diff --git a/Makefile b/Makefile index 2f318d4..ff37254 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -VERSION := 0.9.0 +VERSION := 0.9.0pre .PHONY: lint vis clean common client server passwd subpkgs install uninstall reinstall ## Tag version of binaries with build info wrt. diff --git a/go.mod b/go.mod index 4cfe086..ad14ca0 100644 --- a/go.mod +++ b/go.mod @@ -10,9 +10,9 @@ require ( blitter.com/go/mtwist v1.0.1 // indirect blitter.com/go/newhope v0.0.0-20200130200750-192fc08a8aae github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da - github.com/creack/pty v1.1.11 github.com/jameskeane/bcrypt v0.0.0-20120420032655-c3cd44c1e20f github.com/klauspost/reedsolomon v1.9.9 // indirect + github.com/kr/pty v1.1.8 github.com/kuking/go-frodokem v1.0.1 github.com/mattn/go-isatty v0.0.12 github.com/mmcloughlin/avo v0.0.0-20200523190732-4439b6b2c061 // indirect @@ -21,7 +21,6 @@ require ( github.com/templexxx/xor v0.0.0-20191217153810-f85b25db303b // indirect github.com/tjfoc/gmsm v1.3.1 // indirect github.com/xtaci/kcp-go v5.4.20+incompatible - github.com/xtaci/lossyconn v0.0.0-20200209145036-adba10fffc37 // indirect golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 golang.org/x/sys v0.0.0-20200523222454-059865788121 gopkg.in/hlandau/easymetric.v1 v1.0.0 // indirect diff --git a/go.sum b/go.sum index b0bb452..c74f16f 100644 --- a/go.sum +++ b/go.sum @@ -2,6 +2,10 @@ blitter.com/go/chacha20 v0.0.0-20200130200441-214e4085f54c h1:LcnFFg6MCIJHf26P7e blitter.com/go/chacha20 v0.0.0-20200130200441-214e4085f54c/go.mod h1:EMJtRcf22WCtHGiXCw+NB/Sb/PYcXtUgUql6LDEwyXo= blitter.com/go/cryptmt v1.0.2 h1:ZcLhQk7onUssXyQwG3GdXDXctCVnNL+b7aFuvwOdKXc= blitter.com/go/cryptmt v1.0.2/go.mod h1:tdME2J3O4agaDAYIYNQzzuB28yVGnPSMmV3a/ucSU84= +blitter.com/go/goutmp v1.0.3 h1:4VPU9COXG36W5454pcV65FieVaaw64mdhvjuTVOuWTM= +blitter.com/go/goutmp v1.0.3/go.mod h1:gtlbjC8xGzMk/Cf0BpnVltSa3awOqJ+B5WAxVptTMxk= +blitter.com/go/goutmp v1.0.4 h1:19Y4xgvdEbGESS0vuyWlPyZgjYNYxHkDfmbObKU5J6A= +blitter.com/go/goutmp v1.0.4/go.mod h1:gtlbjC8xGzMk/Cf0BpnVltSa3awOqJ+B5WAxVptTMxk= blitter.com/go/goutmp v1.0.5 h1:isP6bxSs1O06Oy7wB8u4y5SgLr22txfjg/gjG4qn0Og= blitter.com/go/goutmp v1.0.5/go.mod h1:gtlbjC8xGzMk/Cf0BpnVltSa3awOqJ+B5WAxVptTMxk= blitter.com/go/herradurakex v1.0.0 h1:6XaxY+JLT1HUWPF0gYJnjX3pVjrw4YhYZEzZ1U0wkyc= @@ -14,16 +18,21 @@ blitter.com/go/newhope v0.0.0-20200130200750-192fc08a8aae h1:YBBaCcdYRrI1btsmcMT blitter.com/go/newhope v0.0.0-20200130200750-192fc08a8aae/go.mod h1:ywoxfDBqInPsqtnxYsmS4SYMJ5D/kNcrFgpvI+Xcun0= github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmHS9iAKVt9AyzRSqNU1qabPih5BY= github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA= -github.com/creack/pty v1.1.11 h1:07n33Z8lZxZ2qwegKbObQohDhXDQxiMMz1NOUGYlesw= -github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= +github.com/creack/pty