mirror of https://gogs.blitter.com/RLabs/xs
Resync w/cryptmt, wanderer repos
Signed-off-by: Russ Magee <rmagee@gmail.com>
This commit is contained in:
parent
15a1a39d81
commit
3eee573231
24
go.mod
24
go.mod
|
@ -3,28 +3,28 @@ module blitter.com/go/xs
|
|||
go 1.12
|
||||
|
||||
require (
|
||||
blitter.com/go/cryptmt v1.0.0
|
||||
blitter.com/go/cryptmt v1.0.1
|
||||
blitter.com/go/goutmp v1.0.2
|
||||
blitter.com/go/herradurakex v1.0.0
|
||||
blitter.com/go/kyber v0.0.0-20200130200857-6f2021cb88d9
|
||||
blitter.com/go/mtwist v1.0.1 // indirect
|
||||
blitter.com/go/mtwist v1.0.1
|
||||
blitter.com/go/newhope v0.0.0-20200130200750-192fc08a8aae
|
||||
blitter.com/go/wanderer v0.8.1
|
||||
blitter.com/go/wanderer v0.8.2
|
||||
github.com/jameskeane/bcrypt v0.0.0-20120420032655-c3cd44c1e20f
|
||||
github.com/klauspost/cpuid v1.2.2 // indirect
|
||||
github.com/klauspost/reedsolomon v1.9.3 // indirect
|
||||
github.com/klauspost/cpuid v1.2.2
|
||||
github.com/klauspost/reedsolomon v1.9.3
|
||||
github.com/kr/pty v1.1.4
|
||||
github.com/mattn/go-isatty v0.0.7
|
||||
github.com/pkg/errors v0.8.1 // indirect
|
||||
github.com/templexxx/cpufeat v0.0.0-20180724012125-cef66df7f161 // indirect
|
||||
github.com/templexxx/xor v0.0.0-20181023030647-4e92f724b73b // indirect
|
||||
github.com/tjfoc/gmsm v1.0.1 // indirect
|
||||
github.com/pkg/errors v0.8.1
|
||||
github.com/templexxx/cpufeat v0.0.0-20180724012125-cef66df7f161
|
||||
github.com/templexxx/xor v0.0.0-20181023030647-4e92f724b73b
|
||||
github.com/tjfoc/gmsm v1.0.1
|
||||
github.com/xtaci/kcp-go v5.4.19+incompatible
|
||||
github.com/xtaci/lossyconn v0.0.0-20190602105132-8df528c0c9ae // indirect
|
||||
golang.org/x/crypto v0.0.0-20200128174031-69ecbb4d6d5d
|
||||
golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553 // indirect
|
||||
golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553
|
||||
golang.org/x/sys v0.0.0-20190902133755-9109b7679e13
|
||||
gopkg.in/hlandau/easymetric.v1 v1.0.0 // indirect
|
||||
gopkg.in/hlandau/measurable.v1 v1.0.1 // indirect
|
||||
gopkg.in/hlandau/easymetric.v1 v1.0.0
|
||||
gopkg.in/hlandau/measurable.v1 v1.0.1
|
||||
gopkg.in/hlandau/passlib.v1 v1.0.10
|
||||
)
|
||||
|
|
4
go.sum
4
go.sum
|
