Split core KEx and net support code

This commit is contained in:
Russ Magee 2018-01-08 19:16:55 -08:00
parent 2faee8eae1
commit f7a3be637b
6 changed files with 168 additions and 132 deletions

Binary file not shown.

View File

@ -6,6 +6,12 @@ import (
hkex "blitter.com/herradurakex" hkex "blitter.com/herradurakex"
) )
// Demo of a simple client that dials up to a simple test server to
// send data.
// Note this code is identical to standard tcp client code, save for
// declaring a 'hkex' rather than a 'net' Dialer Conn. The KEx and
// encrypt/decrypt is done within the type.
// Compare to 'clientp.go' in this directory to see the equivalence.
func main() { func main() {
conn, err := hkex.Dial("tcp", "localhost:2000") conn, err := hkex.Dial("tcp", "localhost:2000")
if err != nil { if err != nil {

Binary file not shown.

View File

@ -8,6 +8,11 @@ import (
hkex "blitter.com/herradurakex" hkex "blitter.com/herradurakex"
) )
// Demo of a simple server that listens and spawns goroutines for each
// connecting client. Note this code is identical to standard tcp
// server code, save for declaring 'hkex' rather than 'net'
// Listener and Conns. The KEx and encrypt/decrypt is done within the type.
// Compare to 'serverp.go' in this directory to see the equivalence.
func main() { func main() {
// Listen on TCP port 2000 on all available unicast and // Listen on TCP port 2000 on all available unicast and
// anycast IP addresses of the local system. // anycast IP addresses of the local system.

View File

@ -17,11 +17,14 @@
golang implementation by Russ Magee (rmagee_at_gmail.com) */ golang implementation by Russ Magee (rmagee_at_gmail.com) */
package herradurakex package herradurakex
/* This is the core KEx algorithm. For client/server net support code,
See hkexnet.go for a golang/pkg/net for the compatible Conn interface
using this to transparently negotiate keys and secure a network channel. */
import ( import (
"fmt" "fmt"
"math/big" "math/big"
"math/rand" "math/rand"
"net"
"time" "time"
) )
@ -143,134 +146,3 @@ func (h *HerraduraKEx) String() string {
h.PeerD.Text(16), h.PeerD.Text(16),
h.fa.Text(16)) h.fa.Text(16))
} }
/*---------------------------------------------------------------------*/
type Conn struct {
c net.Conn // which also implements io.Reader, io.Writer, ...
h *HerraduraKEx
}
// Dial as net.Dial(), but with implicit HKEx PeerD read on connect
func Dial(protocol string, ipport string) (hc *Conn, err error) {
c, err := net.Dial(protocol, ipport)
if err != nil {
return nil, err
}
hc = &Conn{c, New(0, 0)}
// KEx
fmt.Fprintf(c, "0x%s\n", hc.h.d.Text(16))
d := big.NewInt(0)
_, err = fmt.Fscanln(c, d)
if err != nil {
return nil, err
}
hc.h.PeerD = d
fmt.Printf("** D:%s\n", hc.h.d.Text(16))
fmt.Printf("**(c)** peerD:%s\n", hc.h.PeerD.Text(16))
hc.h.FA()
fmt.Printf("**(c)** FA:%s\n", hc.h.fa)
return
}
func (hc *Conn) Close() (err error) {
err = hc.c.Close()
fmt.Println("[Conn Closing]")
return
}
/*---------------------------------------------------------------------*/
type HKExListener struct {
l net.Listener
}
func Listen(protocol string, ipport string) (hl HKExListener, e error) {
l, err := net.Listen(protocol, ipport)
if err != nil {
return HKExListener{nil}, err
}
fmt.Println("[Listening]")
hl.l = l
return
}
func (hl *HKExListener) Close() {
hl.l.Close()
fmt.Println("[Listener Closed]")
}
func (hl *HKExListener) Accept() (hc Conn, err error) {
c, err := hl.l.Accept()
fmt.Println("[Accepted]")
if err != nil {
return Conn{nil, nil}, err
}
hc = Conn{c, New(0, 0)}
d := big.NewInt(0)
_, err = fmt.Fscanln(c, d)
if err != nil {
fmt.Println("[Error]")
return hc, err
}
hc.h.PeerD = d
fmt.Printf("** D:%s\n", hc.h.d.Text(16))
fmt.Printf("**(s)** peerD:%s\n", hc.h.PeerD.Text(16))
hc.h.FA()
fmt.Printf("**(s)** FA:%s\n", hc.h.fa)
// KEx
fmt.Fprintf(c, "0x%s\n", hc.h.d.Text(16))
return
}
/*---------------------------------------------------------------------*/
func (hc Conn) Read(b []byte) (n int, err error) {
n, err = hc.c.Read(b)
fmt.Printf("[Decrypting...]\n")
fmt.Printf("[ciphertext:%+v]\n", b[0:n])
for i := 0; i < n; i++ {
//for i, _ := range b {
// FOR TESTING ONLY!! USE REAL CRYPTO HERE
//b[i] ^= byte( hc.h.d.Mod(hc.h.d, big.NewInt(int64(c))).Int64() )
b[i] ^= hc.h.fa.Bytes()[0]
}
fmt.Printf("[plaintext:%+v]\n", b[0:n])
return
}
func (hc Conn) Write(b []byte) (n int, err error) {
fmt.Printf("[Encrypting...]\n")
for i, _ := range b {
// FOR TESTING ONLY!! USE REAL CRYPTO HERE
//b[i] ^= byte( hc.h.d.Mod(hc.h.d, big.NewInt(int64(c))).Int64() )
b[i] ^= hc.h.fa.Bytes()[0]
}
fmt.Printf("[ciphertext:%+v]\n", b)
n, err = hc.c.Write(b)
return
}
// Return c coerced into a HKEx Conn (which implements interface net.Conn)
// Only useful if one wants to convert an open connection later to HKEx
// (Use Dial() instead to start with HKEx automatically.)
func NewHKExConn(c *net.Conn) (hc *Conn) {
hc = new(Conn)
hc.c = *c
hc.h = New(0, 0)
d := big.NewInt(0)
_, err := fmt.Fscanln(hc.c, d)
if err != nil {
//
}
hc.h.PeerD = d
fmt.Printf("** D:%s\n", hc.h.d.Text(16))
fmt.Printf("** peerD:%s\n", hc.h.PeerD.Text(16))
return
}