v1.1.7 h1:6pwm8kMQKCmgUg0ZHTm5+/YvRK0s3THD/28+T6/kk4A= +github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/jameskeane/bcrypt v0.0.0-20120420032655-c3cd44c1e20f h1:UWGE8Vi+1Agt0lrvnd7UsmvwqWKRzb9byK9iQmsbY0Y= github.com/jameskeane/bcrypt v0.0.0-20120420032655-c3cd44c1e20f/go.mod h1:u+9Snq0w+ZdYKi8BBoaxnEwWu0fY4Kvu9ByFpM51t1s= +github.com/klauspost/cpuid v1.2.3 h1:CCtW0xUnWGVINKvE/WWOYKdsPV6mawAtvQuSl8guwQs= +github.com/klauspost/cpuid v1.2.3/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= github.com/klauspost/cpuid v1.2.4 h1:EBfaK0SWSwk+fgk6efYFWdzl8MwRWoOO1gkmiaTXPW4= github.com/klauspost/cpuid v1.2.4/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= +github.com/klauspost/reedsolomon v1.9.4 h1:FB9jDBGqUNyhUg4Gszz384ulFqVSc61Pdap+HRPgnSo= +github.com/klauspost/reedsolomon v1.9.4/go.mod h1:CwCi+NUr9pqSVktrkN+Ondf06rkhYZ/pcNv7fu+8Un4= github.com/klauspost/reedsolomon v1.9.9 h1:qCL7LZlv17xMixl55nq2/Oa1Y86nfO8EqDfv2GHND54= github.com/klauspost/reedsolomon v1.9.9/go.mod h1:O7yFFHiQwDR6b2t63KPUpccPtNdp5ADgh1gg4fd12wo= +github.com/kr/pty v1.1.8 h1:AkaSdXYQOWeaO3neb8EM634ahkXXe3jYbVh/F9lq+GI= +github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw= github.com/kuking/go-frodokem v1.0.1 h1:13bks3u4CPpvUtOLttT+A37j9myV4kLnS7Z3qDiTm4o= github.com/kuking/go-frodokem v1.0.1/go.mod h1:TzD0W9QnVOcwigeSySEuNZfJaGxWRtFRb7hXe/w/waI= github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY= @@ -32,23 +41,21 @@ github.com/mmcloughlin/avo v0.0.0-20200523190732-4439b6b2c061 h1:UCU8+cLbbvyxi0s github.com/mmcloughlin/avo v0.0.0-20200523190732-4439b6b2c061/go.mod h1:wqKykBG2QzQDJEzvRkcS8x6MiSJkF52hXZsXcjaB3ls= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/templexxx/cpufeat v0.0.0-20180724012125-cef66df7f161 h1:89CEmDvlq/F7SJEOqkIdNDGJXrQIhuIx9D2DBXjavSU= github.com/templexxx/cpufeat v0.0.0-20180724012125-cef66df7f161/go.mod h1:wM7WEvslTq+iOEAMDLSzhVuOt5BRZ05WirO+b09GHQU= github.com/templexxx/xor v0.0.0-20191217153810-f85b25db303b h1:fj5tQ8acgNUr6O8LEplsxDhUIe2573iLkJc+PqnzZTI= github.com/templexxx/xor v0.0.0-20191217153810-f85b25db303b/go.mod h1:5XA7W9S6mni3h5uvOC75dA3m9CCCaS83lltmc0ukdi4= +github.com/tjfoc/gmsm v1.3.0 h1:i7c6Za/IlgBvnGxYpfD7L3TGuaS+v6oGcgq+J9/ecEA= +github.com/tjfoc/gmsm v1.3.0/go.mod h1:HaUcFuY0auTiaHB9MHFGCPx5IaLhTUd2atbCFBQXn9w= github.com/tjfoc/gmsm v1.3.1 h1:+k3IAlF81c31/TllJmIfuCYnjl8ziMdTWGWJcP9J1uo= github.com/tjfoc/gmsm v1.3.1/go.mod h1:HaUcFuY0auTiaHB9MHFGCPx5IaLhTUd2atbCFBQXn9w= -github.com/ulikunitz/xz v0.5.7 h1:YvTNdFzX6+W5m9msiYg/zpkSURPPtOlzbqYjrFn7Yt4= github.com/ulikunitz/xz v0.5.7/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= +github.com/xtaci/kcp-go v1.0.1 h1:SEZn2Iick6ualQpV8yY9cXdDTgbfBHPIwJl7UvxfxLQ= github.com/xtaci/kcp-go v5.4.20+incompatible h1:TN1uey3Raw0sTz0Fg8GkfM0uH3YwzhnZWQ1bABv5xAg= github.com/xtaci/kcp-go