@ -2,6 +2,8 @@ blitter.com/go/chacha20 v0.0.0-20200130200441-214e4085f54c h1:LcnFFg6MCIJHf26P7e
|
|||
blitter.com/go/chacha20 v0.0.0-20200130200441-214e4085f54c/go.mod h1:EMJtRcf22WCtHGiXCw+NB/Sb/PYcXtUgUql6LDEwyXo=
|
||||
blitter.com/go/cryptmt v1.0.0 h1:n+cNP/ReZrNe/w5FbD8DSfv0Wpj48nxhmMoLEk4hPXs=
|
||||
blitter.com/go/cryptmt v1.0.0/go.mod h1:tdME2J3O4agaDAYIYNQzzuB28yVGnPSMmV3a/ucSU84=
|
||||
blitter.com/go/cryptmt v1.0.1 h1:NAi4FrZqo52bhPJopYw1jbausj1NnHEWELaINC60Nk0=
|
||||
blitter.com/go/cryptmt v1.0.1/go.mod h1:tdME2J3O4agaDAYIYNQzzuB28yVGnPSMmV3a/ucSU84=
|
||||
blitter.com/go/goutmp v1.0.1 h1:jBqtp6pDwSbF4QEC3DjNfyaS8Nv5dFCOyaTfSbbb7TU=
|
||||
blitter.com/go/goutmp v1.0.1/go.mod h1:gtlbjC8xGzMk/Cf0BpnVltSa3awOqJ+B5WAxVptTMxk=
|
||||
blitter.com/go/goutmp v1.0.2 h1:oCc/dt9TlTOP2kvmX1Y7J/wSQUhywjcyF101jXuLxZ8=
|
||||
|
@ -16,6 +18,8 @@ blitter.com/go/newhope v0.0.0-20200130200750-192fc08a8aae h1:YBBaCcdYRrI1btsmcMT
|
|||
blitter.com/go/newhope v0.0.0-20200130200750-192fc08a8aae/go.mod h1:ywoxfDBqInPsqtnxYsmS4SYMJ5D/kNcrFgpvI+Xcun0=
|
||||
blitter.com/go/wanderer v0.8.1 h1:oQw8yASM7iI+S8GIgf3cUFdkJ8Sy/UQxRDJqhTswgwM=
|
||||
blitter.com/go/wanderer v0.8.1/go.mod h1:FX1pAnZ5woEavy5CUIZco0/Gc2Msb3U0zsmi+6Hs4Rw=
|
||||
blitter.com/go/wanderer v0.8.2 h1:fzwRn60RDDxy4GEYxSyfA4gXkkZb33WQRk/Fv5ugPAI=
|
||||
blitter.com/go/wanderer v0.8.2/go.mod h1:FX1pAnZ5woEavy5CUIZco0/Gc2Msb3U0zsmi+6Hs4Rw=
|
||||
git.schwanenlied.me/yawning/chacha20.git v0.0.0-20170904085104-e3b1f968fc63 h1:bwZNsbw3qFbg6ox55HrA37nPmh+/wtJxZ7uWeiAdUUc=
|
||||
git.schwanenlied.me/yawning/chacha20.git v0.0.0-20170904085104-e3b1f968fc63/go.mod h1:NYi4Ifd1g/YbhIDgDfw6t7QdsW4tofQWMX/+FiDtJWs=
|
||||
git.schwanenlied.me/yawning/kyber.git v0.0.0-20180530164001-a270899bd22c h1:SGOx1s56QSOmuCegRcG3yvOG7W8PvRS9ZVnFQl5K2aQ=
|
||||
|
|
|
@ -20,21 +20,21 @@ type Cipher struct {
|
|||
m *mtwist.MT19937_64
|
||||
}
|
||||
|
||||
func (c *Cipher) yield8() (r byte) {
|
||||
func (c *Cipher) yield() (r byte) {
|
||||
c.accum = c.accum * (c.m.Int63() | 1)
|
||||
r = byte(c.accum>>56) & 0xFF
|
||||
return
|
||||
}
|
||||
|
||||
// NewCipher creates and returns a Cipher. The key argument should be the
|
||||
// New creates and returns a Cipher. The key argument should be the
|
||||
// CryptMT key, 64 bytes.
