From 3359e7996f1773d93c3c429c40912cfbe9a9555a Mon Sep 17 00:00:00 2001
From: Zack Scholl <zack.scholl@gmail.com>
Date: Wed, 21 Apr 2021 17:02:38 -0700
Subject: [PATCH] add chacha

---
 src/croc/croc.go       | 11 ++++++-----
 src/message/message.go | 11 ++++++-----
 src/tcp/tcp.go         | 26 +++++++++++++-------------
 3 files changed, 25 insertions(+), 23 deletions(-)

diff --git a/src/croc/croc.go b/src/croc/croc.go
index 10ea2b83..66dd0cfb 100644
--- a/src/croc/croc.go
+++ b/src/croc/croc.go
@@ -2,6 +2,7 @@ package croc
 
 import (
 	"bytes"
+	"crypto/cipher"
 	"crypto/rand"
 	"encoding/binary"
 	"encoding/json"
@@ -74,7 +75,7 @@ type Options struct {
 type Client struct {
 	Options                         Options
 	Pake                            *pake.Pake
-	Key                             []byte
+	Key                             cipher.AEAD
 	ExternalIP, ExternalIPConnected string
 
 	// steps involved in forming relationship
@@ -881,7 +882,7 @@ func (c *Client) processMessagePake(m message.Message) (err error) {
 	if err != nil {
 		return err
 	}
-	c.Key, _, err = crypt.New(key, salt)
+	c.Key, _, err = crypt.NewArgon2(key, salt)
 	if err != nil {
 		return err
 	}
@@ -1419,7 +1420,7 @@ func (c *Client) receiveData(i int) {
 			continue
 		}
 
-		data, err = crypt.Decrypt(data, c.Key)
+		data, err = crypt.DecryptChaCha(data, c.Key)
 		if err != nil {
 			panic(err)
 		}
@@ -1512,13 +1513,13 @@ func (c *Client) sendData(i int) {
 				var err error
 				var dataToSend []byte
 				if c.Options.NoCompress {
-					dataToSend, err = crypt.Encrypt(
+					dataToSend, err = crypt.EncryptChaCha(
 						append(posByte, data[:n]...),
 						c.Key,
 					)
 				} else {
 
-					dataToSend, err = crypt.Encrypt(
+					dataToSend, err = crypt.EncryptChaCha(
 						compress.Compress(
 							append(posByte, data[:n]...),
 						),
diff --git a/src/message/message.go b/src/message/message.go
index c5e66121..f60bad43 100644
--- a/src/message/message.go
+++ b/src/message/message.go
@@ -1,6 +1,7 @@
 package message
 
 import (
+	"crypto/cipher"
 	"encoding/json"
 
 	"github.com/schollz/croc/v9/src/comm"
@@ -24,7 +25,7 @@ func (m Message) String() string {
 }
 
 // Send will send out
-func Send(c *comm.Comm, key []byte, m Message) (err error) {
+func Send(c *comm.Comm, key cipher.AEAD, m Message) (err error) {
 	mSend, err := Encode(key, m)
 	if err != nil {
 		return
@@ -34,7 +35,7 @@ func Send(c *comm.Comm, key []byte, m Message) (err error) {
 }
 
 // Encode will convert to bytes
-func Encode(key []byte, m Message) (b []byte, err error) {
+func Encode(key cipher.AEAD, m Message) (b []byte, err error) {
 	b, err = json.Marshal(m)
 	if err != nil {
 		return
@@ -42,7 +43,7 @@ func Encode(key []byte, m Message) (b []byte, err error) {
 	b = compress.Compress(b)
 	if key != nil {
 		log.Debugf("writing %s message (encrypted)", m.Type)
-		b, err = crypt.Encrypt(b, key)
+		b, err = crypt.EncryptChaCha(b, key)
 	} else {
 		log.Debugf("writing %s message (unencrypted)", m.Type)
 	}
@@ -50,9 +51,9 @@ func Encode(key []byte, m Message) (b []byte, err error) {
 }
 