v5.4.20+incompatible/go.mod h1:bN6vIwHQbfHaHtFpEssmWsN45a+AZwO7eyRCmEIbtvE= -github.com/xtaci/lossyconn v0.0.0-20200209145036-adba10fffc37 h1:EWU6Pktpas0n8lLQwDsRyZfmkPeRbdgPtW609es+/9E= -github.com/xtaci/lossyconn v0.0.0-20200209145036-adba10fffc37/go.mod h1:HpMP7DB2CyokmAh4lp0EQnnWhmycP/TvwBGzvuie+H0= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= golang.org/x/arch v0.0.0-20190909030613-46d78d1859ac/go.mod h1:flIaEI6LNU6xOCD5PaJvn9wGP0agmIOqjrtsKGRguv4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= @@ -56,9 +63,10 @@ golang.org/x/crypto v0.0.0-20190829043050-9756ffdc2472/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191219195013-becbf705a915/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200128174031-69ecbb4d6d5d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20200423211502-4bdfaf469ed5 h1:Q7tZBpemrlsc2I7IyODzhtallWRSm4Q0d09pL6XbQtU= +golang.org/x/crypto v0.0.0-20200423211502-4bdfaf469ed5/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37 h1:cg5LA/zNPRzIXIWSCxQW10Rvpy94aQh3LT/ShoCpkHw= golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/mod v0.2.0 h1:KU7oHjnv3XNWfa5COkzUifxZmxp1TyI7ImMXqFxLwvQ= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= @@ -71,6 +79,8 @@ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190902133755-9109b7679e13/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f h1:gWF768j/LaZugp8dyS4UwsslYCYz9XgFxvlgsn0n9H8= +golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200523222454-059865788121 h1:rITEj+UZHYC927n8GT97eC3zrpzXdb/voyeOuVKS46o= golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -81,7 +91,6 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/hlandau/easymetric.v1 v1.0.0 h1:ZbfbH7W3giuVDjWUoFhDOjjv20hiPr5HZ2yMV5f9IeE= gopkg.in/hlandau/easymetric.v1 v1.0.0/go.mod h1:yh75hypuFzAxmvECh3ZKGCvFnIfapYJh2wv7ASaX2RE= @@ -89,6 +98,5 @@ gopkg.in/hlandau/measurable.v1 v1.0.1 h1:wH5UZKCRUnRr1iD+xIZfwhtxhmr+bprRJttqA1R gopkg.in/hlandau/measurable.v1 v1.0.1/go.mod h1:6N+SYJGMTmetsx7wskULP+juuO+++tsHJkAgzvzsbuM= gopkg.in/hlandau/passlib.v1 v1.0.10 h1:q5xh9ZHp907XTjVw8/EqG03//fnlITnIYQmv4Gn7TpE= gopkg.in/hlandau/passlib.v1 v1.0.10/go.mod h1:wxGAv2CtQHlzWY8NJp+p045yl4WHyX7v2T6XbOcmqjM= -gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= diff --git a/xsd/xsd.go b/xsd/xsd.go index 34bb39a..d32fb7c 100755 --- a/xsd/xsd.go +++ b/xsd/xsd.go @@ -33,7 +33,7 @@ import ( xs "blitter.com/go/xs" "blitter.com/go/xs/logger" "blitter.com/go/xs/xsnet" - "github.com/creack/pty" + "github.com/kr/pty" ) var ( @@ -82,7 +82,7 @@ func runClientToServerCopyAs(who, ttype string, conn *xsnet.Conn, fpath string, os.Clearenv() os.Setenv("HOME", u.HomeDir) // nolint: gosec,errcheck os.Setenv("TERM", ttype) // nolint: gosec,errcheck - os.Setenv("XS_SESSION", "1") // nolint: gosec,errcheck + os.Setenv("HKEXSH", "1") // nolint: gosec,errcheck var