|
||||
func NewCipher(key []byte) (c *Cipher) {
|
||||
func New(key []byte) (c *Cipher) {
|
||||
c = &Cipher{m: mtwist.New()}
|
||||
c.m.SeedFullState(key)
|
||||
c.accum = 1
|
||||
// from paper, discard first 64 bytes of output
|
||||
for idx := 0; idx < 64; idx++ {
|
||||
_ = c.yield8()
|
||||
_ = c.yield()
|
||||
}
|
||||
return c
|
||||
}
|
||||
|
@ -55,6 +55,6 @@ func (c *Cipher) XORKeyStream(dst, src []byte) {
|
|||
}
|
||||
|
||||
for i, b := range src {
|
||||
dst[i] = b ^ c.yield8()
|
||||
dst[i] = b ^ c.yield()
|
||||
}
|
||||
}
|
||||
|
|
|
@ -10,8 +10,8 @@ Golang bindings for basic login/utmp accounting
|
|||
|
||||
type UtmpEntry struct{ ... }
|
||||
|
||||
func Put_lastlog_entry(app string, usr string, host string)
|
||||
func Put_lastlog_entry(app, usr, ptsname, host string)
|
||||
func Unput_utmp(entry UtmpEntry)
|
||||
func Put_utmp(user string, host string) UtmpEntry
|
||||
func Put_utmp(user, ptsname, host string) UtmpEntry
|
||||
```
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
// WANDERER - a crypto doodle that appears to give adequate
|
||||
// Package wanderer - a crypto doodle that appears to give adequate
|
||||
// protection to data in a stream cipher context
|
||||
//
|
||||
// Properties visualized using https://github.com/circulosmeos/circle
|
||||
|
@ -23,6 +23,20 @@ const (
|
|||
sboxCount = keylen / 8
|
||||
)
|
||||
|
||||
type Cipher struct {
|
||||
prng *mtwist.MT19937_64
|
||||
r io.Reader
|
||||
w io.Writer
|
||||
k []byte
|
||||
kidx uint
|
||||
sboxen [][]byte
|
||||
sw int
|
||||
sh int
|
||||
sctr int // TODO: used to count down to re-keying & sbox regen
|
||||
mode int
|
||||
n byte
|
||||
}
|
||||
|
||||
// Given input byte x (treated as 2-bit dirs),
|
||||
// 'walk' box applying XOR of each position (E/S/W/N) given box
|
||||
// dimensions w,h
|
||||
|
@ -74,53 +88,7 @@ func (c *Cipher) genSBoxen(n uint) {
|
|||
//fmt.Fprintf(os.Stderr, "sboxen[0]:%v\n", c.sboxen[0])
|
||||
}
|
||||
|
||||
// Mutate the session key (intended to be called as encryption
|
||||
// proceeds), so that the 'walk path' through sboxes also does so.
|
||||
func (c *Cipher) keyUpdate(perturb byte) {
|
||||
c.k[c.kidx] = c.k[c.kidx] ^ c.k[(c.kidx+1)%uint(len(c.k))]
|
||||
c.k[c.kidx] = c.k[c.kidx] ^ byte((c.prng.Int63()>>4)%256)
|
||||
c.kidx = (c.kidx + uint(perturb)) % uint(len(c.k))
|
||||
}
|
||||
|
||||
// slow - perturb a single octet of a single sbox for each octet
|
||||
// (CV = ~8.725% over 700 MiB of 0-byte pt)
|
||||
func (c *Cipher) sboxUpdateA(perturb byte) {
|
||||
c.sboxen[perturb%sboxCount][int(perturb)%(c.sw+c.sh)] ^=
|
||||
perturb
|
||||
}
|
||||
|
||||
// slower - perturb a single sbox for each octet
|
||||
// (CV = ~?% over 700 MiB of 0-byte pt)
|
||||
func (c *Cipher) sboxUpdateB(perturb byte) {
|
||||
lim := c.sw * c.sh
|
||||
for idx := 0; idx < lim; idx++ {
|
||||
c.sboxen[perturb%sboxCount][idx] ^= perturb
|
||||
}
|
||||
}
|
||||
|
||||
// slowest -- full sbox re-gen after each octet
|
||||
// (but lowest CV, ~0.05% over 700MiB of 0-byte pt)
|
||||
func (c *Cipher) sboxUpdateC(perturb byte) {
|
||||
c.genSBoxen(sboxCount)
|
||||
//c.sboxen[perturb%sboxCount][int(perturb)%(c.sw+c.sh)] ^=
|
||||
// perturb
|
||||
}
|
||||
|
||||
type Cipher struct {
|
||||
prng *mtwist.MT19937_64
|
||||
r io.Reader
|
||||
w io.Writer
|
||||
k []byte
|
||||
kidx uint
|
||||
sboxen [][]byte
|
||||
sw int
|
||||
sh int
|
||||
sctr int // TODO: used to count down to re-keying & sbox regen
|
||||
mode int
|
||||
n byte
|
||||
}
|
||||
|
||||
func NewCodec(r io.Reader, w io.Writer, mode int, key []byte, width, height int) (c *Cipher) {
|
||||
func New(r io.Reader, w io.Writer, mode int, key []byte, width, height int) (c *Cipher) {
|
||||
c = &Cipher{}
|
||||
c.prng = mtwist.New()
|
||||
if len(key) == 0 {
|
||||
|
@ -163,20 +131,55 @@ func (c *Cipher) Write(p []byte) (n int, err error) {
|
|||
return n, err
|
||||
}
|
||||
|
||||
func (c *Cipher) yield(pt byte) (ct byte) {
|
||||
ct = walkingXOR(c.k, c.sboxen[c.n], c.sw, c.sh, pt)
|
||||
// Mutate the session key (intended to be called as encryption
|
||||
// proceeds), so that the 'walk path' through sboxes also does so.
