-
Notifications
You must be signed in to change notification settings - Fork 8
/
session_creator.go
114 lines (93 loc) · 2.37 KB
/
session_creator.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
package client
import (
"crypto/rsa"
"crypto/x509"
"encoding/json"
"fmt"
"io/ioutil"
"net/http"
"github.com/mozillazg/request"
"github.com/golang-devops/go-psexec/shared"
"github.com/golang-devops/go-psexec/shared/dtos"
)
type sessionCreator struct {
pvtKey *rsa.PrivateKey
baseServerUrl string
dto *dtos.GenTokenResponseDto
sessionToken []byte
msg *dtos.GenTokenResponseMessage
serverPubKey *rsa.PublicKey
}
func (s *sessionCreator) RequestToken() error {
pubPKIXBytes, err := x509.MarshalPKIXPublicKey(&s.pvtKey.PublicKey)
if err != nil {
return err
}
c := new(http.Client)
req := request.NewRequest(c)
req.Json = &dtos.GetTokenRequestDto{pubPKIXBytes}
url := combineServerUrl(s.baseServerUrl, "/token")
resp, err := req.Post(url)
if err != nil {
return err
}
defer resp.Body.Close()
if resp.StatusCode != 200 {
return fmt.Errorf("Code: %d - %s", resp.StatusCode, resp.Status)
}
responseBytes, err := ioutil.ReadAll(resp.Body)
if err != nil {
return err
}
dto := &dtos.GenTokenResponseDto{}
err = json.Unmarshal(responseBytes, dto)
if err != nil {
return err
}
s.dto = dto
return nil
}
func (s *sessionCreator) DecryptSessionTokenWithPrivateKey() error {
sessionToken, err := shared.DecryptWithPrivateKey(s.pvtKey, s.dto.EncryptedSessionToken)
if err != nil {
return err
}
s.sessionToken = sessionToken
return nil
}
func (s *sessionCreator) DecryptMessageWithSessionToken() error {
jsonMessage, err := shared.DecryptSymmetric(s.sessionToken, s.dto.EncryptedMessage)
if err != nil {
return err
}
msg := &dtos.GenTokenResponseMessage{}
err = json.Unmarshal(jsonMessage, msg)
if err != nil {
return err
}
s.msg = msg
return nil
}
func (s *sessionCreator) ParseServerPublicKeyFromMessage() error {
pubKeyInterface, err := x509.ParsePKIXPublicKey(s.msg.ServerPubKeyBytes)
if err != nil {
return err
}
serverPubKey, ok := pubKeyInterface.(*rsa.PublicKey)
if !ok {
return fmt.Errorf("The server public-key received is in an incorrect format")
}
s.serverPubKey = serverPubKey
return nil
}
func (s *sessionCreator) VerifyServerEncryptedSessionToken() error {
return shared.VerifySenderMessage(s.serverPubKey, s.sessionToken, s.msg.TokenEncryptionSignature)
}
func (s *sessionCreator) Create() Session {
return &session{
s.baseServerUrl,
s.msg.SessionId,
s.sessionToken,
s.serverPubKey,
}
}