Beispiel #1
0
// CreateKxKeys create an KexKey structure using provide randomness source and
// compute the initial EC Ephemeral keypair
// XXX Make sure PRNG is strong.. may be use fortuna...
func CreateKxKeys(nickname, userhost, server string) (mykeys *KexKey, err error) {
	mykeys = new(KexKey)
	mykeys.pubkey, mykeys.privkey, err = box.GenerateKey(rand.Reader)
	if err != nil {
		return nil, &acutl.AcError{Value: -1, Msg: "CreateMyKeys().GenerateKey(): ", Err: err}
	}

	pubfp, err := acutl.HashSHA3Data(mykeys.pubkey[:])
	if err != nil {
		return nil, &acutl.AcError{Value: -2, Msg: "CreateMyKeys().hash(): ", Err: err}
	}

	// copy and store the public fingerprint..
	copy(mykeys.pubfp[:], pubfp)

	/*
		PK, err := CreatePKMessageNACL(mykeys.pubkey[:])
		if err != nil {
			//return nil, acprotoError(-3, "CreateMyKeys().CreatePKMessage(): ", err)
			return nil, &acutl.AcError{Value: -3, Msg: "CreateMyKeys().CreatePKMessage(): ", Err: err}
		}
		mykeys.Pubkey = string(PK)
	*/
	mykeys.Nickname = nickname
	mykeys.Userhost = userhost
	mykeys.Server = server
	mykeys.HasPriv = true
	mykeys.CreaTime = time.Now()

	return mykeys, nil
}
Beispiel #2
0
func nonceBuildAC(bob, myNick, myCounter, msgHdr []byte) (out []byte, err error) {
	nonceBuild := new(bytes.Buffer)

	bobHash, bobErr := acutl.HashSHA3Data(bob)
	if bobErr != nil {
		return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().bobHash(): ", Err: bobErr}
	}

	nickHash, nickErr := acutl.HashSHA3Data(myNick)
	if nickErr != nil {
		return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().nickHash(): ", Err: nickErr}
	}

	counterHash, counterErr := acutl.HashSHA3Data(myCounter)
	if counterErr != nil {
		return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().counterHash(): ", Err: counterErr}
	}

	hdrHash, hdrErr := acutl.HashSHA3Data(msgHdr)
	if hdrErr != nil {
		return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().hdrHash(): ", Err: hdrErr}
	}

	// lets build it now..
	nonceBuild.Write(bobHash)
	nonceBuild.WriteByte(byte(':'))
	nonceBuild.Write(nickHash)
	nonceBuild.WriteByte(byte(':'))
	nonceBuild.Write(counterHash)
	nonceBuild.WriteByte(byte(':'))
	nonceBuild.Write(hdrHash)

	//fmt.Fprintf(os.Stderr, "NonceBuildAC NonceBuild HEX(%d): %s\n", len(nonceBuild.Bytes()), hex.EncodeToString(nonceBuild.Bytes()))

	nonceHash, nonceErr := acutl.HashSHA3Data(nonceBuild.Bytes())
	if nonceErr != nil {
		return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().nonceHash(): ", Err: nonceErr}
	}

	//fmt.Fprintf(os.Stderr, "NonceBuildAC HASH HEX(%d): %s\n", len(nonceHash), hex.EncodeToString(nonceHash))
	return nonceHash, nil
}
Beispiel #3
0
// SetPubkey writes the argument provided public key (pubkey) of the current
// AcMyKeys structure.
func (pk *KexKey) SetPubkey(pubkey []byte) error {
	if len(pubkey) == 32 {
		pk.pubkey = new([32]byte)
		copy(pk.pubkey[:], pubkey)

		// XXX TODO: handle error here...
		pubfp, _ := acutl.HashSHA3Data(pubkey)

		// copy and store the public fingerprint..
		copy(pk.pubfp[:], pubfp)
		return nil
	}

	return &acutl.AcError{Value: -1, Msg: "SetPubkeys(weird size): ", Err: nil}
}
Beispiel #4
0
func CreateACContextWithInputEntropy(channel []byte, inputEntropy []byte) (context *ackp.SecKey, err error) {
	context = new(ackp.SecKey)

	context.SetNonce(0)
	//context.nonce = 0
	context.SetBob(channel)
	//context.bob = channel
	context.Overhead = secretbox.Overhead

	shaEntropy, err := acutl.HashSHA3Data(inputEntropy)
	if err != nil {
		//return nil, acprotoError(-1, "CreateACContextWithInputEntropy().HashSHA3Data(): ", err)
		return nil, &acutl.AcError{Value: -1, Msg: "CreateACContextWithInputEntropy().HashSHA3Data(): ", Err: err}
	}

