powerdlz23 1.2.2 → 1.2.3

package/pto/crypto/README.md

@@ -0,0 +1 @@
+一些涉及到加密和安全的代码。

package/pto/crypto/aes256cbc/README.md

@@ -0,0 +1,59 @@
+# This package fork from github.com/luzifer/go-openssl
+
+`go-openssl` is a small library wrapping the `crypto/aes` functions in a way the output is compatible to OpenSSL / CryptoJS. For all encryption / decryption processes AES256 is used so this library will not be able to decrypt messages generated with other than `openssl aes-256-cbc`. If you're using CryptoJS to process the data you also need to use AES256 on that side.
+
+## Installation
+
+```
+git clone https://github.com/funny/crypto
+```
+
+## Usage example
+
+The usage is quite simple as you don't need any special knowledge about OpenSSL and/or AES256:
+
+### Encrypt
+
+```go
+import (
+  "fmt"
+  "github.com/funny/crypto/aes256cbc"
+)
+
+func main() {
+  plaintext := "Hello World!"
+  passphrase := "z4yH36a6zerhfE5427ZV"
+
+  enc, err := aes256cbc.EncryptString(passphrase, plaintext)
+  if err != nil {
+    fmt.Printf("An error occurred: %s\n", err)
+  }
+
+  fmt.Printf("Encrypted text: %s\n", string(enc))
+}
+```
+
+### Decrypt
+
+```go
+import (
+  "fmt"
+  "github.com/funny/crypto/aes256cbc"
+)
+
+func main() {
+	opensslEncrypted := "U2FsdGVkX19ZM5qQJGe/d5A/4pccgH+arBGTp+QnWPU="
+	passphrase := "z4yH36a6zerhfE5427ZV"
+
+	dec, err := aes256cbc.DecryptString(passphrase, opensslEncrypted)
+	if err != nil {
+		fmt.Printf("An error occurred: %s\n", err)
+	}
+
+	fmt.Printf("Decrypted text: %s\n", string(dec))
+}
+```
+
+## Testing
+
+To execute the tests for this library you need to be on a system having `/bin/bash` and `openssl` available as the compatibility of the output is tested directly against the `openssl` binary. The library itself should be usable on all operating systems supported by Go and `crypto/aes`.

