added hopscotch cipher

go.mod

@@ -6,6 +6,7 @@ require (
 	blitter.com/go/cryptmt v1.0.2
 	blitter.com/go/goutmp v1.0.5
 	blitter.com/go/herradurakex v1.0.0
+	blitter.com/go/hopscotch v0.0.0-20211113042251-b8a306eea4dc
 	blitter.com/go/kyber v0.0.0-20200130200857-6f2021cb88d9
 	blitter.com/go/mtwist v1.0.1 // indirect
 	blitter.com/go/newhope v0.0.0-20200130200750-192fc08a8aae

go.sum

@@ -6,6 +6,8 @@ blitter.com/go/goutmp v1.0.5 h1:isP6bxSs1O06Oy7wB8u4y5SgLr22txfjg/gjG4qn0Og=
 blitter.com/go/goutmp v1.0.5/go.mod h1:gtlbjC8xGzMk/Cf0BpnVltSa3awOqJ+B5WAxVptTMxk=
 blitter.com/go/herradurakex v1.0.0 h1:6XaxY+JLT1HUWPF0gYJnjX3pVjrw4YhYZEzZ1U0wkyc=
 blitter.com/go/herradurakex v1.0.0/go.mod h1:m3+vYZX+2dDjdo+n/HDnXEYJX9pwmNeQLgAfJM8mtxw=
+blitter.com/go/hopscotch v0.0.0-20211113042251-b8a306eea4dc h1:IS+jxdKSdlqp6TWG3yMoBde/cctBEMwMDg588JHxgTE=
+blitter.com/go/hopscotch v0.0.0-20211113042251-b8a306eea4dc/go.mod h1:9Da1oy0t9aUw3wviba+2mP1inbLGbDuCKAO3mmGQha4=
 blitter.com/go/kyber v0.0.0-20200130200857-6f2021cb88d9 h1:D45AnrNphtvczBXRp5JQicZRTgaK/Is5bgPDDvRKhTc=
 blitter.com/go/kyber v0.0.0-20200130200857-6f2021cb88d9/go.mod h1:SK6QfGG72lIfKW1Td0wH7f0wwN5nSIhV3K+wvzGNjrw=
 blitter.com/go/mtwist v1.0.1 h1:PxmoWexfMpLmc8neHP/PcRc3s17ct7iz4d5W/qJVt04=

xs/xs.go

@@ -710,7 +710,7 @@ func main() {
 
 	flag.BoolVar(&vopt, "v", false, "show version")
 	flag.BoolVar(&dbg, "d", false, "debug logging")
-	flag.StringVar(&cipherAlg, "c", "C_AES_256", "session `cipher` [C_AES_256 | C_TWOFISH_128 | C_BLOWFISH_64 | C_CRYPTMT1 | C_CHACHA20_12]")
+	flag.StringVar(&cipherAlg, "c", "C_AES_256", "session `cipher` [C_AES_256 | C_TWOFISH_128 | C_BLOWFISH_64 | C_CRYPTMT1 | C_CHACHA20_12 | C_HOPSCOTCH]")
 	flag.StringVar(&hmacAlg, "m", "H_SHA256", "session `HMAC` [H_SHA256 | H_SHA512]")
 	flag.StringVar(&kexAlg, "k", "KEX_HERRADURA512", "KEx `alg` [KEX_HERRADURA{256/512/1024/2048} | KEX_KYBER{512/768/1024} | KEX_NEWHOPE | KEX_NEWHOPE_SIMPLE | KEX_FRODOKEM_{1344|976}{AES|SHAKE}]")
 	flag.StringVar(&kcpMode, "K", "unused", "KCP `alg`, one of [KCP_NONE | KCP_AES | KCP_BLOWFISH | KCP_CAST5 | KCP_SM4 | KCP_SALSA20 | KCP_SIMPLEXOR | KCP_TEA | KCP_3DES | KCP_TWOFISH | KCP_XTEA] to use KCP (github.com/xtaci/kcp-go) reliable UDP instead of TCP")

xsnet/chan.go

@@ -21,6 +21,7 @@ import (
 	"log"
 
 	"blitter.com/go/cryptmt"
+	"blitter.com/go/hopscotch"
 	"github.com/aead/chacha20/chacha"
 	"golang.org/x/crypto/blowfish"
 	"golang.org/x/crypto/twofish"
@@ -105,6 +106,9 @@ func (hc *Conn) getStream(keymat []byte) (rc cipher.Stream, mc hash.Hash, err er
 	case CAlgCryptMT1:
 		rc = cryptmt.New(nil, nil, keymat)
 		log.Printf("[cipher CRYPTMT1 (%d)]\n", copts)
+	case CAlgHopscotch:
+		rc = hopscotch.New(nil, nil, 4, keymat)
+		log.Printf("[cipher HOPSCOTCH (%d)]\n", copts)
 	case CAlgChaCha20_12:
 		keymat = expandKeyMat(keymat, chacha.KeySize)
 		key = keymat[0:chacha.KeySize]

xsnet/consts.go

@@ -107,6 +107,7 @@ const (
 	CAlgBlowfish64 // golang.org/x/crypto/blowfish
 	CAlgCryptMT1   //cryptmt using mtwist64
 	CAlgChaCha20_12
+	CAlgHopscotch
 	CAlgNoneDisallowed
 )
 

xsnet/net.go

@@ -155,6 +155,8 @@ func (c *CSCipherAlg) String() string {
 		return "C_BLOWFISH_64"
 	case CAlgCryptMT1:
 		return "C_CRYPTMT1"
+	case CAlgHopscotch:
+		return "C_HOPSCOTCH"
 	case CAlgChaCha20_12:
 		return "C_CHACHA20_12"
 	default:
@@ -320,7 +322,7 @@ func _new(kexAlg KEXAlg, conn *net.Conn) (hc *Conn, e error) {
 //
 // Session (symmetric) crypto
 //
-// C_AES_256 C_TWOFISH_128 C_BLOWFISH_128 C_CRYPTMT1 C_CHACHA20_12
+// C_AES_256 C_TWOFISH_128 C_BLOWFISH_128 C_CRYPTMT1 C_CHACHA20_12 C_HOPSCOTCH
 //
 // Session HMACs
 //
@@ -344,6 +346,10 @@ func (hc *Conn) applyConnExtensions(extensions ...string) {
 			log.Println("[extension arg = C_CRYPTMT1]")
 			hc.cipheropts &= (0xFFFFFF00)
 			hc.cipheropts |= CAlgCryptMT1
+		case "C_HOPSCOTCH":
+			log.Println("[extension arg = C_HOPSCOTCH]")
+			hc.cipheropts &= (0xFFFFFF00)
+			hc.cipheropts |= CAlgHopscotch
 		case "C_CHACHA20_12":
 			log.Println("[extension arg = C_CHACHA20_12]")
 			hc.cipheropts &= (0xFFFFFF00)