Added hkexchan.go w/o testing for StreamReader/StreamWriter

This commit is contained in:
Russ Magee 2018-01-08 23:08:58 -08:00
parent 4bccb2512d
commit 9885067a48
4 changed files with 73 additions and 26 deletions

Binary file not shown.

Binary file not shown.

View file

@ -17,6 +17,9 @@
golang implementation by Russ Magee (rmagee_at_gmail.com) */ golang implementation by Russ Magee (rmagee_at_gmail.com) */
package herradurakex package herradurakex
/* Support functions to set up encryption once an HKEx Conn has been
established with FA exchange */
import ( import (
"crypto/aes" "crypto/aes"
"crypto/cipher" "crypto/cipher"
@ -35,37 +38,75 @@ const (
) )
/*TODO: HMAC derived from HKEx FA.*/ /*TODO: HMAC derived from HKEx FA.*/
/* Auxilliary functionality to set up encryption after a channel has /* Support functionality to set up encryption after a channel has
been negotiated via hkexnet.go -- set up encryption algs with key, IV, been negotiated via hkexnet.go
*/ */
func (hd Conn) cryptoSetup(keymat *big.Int, flags uint32, r io.Reader) (ret io.Reader) { func (hd Conn) getReadStream(keymat *big.Int, flags uint32, r io.Reader) (ret io.Reader) {
// 256 algs should be enough for everybody.(tm)
var key []byte var key []byte
var block cipher.Block var block cipher.Block
var err error
// 256 algs should be enough for everybody.(tm)
cipherAlg := (flags & 8) cipherAlg := (flags & 8)
//TODO: flags for HMAC from keymat //TODO: flags for HMAC from keymat
switch cipherAlg { switch cipherAlg {
case C_AES_256: case C_AES_256:
key = keymat.Bytes()[0:aes.BlockSize] key = keymat.Bytes()[0:aes.BlockSize]
block, err := aes.NewCipher(key) block, err = aes.NewCipher(key)
break break
default: default:
fmt.Println("DOOFUS SET A VALID CIPHER ALG") fmt.Println("DOOFUS SET A VALID CIPHER ALG")
block, err := aes.NewCipher(key) block, err = aes.NewCipher(key)
os.Exit(1) os.Exit(1)
} }
if err != nil {
panic(err)
}
// If the key is unique for each ciphertext, then it's ok to use a zero // If the key is unique for each ciphertext, then it's ok to use a zero
// IV. // IV.
var iv [aes.BlockSize]byte var iv [aes.BlockSize]byte
stream := cipher.NewOFB(block, iv[:]) stream := cipher.NewOFB(block, iv[:])
ret = &cipher.StreamReader{S: stream, R: inFile} ret = &cipher.StreamReader{S: stream, R: r}
// Copy the input file to the output file, decrypting as we go.
if _, err := io.Copy(outFile, reader); err != nil { // Note that this example is simplistic in that it omits any
panic(err) // authentication of the encrypted data. If you were actually to use
} // StreamReader in this manner, an attacker could flip arbitrary bits in
// the output.
return
}
func (hd Conn) getWriteStream(keymat *big.Int, flags uint32, w io.Writer) (ret io.Writer) {
var key []byte
var block cipher.Block
var err error
// 256 algs should be enough for everybody.(tm)
cipherAlg := (flags & 8)
//TODO: flags for HMAC from keymat
switch cipherAlg {
case C_AES_256:
key = keymat.Bytes()[0:aes.BlockSize]
block, err = aes.NewCipher(key)
break
default:
fmt.Println("DOOFUS SET A VALID CIPHER ALG")
block, err = aes.NewCipher(key)
os.Exit(1)
}
if err != nil {
panic(err)
}
// If the key is unique for each ciphertext, then it's ok to use a zero
// IV.
var iv [aes.BlockSize]byte
stream := cipher.NewOFB(block, iv[:])
ret = &cipher.StreamWriter{S: stream, W: w}
// Note that this example is simplistic in that it omits any // Note that this example is simplistic in that it omits any
// authentication of the encrypted data. If you were actually to use // authentication of the encrypted data. If you were actually to use

View file

@ -1,20 +1,26 @@
/* -*- go -*- /* Herradura - a Key exchange scheme in the style of Diffie-Hellman Key Exchange.
* $RCSfile$ $Revision$ : $Date$ : $Author$ Copyright (C) 2017 Omar Alejandro Herrera Reyna
*
* Description This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* Notes the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
**************
* This program is distributed in the hope that it will be useful,
* Copyright (c) 2018 Russtopia Labs. All Rights Reserved. but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* This document may not, in whole or in part, be copied, photocopied, GNU General Public License for more details.
* reproduced, translated, or reduced to any electronic medium or machine
* readable form without prior written consent from Russtopia Labs. You should have received a copy of the GNU General Public License
*/ along with this program. If not, see <https://www.gnu.org/licenses/>.
golang implementation by Russ Magee (rmagee_at_gmail.com) */
package herradurakex package herradurakex
// Implementation of HKEx-wrapped versions of the golang standard
// net package interfaces, allowing clients and servers to simply replace
// 'net.Dial', 'net.Listen' etc. with 'hkex.Dial', 'hkex.Listen' and so
// forth.
import ( import (
"fmt" "fmt"
"math/big" "math/big"