作者:houndbe
项目:pon
func TestStreamData(t *testing.T) {
var serverPrivate, clientPrivate, serverPublic, clientPublic [32]byte
randBytes(serverPrivate[:])
randBytes(clientPrivate[:])
curve25519.ScalarBaseMult(&serverPublic, &serverPrivate)
curve25519.ScalarBaseMult(&clientPublic, &clientPrivate)
x, y := NewBiDiPipe()
client := NewClient(x, &clientPrivate, &clientPublic, &serverPublic)
server := NewServer(y, &serverPrivate)
clientComplete := make(chan bool)
go func() {
defer x.Close()
err := client.Handshake()
if err != nil {
panic(err)
}
if _, err = client.Write(nil); err != nil {
panic(err)
}
if _, err = client.Write([]byte("hello")); err != nil {
panic(err)
}
if _, err = client.Write([]byte("world")); err != nil {
panic(err)
}
if _, err = client.Write(make([]byte, 20*1024)); err != nil {
panic(err)
}
close(clientComplete)
}()
serverComplete := make(chan bool)
go func() {
defer y.Close()
err := server.Handshake()
if err != nil {
panic(err)
}
h := sha256.New()
if _, err := io.Copy(h, server); err != nil {
panic(err)
}
if h.Sum(nil)[0] != 0xec {
panic("bad data received")
}
close(serverComplete)
}()
<-clientComplete
<-serverComplete
}
作者:jwilkin
项目:pon
// FillKeyExchange sets elements of kx with key exchange information from the
// ratchet.
func (r *Ratchet) FillKeyExchange(kx *pond.KeyExchange) error {
if r.kxPrivate0 == nil || r.kxPrivate1 == nil {
return errors.New("ratchet: handshake already complete")
}
var public0, public1 [32]byte
curve25519.ScalarBaseMult(&public0, r.kxPrivate0)
curve25519.ScalarBaseMult(&public1, r.kxPrivate1)
kx.Dh = public0[:]
kx.Dh1 = public1[:]
return nil
}
作者:Bobberin
项目:musing
func TestBox(t *testing.T) {
var privateKey1, privateKey2 [32]byte
for i := range privateKey1[:] {
privateKey1[i] = 1
}
for i := range privateKey2[:] {
privateKey2[i] = 2
}
var publicKey1 [32]byte
curve25519.ScalarBaseMult(&publicKey1, &privateKey1)
var message [64]byte
for i := range message[:] {
message[i] = 3
}
var nonce [24]byte
for i := range nonce[:] {
nonce[i] = 4
}
box := Seal(nil, message[:], &nonce, &publicKey1, &privateKey2)
// expected was generated using the C implementation of NaCl.
expected, _ := hex.DecodeString("78ea30b19d2341ebbdba54180f821eec265cf86312549bea8a37652a8bb94f07b78a73ed1708085e6ddd0e943bbdeb8755079a37eb31d86163ce241164a47629c0539f330b4914cd135b3855bc2a2dfc")
if !bytes.Equal(box, expected) {
t.Fatalf("box didn't match, got\n%x\n, expected\n%x", box, expected)
}
}
作者:houndbe
项目:pon
func UnmarshalKeyExchange(rand io.Reader, meetingPlace MeetingPlace, serialised []byte) (*KeyExchange, error) {
var p panda_proto.KeyExchange
if err := proto.Unmarshal(serialised, &p); err != nil {
return nil, err
}
sharedSecret, ok := newSharedSecret(p.SharedSecret)
if !ok {
return nil, errors.New("panda: invalid shared secret in serialised key exchange")
}
kx := &KeyExchange{
rand: rand,
meetingPlace: meetingPlace,
status: p.GetStatus(),
sharedSecret: sharedSecret,
serialised: serialised,
kxBytes: p.KeyExchangeBytes,
message1: p.Message1,
message2: p.Message2,
}
copy(kx.key[:], p.Key)
copy(kx.meeting1[:], p.Meeting1)
