xs/hkexchan.gox

/*  Herradura - a Key exchange scheme in the style of Diffie-Hellman Key Exchange.
    Copyright (C) 2017 Omar Alejandro Herrera Reyna

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <https://www.gnu.org/licenses/>.

    golang implementation by Russ Magee (rmagee_at_gmail.com) */
package herradurakex

import (
	"crypto/aes"
	"crypto/cipher"
	"fmt"
	"io"
	"math/big"
	"os"
)

const (
	C_AES_256 = 0
)

const (
	H_SHA256 = 0
)

/*TODO: HMAC derived from HKEx FA.*/
/* Auxilliary functionality to set up encryption after a channel has
been negotiated via hkexnet.go -- set up encryption algs with key, IV,
*/
func (hd Conn) cryptoSetup(keymat *big.Int, flags uint32, r io.Reader) (ret io.Reader) {
	// 256 algs should be enough for everybody.(tm)
	var key []byte
	var block cipher.Block

	cipherAlg := (flags & 8)
	//TODO: flags for HMAC from keymat
	switch cipherAlg {
	case C_AES_256:
		key = keymat.Bytes()[0:aes.BlockSize]
		block, err := aes.NewCipher(key)
		break
	default:
		fmt.Println("DOOFUS SET A VALID CIPHER ALG")
		block, err := aes.NewCipher(key)
		os.Exit(1)
	}

	// If the key is unique for each ciphertext, then it's ok to use a zero
	// IV.
	var iv [aes.BlockSize]byte
	stream := cipher.NewOFB(block, iv[:])

	ret = &cipher.StreamReader{S: stream, R: inFile}
	// Copy the input file to the output file, decrypting as we go.
	if _, err := io.Copy(outFile, reader); err != nil {
		panic(err)
	}

	// Note that this example is simplistic in that it omits any
	// authentication of the encrypted data. If you were actually to use
	// StreamReader in this manner, an attacker could flip arbitrary bits in
	// the output.
	return
}
Added concept for cipher setup -- nonworking (hkexchan.gox) 2018-01-09 04:23:19 +00:00			`/* Herradura - a Key exchange scheme in the style of Diffie-Hellman Key Exchange.`
			`Copyright (C) 2017 Omar Alejandro Herrera Reyna`

			`This program is free software: you can redistribute it and/or modify`
			`it under the terms of the GNU General Public License as published by`
			`the Free Software Foundation, either version 3 of the License, or`
			`(at your option) any later version.`

			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more details.`

			`You should have received a copy of the GNU General Public License`
			`along with this program. If not, see <https://www.gnu.org/licenses/>.`

			`golang implementation by Russ Magee (rmagee_at_gmail.com) */`
			`package herradurakex`

			`import (`
			`"crypto/aes"`
			`"crypto/cipher"`
			`"fmt"`
			`"io"`
			`"math/big"`
			`"os"`
			`)`

			`const (`
			`C_AES_256 = 0`
			`)`

			`const (`
			`H_SHA256 = 0`
			`)`

			`/TODO: HMAC derived from HKEx FA./`
			`/* Auxilliary functionality to set up encryption after a channel has`
			`been negotiated via hkexnet.go -- set up encryption algs with key, IV,`
			`*/`
			`func (hd Conn) cryptoSetup(keymat *big.Int, flags uint32, r io.Reader) (ret io.Reader) {`
			`// 256 algs should be enough for everybody.(tm)`
			`var key []byte`
			`var block cipher.Block`

			`cipherAlg := (flags & 8)`
			`//TODO: flags for HMAC from keymat`
			`switch cipherAlg {`
			`case C_AES_256:`
			`key = keymat.Bytes()[0:aes.BlockSize]`
			`block, err := aes.NewCipher(key)`
			`break`
			`default:`
			`fmt.Println("DOOFUS SET A VALID CIPHER ALG")`
			`block, err := aes.NewCipher(key)`
			`os.Exit(1)`
			`}`

			`// If the key is unique for each ciphertext, then it's ok to use a zero`
			`// IV.`
			`var iv [aes.BlockSize]byte`
			`stream := cipher.NewOFB(block, iv[:])`

			`ret = &cipher.StreamReader{S: stream, R: inFile}`
			`// Copy the input file to the output file, decrypting as we go.`
			`if _, err := io.Copy(outFile, reader); err != nil {`
			`panic(err)`
			`}`

			`// Note that this example is simplistic in that it omits any`
			`// authentication of the encrypted data. If you were actually to use`
			`// StreamReader in this manner, an attacker could flip arbitrary bits in`
			`// the output.`
			`return`
			`}`