use siec

2019-11-18 07:53:57 -08:00 · 2019-11-18 07:53:57 -08:00 · 648c41d707
parent c7f419ca2d
commit 648c41d707
4 changed files with 48 additions and 31 deletions
--- a/go.mod
+++ b/go.mod
@ -16,12 +16,13 @@ require (
 	github.com/schollz/logger v1.0.1
 	github.com/schollz/mnemonicode v1.0.1
 	github.com/schollz/pake v1.1.1
+	github.com/schollz/pake/v2 v2.0.2
 	github.com/schollz/peerdiscovery v1.4.1
 	github.com/schollz/progressbar/v2 v2.14.2
 	github.com/schollz/spinner v0.0.0-20180925172146-6bbc5f7804f9
 	github.com/spaolacci/murmur3 v1.1.0 // indirect
 	github.com/stretchr/testify v1.4.0
-	github.com/tscholl2/siec v0.0.0-20191103131401-2e0c53a9e212 // indirect
+	github.com/tscholl2/siec v0.0.0-20191103131401-2e0c53a9e212
 	github.com/urfave/cli v1.22.1
 	golang.org/x/crypto v0.0.0-20191117063200-497ca9f6d64f
 	golang.org/x/net v0.0.0-20191116160921-f9c825593386 // indirect
--- a/go.sum
+++ b/go.sum
@ -43,6 +43,8 @@ github.com/schollz/mnemonicode v1.0.1 h1:LiH5hwADZwjwnfXsaD4xgnMyTAtaKHN+e5AyjRU
 github.com/schollz/mnemonicode v1.0.1/go.mod h1:cl4UAOhUV0mkdjMj/QYaUZbZZdF8BnOqoz8rHMzwboY=
 github.com/schollz/pake v1.1.1 h1:QKeojDWzdAdtRC4m89b6HAxw/8gjqrVu7r4SAOxOFg8=
 github.com/schollz/pake v1.1.1/go.mod h1:aWMxQ1jwqZRwk3StflHcdyzPR+CyW5W7+WIZD6Y3dEY=
+github.com/schollz/pake/v2 v2.0.2 h1:p9y4Gocc5PWueyhhR7OH+Gwpu2xkP5BM9Pepl9krVfo=
+github.com/schollz/pake/v2 v2.0.2/go.mod h1:3uXB571UYJ8Eqh2EEohXe/aO32QID+Varb4GeYA//yw=
 github.com/schollz/peerdiscovery v1.4.1 h1:xtZ/D8/4eq9O6UEhRupZZiJm4BA8+u1IVUgeHo5VPm4=
 github.com/schollz/peerdiscovery v1.4.1/go.mod h1:WDdk0/JVyVHVIA/bmhzTkUg32dhJ20O4tExNqV1u6sk=
 github.com/schollz/progressbar/v2 v2.13.2 h1:3L9bP5KQOGEnFP8P5V8dz+U0yo5I29iY5Oa9s9EAwn0=
@ -71,6 +73,7 @@ github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtX
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 h1:HuIa8hRrWRSrqYzx1qI49NNxhdi2PrY7gxVSq1JjLDc=
 golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190907121410-71b5226ff739/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191117063200-497ca9f6d64f h1:kz4KIr+xcPUsI3VMoqWfPMvtnJ6MGfiVwsWSVzphMO4=
 golang.org/x/crypto v0.0.0-20191117063200-497ca9f6d64f/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ=
--- a/src/croc/croc.go
+++ b/src/croc/croc.go
@ -2,7 +2,6 @@ package croc

 import (
 	"bytes"
-	"crypto/elliptic"
 	"crypto/rand"
 	"encoding/binary"
 	"encoding/json"
@ -27,10 +26,11 @@ import (
 	"github.com/schollz/croc/v6/src/tcp"
 	"github.com/schollz/croc/v6/src/utils"
 	log "github.com/schollz/logger"
-	"github.com/schollz/pake"
+	"github.com/schollz/pake/v2"
 	"github.com/schollz/peerdiscovery"
 	"github.com/schollz/progressbar/v2"
 	"github.com/schollz/spinner"
+	"github.com/tscholl2/siec"
 )

 func init() {
@ -48,22 +48,23 @@ func Debug(debug bool) {

 // Options specifies user specific options
 type Options struct {
-	IsSender     bool
-	SharedSecret string
-	Debug        bool
-	RelayAddress string
-	RelayPorts   []string
-	Stdout       bool
-	NoPrompt     bool
-	DisableLocal bool
-	Ask          bool
+	IsSender       bool
+	SharedSecret   string
+	Debug          bool
+	RelayAddress   string
+	RelayPorts     []string
+	Stdout         bool
+	NoPrompt       bool
+	NoMultiplexing bool
+	DisableLocal   bool
+	Ask            bool
 }

 // Client holds the state of the croc transfer
 type Client struct {
 	Options                         Options
 	Pake                            *pake.Pake
-	Key                             crypt.Encryption
+	Key                             []byte
 	ExternalIP, ExternalIPConnected string

 	// steps involved in forming relationship
@ -147,17 +148,11 @@ func New(ops Options) (c *Client, err error) {

 	c.conn = make([]*comm.Comm, 16)