c *exec.Cmd cmdName := xs.GetTool("tar") @@ -187,7 +187,7 @@ func runServerToClientCopyAs(who, ttype string, conn *xsnet.Conn, srcPath string os.Clearenv() _ = os.Setenv("HOME", u.HomeDir) // nolint: gosec _ = os.Setenv("TERM", ttype) // nolint: gosec - _ = os.Setenv("XS_SESSION", "1") // nolint: gosec + _ = os.Setenv("HKEXSH", "1") // nolint: gosec var c *exec.Cmd cmdName := xs.GetTool("tar") @@ -278,7 +278,7 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con os.Clearenv() _ = os.Setenv("HOME", u.HomeDir) // nolint: gosec _ = os.Setenv("TERM", ttype) // nolint: gosec - _ = os.Setenv("XS_SESSION", "1") // nolint: gosec + _ = os.Setenv("HKEXSH", "1") // nolint: gosec var c *exec.Cmd if interactive { diff --git a/xsnet/chan.go b/xsnet/chan.go index d6b2924..e499f48 100644 --- a/xsnet/chan.go +++ b/xsnet/chan.go @@ -110,7 +110,7 @@ func (hc *Conn) getStream(keymat []byte) (rc cipher.Stream, mc hash.Hash, err er key = keymat[0:chacha.KeySize] ivlen = chacha.INonceSize iv = keymat[chacha.KeySize : chacha.KeySize+ivlen] - rc, err = chacha.NewCipher(iv, key, chacha.INonceSize) + rc, err = chacha.NewCipher(iv, key, 20) if err != nil { log.Printf("[ChaCha20 config error]\n") fmt.Printf("[ChaCha20 config error]\n") diff --git a/xsnet/consts.go b/xsnet/consts.go index ff372ed..c632198 100644 --- a/xsnet/consts.go +++ b/xsnet/consts.go @@ -98,7 +98,7 @@ const ( type CSOType uint32 //TODO: this should be small (max unfragmented packet size?) -const MAX_PAYLOAD_LEN = 2*1024*1024*1024 - 1 +const MAX_PAYLOAD_LEN = 4*1024*1024*1024 - 1 // Session symmetric crypto algs const ( diff --git a/xsnet/net.go b/xsnet/net.go index 052c895..3260cab 100644 --- a/xsnet/net.go +++ b/xsnet/net.go @@ -49,7 +49,7 @@ import ( /*---------------------------------------------------------------------*/ const PAD_SZ = 32 // max size of padding applied to each packet -const HMAC_CHK_SZ = 8 // leading bytes of HMAC to xmit for verification +const HMAC_CHK_SZ = 4 // leading bytes of HMAC to xmit for verification type ( WinSize struct { @@ -426,25 +426,21 @@ func FrodoKEMDialSetup(c io.ReadWriter, hc *Conn) (err error) { kem = frodo.Frodo976SHAKE() } pubA, secA := kem.Keygen() // pA + //log.Printf("[pubKeyAlice: %v]\n", pubA) // Alice, step 2: Send the public key (na,ea) to Bob - n, err := fmt.Fprintf(c, "0x%x\n", pubA) - if err != nil { - panic(err) - } - if n < len(pubA) { - panic(errors.New("incomplete Fprintf() of pubA")) - } + fmt.Fprintf(c, "0x%x\n", pubA) - // (... and send cipher, connection opts) + // (... and cipher, connection opts) fmt.Fprintf(c, "0x%x:0x%x\n", hc.cipheropts, hc.opts) // [Bob does the same and sends use a public key (nb, eb) pubB_bigint := big.NewInt(0) _, err = fmt.Fscanf(c, "0x%x\n", pubB_bigint) pubB := pubB_bigint.Bytes() + //log.Printf("[Got pubKeyBob[]:%v]\n", pubB) - // (... and sends us