aljaz/cyphernode
1
0
Fork 0
mirror of https://github.com/aljazceru/cyphernode.git synced 2025-12-18 21:25:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fixed hashed msg by openssl in auth.sh, the JS client and the docs

Browse Source
This commit is contained in:
kexkey
2018-10-21 22:35:55 -04:00
parent 4f5ad9a01c
commit 2f3097f4fd
5 changed files with 106 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
api_auth_docker/README.md
View File

@@ -127,13 +127,13 @@ curl -v -H "Authorization: Bearer hhh.ppp.sss" localhost
10 seconds request expiration: 10 seconds request expiration:
```shell ```shell
id="001";h64=$(echo "{\"alg\":\"HS256\",\"typ\":\"JWT\"}" | base64);p64=$(echo "{\"id\":\"$id\",\"exp\":$((`date +"%s"`+10))}" | base64);k="2df1eeea370eacdc5cf7e96c2d82140d1568079a5d4d87006ec8718a98883b36";s=$(echo "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r | cut -sd ' ' -f1);token="$h64.$p64.$s";curl -v -H "Authorization: Bearer $token" -k https://localhost/getbestblockhash id="001";h64=$(echo "{\"alg\":\"HS256\",\"typ\":\"JWT\"}" | base64);p64=$(echo "{\"id\":\"$id\",\"exp\":$((`date +"%s"`+10))}" | base64);k="2df1eeea370eacdc5cf7e96c2d82140d1568079a5d4d87006ec8718a98883b36";s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r | cut -sd ' ' -f1);token="$h64.$p64.$s";curl -v -H "Authorization: Bearer $token" -k https://localhost/getbestblockhash
``` ```
60 seconds request expiration: 60 seconds request expiration:
```shell ```shell
id="001";h64=$(echo "{\"alg\":\"HS256\",\"typ\":\"JWT\"}" | base64);p64=$(echo "{\"id\":\"$id\",\"exp\":$((`date +"%s"`+60))}" | base64);k="2df1eeea370eacdc5cf7e96c2d82140d1568079a5d4d87006ec8718a98883b36";s=$(echo "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r | cut -sd ' ' -f1);token="$h64.$p64.$s";curl -v -H "Authorization: Bearer $token" -k https://localhost/getbestblockhash id="001";h64=$(echo "{\"alg\":\"HS256\",\"typ\":\"JWT\"}" | base64);p64=$(echo "{\"id\":\"$id\",\"exp\":$((`date +"%s"`+60))}" | base64);k="2df1eeea370eacdc5cf7e96c2d82140d1568079a5d4d87006ec8718a98883b36";s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r | cut -sd ' ' -f1);token="$h64.$p64.$s";curl -v -H "Authorization: Bearer $token" -k https://localhost/getbestblockhash
``` ```
## Technicalities ## Technicalities
@@ -142,6 +142,6 @@ id="001";h64=$(echo "{\"alg\":\"HS256\",\"typ\":\"JWT\"}" | base64);p64=$(echo "
h64=$(echo "{\"alg\":\"HS256\",\"typ\":\"JWT\"}" | base64) h64=$(echo "{\"alg\":\"HS256\",\"typ\":\"JWT\"}" | base64)
p64=$(echo "{\"id\":\"001\",\"exp\":$((`date +"%s"`+10))}" | base64) p64=$(echo "{\"id\":\"001\",\"exp\":$((`date +"%s"`+10))}" | base64)
k="2df1eeea370eacdc5cf7e96c2d82140d1568079a5d4d87006ec8718a98883b36" k="2df1eeea370eacdc5cf7e96c2d82140d1568079a5d4d87006ec8718a98883b36"
s=$(echo "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r | cut -sd ' ' -f1) s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$k" -sha256 -r | cut -sd ' ' -f1)
token="$h64.$p64.$s" token="$h64.$p64.$s"
``` ```

5
api_auth_docker/auth.sh
View File

@@ -54,8 +54,11 @@ verify_sign()
local key local key
eval key='$ukey_'$id eval key='$ukey_'$id
trace "[verify_sign] key=${key}" trace "[verify_sign] key=${key}"
local comp_sign=$(echo "${header64}.${payload64}" | openssl dgst -hmac "${key}" -sha256 -r | cut -sd ' ' -f1)
local msg="${header64}.${payload64}"
trace "[verify_sign] msg=${msg}"
local comp_sign=$(echo -n "${msg}" | openssl dgst -hmac "${key}" -sha256 -r | cut -sd ' ' -f1)
trace "[verify_sign] comp_sign=${comp_sign}" trace "[verify_sign] comp_sign=${comp_sign}"
if [ "${comp_sign}" = "${signature}" ]; then if [ "${comp_sign}" = "${signature}" ]; then

71
clients/javascript/cyphernode-client.js
View File

@@ -1,24 +1,54 @@
//var createHmac = require('create-hmac')
//var crypto = require("crypto");
CyphernodeClient = function(is_prod) { CyphernodeClient = function(is_prod) {
