From 0eb785a9dc8ccd863055596aa72a00b48de33c42 Mon Sep 17 00:00:00 2001 From: Russ Magee Date: Thu, 6 Feb 2020 19:12:45 -0800 Subject: [PATCH] Removed WANDERER exp c_alg Signed-off-by: Russ Magee --- go.mod | 21 +- vendor/blitter.com/go/wanderer/wanderer.go | 213 --------------------- vendor/modules.txt | 14 +- xsnet/chan.go | 4 - xsnet/consts.go | 1 - xsnet/net.go | 6 - 6 files changed, 16 insertions(+), 243 deletions(-) delete mode 100644 vendor/blitter.com/go/wanderer/wanderer.go diff --git a/go.mod b/go.mod index 6309a93..8762b02 100644 --- a/go.mod +++ b/go.mod @@ -7,24 +7,23 @@ require ( blitter.com/go/goutmp v1.0.2 blitter.com/go/herradurakex v1.0.0 blitter.com/go/kyber v0.0.0-20200130200857-6f2021cb88d9 - blitter.com/go/mtwist v1.0.1 // indirect + blitter.com/go/mtwist v1.0.1 blitter.com/go/newhope v0.0.0-20200130200750-192fc08a8aae - blitter.com/go/wanderer v0.8.2 github.com/jameskeane/bcrypt v0.0.0-20120420032655-c3cd44c1e20f - github.com/klauspost/cpuid v1.2.2 // indirect - github.com/klauspost/reedsolomon v1.9.3 // indirect + github.com/klauspost/cpuid v1.2.2 + github.com/klauspost/reedsolomon v1.9.3 github.com/kr/pty v1.1.4 github.com/mattn/go-isatty v0.0.7 - github.com/pkg/errors v0.8.1 // indirect - github.com/templexxx/cpufeat v0.0.0-20180724012125-cef66df7f161 // indirect - github.com/templexxx/xor v0.0.0-20181023030647-4e92f724b73b // indirect - github.com/tjfoc/gmsm v1.0.1 // indirect + github.com/pkg/errors v0.8.1 + github.com/templexxx/cpufeat v0.0.0-20180724012125-cef66df7f161 + github.com/templexxx/xor v0.0.0-20181023030647-4e92f724b73b + github.com/tjfoc/gmsm v1.0.1 github.com/xtaci/kcp-go v5.4.19+incompatible github.com/xtaci/lossyconn v0.0.0-20190602105132-8df528c0c9ae // indirect golang.org/x/crypto v0.0.0-20200128174031-69ecbb4d6d5d - golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553 // indirect + golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553 golang.org/x/sys v0.0.0-20190902133755-9109b7679e13 - gopkg.in/hlandau/easymetric.v1 v1.0.0 // indirect - gopkg.in/hlandau/measurable.v1 v1.0.1 // indirect + gopkg.in/hlandau/easymetric.v1 v1.0.0 + gopkg.in/hlandau/measurable.v1 v1.0.1 gopkg.in/hlandau/passlib.v1 v1.0.10 ) diff --git a/vendor/blitter.com/go/wanderer/wanderer.go b/vendor/blitter.com/go/wanderer/wanderer.go deleted file mode 100644 index efc0ca9..0000000 --- a/vendor/blitter.com/go/wanderer/wanderer.go +++ /dev/null @@ -1,213 +0,0 @@ -// Package wanderer - a crypto doodle that appears to give adequate -// protection to data in a stream cipher context -// -// Properties visualized using https://github.com/circulosmeos/circle -package wanderer - -// TODOs: -// -define s-box rotation/shuffle schema -// -devise p-box schema (? Meh. Need to blockify & re-streamify to do this) -// ... - -import ( - "errors" - "fmt" - "io" - "time" - - mtwist "blitter.com/go/mtwist" -) - -const ( - keylen = 512 - sboxCount = keylen / 8 -) - -type Cipher struct { - prng *mtwist.MT19937_64 - r io.Reader - w io.Writer - k []byte - kidx uint - sboxen [][]byte - sw int - sh int - sctr int // TODO: used to count down to re-keying & sbox regen - mode int - n byte -} - -// Given input byte x (treated as 2-bit dirs), -// 'walk' box applying XOR of each position (E/S/W/N) given box -// dimensions w,h -// NOTE to ensure reachability of all values within a box, w,h -// should not each exceed 3 and should probably stay at 2, to -// give more even coverage given random input. -func walkingXOR(key, s []byte, w, h int, x byte) (r byte) { - i := 0 - r = x - for sidx := range key { - ktemp := key[sidx] - r = r ^ (s[i]) - for shift := uint(0); shift < 8; shift += 2 { - // fmt.Println("i:", i, "r:", r) - dir := (ktemp >> shift) & 0x03 - switch dir { - case 0: - i = i + 1 - i = i % len(s) - case 1: - i = i + w - i = i % len(s) - case 2: - if i%w != 0 { - i = i - 1 - } else { - i = i + w - 1 - } - case 3: - if i >= w { - i = i - w - } else { - i = len(s) + i - w - } - } - r = r ^ (s[i]) - } - } - return -} - -func (c *Cipher) genSBoxen(n uint) { - c.sboxen = make([][]byte, n) - var idx uint - for ; idx < n; idx++ { - c.sboxen[idx] = make([]byte, c.sw*c.sh) - _, _ = c.prng.Read(c.sboxen[idx]) - } - //fmt.Fprintf(os.Stderr, "sboxen[0]:%v\n", c.sboxen[0]) -} - -func New(r io.Reader, w io.Writer, mode int, key []byte, width, height int) (c *Cipher) { - c = &Cipher{} - c.prng = mtwist.New() - if len(key) == 0 { - c.k = []byte(fmt.Sprintf("%s", time.Now())) - } else { - c.k = key - } - c.prng.SeedFullState(c.k) - - // Discard first 64 bytes of MT output - for idx := 0; idx < 64; idx++ { - _ = c.prng.Int63() - } - c.mode = mode - c.r = r - c.w = w - c.sw = width - c.sh = height - c.sctr = c.sw // sbox ctr: countdown to regen sboxes - c.n = 0 - c.genSBoxen(sboxCount) - - // fmt.Printf("%+v\n", sboxen) - // c.buf = make([]byte, 4) - return c -} - -func (c *Cipher) Read(p []byte) (n int, err error) { - n, err = c.r.Read(p) - if err == nil { - for idx := 0; idx < n; idx++ { - p[idx] = c.yield(p[idx]) - } - } - return n, err -} - -func (c *Cipher) Write(p []byte) (n int, err error) { - n, err = c.w.Write(p) - return n, err -} - -// Mutate the session key (intended to be called as encryption -// proceeds), so that the 'walk path' through sboxes also does so. -func (c *Cipher) keyUpdate(perturb byte) { - c.k[c.kidx] = c.k[c.kidx] ^ c.k[(c.kidx+1)%uint(len(c.k))] - c.k[c.kidx] = c.k[c.kidx] ^ byte((c.prng.Int63()>>4)%256) - c.kidx = (c.kidx + uint(perturb)) % uint(len(c.k)) - //for idx := 0; idx < len(c.k); idx++ { - // c.k[idx] = c.k[idx] ^ byte(c.prng.Int63() % 256) - //} -} - -// slow - perturb a single octet of a single sbox for each octet -// (CV = ~8.725% over 700 MiB of 0-byte pt) -func (c *Cipher) sboxUpdateA(perturb byte) { - c.sboxen[perturb%sboxCount][int(perturb)%(c.sw+c.sh)] ^= - perturb -} - -// slower - perturb a single sbox for each octet -// (CV = ~5.6369% over 700 MiB of 0-byte pt) -func (c *Cipher) sboxUpdateB(perturb byte) { - lim := c.sw * c.sh - for idx := 0; idx < lim; idx++ { - c.sboxen[perturb%sboxCount][idx] ^= perturb - } -} - -// slowest -- full sbox re-gen after each octet -// (but lowest CV, ~0.0554% over 700MiB of 0-byte pt) -func (c *Cipher) sboxUpdateC(perturb byte) { - c.genSBoxen(sboxCount) - //c.sboxen[perturb%sboxCount][int(perturb)%(c.sw+c.sh)] ^= - // perturb -} - -func (c *Cipher) yield(ib byte) (ob byte) { - ob = walkingXOR(c.k, c.sboxen[c.n], c.sw, c.sh, ib) - c.n = (c.n + 1) % byte(len(c.sboxen)) - c.keyUpdate(ob ^ ib) // must be equal in either encrypt/decrypt dirs - switch c.mode { - case 0: - // [nothing - varA] - break - case 1: - c.sboxUpdateA(ob ^ ib) // varA - case 2: - c.sboxUpdateB(ob ^ ib) // varB - case 3: - c.sboxUpdateC(ob ^ ib) // varC - default: - // [nothing] - } - // c.sctr = c.sctr - 1 - // if c.sctr == 0 { - // c.genSBoxen(sboxCount) - // c.sctr = c.sw - // } - return ob -} - -// XORKeyStream XORs each byte in the given slice with a byte from the -// cipher's key stream. Dst and src must overlap entirely or not at all. -// -// If len(dst) < len(src), XORKeyStream should panic. It is acceptable -// to pass a dst bigger than src, and