Added more (explicit) sizes for all KEX algs

This commit is contained in:
Russ Magee 2018-10-12 16:16:49 -07:00
parent 361fa2a7c3
commit 5d9a110d57
3 changed files with 150 additions and 50 deletions

View file

@ -8,10 +8,22 @@
package hkexnet package hkexnet
const ( const (
KEX_HERRADURA = iota // this MUST be first for default if omitted in ctor KEX_HERRADURA256 = iota // this MUST be first for default if omitted in ctor
KEX_HERRADURA512
KEX_HERRADURA1024
KEX_HERRADURA2048
KEX_resvd4
KEX_resvd5
KEX_resvd6
KEX_resvd7
KEX_KYBER512
KEX_KYBER768 KEX_KYBER768
//KEX_DH KEX_KYBER1024
//KEX_ETC KEX_resvd11
KEX_resvd12
KEX_resvd13
KEX_resvd14
KEX_resvd15
) )
// Sent from client to server in order to specify which // Sent from client to server in order to specify which
@ -26,6 +38,7 @@ const (
CSEExecFail // cmd.Start() (exec) failed CSEExecFail // cmd.Start() (exec) failed
CSEPtyExecFail // pty.Start() (exec w/pty) failed CSEPtyExecFail // pty.Start() (exec w/pty) failed
) )
// Extended (>255 UNIX exit status) codes // Extended (>255 UNIX exit status) codes
// This indicate channel-related or internal errors // This indicate channel-related or internal errors
type CSExtendedCode uint32 type CSExtendedCode uint32
@ -37,6 +50,7 @@ const (
CSOExitStatus // Remote cmd exit status CSOExitStatus // Remote cmd exit status
CSOChaff // Dummy packet, do not pass beyond decryption CSOChaff // Dummy packet, do not pass beyond decryption
) )
// Channel status type // Channel status type
type CSOType uint32 type CSOType uint32
@ -49,6 +63,7 @@ const (
CAlgBlowfish64 // golang.org/x/crypto/blowfish CAlgBlowfish64 // golang.org/x/crypto/blowfish
CAlgNoneDisallowed CAlgNoneDisallowed
) )
// Available ciphers for hkex.Conn // Available ciphers for hkex.Conn
type CSCipherAlg uint32 type CSCipherAlg uint32
@ -57,5 +72,6 @@ const (
HmacSHA512 HmacSHA512
HmacNoneDisallowed HmacNoneDisallowed
) )
// Available HMACs for hkex.Conn (TODO: not currently used) // Available HMACs for hkex.Conn (TODO: not currently used)
type CSHmacAlg uint32 type CSHmacAlg uint32