-	// use default key (no encryption, until PAKE succeeds)
-	c.Key, err = crypt.New(nil, nil)
-	if err != nil {
-		return
-	}
-
 	// initialize pake
 	if c.Options.IsSender {
-		c.Pake, err = pake.Init([]byte(c.Options.SharedSecret), 1, elliptic.P521(), 1*time.Microsecond)
+		c.Pake, err = pake.Init([]byte(c.Options.SharedSecret), 1, siec.SIEC255(), 1*time.Microsecond)
 	} else {
-		c.Pake, err = pake.Init([]byte(c.Options.SharedSecret), 0, elliptic.P521(), 1*time.Microsecond)
+		c.Pake, err = pake.Init([]byte(c.Options.SharedSecret), 0, siec.SIEC255(), 1*time.Microsecond)
 	}
 	if err != nil {
 		return
@ -292,6 +287,10 @@ func (c *Client) transferOverLocalRelay(options TransferOptions, errchan chan<-
 	log.Debug("exchanged header message")
 	c.Options.RelayAddress = "localhost"
 	c.Options.RelayPorts = strings.Split(banner, ",")
+	if c.Options.NoMultiplexing {
+		log.Debug("no multiplexing")
+		c.Options.RelayPorts = []string{c.Options.RelayPorts[0]}
+	}
 	c.ExternalIP = ipaddr
 	errchan <- c.transfer(options)
 }
@ -369,6 +368,10 @@ func (c *Client) Send(options TransferOptions) (err error) {

 		c.conn[0] = conn
 		c.Options.RelayPorts = strings.Split(banner, ",")
+		if c.Options.NoMultiplexing {
+			log.Debug("no multiplexing")
+			c.Options.RelayPorts = []string{c.Options.RelayPorts[0]}
+		}
 		c.ExternalIP = ipaddr
 		log.Debug("exchanged header message")
 		errchan <- c.transfer(options)
@ -470,6 +473,10 @@ func (c *Client) Receive() (err error) {

 	c.conn[0].Send([]byte("handshake"))
 	c.Options.RelayPorts = strings.Split(banner, ",")
+	if c.Options.NoMultiplexing {
+		log.Debug("no multiplexing")
+		c.Options.RelayPorts = []string{c.Options.RelayPorts[0]}
+	}
 	log.Debug("exchanged header message")
 	fmt.Fprintf(os.Stderr, "\rsecuring channel...")
 	return c.transfer(TransferOptions{})
@ -648,10 +655,11 @@ func (c *Client) processMessageSalt(m message.Message) (done bool, err error) {
 	if err != nil {
 		return true, err
 	}
-	c.Key, err = crypt.New(key, m.Bytes)
+	c.Key, _, err = crypt.New(key, m.Bytes)
 	if err != nil {
 		return true, err
 	}
+	log.Debugf("key = %+x", c.Key)
 	if c.ExternalIPConnected == "" {
 		// it can be preset by the local relay
 		c.ExternalIPConnected = m.Message
@ -1040,7 +1048,7 @@ func (c *Client) receiveData(i int) {
 			break
 		}

-		data, err = c.Key.Decrypt(data)
+		data, err = crypt.Decrypt(data, c.Key)
 		if err != nil {
 			panic(err)
 		}
@ -1126,10 +1134,11 @@ func (c *Client) sendData(i int) {
 				posByte := make([]byte, 8)
 				binary.LittleEndian.PutUint64(posByte, pos)

-				dataToSend, err := c.Key.Encrypt(
+				dataToSend, err := crypt.Encrypt(
 					compress.Compress(
 						append(posByte, data[:n]...),
 					),
+					c.Key,
 				)
 				if err != nil {
 					panic(err)
--- a/src/message/message.go
+++ b/src/message/message.go
@ -23,7 +23,7 @@ func (m Message) String() string {
 }

 // Send will send out
-func Send(c *comm.Comm, key crypt.Encryption, m Message) (err error) {
+func Send(c *comm.Comm, key []byte, m Message) (err error) {
 	mSend, err := Encode(key, m)
 	if err != nil {
 		return
@ -34,21 +34,25 @@ func Send(c *comm.Comm, key crypt.Encryption, m Message) (err error) {
 }

 // Encode will convert to bytes
-func Encode(key crypt.Encryption, m Message) (b []byte, err error) {
+func Encode(key []byte, m Message) (b []byte, err error) {
 	b, err = json.Marshal(m)
 	if err != nil {
 		return
 	}
 	b = compress.Compress(b)
-	b, err = key.Encrypt(b)
+	if key != nil {
+		b, err = crypt.Encrypt(b, key)
+	}
 	return
 }

 // Decode will convert from bytes
-func Decode(key crypt.Encryption, b []byte) (m Message, err error) {
-	b, err = key.Decrypt(b)
-	if err != nil {
-		return
+func Decode(key []byte, b []byte) (m Message, err error) {
+	if key != nil {
+		b, err = crypt.Decrypt(b, key)
+		if err != nil {
+			return
+		}
 	}
 	b = compress.Decompress(b)
 	err = json.Unmarshal(b, &m)