in that case, XORKeyStream will -// only update dst[:len(src)] and will not touch the rest of dst. -// -// Multiple calls to XORKeyStream behave as if the concatenation of -// the src buffers was passed in a single run. That is, Stream -// maintains state and does not reset at each XORKeyStream call. -func (c *Cipher) XORKeyStream(dst, src []byte) { - //fmt.Printf("len dst:%d len src:%d\n", len(dst), len(src)) - if len(dst) < len(src) { - panic(errors.New("len(dst) < len(src)")) - } - - for idx, v := range src { - dst[idx] = c.yield(v) - } -} diff --git a/vendor/modules.txt b/vendor/modules.txt index 69badde..89bf2f2 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -15,8 +15,6 @@ blitter.com/go/kyber blitter.com/go/mtwist # blitter.com/go/newhope v0.0.0-20200130200750-192fc08a8aae blitter.com/go/newhope -# blitter.com/go/wanderer v0.8.2 -blitter.com/go/wanderer # github.com/jameskeane/bcrypt v0.0.0-20120420032655-c3cd44c1e20f github.com/jameskeane/bcrypt # github.com/klauspost/cpuid v1.2.2 @@ -39,19 +37,19 @@ github.com/tjfoc/gmsm/sm4 github.com/xtaci/kcp-go # golang.org/x/crypto v0.0.0-20200128174031-69ecbb4d6d5d golang.org/x/crypto/blowfish -golang.org/x/crypto/pbkdf2 -golang.org/x/crypto/twofish -golang.org/x/crypto/sha3 golang.org/x/crypto/cast5 +golang.org/x/crypto/pbkdf2 golang.org/x/crypto/salsa20 golang.org/x/crypto/tea +golang.org/x/crypto/twofish golang.org/x/crypto/xtea -golang.org/x/crypto/argon2 -golang.org/x/crypto/bcrypt +golang.org/x/crypto/blake2b golang.org/x/crypto/internal/subtle golang.org/x/crypto/salsa20/salsa -golang.org/x/crypto/blake2b +golang.org/x/crypto/argon2 +golang.org/x/crypto/bcrypt golang.org/x/crypto/scrypt +golang.org/x/crypto/sha3 # golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553 golang.org/x/net/ipv4 golang.org/x/net/ipv6 diff --git a/xsnet/chan.go b/xsnet/chan.go index 9721c55..6df470a 100644 --- a/xsnet/chan.go +++ b/xsnet/chan.go @@ -21,7 +21,6 @@ import ( "log" "blitter.com/go/cryptmt" - "blitter.com/go/wanderer" "golang.org/x/crypto/blowfish" "golang.org/x/crypto/twofish" @@ -105,9 +104,6 @@ func (hc Conn) getStream(keymat []byte) (rc cipher.Stream, mc hash.Hash, err err case CAlgCryptMT1: rc = cryptmt.New(nil, nil, keymat) log.Printf("[cipher CRYPTMT1 (%d)]\n", copts) - case CAlgWanderer: - rc = wanderer.New(nil, nil, 1, keymat, 3, 3) - log.Printf("[cipher WANDERER mode 1 (%d)]\n", copts) default: log.Printf("[invalid cipher (%d)]\n", copts) fmt.Printf("DOOFUS SET A VALID CIPHER ALG (%d)\n", copts) diff --git a/xsnet/consts.go b/xsnet/consts.go index a32d501..6492c67 100644 --- a/xsnet/consts.go +++ b/xsnet/consts.go @@ -99,7 +99,6 @@ const ( CAlgTwofish128 // golang.org/x/crypto/twofish CAlgBlowfish64 // golang.org/x/crypto/blowfish CAlgCryptMT1 //cryptmt using mtwist64 - CAlgWanderer // inhouse experimental crypto alg CAlgNoneDisallowed ) diff --git a/xsnet/net.go b/xsnet/net.go index 60ab5db..b2d5900 100644 --- a/xsnet/net.go +++ b/xsnet/net.go @@ -145,8 +145,6 @@ func (c *CSCipherAlg) String() string { return "C_BLOWFISH_64" case CAlgCryptMT1: return "C_CRYPTMT1" - case CAlgWanderer: - return "C_WANDERER" default: return "C_ERR_UNK" } @@ -324,10 +322,6 @@ func (hc *Conn) applyConnExtensions(extensions ...string) { log.Println("[extension arg = C_CRYPTMT1]") hc.cipheropts &= (0xFFFFFF00) hc.cipheropts |= CAlgCryptMT1 - case "C_WANDERER": - log.Println("[extension arg = C_WANDERER]") - hc.cipheropts &= (0xFFFFFF00) - hc.cipheropts |= CAlgWanderer case "H_SHA256": log.Println("[extension arg = H_SHA256]") hc.cipheropts &= (0xFFFF00FF)