Beispiel #1
0
func encryptSymmsg(password string, msg []byte) string {
	symmsg := new(Symmsg)
	rounds := 42

	copy(symmsg.symalg[:], "SP")
	copy(symmsg.kdfalg[:], "BK")
	symmsg.kdfrounds = uint32(rounds)
	rand.Read(symmsg.salt[:])
	rand.Read(symmsg.nonce[:])

	key, _ := bcrypt_pbkdf.Key([]byte(password), symmsg.salt[:], rounds, 32)
	var symkey [32]byte
	copy(symkey[:], key)

	enc := secretbox.Seal(nil, msg, &symmsg.nonce, &symkey)
	copy(symmsg.tag[:], enc[0:16])
	enc = enc[16:]

	var buf bytes.Buffer
	buf.Write(symmsg.symalg[:])
	buf.Write(symmsg.kdfalg[:])
	binary.Write(&buf, binary.BigEndian, symmsg.kdfrounds)
	buf.Write(symmsg.salt[:])
	buf.Write(symmsg.nonce[:])
	buf.Write(symmsg.tag[:])

	hdr := base64.StdEncoding.EncodeToString(buf.Bytes())
	hdr = wraplines(hdr)

	str := base64.StdEncoding.EncodeToString(enc)
	str = wraplines(str)

	return "-----BEGIN REOP ENCRYPTED MESSAGE-----\n" +
		"ident:<symmetric>\n" +
		hdr + "\n" +
		"-----BEGIN REOP ENCRYPTED MESSAGE DATA-----\n" +
		str + "\n" +
		"-----END REOP ENCRYPTED MESSAGE-----\n"
}
Beispiel #2
0
func decryptMsg(seckeyfile, pubkeyfile string, ciphertext []byte) string {
	var ident string
	var msglen int
	var msgraw []byte
	var hdr []byte
	if len(ciphertext) >= 6 && string(ciphertext[0:4]) == "RBF\u0000" {
		algorithm := string(ciphertext[4:6])
		switch algorithm {
		case "SP":
			if len(ciphertext) <= 68 {
				fmt.Fprintln(os.Stderr, "Badly formatted message!")
				os.Exit(1)
			}
			hdr = ciphertext[4:68]
			ciphertext = ciphertext[68:]
			break
		default:
			nyi("Binary decryption")
		}
		identlen := readUint32(ciphertext[0:4])
		ident = string(ciphertext[4 : 4+identlen])
		msgraw = ciphertext[4+identlen:]
	} else {
		// in the C, these are pointers to halfway through ciphertext
		// that's not fun
		var begin int
		var end int
		var beginmsg = []byte("-----BEGIN REOP ENCRYPTED MESSAGE-----\n")
		var begindata = []byte("-----BEGIN REOP ENCRYPTED MESSAGE DATA-----\n")
		var endmsg = []byte("-----END REOP ENCRYPTED MESSAGE-----\n")
		if bytes.Index(ciphertext, beginmsg) != 0 {
			fmt.Fprintln(os.Stderr, "Badly formatted message!")
			os.Exit(1)
		}
		begin, ident = readIdent(ciphertext[len(beginmsg):])
		begin = begin + len(beginmsg)
		end = begin + bytes.Index(ciphertext[begin:], begindata)
		if end == -1 {
			fmt.Fprintln(os.Stderr, "Badly formatted message!")
			os.Exit(1)
		}
		// this was nasty to figure out; it's a sizeof() a union with several structs
		hdr = b64pton(ciphertext[begin:end], 128)
		begin = end + len(begindata)
		end = begin + bytes.Index(ciphertext[begin:], endmsg)
		if end == -1 {
			fmt.Fprintln(os.Stderr, "Badly formatted message!")
			os.Exit(1)
		}
		msglen = (end - begin - 1) / 4 * 3
		msgraw = b64pton(ciphertext[begin:end], msglen)
		for msgraw[len(msgraw)-1] == 0 {
			msgraw = msgraw[:len(msgraw)-1]
		}
	}

	algorithm := string(hdr[:2])

	switch algorithm {
	case "SP":
		msg := new(Symmsg)
		copy(msg.symalg[:], hdr[0:2])
		copy(msg.kdfalg[:], hdr[2:4])
		msg.kdfrounds = readUint32(hdr[4:8])
		copy(msg.salt[:], hdr[8:24])
		copy(msg.nonce[:], hdr[24:48])
		copy(msg.tag[:], hdr[48:64])
		if string(msg.kdfalg[:]) != "BK" {
			fmt.Fprintln(os.Stderr, "unsupported KDF")
			os.Exit(1)
		}
		password := os.Getenv("REOP_PASSPHRASE")
		if password == "" {
			fmt.Print("passphrase: ")
			password = string(gopass.GetPasswd())
		}
		key, _ := bcrypt_pbkdf.Key([]byte(password), msg.salt[:], int(msg.kdfrounds), 32)
		var symkey [32]byte
		copy(symkey[:], key)
		raw := append(msg.tag[:], msgraw...)
		var dec []byte
		dec, worked := secretbox.Open(nil, raw, &msg.nonce, &symkey)
		if !worked {
			fmt.Fprintln(os.Stderr, "Decryption failed!")
			os.Exit(1)
		}
		return string(dec)
	case "eC":
		//seckey := readSeckey(seckeyfile)
		//pubkey := readPubkey(pubkeyfile)
		nyi("Public-key decryption with identity " + ident)
	case "CS":
		nyi("Old public-key algorithm")
	case "eS":
		nyi("Old symmetric algorithm")
	}
	return ""
}