this.baseURL = is_prod ? 'https://cyphernode:443' : 'https://cyphernode-dev:443' this.baseURL = is_prod ? 'https://cyphernode:443' : 'https://cyphernode-dev:443'
this.h64 = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9Cg==' this.h64 = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9Cg=='
this.api_id = Meteor.settings.CYPHERNODE.api_id
this.api_key = Meteor.settings.CYPHERNODE.api_key this.api_key = Meteor.settings.CYPHERNODE.api_key
}; };
CyphernodeClient.prototype._generateToken = function() {
// console.log("api_id=" + this.api_id)
// console.log("api_key=" + this.api_key)
let current = Math.round(new Date().getTime()/1000) + 10
let p = '{"id":"' + this.api_id + '","exp":' + current + '}'
// console.log("p=" + p)
let p64 = Buffer.from(p).toString('base64')
let msg = this.h64 + '.' + p64
// console.log("msg=" + msg)
let s = CryptoJS.HmacSHA256(msg, this.api_key).toString()
// let s2 = createHmac('sha256', this.api_key).update(msg).digest('hex')
// let s3 = crypto.createHmac('sha256', this.api_key).update(msg).digest('hex');
// console.log("s=" + s)
// console.log("s2=" + s2)
// console.log("s3=" + s3)
let token = msg + '.' + s
// console.log("token=" + token)
return token
}
CyphernodeClient.prototype._post = function(url, postdata, cb) { CyphernodeClient.prototype._post = function(url, postdata, cb) {
let urlr = this.baseURL + url; let urlr = this.baseURL + url;
let current = Math.round(new Date().getTime/1000) + 10 HTTP.post(urlr,
let p64 = btoa('{"id":"${id}","exp":' + current + '}')
let s = CryptoJS.HmacSHA256(p64, this.api_key).toString()
let token = this.h64 + '.' + p64 + '.' + s
HTTP.post(
urlr,
{ {
data: postdata, data: postdata,
headers: {'Content-Type': 'application/json', npmRequestOptions: {
'Authorization': 'Bearer ' + token}, strictSSL: false,
agentOptions: {
rejectUnauthorized: false
}
},
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + this._generateToken()
}
}, function (err, resp) { }, function (err, resp) {
// console.log(err)
// console.log(resp)
cb(err, resp.data) cb(err, resp.data)
} }
) )
@@ -27,14 +57,23 @@ CyphernodeClient.prototype._post = function(url, postdata, cb) {
CyphernodeClient.prototype._get = function(url, cb) { CyphernodeClient.prototype._get = function(url, cb) {
let urlr = this.baseURL + url; let urlr = this.baseURL + url;
let current = Math.round(new Date().getTime/1000) + 10 HTTP.get(urlr,
let p64 = btoa('{"id":"${id}","exp":' + current + '}') {
let s = CryptoJS.HmacSHA256(p64, this.api_key).toString() npmRequestOptions: {
let token = this.h64 + '.' + p64 + '.' + s strictSSL: false,
agentOptions: {
HTTP.get(urlr, {headers: {'Authorization': 'Bearer ' + token}}, function (err, resp) { rejectUnauthorized: false
}
},
headers: {
'Authorization': 'Bearer ' + this._generateToken()
}
}, function (err, resp) {
// console.log(err)
// console.log(resp)
cb(err, resp.data) cb(err, resp.data)
}) }
)
}; };
CyphernodeClient.prototype.watch = function(btcaddr, cb0conf, cb1conf, cbreply) { CyphernodeClient.prototype.watch = function(btcaddr, cb0conf, cb1conf, cbreply) {

2
clients/shell/cyphernode-client.sh
View File

@@ -8,7 +8,7 @@ invoke_cyphernode()
local post=${2} local post=${2}
local p64=$(echo "{\"id\":\"${id}\",\"exp\":$((`date +"%s"`+10))}" | base64) local p64=$(echo "{\"id\":\"${id}\",\"exp\":$((`date +"%s"`+10))}" | base64)
local s=$(echo "$h64.$p64" | openssl dgst -hmac "$key" -sha256 -r | cut -sd ' ' -f1) local s=$(echo -n "$h64.$p64" | openssl dgst -hmac "$key" -sha256 -r | cut -sd ' ' -f1)
local token="$h64.$p64.$s" local token="$h64.$p64.$s"
if [ -n "${post}" ]; then if [ -n "${post}" ]; then

10
proxy_docker/README.md
View File

@@ -26,6 +26,16 @@ DERIVATION_PATH=0/n
WATCHER_BTC_NODE_PRUNED=false WATCHER_BTC_NODE_PRUNED=false
``` ```
## Choose the right architecture
...by modifying the following line in Dockerfile:
```shell
COPY app/bin/lightning-cli_x86 ${HOME}/lightning-cli
```
...to lightning-cli_arm if running on a RPi.
## Building docker image ## Building docker image
```shell ```shell