	context.SetKey(shaEntropy)
	//copy(context.key[:], shaEntropy)
	return context, nil
}
Beispiel #5
0
func nonceBuildKX(kxChannel, myNick, peerNick, myCounter, msgHdr []byte) (out []byte, err error) {
	nonceBuild := new(bytes.Buffer)

	chanHash, chanErr := acutl.HashSHA3Data(kxChannel)
	if chanErr != nil {
		return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildKX().chanHash(): ", Err: chanErr}
	}

	nickHash, nickErr := acutl.HashSHA3Data(myNick)
	if nickErr != nil {
		return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildKX().nickHash(): ", Err: nickErr}
	}

	peerHash, peerErr := acutl.HashSHA3Data(peerNick)
	if peerErr != nil {
		return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildKX().peerHash(): ", Err: peerErr}
	}

	counterHash, counterErr := acutl.HashSHA3Data(myCounter)
	if counterErr != nil {
		return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().counterHash(): ", Err: counterErr}
	}

	hdrHash, hdrErr := acutl.HashSHA3Data(msgHdr)
	if hdrErr != nil {
		return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().hdrHash(): ", Err: hdrErr}
	}

	// lets build it now..
	nonceBuild.Write(chanHash)
	nonceBuild.WriteByte(byte(':'))
	nonceBuild.Write(nickHash)
	nonceBuild.WriteByte(byte(':'))
	nonceBuild.Write(peerHash)
	nonceBuild.WriteByte(byte(':'))
	nonceBuild.Write(counterHash)
	//binary.Write(nonce_build, binary.LittleEndian, context.nonce)
	nonceBuild.WriteByte(byte(':'))
	nonceBuild.Write(hdrHash)

	nonceHash, nonceErr := acutl.HashSHA3Data(nonceBuild.Bytes())
	if nonceErr != nil {
		return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().nonceHash(): ", Err: nonceErr}
	}

	//acutl.DebugLog.Printf(os.Stderr, "[+] BuildNonceAC(%08x, %s, %s, %s) = %s (%s)\n", inonce, bob, mynick, hex.EncodeToString(myhdr), hex.EncodeToString(noncebyte[:]), hex.EncodeToString(nonce))

	return nonceHash, nil
}
Beispiel #6
0
func (skgen *SecretKeyGen) Init(input []byte, channel []byte, nick []byte, serv []byte) (err error) {
	//skgen.hash = sha3.NewKeccak256
	// go.crypto changed it... mlgrmlbmlbm
	skgen.hash = sha3.New256

	if input != nil {
		skgen.input = make([]byte, len(input))
		copy(skgen.input, input)
	} else { // handle empty input with crypto/rand input
		skgen.input = make([]byte, 1024)
		_, err = io.ReadFull(rand.Reader, skgen.input)
		if err != nil {
			return err
		}
	}

	if channel != nil {
		skgen.channel = make([]byte, len(channel))
		copy(skgen.channel, channel)
	}

	if nick != nil {
		skgen.nick = make([]byte, len(nick))
		copy(skgen.nick, nick)
	}

	if serv != nil {
		skgen.server = make([]byte, len(serv))
		copy(skgen.server, serv)
	}

	prng := make([]byte, 256)
	_, err = io.ReadFull(rand.Reader, prng)
	if err != nil {
		return err
		//        fmt.Fprintf(os.Stderr, "POUET POUET Error")
		//        fmt.Println(err)
	}

	//    fmt.Fprintf(os.Stderr, "read %d random bytes\n", n)
	//dk := pbkdf2.Key([]byte("some password"), salt, 4096, 32, sha1.New)
	//func Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte
	// XXX TODO be sure of the PBKDF2 FUNCTION CALL ARGUMENTS...
	skgen.input_pbkdf = pbkdf2.Key(skgen.input, prng, 16384, 32, skgen.hash)
	//    fmt.Fprintf(os.Stderr, "PBKDF LEN: %d\n", len(skgen.input_pbkdf))

	// in Read() we will apply the HKDF function.. onto the PBKDF2 derived key.
	// XXX TODO: just to be sure implement HASH of each value instead of values
	// only.
	str_build := new(bytes.Buffer)
	str_build.Write(serv)
	str_build.WriteByte(byte(':'))
	str_build.Write(nick)
	str_build.WriteByte(byte(':'))
	str_build.Write(channel)

	skgen.info_hkdf, err = acutl.HashSHA3Data(str_build.Bytes())
	if err != nil {
		return err
	}

	return nil
}