify the pairing_secret signature
|
||||
if let Err(e) = verify_signature(
|
||||
|
||||
Reference in New Issue
Block a user