diff --git a/go.mod b/go.mod index e9cea1ab..52639324 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,7 @@ require ( github.com/schollz/logger v1.2.0 github.com/schollz/mnemonicode v1.0.1 github.com/schollz/pake/v2 v2.0.7 - github.com/schollz/pake3 v0.0.0-00010101000000-000000000000 // indirect + github.com/schollz/pake3 v0.0.0-00010101000000-000000000000 github.com/schollz/peerdiscovery v1.6.3 github.com/schollz/progressbar/v3 v3.7.6 github.com/spaolacci/murmur3 v1.1.0 // indirect diff --git a/src/croc/croc.go b/src/croc/croc.go index c39a95cc..fb637174 100644 --- a/src/croc/croc.go +++ b/src/croc/croc.go @@ -165,9 +165,9 @@ func New(ops Options) (c *Client, err error) { // initialize pake if c.Options.IsSender { - c.Pake, err = pake.InitCurve([]byte(c.Options.SharedSecret[5:]), 1, "siec", 1*time.Microsecond) + c.Pake, err = pake.InitCurve([]byte(c.Options.SharedSecret[5:]), 1, "siec") } else { - c.Pake, err = pake.InitCurve([]byte(c.Options.SharedSecret[5:]), 0, "siec", 1*time.Microsecond) + c.Pake, err = pake.InitCurve([]byte(c.Options.SharedSecret[5:]), 0, "siec") } if err != nil { return @@ -816,80 +816,72 @@ func (c *Client) processMessageFileInfo(m message.Message) (done bool, err error func (c *Client) procesMessagePake(m message.Message) (err error) { log.Debug("received pake payload") - // if // c.spinner.Suffix != " performing PAKE..." { - // // c.spinner.Stop() - // // c.spinner.Suffix = " performing PAKE..." - // // c.spinner.Start() - // } - notVerified := !c.Pake.IsVerified() + err = c.Pake.Update(m.Bytes) if err != nil { return } - if (notVerified && c.Pake.IsVerified() && !c.Options.IsSender) || !c.Pake.IsVerified() { + if c.Options.IsSender { err = message.Send(c.conn[0], c.Key, message.Message{ Type: "pake", Bytes: c.Pake.Bytes(), }) - } - if c.Pake.IsVerified() { - if c.Options.IsSender { - log.Debug("generating salt") - salt := make([]byte, 8) - if _, rerr := rand.Read(salt); err != nil { - log.Errorf("can't generate random numbers: %v", rerr) - return - } - err = message.Send(c.conn[0], c.Key, message.Message{ - Type: "salt", - Bytes: salt, - }) - if err != nil { - return - } + } else { + log.Debug("generating salt") + salt := make([]byte, 8) + if _, rerr := rand.Read(salt); err != nil { + log.Errorf("can't generate random numbers: %v", rerr) + return } + err = message.Send(c.conn[0], c.Key, message.Message{ + Type: "salt", + Bytes: salt, + }) + if err != nil { + return + } + } - // connects to the other ports of the server for transfer - var wg sync.WaitGroup - wg.Add(len(c.Options.RelayPorts)) - for i := 0; i < len(c.Options.RelayPorts); i++ { - log.Debugf("port: [%s]", c.Options.RelayPorts[i]) - go func(j int) { - defer wg.Done() - var host string - if c.Options.RelayAddress == "localhost" { - host = c.Options.RelayAddress - } else { - host, _, err = net.SplitHostPort(c.Options.RelayAddress) - if err != nil { - log.Errorf("bad relay address %s", c.Options.RelayAddress) - return - } - } - server := net.JoinHostPort(host, c.Options.RelayPorts[j]) - log.Debugf("connecting to %s", server) - c.conn[j+1], _, _, err = tcp.ConnectToTCPServer( - server, - c.Options.RelayPassword, - fmt.Sprintf("%s-%d", utils.SHA256(c.Options.SharedSecret[:5])[:6], j), - ) + // connects to the other ports of the server for transfer + var wg sync.WaitGroup + wg.Add(len(c.Options.RelayPorts)) + for i := 0; i < len(c.Options.RelayPorts); i++ { + log.Debugf("port: [%s]", c.Options.RelayPorts[i]) + go func(j int) { + defer wg.Done() + var host string + if c.Options.RelayAddress == "localhost" { + host = c.Options.RelayAddress + } else { + host, _, err = net.SplitHostPort(c.Options.RelayAddress) if err != nil { - panic(err) + log.Errorf("bad relay address %s", c.Options.RelayAddress) + return } - log.Debugf("connected to %s", server) - if !c.Options.IsSender { - go c.receiveData(j) - } - }(i) - } - wg.Wait() + } + server := net.JoinHostPort(host, c.Options.RelayPorts[j]) + log.Debugf("connecting to %s", server) + c.conn[j+1], _, _, err = tcp.ConnectToTCPServer( + server, + c.Options.RelayPassword, + fmt.Sprintf("%s-%d", utils.SHA256(c.Options.SharedSecret[:5])[:6], j), + ) + if err != nil { + panic(err) + } + log.Debugf("connected to %s", server) + if !c.Options.IsSender { + go c.receiveData(j) + } + }(i) } + wg.Wait() return } func (c *Client) processMessageSalt(m message.Message) (done bool, err error) { log.Debug("received salt") - if !c.Options.IsSender { + if c.Options.IsSender { log.Debug("sending salt back") err = message.Send(c.conn[0], c.Key, message.Message{ Type: "salt", @@ -899,7 +891,7 @@ func (c *Client) processMessageSalt(m message.Message) (done bool, err error) { return true, err } } - log.Debugf("session key is verified, generating encryption with salt: %x", m.Bytes) + log.Debugf("generating encryption with salt: %x", m.Bytes) key, err := c.Pake.SessionKey() if err != nil { return true, err diff --git a/src/tcp/tcp.go b/src/tcp/tcp.go index 8a40426d..cd0fc593 100644 --- a/src/tcp/tcp.go +++ b/src/tcp/tcp.go @@ -152,7 +152,7 @@ var weakKey = []byte{1, 2, 3} func (s *server) clientCommunication(port string, c *comm.Comm) (room string, err error) { // establish secure password with PAKE for communication with relay - B, err := pake.InitCurve(weakKey, 1, "siec", 1*time.Microsecond) + B, err := pake.InitCurve(weakKey, 1, "siec") if err != nil { return } @@ -173,14 +173,6 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er if err != nil { return } - Abytes, err = c.Receive() - if err != nil { - return - } - err = B.Update(Abytes) - if err != nil { - return - } strongKey, err := B.SessionKey() if err != nil { return @@ -425,7 +417,7 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati } // get PAKE connection with server to establish strong key to transfer info - A, err := pake.InitCurve(weakKey, 0, "siec", 1*time.Microsecond) + A, err := pake.InitCurve(weakKey, 0, "siec") if err != nil { return } @@ -441,10 +433,6 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati if err != nil { return } - err = c.Send(A.Bytes()) - if err != nil { - return - } strongKey, err := A.SessionKey() if err != nil { return