Russ Magee
f09d6bbfef
Added NEWHOPE and NEWHOPE_SIMPLE KEM algs
...
Fixed some -h typos, missing H_SHA512 option
randReader seed time.Now().UnixNano()
Signed-off-by: Russ Magee <rmagee@gmail.com>
2019-04-08 21:58:33 -07:00
Russ Magee
ea01123b87
GoReporter recommended cleanup
2018-12-12 00:34:23 -08:00
Russ Magee
a0e90c14ba
Praise Bob!
...
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-12-08 21:44:06 -08:00
Russ Magee
9641fd3fff
Console esc seqs no longer affect in-band input
...
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-12-08 21:37:26 -08:00
Russ Magee
f83cdd23b1
Merge branch 'master' into console-tricks
2018-12-06 18:55:17 -08:00
Russ Magee
55fdffbd9e
Moved herradurakex to its own package
...
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-12-06 17:20:43 -08:00
Russ Magee
1a294c3ce4
Updated console tricks
...
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-12-01 00:22:56 -08:00
Russ Magee
df64eda796
Single-char ~N sequence logic
2018-11-30 22:52:57 -08:00
Russ Magee
291bacf2df
Fix for issue #11
2018-11-29 18:06:03 -08:00
Russ Magee
b6a22ce64a
gofmt cleanup
2018-11-28 21:03:20 -08:00
Russ Magee
5fb227b9f8
-Removed WriteDeadline in hkexnet.Close()
...
-hkexsh: fixed (non-)error handling for file copies
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-11-20 18:50:09 -08:00
Russ Magee
1452af3fc8
-hkexnet.immClose flag to allow client to close first (-x incomplete output bug)
...
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-11-19 19:55:35 -08:00
Russ Magee
8e02810f0e
Restored call to c.Close in hkexnet.Close (was causing hangs on client side)
2018-11-19 14:41:42 -08:00
Russ Magee
1909786a4b
-Removed Close on null failed Listener (hkexshd)
...
-Removed premature net.Conn.Close() in hkexnet.Close() (hkexnet)
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-11-19 14:16:48 -08:00
Russ Magee
b0f614f82e
Tunnel keepalives from client implemented. If client dies/exits unexpectedly the server
...
tunnel will disconnect from rport in a timely manner.
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-11-11 22:46:39 -08:00
Russ Magee
2a9e6af2ae
Tunnels w/reconnect refinements:
...
-200ms deadlink timeouts
-Fixed TunConnRefused client hangup handling
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-11-11 20:12:29 -08:00
Russ Magee
ba3cda95e8
Tunnels with reconnect working.
...
TODO: interactive client exit must collapse all open tunnels prior to exit.
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-11-11 18:56:08 -08:00
Russ Magee
fbef175012
Tunnels basically working. TODO: add TunKeepAlive packet & handshake w/server tun side
2018-11-11 12:34:54 -08:00
Russ Magee
b94f25e5ae
Client lport disconn/reconn works, somewhat..
2018-11-11 11:45:37 -08:00
Russ Magee
3b35751e2e
WIP tunnel states, re-dial when not required needs debugging.
2018-11-07 19:35:32 -08:00
Russ Magee
492c7290b0
Much improved tunnel state management: server-side mostly working, client-side re-Accept() -> svr re-Dial() still required
2018-11-01 22:14:44 -07:00
Russ Magee
a425afe9b6
Tunnels working again to basic level w/o re-connect or re-dial
2018-11-01 18:52:01 -07:00
Russ Magee
081d88b9ad
tunnel setup stubs moved into Conn Read()/Write() handling
2018-10-31 20:11:00 -07:00
Russ Magee
8ee0aea0b4
(non-working) begin of total tunnel redesign
2018-10-31 09:15:28 -07:00
Russ Magee
fcbdb77c79
Cleaned up error handling in hkexnet.Conn.Read() a bit
2018-10-30 21:07:42 -07:00
Russ Magee
e75ed159f6
two-way tunnel traffic working. Hangup/re-dial on server side needs work
2018-10-28 21:46:29 -07:00
Russ Magee
632f24354b
Tunnel rough work-in-progress; data sent (wrong length) and CSOTunClose handling needs work, but it's a start...
