diff --git a/internal/client/auth.go b/internal/client/auth.go index 939a34d..4925541 100644 --- a/internal/client/auth.go +++ b/internal/client/auth.go @@ -4,6 +4,7 @@ import ( "encoding/binary" "github.com/cbeuw/Cloak/internal/common" "github.com/cbeuw/Cloak/internal/ecdh" + log "github.com/sirupsen/logrus" ) const ( @@ -26,7 +27,10 @@ func makeAuthenticationPayload(authInfo AuthInfo) (ret authenticationPayload, sh | 16 bytes | 12 bytes | 1 byte | 8 bytes | 4 bytes | 1 byte | 6 bytes | +----------+----------------+---------------------+-------------+--------------+--------+------------+ */ - ephPv, ephPub, _ := ecdh.GenerateKey(authInfo.WorldState.Rand) + ephPv, ephPub, err := ecdh.GenerateKey(authInfo.WorldState.Rand) + if err != nil { + log.Panicf("failed to generate ephemeral key pair: %v", err) + } copy(ret.randPubKey[:], ecdh.Marshal(ephPub)) plaintext := make([]byte, 48) @@ -40,7 +44,11 @@ func makeAuthenticationPayload(authInfo AuthInfo) (ret authenticationPayload, sh plaintext[41] |= UNORDERED_FLAG } - copy(sharedSecret[:], ecdh.GenerateSharedSecret(ephPv, authInfo.ServerPubKey)) + secret, err := ecdh.GenerateSharedSecret(ephPv, authInfo.ServerPubKey) + if err != nil { + log.Panicf("error in generating shared secret: %v", err) + } + copy(sharedSecret[:], secret) ciphertextWithTag, _ := common.AESGCMEncrypt(ret.randPubKey[:12], sharedSecret[:], plaintext) copy(ret.ciphertextWithTag[:], ciphertextWithTag[:]) return diff --git a/internal/ecdh/curve25519.go b/internal/ecdh/curve25519.go index 94d066b..5744c5e 100644 --- a/internal/ecdh/curve25519.go +++ b/internal/ecdh/curve25519.go @@ -68,13 +68,11 @@ func Unmarshal(data []byte) (crypto.PublicKey, bool) { return &pub, true } -func GenerateSharedSecret(privKey crypto.PrivateKey, pubKey crypto.PublicKey) []byte { - var priv, pub, secret *[32]byte +func GenerateSharedSecret(privKey crypto.PrivateKey, pubKey crypto.PublicKey) ([]byte, error) { + var priv, pub *[32]byte priv = privKey.(*[32]byte) pub = pubKey.(*[32]byte) - secret = new([32]byte) - curve25519.ScalarMult(secret, priv, pub) - return secret[:] + return curve25519.X25519(priv[:], pub[:]) } diff --git a/internal/ecdh/curve25519_test.go b/internal/ecdh/curve25519_test.go index 8e9a1c1..39d56ba 100644 --- a/internal/ecdh/curve25519_test.go +++ b/internal/ecdh/curve25519_test.go @@ -90,11 +90,11 @@ func testECDH(t testing.TB) { t.Fatalf("Unmarshal does not work") } - secret1 = GenerateSharedSecret(privKey1, pubKey2) + secret1, err = GenerateSharedSecret(privKey1, pubKey2) if err != nil { t.Error(err) } - secret2 = GenerateSharedSecret(privKey2, pubKey1) + secret2, err = GenerateSharedSecret(privKey2, pubKey1) if err != nil { t.Error(err) } diff --git a/internal/server/TLS.go b/internal/server/TLS.go index 8a0ea6a..0e66387 100644 --- a/internal/server/TLS.go +++ b/internal/server/TLS.go @@ -79,7 +79,13 @@ func (TLS) unmarshalClientHello(ch *ClientHello, staticPv crypto.PrivateKey) (fr return } - copy(fragments.sharedSecret[:], ecdh.GenerateSharedSecret(staticPv, ephPub)) + var sharedSecret []byte + sharedSecret, err = ecdh.GenerateSharedSecret(staticPv, ephPub) + if err != nil { + return + } + + copy(fragments.sharedSecret[:], sharedSecret) var keyShare []byte keyShare, err = parseKeyShare(ch.extensions[[2]byte{0x00, 0x33}]) if err != nil { diff --git a/internal/server/websocket.go b/internal/server/websocket.go index 2b192b9..1c9e940 100644 --- a/internal/server/websocket.go +++ b/internal/server/websocket.go @@ -84,7 +84,13 @@ func (WebSocket) unmarshalHidden(hidden []byte, staticPv crypto.PrivateKey) (fra return } - copy(fragments.sharedSecret[:], ecdh.GenerateSharedSecret(staticPv, ephPub)) + var sharedSecret []byte + sharedSecret, err = ecdh.GenerateSharedSecret(staticPv, ephPub) + if err != nil { + return + } + + copy(fragments.sharedSecret[:], sharedSecret) if len(hidden[32:]) != 64 { err = fmt.Errorf("%v: %v", ErrCiphertextLength, len(hidden[32:]))