|
||||
func (c *Cipher) keyUpdate(perturb byte) {
|
||||
c.k[c.kidx] = c.k[c.kidx] ^ c.k[(c.kidx+1)%uint(len(c.k))]
|
||||
c.k[c.kidx] = c.k[c.kidx] ^ byte((c.prng.Int63()>>4)%256)
|
||||
c.kidx = (c.kidx + uint(perturb)) % uint(len(c.k))
|
||||
//for idx := 0; idx < len(c.k); idx++ {
|
||||
// c.k[idx] = c.k[idx] ^ byte(c.prng.Int63() % 256)
|
||||
//}
|
||||
}
|
||||
|
||||
// slow - perturb a single octet of a single sbox for each octet
|
||||
// (CV = ~8.725% over 700 MiB of 0-byte pt)
|
||||
func (c *Cipher) sboxUpdateA(perturb byte) {
|
||||
c.sboxen[perturb%sboxCount][int(perturb)%(c.sw+c.sh)] ^=
|
||||
perturb
|
||||
}
|
||||
|
||||
// slower - perturb a single sbox for each octet
|
||||
// (CV = ~5.6369% over 700 MiB of 0-byte pt)
|
||||
func (c *Cipher) sboxUpdateB(perturb byte) {
|
||||
lim := c.sw * c.sh
|
||||
for idx := 0; idx < lim; idx++ {
|
||||
c.sboxen[perturb%sboxCount][idx] ^= perturb
|
||||
}
|
||||
}
|
||||
|
||||
// slowest -- full sbox re-gen after each octet
|
||||
// (but lowest CV, ~0.0554% over 700MiB of 0-byte pt)
|
||||
func (c *Cipher) sboxUpdateC(perturb byte) {
|
||||
c.genSBoxen(sboxCount)
|
||||
//c.sboxen[perturb%sboxCount][int(perturb)%(c.sw+c.sh)] ^=
|
||||
// perturb
|
||||
}
|
||||
|
||||
func (c *Cipher) yield(ib byte) (ob byte) {
|
||||
ob = walkingXOR(c.k, c.sboxen[c.n], c.sw, c.sh, ib)
|
||||
c.n = (c.n + 1) % byte(len(c.sboxen))
|
||||
c.keyUpdate(ct ^ pt) // must be equal in either encrypt/decrypt dirs
|
||||
c.keyUpdate(ob ^ ib) // must be equal in either encrypt/decrypt dirs
|
||||
switch c.mode {
|
||||
case 0:
|
||||
// [nothing - varA]
|
||||
break
|
||||
case 1:
|
||||
c.sboxUpdateA(ct ^ pt) // varA
|
||||
c.sboxUpdateA(ob ^ ib) // varA
|
||||
case 2:
|
||||
c.sboxUpdateB(ct ^ pt) // varB
|
||||
c.sboxUpdateB(ob ^ ib) // varB
|
||||
case 3:
|
||||
c.sboxUpdateC(ct ^ pt) // varC
|
||||
c.sboxUpdateC(ob ^ ib) // varC
|
||||
default:
|
||||
// [nothing]
|
||||
}
|
||||
|
@ -185,7 +188,7 @@ func (c *Cipher) yield(pt byte) (ct byte) {
|
|||
// c.genSBoxen(sboxCount)
|
||||
// c.sctr = c.sw
|
||||
// }
|
||||
return ct
|
||||
return ob
|
||||
}
|
||||
|
||||
// XORKeyStream XORs each byte in the given slice with a byte from the
|
||||
|
|
|
@ -3,9 +3,9 @@ blitter.com/go/chacha20
|
|||
blitter.com/go/chacha20/internal/api
|
||||
blitter.com/go/chacha20/internal/hardware