copy(kx.meeting2[:], p.Meeting2)
copy(kx.sharedKey[:], p.SharedKey)
copy(kx.dhPrivate[:], p.DhPrivate)
curve25519.ScalarBaseMult(&kx.dhPublic, &kx.dhPrivate)
return kx, nil
}
作者:jansfe
项目:pon
func (c *client) dialServer(server string, useRandomIdentity bool) (*transport.Conn, error) {
identity := &c.identity
identityPublic := &c.identityPublic
if useRandomIdentity {
var randomIdentity [32]byte
c.randBytes(randomIdentity[:])
var randomIdentityPublic [32]byte
curve25519.ScalarBaseMult(&randomIdentityPublic, &randomIdentity)
identity = &randomIdentity
identityPublic = &randomIdentityPublic
}
serverIdentity, host, err := parseServer(server, c.testing)
if err != nil {
return nil, err
}
var tor proxy.Dialer
if c.testing {
tor = proxy.Direct
} else {
tor = c.torDialer()
}
rawConn, err := tor.Dial("tcp", host)
if err != nil {
return nil, err
}
conn := transport.NewClient(rawConn, identity, identityPublic, serverIdentity)
if err := conn.Handshake(); err != nil {
return nil, err
}
return conn, nil
}
作者:houndbe
项目:pon
func NewTestServer(setup func(dir string)) *TestServer {
listener, err := net.ListenTCP("tcp", &net.TCPAddr{IP: net.IPv4(127, 0, 0, 1)})
if err != nil {
panic(err)
}
dir, err := ioutil.TempDir("", "servertest")
if err != nil {
panic(err)
}
if setup != nil {
setup(dir)
}
testServer := &TestServer{
listener: listener,
addr: listener.Addr().(*net.TCPAddr),
dir: dir,
server: NewServer(dir, true),
}
io.ReadFull(rand.Reader, testServer.identity[:])
curve25519.ScalarBaseMult(&testServer.identityPublic, &testServer.identity)
go testServer.Loop()
return testServer
}
作者:postfi
项目:cryptobox-n
// GenerateKey returns an appropriate private and public key pair
// for securing messages.
func GenerateKey() (priv *[PrivateKeySize]byte, pub *[PublicKeySize]byte, ok bool) {
var priv1 [32]byte
var priv2 [32]byte
var pub1 [32]byte
var pub2 [32]byte
_, err := io.ReadFull(PRNG, priv1[:])
if err != nil {
return
}
_, err = io.ReadFull(PRNG, priv2[:])
if err != nil {
return
}
h := sha3.NewKeccak384()
h.Write(priv1[:])
digest := h.Sum(nil)
copy(priv1[:], digest)
priv1[0] &= 248
priv1[31] &= 127
priv1[31] |= 64
h.Reset()
h.Write(priv2[:])
digest = h.Sum(nil)
copy(priv2[:], digest)
priv2[0] &= 248
priv2[31] &= 127
priv2[31] |= 64
curve25519.ScalarBaseMult(&pub1, &priv1)
curve25519.ScalarBaseMult(&pub2, &priv2)
priv = new([PrivateKeySize]byte)
copy(priv[:32], priv1[:])
copy(priv[32:], priv2[:])
pub = new([PublicKeySize]byte)
copy(pub[:32], pub1[:])
copy(pub[32:], pub2[:])
secretbox.Zero(priv1[:])
secretbox.Zero(priv2[:])
ok = true
return
}
作者:inhie
项目:go-cjdn
// Pubkey returns the associated public key for the supplied private key.
func (k *Private) Pubkey() *Public {
var pub [32]byte
priv := [32]byte(*k)
// Performs ScalarBaseMult on the supplied private key, returning the public key
curve25519.ScalarBaseMult(&pub, &priv)
public := Public(pub)
return &public
}
作者:nic
项目:pon
func (c *client) doCreateAccount() error {
_, _, err := parseServer(c.server, c.dev)
if err != nil {
return err
}
if !c.dev {
// Check that Tor is running.
