mirrors/opus
1
0
Fork 0
mirror of https://github.com/kepler155c/opus synced 2025-10-31 15:43:00 +00:00
Code Issues Releases Wiki Activity

security start

Browse Source
This commit is contained in:
kepler155c@gmail.com
2017-05-05 07:34:20 -04:00
parent 2e5267896e
commit cc4f8a0afc
5 changed files with 148 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
apps/password.lua Normal file
View File

@@ -0,0 +1,18 @@
require = requireInjector(getfenv(1))
local Config = require('config')
local SHA1 = require('sha1')
local config = {
enable = false,
pocketId = 10,
distance = 8,
}
Config.load('os', config)
print('Enter new password')
local password = read()
config.password = SHA1.sha1(password)
Config.update('os', config)

56
apps/trust.lua Normal file
View File

@@ -0,0 +1,56 @@
require = requireInjector(getfenv(1))
local Socket = require('socket')
local SHA1 = require('sha1')
local remoteId
local args = { ... }
local exchange = {
base = 11,
primeMod = 625210769
}
if #args == 1 then
remoteId = tonumber(args[1])
else
print('Enter host ID')
remoteId = tonumber(read())
end
if not remoteId then
error('Syntax: trust <host ID>')
end
print('Password')
local password = read()
print('connecting...')
local socket = Socket.connect(remoteId, 19)
if not socket then
error('Unable to connect to ' .. remoteId .. ' on port 19')
end
local function modexp(base, exponent, modulo)
local remainder = base
for i = 1, exponent-1 do
remainder = remainder * remainder
if remainder >= modulo then
remainder = remainder % modulo
end
end
return remainder
end
local secretKey = os.getSecretKey()
local publicKey = modexp(exchange.base, secretKey, exchange.primeMod)
socket:write({
password = SHA1.sha1(password),
publicKey = publicKey,
})
print(socket:read(2) or 'No response')
socket:close()

41
sys/apis/socket.lua
View File

@@ -1,7 +1,28 @@
local Logger = require('logger') local Logger = require('logger')
local socketClass = { } local socketClass = { }
local trustList = Util.readTable('.known_hosts') local trustList = Util.readTable('.known_hosts') or { }
local exchange = {
base = 11,
primeMod = 625210769
}
local function modexp(base, exponent, modulo)
local remainder = base
for i = 1, exponent-1 do
remainder = remainder * remainder
if remainder >= modulo then
remainder = remainder % modulo
end
end
return remainder
end
exchange.secretKey = os.getSecretKey()
exchange.publicKey = modexp(exchange.base, exchange.secretKey, exchange.primeMod)
function socketClass:read(timeout) function socketClass:read(timeout)
@@ -148,6 +169,7 @@ function Socket.connect(host, port)
type = 'OPEN', type = 'OPEN',
shost = socket.shost, shost = socket.shost,
dhost = socket.dhost, dhost = socket.dhost,
sharedKey = exchange.publicKey,
}) })
local timerId = os.startTimer(3) local timerId = os.startTimer(3)
@@ -175,11 +197,18 @@ function Socket.connect(host, port)
socket:close() socket:close()
end end
function trusted(msg) function trusted(msg, port)
if trustList then
return trustList[msg.shost] if port == 19 then -- no auth for trust server
return true
end
local pubKey = trustList[msg.shost]
if pubKey then
--local sharedKey = modexp(pubKey, exchange.secretKey, public.primeMod)
return pubKey == msg.sharedKey
end end
return true
end end
function Socket.server(port, keepAlive) function Socket.server(port, keepAlive)
@@ -195,7 +224,7 @@ function Socket.server(port, keepAlive)
msg.dhost == os.getComputerID() and msg.dhost == os.getComputerID() and
msg.type == 'OPEN' then msg.type == 'OPEN' then
if trusted(msg) then if trusted(msg, port) then
local socket = newSocket(msg.shost == os.getComputerID()) local socket = newSocket(msg.shost == os.getComputerID())
socket.dport = dport socket.dport = dport
socket.dhost = msg.shost socket.dhost = msg.shost

15
sys/extensions/os.lua
View File

@@ -7,8 +7,6 @@ local config = {
distance = 8, distance = 8,
} }
Config.load('lock', config)
local lockId local lockId
function lockScreen() function lockScreen()
@@ -40,6 +38,7 @@ function lockScreen()
function page:eventHandler(event) function page:eventHandler(event)
if event.type == 'key' and event.key == 'enter' then if event.type == 'key' and event.key == 'enter' then
Config.load('os', config)
if SHA1.sha1(self.password.value) == config.password then if SHA1.sha1(self.password.value) == config.password then
os.locked = false os.locked = false
Event.exitPullEvents() Event.exitPullEvents()
@@ -56,6 +55,18 @@ function lockScreen()
Event.pullEvents() Event.pullEvents()
end end
function os.verifyPassword(password)
Config.load('os', config)
return config.password and password == config.password
end
function os.getSecretKey()
if not fs.exists('.secret') then
Util.writeFile('.secret', math.random(100000, 999999))
end
return Util.readFile('.secret')
end
os.lock = function() os.lock = function()
--os.locked = true --os.locked = true

26
sys/network/trust.lua Normal file
View File

@@ -0,0 +1,26 @@
local Socket = require('socket')
local process = require('process')
process:newThread('trust_server', function()
print('trust: listening on port 19')
while true do
local socket = Socket.server(19)
print('trust: connection from ' .. socket.dhost)
local data = socket:read(2)
if data then
if os.verifyPassword(data.password) then
local trustList = Util.readTable('.known_hosts') or { }
trustList[socket.dhost] = data.publicKey
Util.writeTable('.known_hosts', trustList)
socket:write('Trust accepted')
else
socket:write('Invalid password or password is not set')
end
end
socket:close()
end
end)