mirror of
https://github.com/schollz/croc.git
synced 2025-10-11 05:11:06 +02:00
add chacha
This commit is contained in:
Zack Scholl
parent
5b0883e1fe
commit
3359e7996f
3 changed files with 25 additions and 23 deletions
|
|
@ -2,6 +2,7 @@ package croc
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
|
"crypto/cipher"
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"encoding/binary"
|
"encoding/binary"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
|
@ -74,7 +75,7 @@ type Options struct {
|
||||||
type Client struct {
|
type Client struct {
|
||||||
Options Options
|
Options Options
|
||||||
Pake *pake.Pake
|
Pake *pake.Pake
|
||||||
Key []byte
|
Key cipher.AEAD
|
||||||
ExternalIP, ExternalIPConnected string
|
ExternalIP, ExternalIPConnected string
|
||||||
|
|
||||||
// steps involved in forming relationship
|
// steps involved in forming relationship
|
||||||
|
|
@ -881,7 +882,7 @@ func (c *Client) processMessagePake(m message.Message) (err error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
c.Key, _, err = crypt.New(key, salt)
|
c.Key, _, err = crypt.NewArgon2(key, salt)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
@ -1419,7 +1420,7 @@ func (c *Client) receiveData(i int) {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
data, err = crypt.Decrypt(data, c.Key)
|
data, err = crypt.DecryptChaCha(data, c.Key)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|
@ -1512,13 +1513,13 @@ func (c *Client) sendData(i int) {
|
||||||
var err error
|
var err error
|
||||||
var dataToSend []byte
|
var dataToSend []byte
|
||||||
if c.Options.NoCompress {
|
if c.Options.NoCompress {
|
||||||
dataToSend, err = crypt.Encrypt(
|
dataToSend, err = crypt.EncryptChaCha(
|
||||||
append(posByte, data[:n]...),
|
append(posByte, data[:n]...),
|
||||||
c.Key,
|
c.Key,
|
||||||
)
|
)
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
dataToSend, err = crypt.Encrypt(
|
dataToSend, err = crypt.EncryptChaCha(
|
||||||
compress.Compress(
|
compress.Compress(
|
||||||
append(posByte, data[:n]...),
|
append(posByte, data[:n]...),
|
||||||
),
|
),
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
package message
|
package message
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/cipher"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
|
||||||
"github.com/schollz/croc/v9/src/comm"
|
"github.com/schollz/croc/v9/src/comm"
|
||||||
|
|
@ -24,7 +25,7 @@ func (m Message) String() string {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Send will send out
|
// Send will send out
|
||||||
func Send(c *comm.Comm, key []byte, m Message) (err error) {
|
func Send(c *comm.Comm, key cipher.AEAD, m Message) (err error) {
|
||||||
mSend, err := Encode(key, m)
|
mSend, err := Encode(key, m)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
|
|
@ -34,7 +35,7 @@ func Send(c *comm.Comm, key []byte, m Message) (err error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Encode will convert to bytes
|
// Encode will convert to bytes
|
||||||
func Encode(key []byte, m Message) (b []byte, err error) {
|
func Encode(key cipher.AEAD, m Message) (b []byte, err error) {
|
||||||
b, err = json.Marshal(m)
|
b, err = json.Marshal(m)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
|
|
@ -42,7 +43,7 @@ func Encode(key []byte, m Message) (b []byte, err error) {
|
||||||
b = compress.Compress(b)
|
b = compress.Compress(b)
|
||||||
if key != nil {
|
if key != nil {
|
||||||
log.Debugf("writing %s message (encrypted)", m.Type)
|
log.Debugf("writing %s message (encrypted)", m.Type)
|
||||||
b, err = crypt.Encrypt(b, key)
|
b, err = crypt.EncryptChaCha(b, key)
|
||||||
} else {
|
} else {
|
||||||
log.Debugf("writing %s message (unencrypted)", m.Type)
|
log.Debugf("writing %s message (unencrypted)", m.Type)
|
||||||
}
|
}
|
||||||
|
|
@ -50,9 +51,9 @@ func Encode(key []byte, m Message) (b []byte, err error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Decode will convert from bytes
|
// Decode will convert from bytes
|
||||||
func Decode(key []byte, b []byte) (m Message, err error) {
|
func Decode(key cipher.AEAD, b []byte) (m Message, err error) {
|
||||||
if key != nil {
|
if key != nil {
|
||||||
b, err = crypt.Decrypt(b, key)
|
b, err = crypt.DecryptChaCha(b, key)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -184,7 +184,7 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
strongKeyForEncryption, _, err := crypt.New(strongKey, salt)
|
strongKeyForEncryption, _, err := crypt.NewArgon2(strongKey, salt)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -194,13 +194,13 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