package/pto/crypto/aes256cbc/aes256cbc.go

@@ -0,0 +1,172 @@
+// Package aes256cbc is a helper to generate OpenSSL compatible encryption
+// with autmatic IV derivation and storage. As long as the key is known all
+// data can also get decrypted using OpenSSL CLI.
+// Code from http://dequeue.blogspot.de/2014/11/decrypting-something-encrypted-with.html
+package aes256cbc
+
+import (
+	"bytes"
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/md5"
+	"crypto/rand"
+	"encoding/base64"
+	"fmt"
+	"io"
+)
+
+// OpenSSL salt is always this string + 8 bytes of actual salt
+var openSSLSaltHeader = []byte("Salted__")
+
+type openSSLCreds [48]byte
+
+// openSSLEvpBytesToKey follows the OpenSSL (undocumented?) convention for extracting the key and IV from passphrase.
+// It uses the EVP_BytesToKey() method which is basically:
+// D_i = HASH^count(D_(i-1) || password || salt) where || denotes concatentaion, until there are sufficient bytes available
+// 48 bytes since we're expecting to handle AES-256, 32bytes for a key and 16bytes for the IV
+func (c *openSSLCreds) Extract(password, salt []byte) (key, iv []byte) {
+	m := c[:]
+	buf := make([]byte, 0, 16+len(password)+len(salt))
+	var prevSum [16]byte
+	for i := 0; i < 3; i++ {
+		n := 0
+		if i > 0 {
+			n = 16
+		}
+		buf = buf[:n+len(password)+len(salt)]
+		copy(buf, prevSum[:])
+		copy(buf[n:], password)
+		copy(buf[n+len(password):], salt)
+		prevSum = md5.Sum(buf)
+		copy(m[i*16:], prevSum[:])
+	}
+	return c[:32], c[32:]
+}
+
+// DecryptString decrypts a base64 encoded string that was encrypted using OpenSSL and AES-256-CBC.
+func DecryptString(passphrase, encryptedBase64String string) (string, error) {
+	text, err := DecryptBase64([]byte(passphrase), []byte(encryptedBase64String))
+	return string(text), err
+}
+
+// DecryptBase64 decrypts a base64 encoded []byte that was encrypted using OpenSSL and AES-256-CBC.
+func DecryptBase64(passphrase, encryptedBase64 []byte) ([]byte, error) {
+	encrypted := make([]byte, base64.StdEncoding.DecodedLen(len(encryptedBase64)))
+	n, err := base64.StdEncoding.Decode(encrypted, encryptedBase64)
+	if err != nil {
+		return nil, err
+	}
+	return Decrypt(passphrase, encrypted[:n])
+}
+
+// Decrypt decrypts a []byte that was encrypted using OpenSSL and AES-256-CBC.
+func Decrypt(passphrase, encrypted []byte) ([]byte, error) {
+	if len(encrypted) < aes.BlockSize {
+		return nil, fmt.Errorf("Cipher data length less than aes block size")
+	}
+	saltHeader := encrypted[:aes.BlockSize]
+	if !bytes.Equal(saltHeader[:8], openSSLSaltHeader) {
+		return nil, fmt.Errorf("Does not appear to have been encrypted with OpenSSL, salt header missing.")
+	}
+	var creds openSSLCreds
+	key, iv := creds.Extract(passphrase, saltHeader[8:])
+
+	if len(encrypted) == 0 || len(encrypted)%aes.BlockSize != 0 {
+		return nil, fmt.Errorf("bad blocksize(%v), aes.BlockSize = %v\n", len(encrypted), aes.BlockSize)
+	}
+	c, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	cbc := cipher.NewCBCDecrypter(c, iv)
+	cbc.CryptBlocks(encrypted[aes.BlockSize:], encrypted[aes.BlockSize:])
+	return pkcs7Unpad(encrypted[aes.BlockSize:])
+}
+
+// EncryptString encrypts a string in a manner compatible to OpenSSL encryption
+// functions using AES-256-CBC as encryption algorithm and encode to base64 format.
+func EncryptString(passphrase, plaintextString string) (string, error) {
+	encryptedBase64, err := EncryptBase64([]byte(passphrase), []byte(plaintextString))
+	return string(encryptedBase64), err
+}
+
+// EncryptBase64 encrypts a []byte in a manner compatible to OpenSSL encryption
+// functions using AES-256-CBC as encryption algorithm and encode to base64 format.
+func EncryptBase64(passphrase, plaintext []byte) ([]byte, error) {
+	encrypted, err := Encrypt(passphrase, plaintext)
+	encryptedBase64 := make([]byte, base64.StdEncoding.EncodedLen(len(encrypted)))
+	base64.StdEncoding.Encode(encryptedBase64, encrypted)
+	return encryptedBase64, err
+}
+
+// Encrypt encrypts a []byte in a manner compatible to OpenSSL encryption
+// functions using AES-256-CBC as encryption algorithm
+func Encrypt(passphrase, plaintext []byte) ([]byte, error) {
+	var salt [8]byte // Generate an 8 byte salt
+	_, err := io.ReadFull(rand.Reader, salt[:])
+	if err != nil {
+		return nil, err
+	}
+
+	data := make([]byte, len(plaintext)+aes.BlockSize, len(plaintext)+aes.BlockSize+1 /* for append '\n' */)
+	copy(data[0:], openSSLSaltHeader)
+	copy(data[8:], salt[:])
+	copy(data[aes.BlockSize:], plaintext)
+
+	var creds openSSLCreds
+	key, iv := creds.Extract(passphrase, salt[:])
+	encrypted, err := encrypt(key, iv, data)
+	if err != nil {
+		return nil, err
+	}
+	return encrypted, nil
+}
+
+func encrypt(key, iv, data []byte) ([]byte, error) {
+	padded, err := pkcs7Pad(data)
+	if err != nil {
+		return nil, err
+	}
+	c, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	cbc := cipher.NewCBCEncrypter(c, iv)
+	cbc.CryptBlocks(padded[aes.BlockSize:], padded[aes.BlockSize:])
+	return padded, nil
+}
+
+var padPatterns [aes.BlockSize+1][]byte
+
+func init() {
+	for i := 0; i < len(padPatterns); i++ {
+		padPatterns[i] = bytes.Repeat([]byte{byte(i)}, i)
+	}
+}
+
+// pkcs7Pad appends padding.
+func pkcs7Pad(data []byte) ([]byte, error) {
+	if len(data)%aes.BlockSize == 0 {
+		return data, nil
+	}
+	padlen := 1
+	for ((len(data) + padlen) % aes.BlockSize) != 0 {
+		padlen = padlen + 1
+	}
+	return append(data, padPatterns[padlen]...), nil
+}
+
+// pkcs7Unpad returns slice of the original data without padding.
+func pkcs7Unpad(data []byte) ([]byte, error) {
+	if len(data)%aes.BlockSize != 0 || len(data) == 0 {
+		return nil, fmt.Errorf("invalid data len %d", len(data))
+	}
+	padlen := int(data[len(data)-1])
+	if padlen > aes.BlockSize || padlen == 0 {
+		return nil, fmt.Errorf("invalid padding")
+	}
+	if !bytes.Equal(padPatterns[padlen], data[len(data)-padlen:]) {
+		return nil, fmt.Errorf("invalid padding")
+	}
+	return data[:len(data)-padlen], nil
+}

package/pto/crypto/aes256cbc/aes256cbc_test.go

@@ -0,0 +1,105 @@
+package aes256cbc
+
+import (
+	"bytes"
+	"fmt"
+	"os/exec"
+	"testing"
+)
+
+func Benchmark_Decrypt(b *testing.B) {
+	opensslEncrypted := []byte("U2FsdGVkX19ZM5qQJGe/d5A/4pccgH+arBGTp+QnWPU=")
+	passphrase := []byte("z4yH36a6zerhfE5427ZV")
+	for i := 0; i < b.N; i++ {
+		DecryptBase64(passphrase, opensslEncrypted)
+	}
+}
+
+func TestDecryptFromString(t *testing.T) {
+	// > echo -n "hallowelt" | openssl aes-256-cbc -pass pass:z4yH36a6zerhfE5427ZV -a -salt
+	// U2FsdGVkX19ZM5qQJGe/d5A/4pccgH+arBGTp+QnWPU=
+
+	opensslEncrypted := "U2FsdGVkX19ZM5qQJGe/d5A/4pccgH+arBGTp+QnWPU="
+	passphrase := "z4yH36a6zerhfE5427ZV"
+
+	data, err := DecryptString(passphrase, opensslEncrypted)
+
+	if err != nil {
+		t.Fatalf("Test errored: %s", err)
+	}
+
+	if string(data) != "hallowelt" {
+		t.Errorf("Decryption output did not equal expected output.")
+	}
+}
+
+func TestEncryptToDecrypt(t *testing.T) {
+	plaintext := "hallowelt"
+	passphrase := "z4yH36a6zerhfE5427ZV"
+
+	enc, err := EncryptString(passphrase, plaintext)
+	if err != nil {
+		t.Fatalf("Test errored at encrypt: %s", err)
+	}
+
+	dec, err := DecryptString(passphrase, string(enc))
+	if err != nil {
+		t.Fatalf("Test errored at decrypt: %s", err)
+	}
+
+	if string(dec) != plaintext {
+		t.Errorf("Decrypted text did not match input.")
+	}
+}
+
+func TestEncryptToOpenSSL(t *testing.T) {
+	plaintext := "hallowelt"
+	passphrase := "z4yH36a6zerhfE5427ZV"
+
+	enc, err := EncryptString(passphrase, plaintext)
+	if err != nil {
+		t.Fatalf("Test errored at encrypt: %s", err)
+	}
+
+	// WTF? Without "echo" openssl tells us "error reading input file"
+	cmd := exec.Command("/bin/bash", "-c", fmt.Sprintf("echo \"%s\" | openssl aes-256-cbc -k %s -d -a", string(enc), passphrase))
+
+	var out bytes.Buffer
+	cmd.Stdout = &out
+	cmd.Stderr = &out
+
+	err = cmd.Run()
+	if err != nil {
+		t.Errorf("OpenSSL errored: %s", err)
+	}
+
+	if out.String() != plaintext {
+		t.Errorf("OpenSSL output did not match input.\nOutput was: %s", out.String())
+	}
+}
+
+func TestDecryptFromOpenSSL(t *testing.T) {
+        plaintext := "192.168.2.2:8080"
+        passphrase := "sofunny"
+
+        // WTF? Without "echo" openssl tells us "error reading input file"
+        cmd := exec.Command("/bin/bash", "-c", fmt.Sprintf("echo -n \"%s\" | openssl enc -e -aes-256-cbc -a -salt -k %s", plaintext, passphrase))
+
+        var out bytes.Buffer
+        cmd.Stdout = &out
+        cmd.Stderr = &out
+
+        err := cmd.Run()
+        if err != nil {
+                t.Errorf("OpenSSL errored: %s", err)
+        }
+
+        dec, err := DecryptString(passphrase, out.String())
+        if err != nil {
+                t.Fatalf("Test errored at decrypt: %s\n.Output was: %s", err, out.String())
+        }
+
+        if string(dec) != plaintext {
+		t.Errorf("Decrypted text did not match input.")
+        }
+}