 // Decode will convert from bytes
-func Decode(key []byte, b []byte) (m Message, err error) {
+func Decode(key cipher.AEAD, b []byte) (m Message, err error) {
 	if key != nil {
-		b, err = crypt.Decrypt(b, key)
+		b, err = crypt.DecryptChaCha(b, key)
 		if err != nil {
 			return
 		}
diff --git a/src/tcp/tcp.go b/src/tcp/tcp.go
index 96b4145f..8259cc6d 100644
--- a/src/tcp/tcp.go
+++ b/src/tcp/tcp.go
@@ -184,7 +184,7 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
 	if err != nil {
 		return
 	}
-	strongKeyForEncryption, _, err := crypt.New(strongKey, salt)
+	strongKeyForEncryption, _, err := crypt.NewArgon2(strongKey, salt)
 	if err != nil {
 		return
 	}
@@ -194,13 +194,13 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
 	if err != nil {
 		return
 	}
-	passwordBytes, err := crypt.Decrypt(passwordBytesEnc, strongKeyForEncryption)
+	passwordBytes, err := crypt.DecryptChaCha(passwordBytesEnc, strongKeyForEncryption)
 	if err != nil {
 		return
 	}
 	if strings.TrimSpace(string(passwordBytes)) != s.password {
 		err = fmt.Errorf("bad password")
-		enc, _ := crypt.Decrypt([]byte(err.Error()), strongKeyForEncryption)
+		enc, _ := crypt.DecryptChaCha([]byte(err.Error()), strongKeyForEncryption)
 		if err := c.Send(enc); err != nil {
 			return "", fmt.Errorf("send error: %w", err)
 		}
@@ -213,7 +213,7 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
 		banner = "ok"
 	}
 	log.Debugf("sending '%s'", banner)
-	bSend, err := crypt.Encrypt([]byte(banner+"|||"+c.Connection().RemoteAddr().String()), strongKeyForEncryption)
+	bSend, err := crypt.EncryptChaCha([]byte(banner+"|||"+c.Connection().RemoteAddr().String()), strongKeyForEncryption)
 	if err != nil {
 		return
 	}
@@ -228,7 +228,7 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
 	if err != nil {
 		return
 	}
-	roomBytes, err := crypt.Decrypt(enc, strongKeyForEncryption)
+	roomBytes, err := crypt.DecryptChaCha(enc, strongKeyForEncryption)
 	if err != nil {
 		return
 	}
@@ -244,7 +244,7 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
 		s.rooms.Unlock()
 		// tell the client that they got the room
 
-		bSend, err = crypt.Encrypt([]byte("ok"), strongKeyForEncryption)
+		bSend, err = crypt.EncryptChaCha([]byte("ok"), strongKeyForEncryption)
 		if err != nil {
 			return
 		}
@@ -259,7 +259,7 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
 	}
 	if s.rooms.rooms[room].full {
 		s.rooms.Unlock()
-		bSend, err = crypt.Encrypt([]byte("room full"), strongKeyForEncryption)
+		bSend, err = crypt.EncryptChaCha([]byte("room full"), strongKeyForEncryption)
 		if err != nil {
 			return
 		}
@@ -293,7 +293,7 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
 	}(otherConnection, c, &wg)
 
 	// tell the sender everything is ready
-	bSend, err = crypt.Encrypt([]byte("ok"), strongKeyForEncryption)
+	bSend, err = crypt.EncryptChaCha([]byte("ok"), strongKeyForEncryption)
 	if err != nil {
 		return
 	}
@@ -438,7 +438,7 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati
 	}
 	log.Debugf("strong key: %x", strongKey)
 
-	strongKeyForEncryption, salt, err := crypt.New(strongKey, nil)
+	strongKeyForEncryption, salt, err := crypt.NewArgon2(strongKey, nil)
 	if err != nil {
 		return
 	}
@@ -449,7 +449,7 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati
 	}
 
 	log.Debug("sending password")
-	bSend, err := crypt.Encrypt([]byte(password), strongKeyForEncryption)
+	bSend, err := crypt.EncryptChaCha([]byte(password), strongKeyForEncryption)
 	if err != nil {
 		return
 	}
@@ -462,7 +462,7 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati
 	if err != nil {
 		return
 	}
-	data, err := crypt.Decrypt(enc, strongKeyForEncryption)
+	data, err := crypt.DecryptChaCha(enc, strongKeyForEncryption)
 	if err != nil {
 		return
 	}
@@ -473,7 +473,7 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati
 	banner = strings.Split(string(data), "|||")[0]
 	ipaddr = strings.Split(string(data), "|||")[1]
 	log.Debug("sending room")
-	bSend, err = crypt.Encrypt([]byte(room), strongKeyForEncryption)
+	bSend, err = crypt.EncryptChaCha([]byte(room), strongKeyForEncryption)
 	if err != nil {
 		return
 	}
@@ -486,7 +486,7 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati
 	if err != nil {
 		return
 	}
-	data, err = crypt.Decrypt(enc, strongKeyForEncryption)
+	data, err = crypt.DecryptChaCha(enc, strongKeyForEncryption)
 	if err != nil {
 		return
 	}