Esempio n. 1
0
func KiSS_test() {
	server_key := kicrypt.SecureDH_genpair()
	server_with_dispatch("localhost:5555",
		func(wire net.Conn) {
			owire, err := Kiriobfs_handshake_server(wire)
			check_serious(err)
			wrapped, err := KiSS_handshake_server(owire, server_key)
			check_fatal(err)
			LOG(LOG_DEBUG, "Accepted...")
			copy_conns(wrapped, wrapped)
		})

	server_with_dispatch("0.0.0.0:6666",
		func(wire net.Conn) {
			remwire, err := net.Dial("tcp", "localhost:5555")
			check_serious(err)
			remwire, err = Kiriobfs_handshake_client(remwire)
			check_serious(err)
			remreal, err1 := KiSS_handshake_client(remwire, dumb_Verifier)
			check_fatal(err1)
			LOG(LOG_DEBUG, "Connected...")
			go copy_conns(wire, remreal)
			copy_conns(remreal, wire)
		})

	time.Sleep(10000 * time.Second)
}
Esempio n. 2
0
func KiSS_handshake_client(wire io.ReadWriteCloser, verify Verifier) (wr io.ReadWriteCloser, err error) {
	defer func() {
		if r := recover(); r != nil {
			err = errors.New(fmt.Sprint(r))
		}
	}()
	// our keys
	our_keypair := kicrypt.SecureDH_genpair()
	//LOG(LOG_DEBUG, "CPUB: %d", our_keypair.Public)
	// construct the client handshake
	our_greeting := KiSS_HS_Client{0x02, our_keypair.Public}
	our_greeting_packed := KiSS_Segment{K_HANDSHAKE_C, our_greeting.Pack()}
	// send across the client handshake
	_, err = wire.Write(our_greeting_packed.Bytes())
	if err != nil {
		return nil, errors.New("wtf")
	}
	//LOG(LOG_DEBUG, "our client greeting of sent")
	// obtain the server handshake
	their_handshake_raw, err2 := KiSS_read_segment(wire)
	//LOG(LOG_DEBUG, "their server greeting of got")
	if err2 != nil {
		return nil, err2
	}
	if their_handshake_raw.segment_type != K_HANDSHAKE_S {
		return nil, errors.New("wtf")
	}
	their_handshake, err3 := KiSS_unpack_server_handshake(their_handshake_raw.raw_payload, verify)
	if err3 != nil {
		return nil, err3
	}
	// obtain the shared secret
	secret := kicrypt.SecureDH_gensecret(our_keypair.Private, their_handshake.public_edh_key)
	secret = append(secret, kicrypt.SecureDH_gensecret(our_keypair.Private, their_handshake.public_dh_key)...)
	upkey := kicrypt.KeyedHash(secret, "kiss-2-up")
	downkey := kicrypt.KeyedHash(secret, "kiss-2-down")
	// get the cipher thingies
	read_ciph := __KISS_AS(downkey)
	write_ciph := __KISS_AS(upkey)
	bt := new([]byte)
	*bt = make([]byte, 0)
	toret := KiSS_State{read_ciph, write_ciph, secret, 0, 0, wire, bt}
	return io.ReadWriteCloser(toret), nil
}
Esempio n. 3
0
func KiSS_handshake_server(wire io.ReadWriteCloser, keys kicrypt.SecureDH_keypair) (wr io.ReadWriteCloser, err error) {
	defer func() {
		if r := recover(); r != nil {
			err = errors.New(fmt.Sprint(r))
		}
	}()
	// read their handshake
	their_greeting_packed, err1 := KiSS_read_segment(wire)
	if err1 != nil {
		return nil, err1
	}
	if their_greeting_packed.segment_type != K_HANDSHAKE_C {
		return nil, errors.New("client sent something other than a handshake")
	}
	// unpack their greeting
	their_greeting, err2 := KiSS_unpack_client_handshake(their_greeting_packed.raw_payload)
	if err2 != nil {
		return nil, err2
	}
	// send our handshake
	our_keypair := kicrypt.SecureDH_genpair()
	our_greeting := KiSS_Segment{K_HANDSHAKE_S, (KiSS_HS_Server{keys.Public,
		our_keypair.Public}).Pack()}
	_, err3 := wire.Write(our_greeting.Bytes())
	if err3 != nil {
		return nil, err3
	}
	// obtain the shared secret
	secret := kicrypt.SecureDH_gensecret(our_keypair.Private, their_greeting.public_edh_key)
	secret = append(secret, kicrypt.SecureDH_gensecret(keys.Private, their_greeting.public_edh_key)...)
	upkey := kicrypt.KeyedHash(secret, "kiss-2-up")
	downkey := kicrypt.KeyedHash(secret, "kiss-2-down")
	read_ciph := __KISS_AS(upkey)
	write_ciph := __KISS_AS(downkey)
	bt := new([]byte)
	*bt = make([]byte, 0)
	toret := KiSS_State{read_ciph, write_ciph, secret, 0, 0, wire, bt}
	//LOG(LOG_DEBUG, "keygens on server side of done")
	return io.ReadWriteCloser(toret), nil
}
Esempio n. 4
0
// kirisurf project main.go
package main

import (
	"encoding/base32"
	"kirisurf/ll/dirclient"
	"kirisurf/ll/kicrypt"
	"kirisurf/ll/kiss"
	"runtime"
	"strconv"
	"strings"
	"time"
)

var MasterKey = kicrypt.SecureDH_genpair()
var MasterKeyHash = strings.ToLower(base32.StdEncoding.EncodeToString(
	kicrypt.InvariantHash(MasterKey.Public.Bytes())[:20]))

func main() {
	kiss.SetCipher(kicrypt.AS_aes256_ofb)
	INFO("Kirisurf started! CPU count: %d", runtime.NumCPU())
	runtime.GOMAXPROCS(runtime.NumCPU())
	go run_monitor_loop()
	go run_diagnostic_loop()
	dirclient.DIRADDR = MasterConfig.General.DirectoryURL
	dirclient.RefreshDirectory()
	if MasterConfig.General.Role == "server" {
		NewSCServer(MasterConfig.General.ORAddr)
		prt, _ := strconv.Atoi(
			strings.Split(MasterConfig.General.ORAddr, ":")[1])
		dirclient.RunRelay(prt, MasterKeyHash,