func KiSS_test() {
server_key := kicrypt.SecureDH_genpair()
server_with_dispatch("localhost:5555",
func(wire net.Conn) {
owire, err := Kiriobfs_handshake_server(wire)
check_serious(err)
wrapped, err := KiSS_handshake_server(owire, server_key)
check_fatal(err)
LOG(LOG_DEBUG, "Accepted...")
copy_conns(wrapped, wrapped)
})
server_with_dispatch("0.0.0.0:6666",
func(wire net.Conn) {
remwire, err := net.Dial("tcp", "localhost:5555")
check_serious(err)
remwire, err = Kiriobfs_handshake_client(remwire)
check_serious(err)
remreal, err1 := KiSS_handshake_client(remwire, dumb_Verifier)
check_fatal(err1)
LOG(LOG_DEBUG, "Connected...")
go copy_conns(wire, remreal)
copy_conns(remreal, wire)
})
time.Sleep(10000 * time.Second)
}
func KiSS_handshake_client(wire io.ReadWriteCloser, verify Verifier) (wr io.ReadWriteCloser, err error) {
defer func() {
if r := recover(); r != nil {
err = errors.New(fmt.Sprint(r))
}
}()
// our keys
our_keypair := kicrypt.SecureDH_genpair()
//LOG(LOG_DEBUG, "CPUB: %d", our_keypair.Public)
// construct the client handshake
our_greeting := KiSS_HS_Client{0x02, our_keypair.Public}
our_greeting_packed := KiSS_Segment{K_HANDSHAKE_C, our_greeting.Pack()}
// send across the client handshake
_, err = wire.Write(our_greeting_packed.Bytes())
if err != nil {
return nil, errors.New("wtf")
}
//LOG(LOG_DEBUG, "our client greeting of sent")
// obtain the server handshake
their_handshake_raw, err2 := KiSS_read_segment(wire)
//LOG(LOG_DEBUG, "their server greeting of got")
if err2 != nil {
return nil, err2
}
if their_handshake_raw.segment_type != K_HANDSHAKE_S {
return nil, errors.New("wtf")
}
their_handshake, err3 := KiSS_unpack_server_handshake(their_handshake_raw.raw_payload, verify)
if err3 != nil {
return nil, err3
}
// obtain the shared secret
secret := kicrypt.SecureDH_gensecret(our_keypair.Private, their_handshake.public_edh_key)
secret = append(secret, kicrypt.SecureDH_gensecret(our_keypair.Private, their_handshake.public_dh_key)...)
upkey := kicrypt.KeyedHash(secret, "kiss-2-up")
downkey := kicrypt.KeyedHash(secret, "kiss-2-down")
// get the cipher thingies
read_ciph := __KISS_AS(downkey)
write_ciph := __KISS_AS(upkey)
bt := new([]byte)
*bt = make([]byte, 0)
toret := KiSS_State{read_ciph, write_ciph, secret, 0, 0, wire, bt}
return io.ReadWriteCloser(toret), nil
}
func KiSS_handshake_server(wire io.ReadWriteCloser, keys kicrypt.SecureDH_keypair) (wr io.ReadWriteCloser, err error) {
defer func() {
if r := recover(); r != nil {
err = errors.New(fmt.Sprint(r))
}
}()
// read their handshake
their_greeting_packed, err1 := KiSS_read_segment(wire)
if err1 != nil {
return nil, err1
}
if their_greeting_packed.segment_type != K_HANDSHAKE_C {
return nil, errors.New("client sent something other than a handshake")
}
// unpack their greeting
their_greeting, err2 := KiSS_unpack_client_handshake(their_greeting_packed.raw_payload)
if err2 != nil {
return nil, err2
}
// send our handshake
our_keypair := kicrypt.SecureDH_genpair()
our_greeting := KiSS_Segment{K_HANDSHAKE_S, (KiSS_HS_Server{keys.Public,
our_keypair.Public}).Pack()}
_, err3 := wire.Write(our_greeting.Bytes())
if err3 != nil {
return nil, err3
}
// obtain the shared secret
secret := kicrypt.SecureDH_gensecret(our_keypair.Private, their_greeting.public_edh_key)
secret = append(secret, kicrypt.SecureDH_gensecret(keys.Private, their_greeting.public_edh_key)...)
upkey := kicrypt.KeyedHash(secret, "kiss-2-up")
downkey := kicrypt.KeyedHash(secret, "kiss-2-down")
read_ciph := __KISS_AS(upkey)
write_ciph := __KISS_AS(downkey)
bt := new([]byte)
*bt = make([]byte, 0)
toret := KiSS_State{read_ciph, write_ciph, secret, 0, 0, wire, bt}
//LOG(LOG_DEBUG, "keygens on server side of done")
return io.ReadWriteCloser(toret), nil
}
// kirisurf project main.go
package main
import (
"encoding/base32"
"kirisurf/ll/dirclient"
"kirisurf/ll/kicrypt"
"kirisurf/ll/kiss"
"runtime"
"strconv"
"strings"
"time"
)
var MasterKey = kicrypt.SecureDH_genpair()
var MasterKeyHash = strings.ToLower(base32.StdEncoding.EncodeToString(
kicrypt.InvariantHash(MasterKey.Public.Bytes())[:20]))
func main() {
kiss.SetCipher(kicrypt.AS_aes256_ofb)
INFO("Kirisurf started! CPU count: %d", runtime.NumCPU())
runtime.GOMAXPROCS(runtime.NumCPU())
go run_monitor_loop()
go run_diagnostic_loop()
dirclient.DIRADDR = MasterConfig.General.DirectoryURL
dirclient.RefreshDirectory()
if MasterConfig.General.Role == "server" {
NewSCServer(MasterConfig.General.ORAddr)
prt, _ := strconv.Atoi(
strings.Split(MasterConfig.General.ORAddr, ":")[1])
dirclient.RunRelay(prt, MasterKeyHash,