View file

@ -141,15 +141,37 @@ func (hc *Conn) SetOpts(opts uint32) {
} }
func getkexalgnum(extensions ...string) (k KEXAlg) { func getkexalgnum(extensions ...string) (k KEXAlg) {
k = KEX_HERRADURA256 // default
for _, s := range extensions { for _, s := range extensions {
switch s { switch s {
case "KEX_HERRADURA": case "KEX_HERRADURA256":
default: log.Println("[extension arg = KEX_HERRADURA256]")
log.Println("[extension arg = KEX_HERRADURA]") k = KEX_HERRADURA256
k = KEX_HERRADURA break //out of for
case "KEX_HERRADURA512":
log.Println("[extension arg = KEX_HERRADURA512]")
k = KEX_HERRADURA512
break //out of for
case "KEX_HERRADURA1024":
log.Println("[extension arg = KEX_HERRADURA1024]")
k = KEX_HERRADURA1024
break //out of for
case "KEX_HERRADURA2048":
log.Println("[extension arg = KEX_HERRADURA2048]")
k = KEX_HERRADURA2048
break //out of for
case "KEX_KYBER512":
log.Println("[extension arg = KEX_KYBER512]")
k = KEX_KYBER512
break //out of for
case "KEX_KYBER768": case "KEX_KYBER768":
log.Println("[extension arg = KEX_KYBER768]") log.Println("[extension arg = KEX_KYBER768]")
k = KEX_KYBER768 k = KEX_KYBER768
break //out of for
case "KEX_KYBER1024":
log.Println("[extension arg = KEX_KYBER1024]")
k = KEX_KYBER1024
break //out of for
} }
} }
return return
@ -170,16 +192,24 @@ func _new(kexAlg KEXAlg, conn *net.Conn) (hc *Conn, e error) {
*hc.closeStat = CSEStillOpen // open or prematurely-closed status *hc.closeStat = CSEStillOpen // open or prematurely-closed status
// Set up KEx/KEM-specifics // Set up KEx/KEM-specifics
switch hc.kex { switch kexAlg {
case KEX_HERRADURA: case KEX_HERRADURA256:
return hc, nil //HKExAcceptSetup(hc.c, hc) fallthrough
case KEX_HERRADURA512:
fallthrough
case KEX_HERRADURA1024:
fallthrough
case KEX_HERRADURA2048:
log.Printf("[KEx alg %d accepted]\n", kexAlg) log.Printf("[KEx alg %d accepted]\n", kexAlg)
case KEX_KYBER512:
fallthrough
case KEX_KYBER768: case KEX_KYBER768:
return hc, nil //Kyber768AcceptSetup(hc.c, hc) fallthrough
case KEX_KYBER1024:
log.Printf("[KEx alg %d accepted]\n", kexAlg) log.Printf("[KEx alg %d accepted]\n", kexAlg)
default: default:
return hc, nil //HKExAcceptSetup(hc.c, hc) hc.kex = KEX_HERRADURA256
log.Printf("[KEx alg %d accepted]\n", kexAlg) log.Printf("[KEx alg %d ?? defaults to %d]\n", kexAlg, hc.kex)
} }
return return
} }
@ -197,30 +227,24 @@ func (hc *Conn) applyConnExtensions(extensions ...string) {
log.Println("[extension arg = C_AES_256]") log.Println("[extension arg = C_AES_256]")
hc.cipheropts &= (0xFFFFFF00) hc.cipheropts &= (0xFFFFFF00)
hc.cipheropts |= CAlgAES256 hc.cipheropts |= CAlgAES256
break
case "C_TWOFISH_128": case "C_TWOFISH_128":
log.Println("[extension arg = C_TWOFISH_128]") log.Println("[extension arg = C_TWOFISH_128]")
hc.cipheropts &= (0xFFFFFF00) hc.cipheropts &= (0xFFFFFF00)
hc.cipheropts |= CAlgTwofish128 hc.cipheropts |= CAlgTwofish128
break
case "C_BLOWFISH_64": case "C_BLOWFISH_64":
log.Println("[extension arg = C_BLOWFISH_64]") log.Println("[extension arg = C_BLOWFISH_64]")
hc.cipheropts &= (0xFFFFFF00) hc.cipheropts &= (0xFFFFFF00)
hc.cipheropts |= CAlgBlowfish64 hc.cipheropts |= CAlgBlowfish64
break
case "H_SHA256": case "H_SHA256":
log.Println("[extension arg = H_SHA256]") log.Println("[extension arg = H_SHA256]")
hc.cipheropts &= (0xFFFF00FF) hc.cipheropts &= (0xFFFF00FF)
hc.cipheropts |= (HmacSHA256 << 8) hc.cipheropts |= (HmacSHA256 << 8)
break
case "H_SHA512": case "H_SHA512":
log.Println("[extension arg = H_SHA512]") log.Println("[extension arg = H_SHA512]")
hc.cipheropts &= (0xFFFF00FF) hc.cipheropts &= (0xFFFF00FF)
hc.cipheropts |= (HmacSHA512 << 8) hc.cipheropts |= (HmacSHA512 << 8)
break //default:
default: // log.Printf("[Dial ext \"%s\" ignored]\n", s)
log.Printf("[Dial ext \"%s\" ignored]\n", s)
break
} }
} }
} }
@ -235,13 +259,24 @@ func (r randReader) Read(b []byte) (n int, e error) {
return return
} }
func Kyber768DialSetup(c net.Conn, hc *Conn) (err error) { func KyberDialSetup(c net.Conn, hc *Conn) (err error) {
//h := hkex.New(0, 0)
// Send hkexnet.Conn parameters to remote side // Send hkexnet.Conn parameters to remote side
// Alice, step 1: Generate a key pair. // Alice, step 1: Generate a key pair.
r := new(randReader) r := new(randReader)
alicePublicKey, alicePrivateKey, err := kyber.Kyber768.GenerateKeyPair(r) var alicePublicKey *kyber.PublicKey
var alicePrivateKey *kyber.PrivateKey
switch hc.kex {
case KEX_KYBER512:
alicePublicKey, alicePrivateKey, err = kyber.Kyber512.GenerateKeyPair(r)
case KEX_KYBER768:
alicePublicKey, alicePrivateKey, err = kyber.Kyber768.GenerateKeyPair(r)
case KEX_KYBER1024:
alicePublicKey, alicePrivateKey, err = kyber.Kyber1024.GenerateKeyPair(r)
default:
alicePublicKey, alicePrivateKey, err = kyber.Kyber768.GenerateKeyPair(r)
}
if err != nil { if err != nil {
panic(err) panic(err)
} }
@ -275,7 +310,20 @@ func Kyber768DialSetup(c net.Conn, hc *Conn) (err error) {
} }
func HKExDialSetup(c net.Conn, hc *Conn) (err error) { func HKExDialSetup(c net.Conn, hc *Conn) (err error) {
h := hkex.New(0, 0) var h *hkex.HerraduraKEx
switch hc.kex {
case KEX_HERRADURA256:
h = hkex.New(256, 64)
case KEX_HERRADURA512:
