// CreateKxKeys create an KexKey structure using provide randomness source and
// compute the initial EC Ephemeral keypair
// XXX Make sure PRNG is strong.. may be use fortuna...
func CreateKxKeys(nickname, userhost, server string) (mykeys *KexKey, err error) {
mykeys = new(KexKey)
mykeys.pubkey, mykeys.privkey, err = box.GenerateKey(rand.Reader)
if err != nil {
return nil, &acutl.AcError{Value: -1, Msg: "CreateMyKeys().GenerateKey(): ", Err: err}
}
pubfp, err := acutl.HashSHA3Data(mykeys.pubkey[:])
if err != nil {
return nil, &acutl.AcError{Value: -2, Msg: "CreateMyKeys().hash(): ", Err: err}
}
// copy and store the public fingerprint..
copy(mykeys.pubfp[:], pubfp)
/*
PK, err := CreatePKMessageNACL(mykeys.pubkey[:])
if err != nil {
//return nil, acprotoError(-3, "CreateMyKeys().CreatePKMessage(): ", err)
return nil, &acutl.AcError{Value: -3, Msg: "CreateMyKeys().CreatePKMessage(): ", Err: err}
}
mykeys.Pubkey = string(PK)
*/
mykeys.Nickname = nickname
mykeys.Userhost = userhost
mykeys.Server = server
mykeys.HasPriv = true
mykeys.CreaTime = time.Now()
return mykeys, nil
}
func nonceBuildAC(bob, myNick, myCounter, msgHdr []byte) (out []byte, err error) {
nonceBuild := new(bytes.Buffer)
bobHash, bobErr := acutl.HashSHA3Data(bob)
if bobErr != nil {
return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().bobHash(): ", Err: bobErr}
}
nickHash, nickErr := acutl.HashSHA3Data(myNick)
if nickErr != nil {
return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().nickHash(): ", Err: nickErr}
}
counterHash, counterErr := acutl.HashSHA3Data(myCounter)
if counterErr != nil {
return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().counterHash(): ", Err: counterErr}
}
hdrHash, hdrErr := acutl.HashSHA3Data(msgHdr)
if hdrErr != nil {
return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().hdrHash(): ", Err: hdrErr}
}
// lets build it now..
nonceBuild.Write(bobHash)
nonceBuild.WriteByte(byte(':'))
nonceBuild.Write(nickHash)
nonceBuild.WriteByte(byte(':'))
nonceBuild.Write(counterHash)
nonceBuild.WriteByte(byte(':'))
nonceBuild.Write(hdrHash)
//fmt.Fprintf(os.Stderr, "NonceBuildAC NonceBuild HEX(%d): %s\n", len(nonceBuild.Bytes()), hex.EncodeToString(nonceBuild.Bytes()))
nonceHash, nonceErr := acutl.HashSHA3Data(nonceBuild.Bytes())
if nonceErr != nil {
return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().nonceHash(): ", Err: nonceErr}
}
//fmt.Fprintf(os.Stderr, "NonceBuildAC HASH HEX(%d): %s\n", len(nonceHash), hex.EncodeToString(nonceHash))
return nonceHash, nil
}
// SetPubkey writes the argument provided public key (pubkey) of the current
// AcMyKeys structure.
func (pk *KexKey) SetPubkey(pubkey []byte) error {
if len(pubkey) == 32 {
pk.pubkey = new([32]byte)
copy(pk.pubkey[:], pubkey)
// XXX TODO: handle error here...
pubfp, _ := acutl.HashSHA3Data(pubkey)
// copy and store the public fingerprint..
