From e15ce28618d5c291acc98a6ebb4502e6975bf05e Mon Sep 17 00:00:00 2001 From: Mikkel Krautz Date: Sat, 14 May 2011 18:50:07 +0200 Subject: [PATCH] cryptstate: s/AESBlockSize/aes.BlockSize, rename to grumble/cryptstate. --- client.go | 2 +- message.go | 10 ++-- pkg/cryptstate/Makefile | 5 +- pkg/cryptstate/cryptstate.go | 95 +++++++++++++++---------------- pkg/cryptstate/cryptstate_test.go | 31 +++++----- server.go | 2 +- 6 files changed, 73 insertions(+), 72 deletions(-) diff --git a/client.go b/client.go index d53b6fb..9206c4c 100644 --- a/client.go +++ b/client.go @@ -12,8 +12,8 @@ import ( "encoding/binary" "goprotobuf.googlecode.com/hg/proto" "mumbleproto" - "cryptstate" "grumble/blobstore" + "grumble/cryptstate" "io" "packetdatastream" "time" diff --git a/message.go b/message.go index f0f9972..b700447 100644 --- a/message.go +++ b/message.go @@ -5,11 +5,11 @@ package main import ( + "crypto/aes" "crypto/tls" "mumbleproto" "goprotobuf.googlecode.com/hg/proto" "net" - "cryptstate" "fmt" "grumble/ban" "grumble/blobstore" @@ -89,19 +89,19 @@ func (server *Server) handleCryptSetup(client *Client, msg *Message) { // is requesting that we re-sync our nonces. if len(cs.ClientNonce) == 0 { client.Printf("Requested crypt-nonce resync") - cs.ClientNonce = make([]byte, cryptstate.AESBlockSize) - if copy(cs.ClientNonce, client.crypt.EncryptIV[0:]) != cryptstate.AESBlockSize { + cs.ClientNonce = make([]byte, aes.BlockSize) + if copy(cs.ClientNonce, client.crypt.EncryptIV[0:]) != aes.BlockSize { return } client.sendProtoMessage(MessageCryptSetup, cs) } else { client.Printf("Received client nonce") - if len(cs.ClientNonce) != cryptstate.AESBlockSize { + if len(cs.ClientNonce) != aes.BlockSize { return } client.crypt.Resync += 1 - if copy(client.crypt.DecryptIV[0:], cs.ClientNonce) != cryptstate.AESBlockSize { + if copy(client.crypt.DecryptIV[0:], cs.ClientNonce) != aes.BlockSize { return } client.Printf("Crypt re-sync successful") diff --git a/pkg/cryptstate/Makefile b/pkg/cryptstate/Makefile index 0aee113..97b894b 100644 --- a/pkg/cryptstate/Makefile +++ b/pkg/cryptstate/Makefile @@ -1,6 +1,7 @@ include $(GOROOT)/src/Make.inc -TARG = cryptstate -GOFILES = cryptstate.go +TARG = grumble/cryptstate +GOFILES = \ + cryptstate.go include $(GOROOT)/src/Make.pkg diff --git a/pkg/cryptstate/cryptstate.go b/pkg/cryptstate/cryptstate.go index 692d09f..a6a12cf 100644 --- a/pkg/cryptstate/cryptstate.go +++ b/pkg/cryptstate/cryptstate.go @@ -12,13 +12,12 @@ import ( "time" ) -const AESBlockSize = 16 const DecryptHistorySize = 0x100 type CryptState struct { - RawKey [AESBlockSize]byte - EncryptIV [AESBlockSize]byte - DecryptIV [AESBlockSize]byte + RawKey [aes.BlockSize]byte + EncryptIV [aes.BlockSize]byte + DecryptIV [aes.BlockSize]byte