h = hkex.New(512, 128)
case KEX_HERRADURA1024:
h = hkex.New(1024, 256)
case KEX_HERRADURA2048:
h = hkex.New(2048, 512)
default:
h = hkex.New(256, 64)
}
// Send hkexnet.Conn parameters to remote side // Send hkexnet.Conn parameters to remote side
// d is value for Herradura key exchange // d is value for Herradura key exchange
fmt.Fprintf(c, "0x%s\n%08x:%08x\n", h.D().Text(16), fmt.Fprintf(c, "0x%s\n%08x:%08x\n", h.D().Text(16),
@ -304,8 +352,7 @@ func HKExDialSetup(c net.Conn, hc *Conn) (err error) {
return return
} }
func Kyber768AcceptSetup(c *net.Conn, hc *Conn) (err error) { func KyberAcceptSetup(c *net.Conn, hc *Conn) (err error) {
//h := hkex.New(0, 0)
// Bob, step 1: Deserialize Alice's public key from the binary encoding. // Bob, step 1: Deserialize Alice's public key from the binary encoding.
alicePublicKey := big.NewInt(0) alicePublicKey := big.NewInt(0)
_, err = fmt.Fscanln(*c, alicePublicKey) _, err = fmt.Fscanln(*c, alicePublicKey)
@ -320,7 +367,18 @@ func Kyber768AcceptSetup(c *net.Conn, hc *Conn) (err error) {
return err return err
} }
peerPublicKey, err := kyber.Kyber768.PublicKeyFromBytes(alicePublicKey.Bytes()) var peerPublicKey *kyber.PublicKey
switch hc.kex {
case KEX_KYBER512:
peerPublicKey, err = kyber.Kyber512.PublicKeyFromBytes(alicePublicKey.Bytes())
case KEX_KYBER768:
peerPublicKey, err = kyber.Kyber768.PublicKeyFromBytes(alicePublicKey.Bytes())
case KEX_KYBER1024:
peerPublicKey, err = kyber.Kyber1024.PublicKeyFromBytes(alicePublicKey.Bytes())
default:
peerPublicKey, err = kyber.Kyber768.PublicKeyFromBytes(alicePublicKey.Bytes())
}
if err != nil { if err != nil {
panic(err) panic(err)
} }
@ -343,7 +401,20 @@ func Kyber768AcceptSetup(c *net.Conn, hc *Conn) (err error) {
} }
func HKExAcceptSetup(c *net.Conn, hc *Conn) (err error) { func HKExAcceptSetup(c *net.Conn, hc *Conn) (err error) {
h := hkex.New(0, 0) var h *hkex.HerraduraKEx
switch hc.kex {
case KEX_HERRADURA256:
h = hkex.New(256, 64)
case KEX_HERRADURA512:
h = hkex.New(512, 128)
case KEX_HERRADURA1024:
h = hkex.New(1024, 256)
case KEX_HERRADURA2048:
h = hkex.New(2048, 512)
default:
h = hkex.New(256, 64)
}
// Read in hkexnet.Conn parameters over raw Conn c // Read in hkexnet.Conn parameters over raw Conn c
// d is value for Herradura key exchange // d is value for Herradura key exchange
d := big.NewInt(0) d := big.NewInt(0)
@ -403,22 +474,29 @@ func Dial(protocol string, ipport string, extensions ...string) (hc Conn, err er
// Perform Key Exchange according to client-request algorithm // Perform Key Exchange according to client-request algorithm
fmt.Fprintf(c, "%02x\n", hc.kex) fmt.Fprintf(c, "%02x\n", hc.kex)
switch hc.kex { switch hc.kex {
case KEX_HERRADURA: case KEX_HERRADURA256:
fmt.Println("[HKExDialSetup()]") fallthrough
case KEX_HERRADURA512:
fallthrough
case KEX_HERRADURA1024:
fallthrough
case KEX_HERRADURA2048:
log.Printf("[Setting up for KEX_HERRADURA %d]\n", hc.kex)
if HKExDialSetup(c, &hc) != nil { if HKExDialSetup(c, &hc) != nil {
return Conn{}, nil return Conn{}, nil
} }
case KEX_KYBER512:
fallthrough
case KEX_KYBER768: case KEX_KYBER768:
fmt.Println("[Kyber768DialSetup()]") fallthrough
if Kyber768DialSetup(c, &hc) != nil { case KEX_KYBER1024:
log.Printf("[Setting up for KEX_KYBER %d]\n", hc.kex)
if KyberDialSetup(c, &hc) != nil {
return Conn{}, nil return Conn{}, nil
} }
default: default:
fmt.Println("[Default HKExDialSetup()]")
if HKExDialSetup(c, &hc) != nil {
return Conn{}, nil return Conn{}, nil
} }
}
return return
} }
@ -530,7 +608,9 @@ func (hl *HKExListener) Accept() (hc Conn, err error) {
// Read KEx alg proposed by client // Read KEx alg proposed by client
var kexAlg KEXAlg var kexAlg KEXAlg
_, err = fmt.Fscanln(c, &kexAlg) //! NB. Was using fmt.FScanln() here, but integers with a leading zero
// were being mis-scanned? (is it an octal thing? Investigate.)
_, err = fmt.Fscanf(c, "%02x\n", &kexAlg)
if err != nil { if err != nil {
return Conn{}, err return Conn{}, err
} }
@ -544,25 +624,29 @@ func (hl *HKExListener) Accept() (hc Conn, err error) {
hc = *ret hc = *ret
switch hc.kex { switch hc.kex {
case KEX_HERRADURA: case KEX_HERRADURA256:
log.Println("[Setting up for KEX_HERRADURA]") fallthrough
case KEX_HERRADURA512:
fallthrough
case KEX_HERRADURA1024:
fallthrough
case KEX_HERRADURA2048:
log.Printf("[Setting up for KEX_HERRADURA %d]\n", hc.kex)
if HKExAcceptSetup(&c, &hc) != nil { if HKExAcceptSetup(&c, &hc) != nil {
log.Println("[ERROR - KEX_HERRADURA]")
return Conn{}, nil return Conn{}, nil
} }
case KEX_KYBER512:
fallthrough
case KEX_KYBER768: case KEX_KYBER768:
log.Println("[Setting up for KEX_KYBER768]") fallthrough
if Kyber768AcceptSetup(&c, &hc) != nil { case KEX_KYBER1024:
log.Println("[ERROR - KEX_KYBER768]") log.Printf("[Setting up for KEX_KYBER %d]\n", hc.kex)
if KyberAcceptSetup(&c, &hc) != nil {
return Conn{}, nil return Conn{}, nil
} }
default: default:
log.Println("[unknown alg, Setting up for KEX_HERRADURA]")
if HKExAcceptSetup(&c, &hc) != nil {
log.Println("[ERROR - default KEX_HERRADURA]")
return Conn{}, nil return Conn{}, nil
} }
}
log.Println("[hc.Accept successful]") log.Println("[hc.Accept successful]")
return return
} }