cipher, connection opts) + // (... and cipher, connection opts) _, err = fmt.Fscanf(c, "0x%x:0x%x\n", &hc.cipheropts, &hc.opts) if err != nil { @@ -464,10 +460,12 @@ func FrodoKEMDialSetup(c io.ReadWriter, hc *Conn) (err error) { ctBtoA_bigint := big.NewInt(0) _, err = fmt.Fscanf(c, "0x%x\n", ctBtoA_bigint) ctBtoA := ctBtoA_bigint.Bytes() + log.Printf("[Got ctBob[]:%v]\n", ctBtoA) // Alice, step 6: compute Bob's share shareB, err := kem.Dencapsulate(secA, ctBtoA) sessionKey := append(shareA, shareB...) + //log.Printf("[Derived sharedSecret:0x%x]\n", sessionKey) hc.r, hc.rm, err = hc.getStream(sessionKey) hc.w, hc.wm, err = hc.getStream(sessionKey) @@ -523,7 +521,7 @@ func NewHopeDialSetup(c io.ReadWriter, hc *Conn) (err error) { if err != nil { panic(err) } - + //log.Printf("[Derived sharedSecret:0x%x]\n", aliceSharedSecret) hc.r, hc.rm, err = hc.getStream(aliceSharedSecret) hc.w, hc.wm, err = hc.getStream(aliceSharedSecret) return @@ -567,7 +565,7 @@ func NewHopeSimpleDialSetup(c io.ReadWriter, hc *Conn) (err error) { if err != nil { panic(err) } - + //log.Printf("[Derived sharedSecret:0x%x]\n", aliceSharedSecret) hc.r, hc.rm, err = hc.getStream(aliceSharedSecret) hc.w, hc.wm, err = hc.getStream(aliceSharedSecret) return @@ -618,6 +616,7 @@ func KyberDialSetup(c io.ReadWriter /*net.Conn*/, hc *Conn) (err error) { // Alice, step 3: Decrypt the KEM cipher text. aliceSharedSecret := alicePrivateKey.KEMDecrypt(pubKeyB) + //log.Printf("[Derived sharedSecret:0x%x]\n", aliceSharedSecret) hc.r, hc.rm, err = hc.getStream(aliceSharedSecret) hc.w, hc.wm, err = hc.getStream(aliceSharedSecret) return @@ -681,32 +680,27 @@ func FrodoKEMAcceptSetup(c *net.Conn, hc *Conn) (err error) { kem = frodo.Frodo976SHAKE() } pubB, secB := kem.Keygen() + //log.Printf("[pubKeyBob: %v]\n", pubB) - - // [Alice sends use a public key (na, ea) + // Bob, step 2: Send the public key (nb,eb) to Alice + fmt.Fprintf(*c, "0x%x\n", pubB) + + // (... and cipher, connection opts) + fmt.Fprintf(*c, "0x%x:0x%x\n", hc.cipheropts, hc.opts) + + // [Alice does the same and sends use a public key (na, ea) pubA_bigint := big.NewInt(0) _, err = fmt.Fscanf(*c, "0x%x\n", pubA_bigint) pubA := pubA_bigint.Bytes() + //log.Printf("[Got pubKeyAlice[]:%v]\n", pubA) - // (... and sends us cipher, connection opts) + // (... and cipher, connection opts) _, err = fmt.Fscanf(*c, "0x%x:0x%x\n", &hc.cipheropts, &hc.opts) if err != nil { return err } - // Bob, step 2: Send the public key (nb,eb) to Alice - n, err := fmt.Fprintf(*c, "0x%x\n", pubB) - if err != nil { - panic(err) - } - if n < len(pubB) { - panic(errors.New("incomplete Fprintf() of pubB")) - } - - // (... and send cipher, connection opts) - fmt.Fprintf(*c, "0x%x:0x%x\n", hc.cipheropts, hc.opts) - // Bob, step 3: Create ctBtoA, shareB ctBtoA, shareB, err := kem.Encapsulate(pubA) if err != nil { @@ -720,10 +714,12 @@ func FrodoKEMAcceptSetup(c *net.Conn, hc *Conn) (err error) { ctAtoB_bigint := big.NewInt(0) _, err = fmt.Fscanf(*c, "0x%x\n", ctAtoB_bigint) ctAtoB := ctAtoB_bigint.Bytes() + log.Printf("[Got ctAlice[]:%v]\n", ctAtoB) // Alice, step 6: compute Bob's share shareA, err := kem.Dencapsulate(secB, ctAtoB) sessionKey := append(shareA, shareB...) + //log.Printf("[Derived sharedSecret:0x%x]\n", sessionKey) hc.r, hc.rm, err = hc.getStream(sessionKey) hc.w, hc.wm, err = hc.getStream(sessionKey) @@ -763,6 +759,7 @@ func NewHopeAcceptSetup(c *net.Conn, hc *Conn) (err error) { fmt.Fprintf(*c, "0x%x\n0x%x:0x%x\n", pubKeyBob.Send, hc.cipheropts, hc.opts) + //log.Printf("[Derived sharedSecret:0x%x]\n", bobSharedSecret) hc.r, hc.rm, err = hc.getStream(bobSharedSecret) hc.w, hc.wm, err = hc.getStream(bobSharedSecret) return @@ -801,6 +798,7 @@ func NewHopeSimpleAcceptSetup(c *net.Conn, hc *Conn) (err error) { fmt.Fprintf(*c, "0x%x\n0x%x:0x%x\n", pubKeyBob.Send, hc.cipheropts, hc.opts) + //log.Printf("[Derived sharedSecret:0x%x]\n", bobSharedSecret) hc.r, hc.rm, err = hc.getStream(bobSharedSecret) hc.w, hc.wm, err = hc.getStream(bobSharedSecret) return @@ -849,6 +847,7 @@ func KyberAcceptSetup(c *net.Conn, hc *Conn) (err error) { fmt.Fprintf(*c, "0x%x\n0x%x:0x%x\n", cipherText, hc.cipheropts, hc.opts) + //log.Printf("[Derived sharedSecret:0x%x]\n", bobSharedSecret) hc.r, hc.rm, err = hc.getStream(bobSharedSecret) hc.w, hc.wm, err = hc.getStream(bobSharedSecret) return @@ -1288,7 +1287,6 @@ func (hc Conn) Read(b []byte) (n int, err error) { if hc.logCipherText { log.Printf(" <:ctext:\r\n%s\r\n", hex.Dump(payloadBytes[:n])) } - //fmt.Printf(" <:ctext:\r\n%s\r\n", hex.Dump(payloadBytes[:n])) hc.rm.Write(payloadBytes) // Calc hmac on received data hTmp := hc.rm.Sum(nil)[0:HMAC_CHK_SZ] @@ -1308,9 +1306,8 @@ func (hc Conn) Read(b []byte) (n int, err error) { // The caller isn't necessarily reading the full payload so we need // to decrypt to an intermediate buffer, draining it on demand of caller decryptN, err := rs.Read(payloadBytes) - if hc.logPlainText { - log.Printf(" <:ptext:\r\n%s\r\n", hex.Dump(payloadBytes[:n])) + log.Printf(" <-ptext:\r\n%s\r\n", hex.Dump(payloadBytes[:n])) } if err != nil { log.Println("xsnet.Read():", err) @@ -1327,6 +1324,9 @@ func (hc Conn) Read(b []byte) (n int, err error) { payloadBytes = payloadBytes[0 : len(payloadBytes)-int(padLen)] } + //fmt.Printf("padSide:%d padLen:%d payloadBytes:%s\n", + // padSide, padLen, hex.Dump(payloadBytes)) + // Throw away pkt if it's chaff (ie., caller to Read() won't see this data) if ctrlStatOp == CSOChaff { log.Printf("[Chaff pkt, discarded (len %d)]\n", decryptN) @@ -1435,7 +1435,6 @@ func (hc Conn) Read(b []byte) (n int, err error) { } log.Printf("Read() got %d bytes\n", retN) - copy(b, hc.dBuf.Next(retN)) return retN, nil } @@ -1444,7 +1443,9 @@ func (hc Conn) Read(b []byte) (n int, err error) { // // See go doc io.Writer func (hc Conn) Write(b []byte) (n int, err error) { + //fmt.Printf("WRITE(%d)\n", len(b)) n, err = hc.WritePacket(b, CSONone) + //fmt.Printf("WROTE(%d)\n", n) return n, err } @@ -1459,23 +1460,27 @@ func (hc *Conn) WritePacket(b []byte, ctrlStatOp byte) (n int, err error) { } //Padding prior to encryption - padSz := rand.Intn(PAD_SZ-1) + 1 /*(rand.Intn(PAD_SZ) / 2) + (PAD_SZ / 2)*/ + padSz := (rand.Intn(PAD_SZ) / 2) + (PAD_SZ / 2) padLen := padSz - ((len(b) + padSz) % padSz) if padLen == padSz { // No padding required padLen = 0 } - padBytes := make([]byte, padLen) rand.Read(padBytes) // For a little more confusion let's support padding either before // or after the payload. padSide := rand.Intn(2) + //fmt.Printf("--\n") + //fmt.Printf("PRE_PADDING:%s\r\n", hex.Dump(b)) + //fmt.Printf("padSide:%d padLen:%d\r\n", padSide, padLen) if padSide == 0 { b = append([]byte{byte(padSide)}, append([]byte{byte(padLen)}, append(padBytes, b...)...)...) } else { b = append([]byte{byte(padSide)}, append([]byte{byte(padLen)}, append(b, padBytes...)...)...) } + //fmt.Printf("POST_PADDING:%s\r\n", hex.Dump(b)) + //fmt.Printf("--\r\n") // N.B. Originally this Lock() surrounded only the // calls to binary.Write(hc.c ..) however there appears @@ -1487,8 +1492,9 @@ func (hc *Conn) WritePacket(b []byte, ctrlStatOp byte) (n int, err error) { // could be tightened. hc.Lock() payloadLen = uint32(len(b)) + //!fmt.Printf(" --== payloadLen:%d\n", payloadLen) if hc.logPlainText { - log.Printf(" >:ptext:\r\n%s\r\n", hex.Dump(b[0:payloadLen])) + log.Printf(" :>ptext:\r\n%s\r\n", hex.Dump(b[0:payloadLen])) } // NOTE releases prior to v0.9 used Authenticate-then-Encrypt, @@ -1508,18 +1514,13 @@ func (hc *Conn) WritePacket(b []byte, ctrlStatOp byte) (n int, err error) { // The StreamWriter acts like a pipe, forwarding whatever is // written to it through the cipher, encrypting as it goes ws := &cipher.StreamWriter{S: hc.w, W: &wb} - wN, err := ws.Write(b[0:payloadLen]) + _, err = ws.Write(b[0:payloadLen]) if err != nil { panic(err) } - if wN < int(payloadLen) { - panic("truncated Write to cipher *****") - } - if hc.logCipherText { - log.Printf(" >:ctext:\r\n%s\r\n", hex.Dump(wb.Bytes())) + log.Printf(" ->ctext:\r\n%s\r\n", hex.Dump(wb.Bytes())) } - //fmt.Printf(" >:ctext:\r\n%s\r\n", hex.Dump(wb.Bytes())) // Calculate hmac on cipher payload hc.wm.Write(wb.Bytes()) @@ -1551,11 +1552,7 @@ func (hc *Conn) WritePacket(b []byte, ctrlStatOp byte) (n int, err error) { // We must 'lie' to caller indicating the length of THEIR // data written (ie., not including the padding and padding headers) - retN := n - 2 - int(padLen) - if retN <= 0 { - retN = 0 - } - return retN, err + return n - 2 - int(padLen), err } func (hc *Conn) EnableChaff() {