Use encryption for bypass

This commit is contained in:
Kovid Goyal
2023-06-30 18:27:27 +05:30
parent 6d1dd50546
commit aa86b98eee
5 changed files with 86 additions and 11 deletions

View File

@@ -361,7 +361,13 @@ func (self *SendManager) start_transfer() string {
func (self *SendManager) initialize() {
if self.bypass != "" {
self.bypass = encode_bypass(self.request_id, self.bypass)
q, err := encode_bypass(self.request_id, self.bypass)
if err == nil {
self.bypass = q
} else {
fmt.Fprintln(os.Stderr, "Ignoring password because of error:", err)
}
}
self.fid_map = make(map[string]*File, len(self.files))
for _, f := range self.files {

View File

@@ -4,13 +4,13 @@ package transfer
import (
"crypto/rand"
"crypto/sha256"
"encoding/hex"
"fmt"
"os"
"path/filepath"
"strings"
"kitty/tools/crypto"
"kitty/tools/utils"
)
@@ -33,10 +33,20 @@ func home_path() string {
return global_home
}
func encode_bypass(request_id string, bypass string) string {
func encode_bypass(request_id string, bypass string) (string, error) {
q := request_id + ";" + bypass
sum := sha256.Sum256(utils.UnsafeStringToBytes(q))
return fmt.Sprintf("sha256:%x", sum)
if pkey_encoded := os.Getenv("KITTY_PUBLIC_KEY"); pkey_encoded != "" {
encryption_protocol, pubkey, err := crypto.DecodePublicKey(pkey_encoded)
if err != nil {
return "", err
}
encrypted, err := crypto.Encrypt_data(utils.UnsafeStringToBytes(q), pubkey, encryption_protocol)
if err != nil {
return "", err
}
return fmt.Sprintf("kitty-1:%s", utils.UnsafeBytesToString(encrypted)), nil
}
return "", fmt.Errorf("KITTY_PUBLIC_KEY env var not set, cannot transmit password securely")
}
func abspath(path string, use_home ...bool) string {