Commit Graph

190 Commits

Author SHA1 Message Date
Russ Magee 871f1e0dfa Moved CSE (extended err types) back up out of UNIX shell status space 2018-10-25 22:49:08 -07:00
Russ Magee 752dbf6080 logging now uses syslog 2018-10-25 22:14:18 -07:00
Russ Magee 90deb5b1ff Updated README.md for new CryptMTv1 cipher 2018-10-24 00:31:32 -07:00
Russ Magee 4cb535fcc9 Added support for cryptMTv1
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-10-24 00:16:34 -07:00
Russ Magee 97791544ab Bump version
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-10-21 20:32:57 -07:00
Russ Magee a6950408f2 Merge branch 'kex-spurious-failures' 2018-10-19 13:52:14 -07:00
Russ Magee 3991fc5065 Added keymat expansion for smallest KEX modes
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-10-19 13:51:57 -07:00
Russ Magee fc4b1bf7bb Added clause 11a. to cover crypto regs
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-10-19 11:56:09 -07:00
Russ Magee d13e340895 Added clause 11a. to cover crypto regs
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-10-19 11:50:17 -07:00
Russ Magee 798661a0cf kex-spurious-failures branch:
-Modified KyberDialSetup()/KyberAcceptSetup() to use []byte for reading/writing
ciphertext to avoid errors caused by leading zero bytes (big.Int can't explicitly
represent these)

-TODO: Consider the same for HerraduraKEx HKexDialSetup()/HKexAcceptSetup()
2018-10-18 20:44:23 -07:00
Russ Magee 6aed5ab54f Merge branch 'master' of ssh://blitter.com/var/git/hkexsh 2018-10-16 00:35:59 -07:00
Russ Magee 9cf55ed4ca Adopt the Code of Merit (http://code-of-merit.org/) 2018-10-16 00:35:36 -07:00
Russ Magee 65953d0d99 Silence GitHub's reminder to add a code of conduct. 2018-10-16 00:29:12 -07:00
Russ Magee a060ae39b1 HMAC portion made into symbolic const 2018-10-14 00:20:30 -07:00
Russ Magee 5d9a110d57 Added more (explicit) sizes for all KEX algs 2018-10-12 16:16:49 -07:00
Russ Magee 361fa2a7c3 Added hkexnet to LICENSE file 2018-10-10 22:37:25 -07:00
Russ Magee 703c8851b3 Moved HerraduraKEx-specific LICENSE files into component subdir
Added overall hkexsh LICENSE file to toplevel
2018-10-10 22:35:49 -07:00
Russ Magee 1d265c923e Updated README.md 2018-10-10 22:08:57 -07:00
Russ Magee fad35aa4fa Merge branch 'add-kex-kyber768' 2018-10-10 21:42:18 -07:00
Russ Magee 231ede1734 KYBER768 KEM works. :O 2018-10-10 21:12:38 -07:00
Russ Magee de8f9552c3 Update TODO - ~/.hkexsh_id 2018-10-08 23:42:09 -07:00
Russ Magee 4c286ae6c1 Set up to handle Kyber768 KEM 2018-10-08 21:31:11 -07:00
Russ Magee 767ae7bd07 Updates to README.md 2018-10-03 22:44:27 -07:00
Russ Magee cb7a79063e Added validation user actually exists on system 2018-10-03 22:31:35 -07:00
Russ Magee 420e0319ca Merge branch 'master' of ssh://blitter.com/var/git/hkexsh 2018-10-02 21:24:10 -07:00
Russ Magee 103070d00a Made padding size random [max/2, max); use of improved goutmp host lookup 2018-10-02 21:23:45 -07:00
Russ Magee 6788fd1adf Made padding size random (max/2, max]; use of improved goutmp host lookup 2018-10-02 11:03:10 -07:00
Russ Magee 1485e8392e Removed moving avg chaff in favour of random-padding 2018-10-01 20:35:50 -07:00
Russ Magee 06ee94da03 Added HMAC_SHA512 2018-09-30 00:19:25 -07:00
Russ Magee cd9f7914e0 Dial() and Accept() again conform to net.Dial(), net.Accept() return signature 2018-09-29 12:15:53 -07:00
Russ Magee e57d97d3e6 Changed many funcs to take *hkexnet.Conn to allow tracking of packets sent, total bytes sent and experimental moving avg chaff 2018-09-26 22:57:36 -07:00
Russ Magee b810fa7f4a tightened up some const types 2018-09-17 23:07:04 -07:00
Russ Magee 8b0b833d6e Split hkexsh and hkexnet consts into separate files 2018-09-17 17:27:13 -07:00
Russ Magee 869dbf6e10 Bumped version 2018-09-16 23:54:25 -07:00
Russ Magee 1da6f37ec5 Merge branch 'master' of ssh://blitter.com/var/git/hkexsh 2018-09-16 22:22:40 -07:00
Russ Magee 84e29bdf51 Fixes to authtoken/password indication at login 2018-09-16 22:22:14 -07:00
Russ Magee 2864940a8e Fixes to authtoken/password indication at login 2018-09-16 17:56:17 -07:00
Russ Magee d25b883873 Fixed bug in fallback from authtoken (-g) to password login 2018-09-16 17:30:02 -07:00
Russ Magee 19697d5164 Remote exit status now reflected in client->server copies 2018-09-16 17:14:50 -07:00
Russ Magee e02764bf4b .hkexsh_id file supports multiple authtokens (multi remote hosts, aliases for same remote host) 2018-09-14 11:58:10 -07:00
Russ Magee d9b34fa631 GenAuthToken() now uses client-supplied ConnHost 2018-09-14 01:13:14 -07:00
Russ Magee 1efc1337df -TODO items; scrub authCookie after use 2018-09-14 00:40:20 -07:00
Russ Magee c9eb6bcb38 Added -a authtoken feature for scripted use 2018-09-13 23:51:49 -07:00
Russ Magee 350f3f375e -hkexauth now always tries bcrypt even for nonexistent users (user enum timing attack resist) 2018-09-11 22:36:20 -07:00
Russ Magee 140523dabb -Refactored HerraduraKEx negotiation into subroutine (anticipation of future multi-KEx support) 2018-09-11 00:04:38 -07:00
Russ Magee bee0bececf -Bumped version to 0.2pre to reflect protocol break w/0.1pre
-Added design principle note (no downgrade attack-enabling protocol features)
2018-09-10 20:28:41 -07:00
Russ Magee dcb42d43f1 -BREAKING CHANGE: pre-KEx byte sent for KEx alg (default and only for now: KEX_HERRADURA) 2018-09-10 20:22:09 -07:00
Russ Magee 5f1d57f987 Fixed hkexauth fields expected 2018-09-08 22:01:33 -07:00
Russ Magee 8bca54ed7b -hkexpasswd: now can add new users
-Removed unused disallowedCmdList (field 4) from CSV
2018-09-07 20:56:42 -07:00
Russ Magee 075ca7521c Client now passes xterm-256color in Session 2018-09-07 20:37:47 -07:00