View file

@ -374,7 +374,7 @@ func main() {
flag.BoolVar(&dbg, "d", false, "debug logging") flag.BoolVar(&dbg, "d", false, "debug logging")
flag.StringVar(&cAlg, "c", "C_AES_256", "`cipher` [\"C_AES_256\" | \"C_TWOFISH_128\" | \"C_BLOWFISH_64\"]") flag.StringVar(&cAlg, "c", "C_AES_256", "`cipher` [\"C_AES_256\" | \"C_TWOFISH_128\" | \"C_BLOWFISH_64\"]")
flag.StringVar(&hAlg, "m", "H_SHA256", "`hmac` [\"H_SHA256\"]") flag.StringVar(&hAlg, "m", "H_SHA256", "`hmac` [\"H_SHA256\"]")
flag.StringVar(&kAlg, "k", "KEX_HERRADURA", "`kex` [\"KEX_HERRADURA\" | \"KEX_KYBER768\"]") flag.StringVar(&kAlg, "k", "KEX_HERRADURA256", "`kex` [\"KEX_HERRADURA{256/512/1024/2048}\" | \"KEX_KYBER{512/768/1024}\"]")
flag.UintVar(&port, "p", 2000, "`port`") flag.UintVar(&port, "p", 2000, "`port`")
//flag.StringVar(&authCookie, "a", "", "auth cookie") //flag.StringVar(&authCookie, "a", "", "auth cookie")
flag.BoolVar(&chaffEnabled, "e", true, "enabled chaff pkts (default true)") flag.BoolVar(&chaffEnabled, "e", true, "enabled chaff pkts (default true)")