copy(pk.pubfp[:], pubfp)
return nil
}
return &acutl.AcError{Value: -1, Msg: "SetPubkeys(weird size): ", Err: nil}
}
func CreateACContextWithInputEntropy(channel []byte, inputEntropy []byte) (context *ackp.SecKey, err error) {
context = new(ackp.SecKey)
context.SetNonce(0)
//context.nonce = 0
context.SetBob(channel)
//context.bob = channel
context.Overhead = secretbox.Overhead
shaEntropy, err := acutl.HashSHA3Data(inputEntropy)
if err != nil {
//return nil, acprotoError(-1, "CreateACContextWithInputEntropy().HashSHA3Data(): ", err)
return nil, &acutl.AcError{Value: -1, Msg: "CreateACContextWithInputEntropy().HashSHA3Data(): ", Err: err}
}
context.SetKey(shaEntropy)
//copy(context.key[:], shaEntropy)
return context, nil
}
func nonceBuildKX(kxChannel, myNick, peerNick, myCounter, msgHdr []byte) (out []byte, err error) {
nonceBuild := new(bytes.Buffer)
chanHash, chanErr := acutl.HashSHA3Data(kxChannel)
if chanErr != nil {
return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildKX().chanHash(): ", Err: chanErr}
}
nickHash, nickErr := acutl.HashSHA3Data(myNick)
if nickErr != nil {
return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildKX().nickHash(): ", Err: nickErr}
}
peerHash, peerErr := acutl.HashSHA3Data(peerNick)
if peerErr != nil {
return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildKX().peerHash(): ", Err: peerErr}
}
counterHash, counterErr := acutl.HashSHA3Data(myCounter)
if counterErr != nil {
return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().counterHash(): ", Err: counterErr}
}
hdrHash, hdrErr := acutl.HashSHA3Data(msgHdr)
if hdrErr != nil {
return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().hdrHash(): ", Err: hdrErr}
}
// lets build it now..
nonceBuild.Write(chanHash)
nonceBuild.WriteByte(byte(':'))
nonceBuild.Write(nickHash)
nonceBuild.WriteByte(byte(':'))
nonceBuild.Write(peerHash)
nonceBuild.WriteByte(byte(':'))
nonceBuild.Write(counterHash)
//binary.Write(nonce_build, binary.LittleEndian, context.nonce)
nonceBuild.WriteByte(byte(':'))
nonceBuild.Write(hdrHash)
nonceHash, nonceErr := acutl.HashSHA3Data(nonceBuild.Bytes())
if nonceErr != nil {
return nil, &acutl.AcError{Value: -1, Msg: "NonceBuildAC().nonceHash(): ", Err: nonceErr}
}
//acutl.DebugLog.Printf(os.Stderr, "[+] BuildNonceAC(%08x, %s, %s, %s) = %s (%s)\n", inonce, bob, mynick, hex.EncodeToString(myhdr), hex.EncodeToString(noncebyte[:]), hex.EncodeToString(nonce))
return nonceHash, nil
}
func (skgen *SecretKeyGen) Init(input []byte, channel []byte, nick []byte, serv []byte) (err error) {
//skgen.hash = sha3.NewKeccak256
// go.crypto changed it... mlgrmlbmlbm
skgen.hash = sha3.New256
if input != nil {
skgen.input = make([]byte, len(input))
copy(skgen.input, input)
} else { // handle empty input with crypto/rand input
skgen.input = make([]byte, 1024)
_, err = io.ReadFull(rand.Reader, skgen.input)
if err != nil {
return err
}
}
if channel != nil {
skgen.channel = make([]byte, len(channel))
copy(skgen.channel, channel)
}
if nick != nil {
skgen.nick = make([]byte, len(nick))
copy(skgen.nick, nick)
}
if serv != nil {
skgen.server = make([]byte, len(serv))
copy(skgen.server, serv)
}
prng := make([]byte, 256)
_, err = io.ReadFull(rand.Reader, prng)
if err != nil {
return err
// fmt.Fprintf(os.Stderr, "POUET POUET Error")
// fmt.Println(err)
}
// fmt.Fprintf(os.Stderr, "read %d random bytes\n", n)
//dk := pbkdf2.Key([]byte("some password"), salt, 4096, 32, sha1.New)
//func Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte
// XXX TODO be sure of the PBKDF2 FUNCTION CALL ARGUMENTS...
skgen.input_pbkdf = pbkdf2.Key(skgen.input, prng, 16384, 32, skgen.hash)
// fmt.Fprintf(os.Stderr, "PBKDF LEN: %d\n", len(skgen.input_pbkdf))
// in Read() we will apply the HKDF function.. onto the PBKDF2 derived key.
// XXX TODO: just to be sure implement HASH of each value instead of values
// only.
str_build := new(bytes.Buffer)
str_build.Write(serv)
str_build.WriteByte(byte(':'))
str_build.Write(nick)
str_build.WriteByte(byte(':'))
str_build.Write(channel)
skgen.info_hkdf, err = acutl.HashSHA3Data(str_build.Bytes())
if err != nil {
return err
}
return nil
}