|
||||
blitter.com/go/chacha20/internal/ref
|
||||
# blitter.com/go/cryptmt v1.0.0
|
||||
# blitter.com/go/cryptmt v1.0.1
|
||||
blitter.com/go/cryptmt
|
||||
# blitter.com/go/goutmp v1.0.1
|
||||
# blitter.com/go/goutmp v1.0.2
|
||||
blitter.com/go/goutmp
|
||||
# blitter.com/go/herradurakex v1.0.0
|
||||
blitter.com/go/herradurakex
|
||||
|
@ -15,7 +15,7 @@ blitter.com/go/kyber
|
|||
blitter.com/go/mtwist
|
||||
# blitter.com/go/newhope v0.0.0-20200130200750-192fc08a8aae
|
||||
blitter.com/go/newhope
|
||||
# blitter.com/go/wanderer v0.8.1
|
||||
# blitter.com/go/wanderer v0.8.2
|
||||
blitter.com/go/wanderer
|
||||
# github.com/jameskeane/bcrypt v0.0.0-20120420032655-c3cd44c1e20f
|
||||
github.com/jameskeane/bcrypt
|
||||
|
@ -39,19 +39,19 @@ github.com/tjfoc/gmsm/sm4
|
|||
github.com/xtaci/kcp-go
|
||||
# golang.org/x/crypto v0.0.0-20200128174031-69ecbb4d6d5d
|
||||
golang.org/x/crypto/blowfish
|
||||
golang.org/x/crypto/pbkdf2
|
||||
golang.org/x/crypto/twofish
|
||||
golang.org/x/crypto/sha3
|
||||
golang.org/x/crypto/cast5
|
||||
golang.org/x/crypto/pbkdf2
|
||||
golang.org/x/crypto/salsa20
|
||||
golang.org/x/crypto/tea
|
||||
golang.org/x/crypto/twofish
|
||||
golang.org/x/crypto/xtea
|
||||
golang.org/x/crypto/argon2
|
||||
golang.org/x/crypto/bcrypt
|
||||
golang.org/x/crypto/blake2b
|
||||
golang.org/x/crypto/internal/subtle
|
||||
golang.org/x/crypto/salsa20/salsa
|
||||
golang.org/x/crypto/blake2b
|
||||
golang.org/x/crypto/argon2
|
||||
golang.org/x/crypto/bcrypt
|
||||
golang.org/x/crypto/scrypt
|
||||
golang.org/x/crypto/sha3
|
||||
# golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553
|
||||
golang.org/x/net/ipv4
|
||||
golang.org/x/net/ipv6
|
||||
|
|
|
@ -103,10 +103,10 @@ func (hc Conn) getStream(keymat []byte) (rc cipher.Stream, mc hash.Hash, err err
|
|||
rc = cipher.NewOFB(block, iv)
|
||||
log.Printf("[cipher BLOWFISH_64 (%d)]\n", copts)
|
||||
case CAlgCryptMT1:
|
||||
rc = cryptmt.NewCipher(keymat)
|
||||
rc = cryptmt.New(keymat)
|
||||
log.Printf("[cipher CRYPTMT1 (%d)]\n", copts)
|
||||
case CAlgWanderer:
|
||||
rc = wanderer.NewCodec(nil, nil, 1, keymat, 3, 3)
|
||||
rc = wanderer.New(nil, nil, 1, keymat, 3, 3)
|
||||
log.Printf("[cipher WANDERER mode 1 (%d)]\n", copts)
|
||||
default:
|
||||
log.Printf("[invalid cipher (%d)]\n", copts)
|
||||
|
|
Loading…
Reference in New Issue