decryptHistory [DecryptHistorySize]byte LastGoodTime int64 @@ -55,17 +54,17 @@ func (cs *CryptState) GenerateKey() (err os.Error) { } func (cs *CryptState) SetKey(key []byte, eiv []byte, div []byte) (err os.Error) { - if copy(cs.RawKey[0:], key[0:]) != AESBlockSize { + if copy(cs.RawKey[0:], key[0:]) != aes.BlockSize { err = os.NewError("Unable to copy key") return } - if copy(cs.EncryptIV[0:], eiv[0:]) != AESBlockSize { + if copy(cs.EncryptIV[0:], eiv[0:]) != aes.BlockSize { err = os.NewError("Unable to copy EIV") return } - if copy(cs.DecryptIV[0:], div[0:]) != AESBlockSize { + if copy(cs.DecryptIV[0:], div[0:]) != aes.BlockSize { err = os.NewError("Unable to copy DIV") return } @@ -90,8 +89,8 @@ func (cs *CryptState) Decrypt(dst, src []byte) (err os.Error) { return } - var saveiv [AESBlockSize]byte - var tag [AESBlockSize]byte + var saveiv [aes.BlockSize]byte + var tag [aes.BlockSize]byte var ivbyte byte var restore bool lost := 0 @@ -100,7 +99,7 @@ func (cs *CryptState) Decrypt(dst, src []byte) (err os.Error) { ivbyte = src[0] restore = false - if copy(saveiv[0:], cs.DecryptIV[0:]) != AESBlockSize { + if copy(saveiv[0:], cs.DecryptIV[0:]) != aes.BlockSize { err = os.NewError("Copy failed") return } @@ -111,7 +110,7 @@ func (cs *CryptState) Decrypt(dst, src []byte) (err os.Error) { cs.DecryptIV[0] = ivbyte } else if ivbyte < cs.DecryptIV[0] { cs.DecryptIV[0] = ivbyte - for i := 1; i < AESBlockSize; i++ { + for i := 1; i < aes.BlockSize; i++ { cs.DecryptIV[i] += 1 if cs.DecryptIV[i] > 0 { break @@ -141,7 +140,7 @@ func (cs *CryptState) Decrypt(dst, src []byte) (err os.Error) { late = 1 lost = -1 cs.DecryptIV[0] = ivbyte - for i := 1; i < AESBlockSize; i++ { + for i := 1; i < aes.BlockSize; i++ { cs.DecryptIV[i] -= 1 if cs.DecryptIV[i] > 0 { break @@ -156,7 +155,7 @@ func (cs *CryptState) Decrypt(dst, src []byte) (err os.Error) { // Lost a few packets, and wrapped around lost = int(256 - int(cs.DecryptIV[0]) + int(ivbyte) - 1) cs.DecryptIV[0] = ivbyte - for i := 1; i < AESBlockSize; i++ { + for i := 1; i < aes.BlockSize; i++ { cs.DecryptIV[i] += 1 if cs.DecryptIV[i] > 0 { break @@ -168,8 +167,8 @@ func (cs *CryptState) Decrypt(dst, src []byte) (err os.Error) { } if cs.decryptHistory[cs.DecryptIV[0]] == cs.DecryptIV[0] { - if copy(cs.DecryptIV[0:], saveiv[0:]) != AESBlockSize { - err = os.NewError("Failed to copy AESBlockSize bytes") + if copy(cs.DecryptIV[0:], saveiv[0:]) != aes.BlockSize { + err = os.NewError("Failed to copy aes.BlockSize bytes") return } } @@ -179,7 +178,7 @@ func (cs *CryptState) Decrypt(dst, src []byte) (err os.Error) { for i := 0; i < 3; i++ { if tag[i] != src[i+1] { - if copy(cs.DecryptIV[0:], saveiv[0:]) != AESBlockSize { + if copy(cs.DecryptIV[0:], saveiv[0:]) != aes.BlockSize { err = os.NewError("Error while trying to recover from error") return } @@ -191,7 +190,7 @@ func (cs *CryptState) Decrypt(dst, src []byte) (err os.Error) { cs.decryptHistory[cs.DecryptIV[0]] = cs.DecryptIV[0] if restore { - if copy(cs.DecryptIV[0:], saveiv[0:]) != AESBlockSize { + if copy(cs.DecryptIV[0:], saveiv[0:]) != aes.BlockSize { err = os.NewError("Error while trying to recover IV") return } @@ -215,7 +214,7 @@ func (cs *CryptState) Decrypt(dst, src []byte) (err os.Error) { } func (cs *CryptState) Encrypt(dst, src []byte) { - var tag [AESBlockSize]byte + var tag [aes.BlockSize]byte // First, increase our IV for i := range cs.EncryptIV { @@ -242,53 +241,53 @@ func zeros(block []byte) { } func xor(dst []byte, a []byte, b []byte) { - for i := 0; i < AESBlockSize; i++ { + for i := 0; i < aes.BlockSize; i++ { dst[i] = a[i] ^ b[i] } } func times2(block []byte) { carry := (block[0] >> 7) & 0x1 - for i := 0; i < AESBlockSize-1; i++ { + for i := 0; i < aes.BlockSize-1; i++ { block[i] = (block[i] << 1) | ((block[i+1] >> 7) & 0x1) } - block[AESBlockSize-1] = (block[AESBlockSize-1] << 1) ^ (carry * 135) + block[aes.BlockSize-1] = (block[aes.BlockSize-1] << 1) ^ (carry * 135) } func times3(block []byte) { carry := (block[0] >> 7) & 0x1 - for i := 0; i < AESBlockSize-1; i++ { + for i := 0; i < aes.BlockSize-1; i++ { block[i] ^= (block[i] << 1) | ((block[i+1] >> 7) & 0x1) } - block[AESBlockSize-1] ^= ((block[AESBlockSize-1] << 1) ^ (carry * 135)) + block[aes.BlockSize-1] ^= ((block[aes.BlockSize-1] << 1) ^ (carry * 135)) } func (cs *CryptState) OCBEncrypt(dst []byte, src []byte, nonce []byte, tag []byte) (err os.Error) { - var delta [AESBlockSize]byte - var checksum [AESBlockSize]byte - var tmp [AESBlockSize]byte - var pad [AESBlockSize]byte + var delta [aes.BlockSize]byte + var checksum [aes.BlockSize]byte + var tmp [aes.BlockSize]byte + var pad [aes.BlockSize]byte off := 0 cs.cipher.Encrypt(delta[0:], cs.EncryptIV[0:]) zeros(checksum[0:]) remain := len(src) - for remain > AESBlockSize { + for remain > aes.BlockSize { times2(delta[0:]) - xor(tmp[0:], delta[0:], src[off:off+AESBlockSize]) + xor(tmp[0:], delta[0:], src[off:off+aes.BlockSize]) cs.cipher.Encrypt(tmp[0:], tmp[0:]) - xor(dst[off:off+AESBlockSize], delta[0:], tmp[0:]) - xor(checksum[0:], checksum[0:], src[off:off+AESBlockSize]) - remain -= AESBlockSize - off += AESBlockSize + xor(dst[off:off+aes.BlockSize], delta[0:], tmp[0:]) + xor(checksum[0:], checksum[0:], src[off:off+aes.BlockSize]) + remain -= aes.BlockSize + off += aes.BlockSize } times2(delta[0:]) zeros(tmp[0:]) num := remain * 8 - tmp[AESBlockSize-2] = uint8((uint32(num) >> 8) & 0xff) - tmp[AESBlockSize-1] = uint8(num & 0xff) + tmp[aes.BlockSize-2] = uint8((uint32(num) >> 8) & 0xff) + tmp[aes.BlockSize-1] = uint8(num & 0xff) xor(tmp[0:], tmp[0:], delta[0:]) cs.cipher.Encrypt(pad[0:], tmp[0:]) copied := copy(tmp[0:], src[off:]) @@ -296,7 +295,7 @@ func (cs *CryptState) OCBEncrypt(dst []byte, src []byte, nonce []byte, tag []byt err = os.NewError("Copy failed") return } - if copy(tmp[copied:], pad[copied:]) != (AESBlockSize - remain) { + if copy(tmp[copied:], pad[copied:]) != (aes.BlockSize - remain) { err = os.NewError("Copy failed") return } @@ -315,31 +314,31 @@ func (cs *CryptState) OCBEncrypt(dst []byte, src []byte, nonce []byte, tag []byt } func (cs *CryptState) OCBDecrypt(plain []byte, encrypted []byte, nonce []byte, tag []byte) (err os.Error) { - var checksum [AESBlockSize]byte - var delta [AESBlockSize]byte - var tmp [AESBlockSize]byte - var pad [AESBlockSize]byte + var checksum [aes.BlockSize]byte + var delta [aes.BlockSize]byte + var tmp [aes.BlockSize]byte + var pad [aes.BlockSize]byte off := 0 cs.cipher.Encrypt(delta[0:], nonce[0:]) zeros(checksum[0:]) remain := len(encrypted) - for remain > AESBlockSize { + for remain > aes.BlockSize { times2(delta[0:]) - xor(tmp[0:], delta[0:], encrypted[off:off+AESBlockSize]) + xor(tmp[0:], delta[0:], encrypted[off:off+aes.BlockSize]) cs.cipher.Decrypt(tmp[0:], tmp[0:]) - xor(plain[off:off+AESBlockSize], delta[0:], tmp[0:]) - xor(checksum[0:], checksum[0:], plain[off:off+AESBlockSize]) - off += AESBlockSize - remain -= AESBlockSize + xor(plain[off:off+aes.BlockSize], delta[0:], tmp[0:]) + xor(checksum[0:], checksum[0:], plain[off:off+aes.BlockSize]) + off += aes.BlockSize + remain -= aes.BlockSize } times2(delta[0:]) zeros(tmp[0:]) num := remain * 8 - tmp[AESBlockSize-2] = uint8((uint32(num) >> 8) & 0xff) - tmp[AESBlockSize-1] = uint8(num & 0xff) + tmp[aes.BlockSize-2] = uint8((uint32(num) >> 8) & 0xff) + tmp[aes.BlockSize-1] = uint8(num & 0xff) xor(tmp[0:], tmp[0:], delta[0:]) cs.cipher.Encrypt(pad[0:], tmp[0:]) zeros(tmp[0:]) diff --git a/pkg/cryptstate/cryptstate_test.go b/pkg/cryptstate/cryptstate_test.go index f6dd0c6..455794a 100644 --- a/pkg/cryptstate/cryptstate_test.go +++ b/pkg/cryptstate/cryptstate_test.go @@ -1,6 +1,7 @@ package cryptstate import ( + "crypto/aes" "testing" ) @@ -20,10 +21,10 @@ func BlockCompare(a []byte, b []byte) (match bool) { } func TestTimes2(t *testing.T) { - msg := [AESBlockSize]byte{ + msg := [aes.BlockSize]byte{ 0x80, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, } - expected := [AESBlockSize]byte{ + expected := [aes.BlockSize]byte{ 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7b, } @@ -34,10 +35,10 @@ func TestTimes2(t *testing.T) { } func TestTimes3(t *testing.T) { - msg := [AESBlockSize]byte{ + msg := [aes.BlockSize]byte{ 0x80, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, } - expected := [AESBlockSize]byte{ + expected := [aes.BlockSize]byte{ 0x81, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x85, } @@ -48,7 +49,7 @@ func TestTimes3(t *testing.T) { } func TestZeros(t *testing.T) { - var msg [AESBlockSize]byte + var msg [aes.BlockSize]byte zeros(msg[0:]) for i := 0; i < len(msg); i++ { if msg[i] != 0 { @@ -58,10 +59,10 @@ func TestZeros(t *testing.T) { } func TestXor(t *testing.T) { - msg := [AESBlockSize]byte{ + msg := [aes.BlockSize]byte{ 0x80, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, } - var out [AESBlockSize]byte + var out [aes.BlockSize]byte xor(out[0:], msg[0:], msg[0:]) for i := 0; i < len(out); i++ { if out[i] != 0 { @@ -74,19 +75,19 @@ func TestEncrypt(t *testing.T) { msg := [15]byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, } - key := [AESBlockSize]byte{ + key := [aes.BlockSize]byte{ 0x96, 0x8b, 0x1b, 0x0c, 0x53, 0x1e, 0x1f, 0x80, 0xa6, 0x1d, 0xcb, 0x27, 0x94, 0x09, 0x6f, 0x32, } - eiv := [AESBlockSize]byte{ + eiv := [aes.BlockSize]byte{ 0x1e, 0x2a, 0x9b, 0xd0, 0x2d, 0xa6, 0x8e, 0x46, 0x26, 0x85, 0x83, 0xe9, 0x14, 0x2a, 0xff, 0x2a, } - div := [AESBlockSize]byte{ + div := [aes.BlockSize]byte{ 0x73, 0x99, 0x9d, 0xa2, 0x03, 0x70, 0x00, 0x96, 0xef, 0x55, 0x06, 0x7a, 0x8b, 0xbe, 0x00, 0x07, } expected := [19]byte{ 0x1f, 0xfc, 0xdd, 0xb4, 0x68, 0x13, 0x68, 0xb7, 0x92, 0x67, 0xca, 0x2d, 0xba, 0xb7, 0x0d, 0x44, 0xdf, 0x32, 0xd4, } - expected_eiv := [AESBlockSize]byte{ + expected_eiv := [aes.BlockSize]byte{ 0x1f, 0x2a, 0x9b, 0xd0, 0x2d, 0xa6, 0x8e, 0x46, 0x26, 0x85, 0x83, 0xe9, 0x14, 0x2a, 0xff, 0x2a, } @@ -109,13 +110,13 @@ func TestEncrypt(t *testing.T) { } func TestDecrypt(t *testing.T) { - key := [AESBlockSize]byte{ + key := [aes.BlockSize]byte{ 0x96, 0x8b, 0x1b, 0x0c, 0x53, 0x1e, 0x1f, 0x80, 0xa6, 0x1d, 0xcb, 0x27, 0x94, 0x09, 0x6f, 0x32, } - eiv := [AESBlockSize]byte{ + eiv := [aes.BlockSize]byte{ 0x1e, 0x2a, 0x9b, 0xd0, 0x2d, 0xa6, 0x8e, 0x46, 0x26, 0x85, 0x83, 0xe9, 0x14, 0x2a, 0xff, 0x2a, } - div := [AESBlockSize]byte{ + div := [aes.BlockSize]byte{ 0x73, 0x99, 0x9d, 0xa2, 0x03, 0x70, 0x00, 0x96, 0xef, 0x55, 0x06, 0x7a, 0x8b, 0xbe, 0x00, 0x07, } crypted := [19]byte{ @@ -124,7 +125,7 @@ func TestDecrypt(t *testing.T) { expected := [15]byte{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, } - post_div := [AESBlockSize]byte{ + post_div := [aes.BlockSize]byte{ 0x1f, 0x2a, 0x9b, 0xd0, 0x2d, 0xa6, 0x8e, 0x46, 0x26, 0x85, 0x83, 0xe9, 0x14, 0x2a, 0xff, 0x2a, } diff --git a/server.go b/server.go index 8e57944..a975ab6 100644 --- a/server.go +++ b/server.go @@ -18,11 +18,11 @@ import ( "sync" "goprotobuf.googlecode.com/hg/proto" "mumbleproto" - "cryptstate" "fmt" "gob" "grumble/ban" "grumble/blobstore" + "grumble/cryptstate" "grumble/serverconf" "grumble/sessionpool" "hash"