require and generate source address tokens in crypto setup

fixes #121
2016-05-24 11:20:06 +02:00
parent e2254f1bbd
commit fa2e34d360
8 changed files with 172 additions and 40 deletions
--- a/crypto/source_address_token.go
+++ b/crypto/source_address_token.go
@@ -18,6 +18,14 @@ import (
 	"golang.org/x/crypto/hkdf"
 )

+// StkSource is used to create and verify source address tokens
+type StkSource interface {
+	// NewToken creates a new token for a given IP address
+	NewToken(ip net.IP) ([]byte, error)
+	// VerifyToken verifies if a token matches a given IP address and is not outdated
+	VerifyToken(ip net.IP, data []byte) error
+}
+
 type sourceAddressToken struct {
 	ip net.IP
 	// unix timestamp in seconds
@@ -51,7 +59,8 @@ const stkKeySize = 16
 // at 16 :)
 const stkNonceSize = 16

-func newStkSource(secret []byte) (*stkSource, error) {
+// NewStkSource creates a source for source address tokens
+func NewStkSource(secret []byte) (StkSource, error) {
 	key, err := deriveKey(secret)
 	if err != nil {
 		return nil, err
--- a/crypto/source_address_token_test.go
+++ b/crypto/source_address_token_test.go
@@ -52,7 +52,8 @@ var _ = Describe("Source Address Tokens", func() {
 			Expect(ip6).NotTo(BeEmpty())

 			secret = []byte("TESTING")
-			source, err = newStkSource(secret)
+			sourceI, err := NewStkSource(secret)
+			source = sourceI.(*stkSource)
 			Expect(err).NotTo(HaveOccurred())
 		})