Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide Example for presharedkey implementation #41

Open
Ange-Cesari opened this issue Dec 7, 2023 · 1 comment
Open

Provide Example for presharedkey implementation #41

Ange-Cesari opened this issue Dec 7, 2023 · 1 comment

Comments

@Ange-Cesari
Copy link

Hi,

The issue with the presharedkey seems to have been fixed (#11). Currently, there is no example (server, userspace or client) to provide a presharedkey.

In the following snippet of code from server.rs file you created 10 peers, you sat them up and you configured them :

for peer_id in 3..13 {
    let secret = EphemeralSecret::random();
    let key = PublicKey::from(&secret);
    let peer_key: Key = key.as_ref().try_into().unwrap();
    peer_keys.push(peer_key.clone());
    let mut peer = Peer::new(peer_key)
    let addr = IpAddrMask::from_str(&format!("10.20.30.{peer_id}/32")).unwrap();
    peer.allowed_ips.push(addr);
    wgapi.configure_peer(&peer)?;
}

Would it be possible to have an example on how to create the presharedkey from your library and set it to a peer?

I didn't see any setter for the presharedkey in the Peer implementation. Is it somewhere else ?

would something like this be sufficient ?

let presharedkeysecret = EphemeralSecret::random();
peer.presharedkey.push(presharedkeysecret);

Thanks,
Ange
@Ange-Cesari
Copy link
Author

Hi,

Here is a little insights for people that want to know how to implement it :

You can insert your preshared key inside the peer using the insert method.

Let's take the example again. In the for loop, we first create the secret then we create the Publickey from the secret, push the peer key in the vec named peer_keys, then create a peer from the public key, create an address according to the peer id and then push in the allowed_ips field of the structure peer, then configure the peer to be written on the API.

This workflow does not include the preshared_keys yet. To do so, you must bear in mind that the preshared_keys are a type Key (same type as the key used to create the peer)

To create the key simply do :

let peer_psk_secret = StaticSecret::random();
let peer_u8_psk: [u8; 32] = peer_psk_secret.to_bytes().as_ref().try_into().expect(could not convert static secret to u8)
let peer_psk_key: Key = peer_psk_secret.as_ref().try_into().expect("could not convert key u8 to key")
peer.preshared_keys.insert(peer_psk_key)

There might be unecessary steps for conversions but It works well for me.
Maybe @teon or @wojcik91 can add a sample of this to the server.rs example

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Ange-Cesari