testConn, err := net.Dial("tcp", c.torAddress)
if err != nil {
return errors.New("Failed to connect to local Tor: " + err.Error())
}
testConn.Close()
}
c.ui.Actions() <- SetText{name: "status", text: "Generating keys..."}
c.ui.Signal()
c.randBytes(c.identity[:])
curve25519.ScalarBaseMult(&c.identityPublic, &c.identity)
c.ui.Actions() <- SetText{name: "status", text: "Connecting..."}
c.ui.Signal()
conn, err := c.dialServer(c.server, false)
if err != nil {
return err
}
defer conn.Close()
c.ui.Actions() <- SetText{name: "status", text: "Requesting new account..."}
c.ui.Signal()
c.generation = uint32(c.randId())
request := new(pond.Request)
request.NewAccount = &pond.NewAccount{
Generation: proto.Uint32(c.generation),
Group: c.groupPriv.Group.Marshal(),
}
if err := conn.WriteProto(request); err != nil {
return err
}
reply := new(pond.Reply)
if err := conn.ReadProto(reply); err != nil {
return err
}
if err := replyToError(reply); err != nil {
return err
}
c.ui.Actions() <- SetText{name: "status", text: "Done"}
c.ui.Signal()
return nil
}
作者:garry41
项目:goa
// GetKeyExchangeMaterial returns key exchange information from the
// ratchet.
func (r *Ratchet) GetKeyExchangeMaterial() (kx *KeyExchange, err error) {
if r.kxPrivate0 == nil || r.kxPrivate1 == nil {
return new(KeyExchange), errors.New("ratchet: handshake already complete")
}
var public0, public1, myIdentity [32]byte
curve25519.ScalarBaseMult(&public0, r.kxPrivate0)
curve25519.ScalarBaseMult(&public1, r.kxPrivate1)
curve25519.ScalarBaseMult(&myIdentity, &r.myIdentityPrivate)
kx = &KeyExchange{
IdentityPublic: toSlice(myIdentity),
Dh: toSlice(public0),
Dh1: toSlice(public1),
}
return
}
作者:houndbe
项目:pon
func TestHandshake(t *testing.T) {
var serverPrivate, clientPrivate, serverPublic, clientPublic [32]byte
randBytes(serverPrivate[:])
randBytes(clientPrivate[:])
curve25519.ScalarBaseMult(&serverPublic, &serverPrivate)
curve25519.ScalarBaseMult(&clientPublic, &clientPrivate)
clientError, serverError := runHandshake(&clientPrivate, &clientPublic, &serverPrivate, &serverPublic)
if clientError != nil || serverError != nil {
t.Fatalf("handshake failed: client:'%s' server:'%s'", clientError, serverError)
}
serverPublic[0] ^= 0x40
clientError, serverError = runHandshake(&clientPrivate, &clientPublic, &serverPrivate, &serverPublic)
if clientError == nil && serverError == nil {
t.Fatal("bad handshake succeeded")
}
}
作者:houndbe
项目:pon
func pairedRatchet() (a, b *Ratchet) {
var privA, pubA, privB, pubB [32]byte
io.ReadFull(rand.Reader, privA[:])
io.ReadFull(rand.Reader, privB[:])
curve25519.ScalarBaseMult(&pubA, &privA)
curve25519.ScalarBaseMult(&pubB, &privB)
// These are the "Ed25519" public keys for the two parties. Of course,
// they're not actually valid Ed25519 keys but that doesn't matter
// here.
var aSigningPublic, bSigningPublic [32]byte
io.ReadFull(rand.Reader, aSigningPublic[:])
io.ReadFull(rand.Reader, bSigningPublic[:])
a, b = New(rand.Reader), New(rand.Reader)
a.Now = nowFunc
b.Now = nowFunc
a.MyIdentityPrivate = &privA
b.MyIdentityPrivate = &privB
a.TheirIdentityPublic = &pubB
b.TheirIdentityPublic = &pubA
a.MySigningPublic = &aSigningPublic
b.MySigningPublic = &bSigningPublic
a.TheirSigningPublic = &bSigningPublic
b.TheirSigningPublic = &aSigningPublic
kxA, kxB := new(pond.KeyExchange), new(pond.KeyExchange)
if err := a.FillKeyExchange(kxA); err != nil {
panic(err)
}
if err := b.FillKeyExchange(kxB); err != nil {
panic(err)
}
if err := a.CompleteKeyExchange(kxB, true); err != nil {
panic(err)
}
if err := b.CompleteKeyExchange(kxA, true); err != nil {
panic(err)
}
return
}
作者:xxxxxhen
项目:go-ecd
func (e *curve25519ECDH) GenerateKey(rand io.Reader) (crypto.PrivateKey, crypto.PublicKey, error) {
var pub, priv [32]byte
var err error
_, err = io.ReadFull(rand, priv[:])
if err != nil {
return nil, nil, err
}
curve25519.ScalarBaseMult(&pub, &priv)
return &priv, &pub, nil
}
作者:Bobberin
项目:musing
// GenerateKey generates a new public/private key pair suitable for use with
// Seal and Open.