153
hkexnet.go Normal file
View File

@ -0,0 +1,153 @@
/* -*- go -*-
* $RCSfile$ $Revision$ : $Date$ : $Author$
*
* Description
*
* Notes
*
**************
*
* Copyright (c) 2018 Russtopia Labs. All Rights Reserved.
*
* This document may not, in whole or in part, be copied, photocopied,
* reproduced, translated, or reduced to any electronic medium or machine
* readable form without prior written consent from Russtopia Labs.
*/
package herradurakex
import (
"fmt"
"math/big"
"net"
)
/*---------------------------------------------------------------------*/
type Conn struct {
c net.Conn // which also implements io.Reader, io.Writer, ...
h *HerraduraKEx
}
// Dial as net.Dial(), but with implicit HKEx PeerD read on connect
func Dial(protocol string, ipport string) (hc *Conn, err error) {
c, err := net.Dial(protocol, ipport)
if err != nil {
return nil, err
}
hc = &Conn{c, New(0, 0)}
// KEx
fmt.Fprintf(c, "0x%s\n", hc.h.d.Text(16))
d := big.NewInt(0)
_, err = fmt.Fscanln(c, d)
if err != nil {
return nil, err
}
hc.h.PeerD = d
fmt.Printf("** D:%s\n", hc.h.d.Text(16))
fmt.Printf("**(c)** peerD:%s\n", hc.h.PeerD.Text(16))
hc.h.FA()
fmt.Printf("**(c)** FA:%s\n", hc.h.fa)
return
}
func (hc *Conn) Close() (err error) {
err = hc.c.Close()
fmt.Println("[Conn Closing]")
return
}
/*---------------------------------------------------------------------*/
type HKExListener struct {
l net.Listener
}
func Listen(protocol string, ipport string) (hl HKExListener, e error) {
l, err := net.Listen(protocol, ipport)
if err != nil {
return HKExListener{nil}, err
}
fmt.Println("[Listening]")
hl.l = l
return
}
func (hl *HKExListener) Close() {
hl.l.Close()
fmt.Println("[Listener Closed]")
}
func (hl *HKExListener) Accept() (hc Conn, err error) {
c, err := hl.l.Accept()
fmt.Println("[Accepted]")
if err != nil {
return Conn{nil, nil}, err
}
hc = Conn{c, New(0, 0)}
d := big.NewInt(0)
_, err = fmt.Fscanln(c, d)
if err != nil {
fmt.Println("[Error]")
return hc, err
}
hc.h.PeerD = d
fmt.Printf("** D:%s\n", hc.h.d.Text(16))
fmt.Printf("**(s)** peerD:%s\n", hc.h.PeerD.Text(16))
hc.h.FA()
fmt.Printf("**(s)** FA:%s\n", hc.h.fa)
// KEx
fmt.Fprintf(c, "0x%s\n", hc.h.d.Text(16))
return
}
/*---------------------------------------------------------------------*/
func (hc Conn) Read(b []byte) (n int, err error) {
n, err = hc.c.Read(b)
fmt.Printf("[Decrypting...]\n")
fmt.Printf("[ciphertext:%+v]\n", b[0:n])
for i := 0; i < n; i++ {
//for i, _ := range b {
// FOR TESTING ONLY!! USE REAL CRYPTO HERE
//b[i] ^= byte( hc.h.d.Mod(hc.h.d, big.NewInt(int64(c))).Int64() )
b[i] ^= hc.h.fa.Bytes()[0]
}
fmt.Printf("[plaintext:%+v]\n", b[0:n])
return
}
func (hc Conn) Write(b []byte) (n int, err error) {
fmt.Printf("[Encrypting...]\n")
for i, _ := range b {
// FOR TESTING ONLY!! USE REAL CRYPTO HERE
//b[i] ^= byte( hc.h.d.Mod(hc.h.d, big.NewInt(int64(c))).Int64() )
b[i] ^= hc.h.fa.Bytes()[0]
}
fmt.Printf("[ciphertext:%+v]\n", b)
n, err = hc.c.Write(b)
return
}
// Return c coerced into a HKEx Conn (which implements interface net.Conn)
// Only useful if one wants to convert an open connection later to HKEx
// (Use Dial() instead to start with HKEx automatically.)
func NewHKExConn(c *net.Conn) (hc *Conn) {
hc = new(Conn)
hc.c = *c
hc.h = New(0, 0)
d := big.NewInt(0)
_, err := fmt.Fscanln(hc.c, d)
if err != nil {
//
}
hc.h.PeerD = d
fmt.Printf("** D:%s\n", hc.h.d.Text(16))
fmt.Printf("** peerD:%s\n", hc.h.PeerD.Text(16))
return
}