passwordBytes, err := crypt.Decrypt(passwordBytesEnc, strongKeyForEncryption)
|
passwordBytes, err := crypt.DecryptChaCha(passwordBytesEnc, strongKeyForEncryption)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if strings.TrimSpace(string(passwordBytes)) != s.password {
|
if strings.TrimSpace(string(passwordBytes)) != s.password {
|
||||||
err = fmt.Errorf("bad password")
|
err = fmt.Errorf("bad password")
|
||||||
enc, _ := crypt.Decrypt([]byte(err.Error()), strongKeyForEncryption)
|
enc, _ := crypt.DecryptChaCha([]byte(err.Error()), strongKeyForEncryption)
|
||||||
if err := c.Send(enc); err != nil {
|
if err := c.Send(enc); err != nil {
|
||||||
return "", fmt.Errorf("send error: %w", err)
|
return "", fmt.Errorf("send error: %w", err)
|
||||||
}
|
}
|
||||||
|
|
@ -213,7 +213,7 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
|
||||||
banner = "ok"
|
banner = "ok"
|
||||||
}
|
}
|
||||||
log.Debugf("sending '%s'", banner)
|
log.Debugf("sending '%s'", banner)
|
||||||
bSend, err := crypt.Encrypt([]byte(banner+"|||"+c.Connection().RemoteAddr().String()), strongKeyForEncryption)
|
bSend, err := crypt.EncryptChaCha([]byte(banner+"|||"+c.Connection().RemoteAddr().String()), strongKeyForEncryption)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -228,7 +228,7 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
roomBytes, err := crypt.Decrypt(enc, strongKeyForEncryption)
|
roomBytes, err := crypt.DecryptChaCha(enc, strongKeyForEncryption)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -244,7 +244,7 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
|
||||||
s.rooms.Unlock()
|
s.rooms.Unlock()
|
||||||
// tell the client that they got the room
|
// tell the client that they got the room
|
||||||
|
|
||||||
bSend, err = crypt.Encrypt([]byte("ok"), strongKeyForEncryption)
|
bSend, err = crypt.EncryptChaCha([]byte("ok"), strongKeyForEncryption)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -259,7 +259,7 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
|
||||||
}
|
}
|
||||||
if s.rooms.rooms[room].full {
|
if s.rooms.rooms[room].full {
|
||||||
s.rooms.Unlock()
|
s.rooms.Unlock()
|
||||||
bSend, err = crypt.Encrypt([]byte("room full"), strongKeyForEncryption)
|
bSend, err = crypt.EncryptChaCha([]byte("room full"), strongKeyForEncryption)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -293,7 +293,7 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er
|
||||||
}(otherConnection, c, &wg)
|
}(otherConnection, c, &wg)
|
||||||
|
|
||||||
// tell the sender everything is ready
|
// tell the sender everything is ready
|
||||||
bSend, err = crypt.Encrypt([]byte("ok"), strongKeyForEncryption)
|
bSend, err = crypt.EncryptChaCha([]byte("ok"), strongKeyForEncryption)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -438,7 +438,7 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati
|
||||||
}
|
}
|
||||||
log.Debugf("strong key: %x", strongKey)
|
log.Debugf("strong key: %x", strongKey)
|
||||||
|
|
||||||
strongKeyForEncryption, salt, err := crypt.New(strongKey, nil)
|
strongKeyForEncryption, salt, err := crypt.NewArgon2(strongKey, nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -449,7 +449,7 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Debug("sending password")
|
log.Debug("sending password")
|
||||||
bSend, err := crypt.Encrypt([]byte(password), strongKeyForEncryption)
|
bSend, err := crypt.EncryptChaCha([]byte(password), strongKeyForEncryption)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -462,7 +462,7 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
data, err := crypt.Decrypt(enc, strongKeyForEncryption)
|
data, err := crypt.DecryptChaCha(enc, strongKeyForEncryption)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -473,7 +473,7 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati
|
||||||
banner = strings.Split(string(data), "|||")[0]
|
banner = strings.Split(string(data), "|||")[0]
|
||||||
ipaddr = strings.Split(string(data), "|||")[1]
|
ipaddr = strings.Split(string(data), "|||")[1]
|
||||||
log.Debug("sending room")
|
log.Debug("sending room")
|
||||||
bSend, err = crypt.Encrypt([]byte(room), strongKeyForEncryption)
|
bSend, err = crypt.EncryptChaCha([]byte(room), strongKeyForEncryption)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
@ -486,7 +486,7 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
data, err = crypt.Decrypt(enc, strongKeyForEncryption)
|
data, err = crypt.DecryptChaCha(enc, strongKeyForEncryption)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue