Initial commit, based mostly on https://github.com/austburn/gocrypt

2022-01-09 13:05:36 +10:30 · 2022-01-09 13:05:36 +10:30 · f17df4ce88
commit f17df4ce88
7 changed files with 230 additions and 0 deletions
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -0,0 +1,5 @@
 {
    "cSpell.words": [
        "netgiv"
    ]
 }
--- a/client.go
+++ b/client.go
@ -0,0 +1,55 @@
 package main
 import (
 	"bufio"
 	"errors"
 	"fmt"
 	"net"
 	"os"
 	"github.com/tardisx/netgiv/secure"
 )
 type Client struct {
 	port int
 }
 func (c *Client) Connect() error {
 	address := fmt.Sprintf("127.0.0.1:%d", c.port)
 	serverAddress, _ := net.ResolveTCPAddr("tcp", address)
 	conn, err := net.DialTCP("tcp", nil, serverAddress)
 	if err != nil {
 		return errors.New("Problem connecting to server, is it running?\n")
 	}
 	defer conn.Close()
 	fmt.Printf("Connection on %s\n", address)
 	sharedKey := secure.Handshake(conn)
 	secureConnection := secure.SecureConnection{Conn: conn, SharedKey: sharedKey}
 	reader := bufio.NewReader(os.Stdin)
 	for {
 		fmt.Print("> ")
 		// Read up to the newline character
 		msg, _ := reader.ReadBytes(0xA)
 		// Kill the newline char
 		msg = msg[:len(msg)-1]
 		_, err := secureConnection.Write(msg)
 		response := make([]byte, 1024)
 		_, err = secureConnection.Read(response)
 		if err != nil {
 			fmt.Print("Connection to the server was closed.\n")
 			break
 		}
 		fmt.Printf("%s\n", response)
 	}
 	return nil
 }
--- a/go.mod
+++ b/go.mod
@ -0,0 +1,8 @@
 module github.com/tardisx/netgiv
 go 1.17
 require (
 	golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 // indirect
 	golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -0,0 +1,4 @@
 golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 h1:0es+/5331RGQPcXlMfP+WrnIIS6dNnNRe0WB02W0F4M=
 golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 h1:SrN+KX8Art/Sf4HNj6Zcz06G7VEz+7w9tdXTPOZ7+l4=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
--- a/main.go
+++ b/main.go
@ -0,0 +1,25 @@
 package main
 import (
 	"flag"
 	"fmt"
 )
 func main() {
 	port := flag.Int("p", 9000, "Port to run server/client on.")
 	isServer := flag.Bool("s", false, "Set if running the server.")
 	flag.Parse()
 	if *isServer {
 		fmt.Printf("Server running on %d\n", *port)
 		s := Server{port: *port}
 		s.Run()
 	} else {
 		fmt.Printf("Client running on %d\n", *port)
 		c := Client{port: *port}
 		err := c.Connect()
 		if err != nil {
 			fmt.Print(err)
 		}
 	}
 }
--- a/secure/secure.go
+++ b/secure/secure.go
@ -0,0 +1,82 @@
 package secure
 import (
 	"bytes"
 	"crypto/rand"
 	"errors"
 	"net"
 	"golang.org/x/crypto/nacl/box"
 )
 type SecureMessage struct {
 	Msg   []byte
 	Nonce [24]byte
 }
 func (s *SecureMessage) toByteArray() []byte {
 	return append(s.Nonce[:], s.Msg[:]...)
 }
 func ConstructSecureMessage(sm []byte) SecureMessage {
 	var nonce [24]byte
 	nonceArray := sm[:24]
 	copy(nonce[:], nonceArray)
 	// Trim out all unnecessary bytes
 	msg := bytes.Trim(sm[24:], "\x00")
 	return SecureMessage{Msg: msg, Nonce: nonce}
 }
 type SecureConnection struct {
 	Conn      *net.TCPConn
 	SharedKey *[32]byte
 }
 func (s *SecureConnection) Read(p []byte) (int, error) {
 	message := make([]byte, 2048)
 	// Read the message from the buffer
 	n, err := s.Conn.Read(message)
 	secureMessage := ConstructSecureMessage(message)
 	decryptedMessage, ok := box.OpenAfterPrecomputation(nil, secureMessage.Msg, &secureMessage.Nonce, s.SharedKey)
 	if !ok {
 		return 0, errors.New("Problem decrypting the message.\n")
 	}
 	// Actually copy it to the destination byte array
 	n = copy(p, decryptedMessage)
 	return n, err
 }
 func (s *SecureConnection) Write(p []byte) (int, error) {
 	var nonce [24]byte
 	// Create a new nonce for each message sent
 	rand.Read(nonce[:])
 	encryptedMessage := box.SealAfterPrecomputation(nil, p, &nonce, s.SharedKey)
 	sm := SecureMessage{Msg: encryptedMessage, Nonce: nonce}
 	// Write it to the connection
 	return s.Conn.Write(sm.toByteArray())
 }
 func Handshake(conn *net.TCPConn) *[32]byte {
 	var peerKey, sharedKey [32]byte
 	publicKey, privateKey, _ := box.GenerateKey(rand.Reader)
 	conn.Write(publicKey[:])
 	peerKeyArray := make([]byte, 32)
 	conn.Read(peerKeyArray)
 	copy(peerKey[:], peerKeyArray)
 	box.Precompute(&sharedKey, &peerKey, privateKey)
 	return &sharedKey
 }
--- a/server.go
+++ b/server.go
@ -0,0 +1,51 @@
 package main
 import (
 	"fmt"
 	"net"
 	"os"
 	"github.com/tardisx/netgiv/secure"
 )
 type Server struct {
 	port int
 }
 func (s *Server) Run() {
 	address := fmt.Sprintf("127.0.0.1:%d", s.port)
 	networkAddress, _ := net.ResolveTCPAddr("tcp", address)
 	listener, err := net.ListenTCP("tcp", networkAddress)
 	if err != nil {
 		fmt.Print(err)
 		os.Exit(2)
 	}
 	for {
 		conn, err := listener.AcceptTCP()
 		if err != nil {
 			fmt.Print(err)
 		}
 		go handleConnection(conn)
 	}
 }
 func handleConnection(conn *net.TCPConn) {
 	defer conn.Close()
 	sharedKey := secure.Handshake(conn)
 	secureConnection := secure.SecureConnection{Conn: conn, SharedKey: sharedKey}
 	for {
 		msg := make([]byte, 1024)
 		_, err := secureConnection.Read(msg)
 		if err != nil {
 			break
 		}
 		secureConnection.Write(msg)
 	}
 }