func GenerateKey(rand io.Reader) (publicKey, privateKey *[32]byte, err error) {
publicKey = new([32]byte)
privateKey = new([32]byte)
_, err = io.ReadFull(rand, privateKey[:])
if err != nil {
publicKey = nil
privateKey = nil
return
}
curve25519.ScalarBaseMult(publicKey, privateKey)
return
}
作者:kelsieflyn
项目:nois
func (noise255) GenerateKey(random io.Reader) (Key, error) {
var pubKey, privKey [32]byte
if random == nil {
random = rand.Reader
}
if _, err := io.ReadFull(random, privKey[:]); err != nil {
return Key{}, err
}
privKey[0] &= 248
privKey[31] &= 127
privKey[31] |= 64
curve25519.ScalarBaseMult(&pubKey, &privKey)
return Key{Private: privKey[:], Public: pubKey[:]}, nil
}
作者:jwilkin
项目:pon
// Encrypt acts like append() but appends an encrypted version of msg to out.
func (r *Ratchet) Encrypt(out, msg []byte) []byte {
if r.ratchet {
r.randBytes(r.sendRatchetPrivate[:])
copy(r.sendHeaderKey[:], r.nextSendHeaderKey[:])
var sharedKey, keyMaterial [32]byte
curve25519.ScalarMult(&sharedKey, &r.sendRatchetPrivate, &r.recvRatchetPublic)
sha := sha256.New()
sha.Write(rootKeyUpdateLabel)
sha.Write(r.rootKey[:])
sha.Write(sharedKey[:])
if r.v2 {
sha.Sum(keyMaterial[:0])
h := hmac.New(sha256.New, keyMaterial[:])
deriveKey(&r.rootKey, rootKeyLabel, h)
deriveKey(&r.nextSendHeaderKey, sendHeaderKeyLabel, h)
deriveKey(&r.sendChainKey, chainKeyLabel, h)
} else {
sha.Sum(r.rootKey[:0])
h := hmac.New(sha256.New, r.rootKey[:])
deriveKey(&r.nextSendHeaderKey, sendHeaderKeyLabel, h)
deriveKey(&r.sendChainKey, chainKeyLabel, h)
}
r.prevSendCount, r.sendCount = r.sendCount, 0
r.ratchet = false
}
h := hmac.New(sha256.New, r.sendChainKey[:])
var messageKey [32]byte
deriveKey(&messageKey, messageKeyLabel, h)
deriveKey(&r.sendChainKey, chainKeyStepLabel, h)
var sendRatchetPublic [32]byte
curve25519.ScalarBaseMult(&sendRatchetPublic, &r.sendRatchetPrivate)
var header [headerSize]byte
var headerNonce, messageNonce [24]byte
r.randBytes(headerNonce[:])
r.randBytes(messageNonce[:])
binary.LittleEndian.PutUint32(header[0:4], r.sendCount)
binary.LittleEndian.PutUint32(header[4:8], r.prevSendCount)
copy(header[8:], sendRatchetPublic[:])
copy(header[nonceInHeaderOffset:], messageNonce[:])
out = append(out, headerNonce[:]...)
out = secretbox.Seal(out, header[:], &headerNonce, &r.sendHeaderKey)
r.sendCount++
return secretbox.Seal(out, msg, &messageNonce, &messageKey)
}
作者:vecn
项目:pon
func (c *client) sendAck(msg *InboxMessage) {
// First, see if we can merge this ack with a message to the same
// contact that is pending transmission.
c.queueMutex.Lock()
for _, queuedMsg := range c.queue {
if queuedMsg.sending {
continue
}
if msg.from == queuedMsg.to && !queuedMsg.revocation {
proto := queuedMsg.message
proto.AlsoAck = append(proto.AlsoAck, msg.message.GetId())
if !tooLarge(queuedMsg) {
c.queueMutex.Unlock()
c.log.Printf("ACK merged with queued message.")