2018-10-28 19:17:47 -07:00
Russ Magee
1e6da733a2
Work on setup for tunnels
...
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-10-27 01:51:40 -07:00
Russ Magee
48b0c41f62
Prototyped TunEndpoint struct, data flow commentary
2018-10-26 20:31:57 -07:00
Russ Magee
2f83d488d6
Pushed logging into sub-package to preserve windows client build
...
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-10-26 16:05:01 -07:00
Russ Magee
752dbf6080
logging now uses syslog
2018-10-25 22:14:18 -07:00
Russ Magee
4cb535fcc9
Added support for cryptMTv1
...
Signed-off-by: Russ Magee <rmagee@gmail.com>
2018-10-24 00:16:34 -07:00
Russ Magee
798661a0cf
kex-spurious-failures branch:
...
-Modified KyberDialSetup()/KyberAcceptSetup() to use []byte for reading/writing
ciphertext to avoid errors caused by leading zero bytes (big.Int can't explicitly
represent these)
-TODO: Consider the same for HerraduraKEx HKexDialSetup()/HKexAcceptSetup()
2018-10-18 20:44:23 -07:00
Russ Magee
a060ae39b1
HMAC portion made into symbolic const
2018-10-14 00:20:30 -07:00
Russ Magee
5d9a110d57
Added more (explicit) sizes for all KEX algs
2018-10-12 16:16:49 -07:00
Russ Magee
231ede1734
KYBER768 KEM works. :O
2018-10-10 21:12:38 -07:00
Russ Magee
4c286ae6c1
Set up to handle Kyber768 KEM
2018-10-08 21:31:11 -07:00
Russ Magee
103070d00a
Made padding size random [max/2, max); use of improved goutmp host lookup
2018-10-02 21:23:45 -07:00
Russ Magee
1485e8392e
Removed moving avg chaff in favour of random-padding
2018-10-01 20:35:50 -07:00
Russ Magee
06ee94da03
Added HMAC_SHA512
2018-09-30 00:19:25 -07:00
Russ Magee
cd9f7914e0
Dial() and Accept() again conform to net.Dial(), net.Accept() return signature
2018-09-29 12:15:53 -07:00
Russ Magee
e57d97d3e6
Changed many funcs to take *hkexnet.Conn to allow tracking of packets sent, total bytes sent and experimental moving avg chaff
2018-09-26 22:57:36 -07:00
Russ Magee
b810fa7f4a
tightened up some const types
2018-09-17 23:07:04 -07:00
Russ Magee
8b0b833d6e
Split hkexsh and hkexnet consts into separate files
2018-09-17 17:27:13 -07:00
Russ Magee
19697d5164
Remote exit status now reflected in client->server copies
2018-09-16 17:14:50 -07:00
Russ Magee
140523dabb
-Refactored HerraduraKEx negotiation into subroutine (anticipation of future multi-KEx support)
2018-09-11 00:04:38 -07:00
Russ Magee
bee0bececf
-Bumped version to 0.2pre to reflect protocol break w/0.1pre
...
-Added design principle note (no downgrade attack-enabling protocol features)
2018-09-10 20:28:41 -07:00
Russ Magee
dcb42d43f1
-BREAKING CHANGE: pre-KEx byte sent for KEx alg (default and only for now: KEX_HERRADURA)
2018-09-10 20:22:09 -07:00
Russ Magee
b33e9de139
-Moved taunting of failed logins to client-side
...
-Added byte auth pass/fail stage prior to shell/copy session start
2018-09-06 16:23:57 -07:00
Russ Magee
9ff35a69fe
-Converted exit status to uint32 (0-255: UNIX exit codes), above for OOB (out-of-band) status
...
-Failed auth for shell logins now returns extended code CSEBadAuth to client
2018-09-06 13:50:56 -07:00