From cc255be4c5886a83c91e9c5fffe5f324f35cabd7 Mon Sep 17 00:00:00 2001
From: Simon Eisenmann <simon@longsleep.org>
Date: Sun, 15 Jun 2014 13:19:04 +0200
Subject: [PATCH] Added encryption to sessions and contact tokens to protect
 data.

---
 server.conf.in                       |  5 +++++
 src/app/spreed-webrtc-server/hub.go  | 30 ++++++++++++++++++----------
 src/app/spreed-webrtc-server/main.go |  7 ++++++-
 3 files changed, 30 insertions(+), 12 deletions(-)

diff --git a/server.conf.in b/server.conf.in
index 9a9257d1..8b8c1d27 100644
--- a/server.conf.in
+++ b/server.conf.in
@@ -60,6 +60,11 @@ listen = 127.0.0.1:8080
 ; Session secret to use for session id generator. 32 or 64 bytes of random data
 ; are recommented.
 sessionSecret = the-default-secret-do-not-keep-me
+; Encryption secret protecting the data in generated server side tokens. Use
+; 16, 24, or 32 bytes to select AES-128, AES-192, or AES-256. When you change
+; the encryption secret, stored authentications, sessions and contacts become
+; invalid.
+encryptionSecret = tne-default-encryption-block-key
 ; Full path to a text file containig client tokens which a user needs to enter
 ; when accessing the web client. Each line in this file represents a valid
 ; token.
diff --git a/src/app/spreed-webrtc-server/hub.go b/src/app/spreed-webrtc-server/hub.go
index 15a1cb0f..4972632f 100644
--- a/src/app/spreed-webrtc-server/hub.go
+++ b/src/app/spreed-webrtc-server/hub.go
@@ -23,6 +23,7 @@ package main
 
 import (
 	"bytes"
+	"crypto/aes"
 	"crypto/hmac"
 	"crypto/sha1"
 	"crypto/sha256"
@@ -72,6 +73,7 @@ type Hub struct {
 	version               string
 	config                *Config
 	sessionSecret         []byte
+	encryptionSecret      []byte
 	turnSecret            []byte
 	tickets               *securecookie.SecureCookie
 	count                 uint64
@@ -86,29 +88,35 @@ type Hub struct {
 	contacts              *securecookie.SecureCookie
 }
 
-func NewHub(version string, config *Config, sessionSecret, turnSecret, realm string) *Hub {
+func NewHub(version string, config *Config, sessionSecret, encryptionSecret, turnSecret, realm string) *Hub {
 
 	h := &Hub{
-		connectionTable: make(map[string]*Connection),
-		sessionTable:    make(map[string]*Session),
-		roomTable:       make(map[string]*RoomWorker),
-		version:         version,
-		config:          config,
-		sessionSecret:   []byte(sessionSecret),
-		turnSecret:      []byte(turnSecret),
-		realm:           realm,
+		connectionTable:  make(map[string]*Connection),
+		sessionTable:     make(map[string]*Session),
+		roomTable:        make(map[string]*RoomWorker),
+		version:          version,
+		config:           config,
+		sessionSecret:    []byte(sessionSecret),
+		encryptionSecret: []byte(encryptionSecret),
+		turnSecret:       []byte(turnSecret),
+		realm:            realm,
 	}
 
 	if len(h.sessionSecret) < 32 {
 		log.Printf("Weak sessionSecret (only %d bytes). It is recommended to use a key with 32 or 64 bytes.\n", len(h.sessionSecret))
 	}
 
-	h.tickets = securecookie.New(h.sessionSecret, nil)
+	h.tickets = securecookie.New(h.sessionSecret, h.encryptionSecret)
+	h.tickets.MaxAge(86400 * 30) // 30 days
+	h.tickets.HashFunc(sha256.New)
+	h.tickets.BlockFunc(aes.NewCipher)
 	h.buffers = NewBufferCache(1024, bytes.MinRead)
 	h.buddyImages = NewImageCache()
 	h.tokenName = fmt.Sprintf("token@%s", h.realm)
-	h.contacts = securecookie.New(h.sessionSecret, nil)
+	h.contacts = securecookie.New(h.sessionSecret, h.encryptionSecret)
 	h.contacts.MaxAge(0)
+	h.contacts.HashFunc(sha256.New)
+	h.contacts.BlockFunc(aes.NewCipher)
 	return h
 
 }
diff --git a/src/app/spreed-webrtc-server/main.go b/src/app/spreed-webrtc-server/main.go
index 46d9eebd..3f1111b3 100644
--- a/src/app/spreed-webrtc-server/main.go
+++ b/src/app/spreed-webrtc-server/main.go
@@ -211,6 +211,11 @@ func runner(runtime phoenix.Runtime) error {
 		return fmt.Errorf("No sessionSecret in config file.")
 	}
 
+	encryptionSecret, err := runtime.GetString("app", "encryptionSecret")
+	if err != nil {
+		return fmt.Errorf("No encryptionSecret in config file.")
+	}
+
 	tokenFile, err := runtime.GetString("app", "tokenFile")
 	if err == nil {
 		if !httputils.HasFilePath(path.Clean(tokenFile)) {
@@ -340,7 +345,7 @@ func runner(runtime phoenix.Runtime) error {
 	computedRealm := fmt.Sprintf("%s.%s", serverRealm, serverToken)
 
 	// Create our hub instance.
-	hub := NewHub(runtimeVersion, config, sessionSecret, turnSecret, computedRealm)
+	hub := NewHub(runtimeVersion, config, sessionSecret, encryptionSecret, turnSecret, computedRealm)
 
 	// Set number of go routines if it is 1
 	if goruntime.GOMAXPROCS(0) == 1 {