// All done.
return
}
proto.AlsoAck = proto.AlsoAck[:len(proto.AlsoAck)-1]
if len(proto.AlsoAck) == 0 {
proto.AlsoAck = nil
}
}
}
c.queueMutex.Unlock()
to := c.contacts[msg.from]
var myNextDH []byte
if to.ratchet == nil {
var nextDHPub [32]byte
curve25519.ScalarBaseMult(&nextDHPub, &to.currentDHPrivate)
myNextDH = nextDHPub[:]
}
id := c.randId()
err := c.send(to, &pond.Message{
Id: proto.Uint64(id),
Time: proto.Int64(time.Now().Unix()),
Body: make([]byte, 0),
BodyEncoding: pond.Message_RAW.Enum(),
MyNextDh: myNextDH,
InReplyTo: msg.message.Id,
SupportedVersion: proto.Int32(protoVersion),
})
if err != nil {
c.log.Errorf("Error sending message: %s", err)
}
}
作者:devic
项目:flyn
func TestCurve25519Conversion(t *testing.T) {
public, private, _ := ed25519.GenerateKey(rand.Reader)
var curve25519Public, curve25519Public2, curve25519Private [32]byte
PrivateKeyToCurve25519(&curve25519Private, private)
curve25519.ScalarBaseMult(&curve25519Public, &curve25519Private)
if !PublicKeyToCurve25519(&curve25519Public2, public) {
t.Fatalf("PublicKeyToCurve25519 failed")
}
if !bytes.Equal(curve25519Public[:], curve25519Public2[:]) {
t.Errorf("Values didn't match: curve25519 produced %x, conversion produced %x", curve25519Public[:], curve25519Public2[:])
}
}
作者:jansfe
项目:pon
func TestHandshake(t *testing.T) {
var serverPrivate, clientPrivate, serverPublic, clientPublic [32]byte
if _, err := io.ReadFull(rand.Reader, serverPrivate[:]); err != nil {
t.Fatalf("reading from rand: %s", err)
}
if _, err := io.ReadFull(rand.Reader, clientPrivate[:]); err != nil {
t.Fatalf("reading from rand: %s", err)
}
curve25519.ScalarBaseMult(&serverPublic, &serverPrivate)
curve25519.ScalarBaseMult(&clientPublic, &clientPrivate)
clientError, serverError := runHandshake(&clientPrivate, &clientPublic, &serverPrivate, &serverPublic)
if clientError != nil || serverError != nil {
t.Fatalf("handshake failed: client:'%s' server:'%s'", clientError, serverError)
}
serverPublic[0] ^= 0x40
clientError, serverError = runHandshake(&clientPrivate, &clientPublic, &serverPrivate, &serverPublic)
if clientError == nil && serverError == nil {
t.Fatal("bad handshake succeeded")
}
}
作者:nic
项目:pon
func (c *client) sendAck(msg *InboxMessage) {
to := c.contacts[msg.from]
var nextDHPub [32]byte
curve25519.ScalarBaseMult(&nextDHPub, &to.currentDHPrivate)
id := c.randId()
err := c.send(to, &pond.Message{
Id: proto.Uint64(id),
Time: proto.Int64(time.Now().Unix()),
Body: make([]byte, 0),
BodyEncoding: pond.Message_RAW.Enum(),
MyNextDh: nextDHPub[:],
InReplyTo: msg.message.Id,
SupportedVersion: proto.Int32(protoVersion),
})
if err != nil {
c.log.Errorf("Error sending message: %s", err)
}
}