package/pto/crypto/aes256cbc/examples_test.go

@@ -0,0 +1,30 @@
+package aes256cbc
+
+import "fmt"
+
+func ExampleEncryptString() {
+	plaintext := "Hello World!"
+	passphrase := "z4yH36a6zerhfE5427ZV"
+
+	enc, err := EncryptString(passphrase, plaintext)
+	if err != nil {
+		fmt.Printf("An error occurred: %s\n", err)
+	}
+
+	fmt.Printf("Encrypted text: %s\n", string(enc))
+}
+
+func ExampleDecryptString() {
+	opensslEncrypted := "U2FsdGVkX19ZM5qQJGe/d5A/4pccgH+arBGTp+QnWPU="
+	passphrase := "z4yH36a6zerhfE5427ZV"
+
+	dec, err := DecryptString(passphrase, opensslEncrypted)
+	if err != nil {
+		fmt.Printf("An error occurred: %s\n", err)
+	}
+
+	fmt.Printf("Decrypted text: %s\n", string(dec))
+
+	// Output:
+	// Decrypted text: hallowelt
+}

package/pto/crypto/dh64/README.md

@@ -0,0 +1,84 @@
+64位的迪菲－赫尔曼密钥交换算法代码集
+===============================
+
+迪菲－赫尔曼密钥交换（英语：Diffie–Hellman key exchange，简称“D-H”） 是一种安全协议。
+
+它可以让双方在完全没有对方任何预先信息的条件下通过不安全信道创建起一个密钥。这个密钥可以在后续的通讯中作为对称密钥来加密通讯内容。
+
+迪菲－赫尔曼密钥交换的同义词包括:
+
+* 迪菲－赫尔曼密钥协商
+* 迪菲－赫尔曼密钥创建
+* 迪菲－赫尔曼协议
+* 指数密钥交换
+
+虽然迪菲－赫尔曼密钥交换本身是一个匿名（无认证）的 密钥交换协议，它却是很多认证协议的基础，并且被用来提供传输层安全协议的短暂模式中的完备的前向安全性。
+
+考虑到手机游戏项目的平台兼容性和效率要求，我们决定采用64位的迪菲－赫尔曼密钥交换算法，所以建立了这个代码仓库用来收集不同语言的算法实现。
+
+用法
+====
+
+随机生成一对64位密钥（私钥 + 公钥）：
+
+```
+// C
+uint64_t my_private_key;
+uint64_t my_public_key;
+
+dh64_key_pair(&my_private_key, &my_public_key);
+
+// Go
+myPrivateKey, myPublicKey := dh64.KeyPair()
+
+// C#
+DH64 dh64 = new DH64();
+
+ulong myPrivateKey;
+ulong myPublicKey;
+
+dh64.KeyPair(out myPrivateKey, out myPublicKey);
+```
+
+用以上方式获得公钥之后，就可以通过网络把公钥传递给对方，双方互相拿到对方的公钥之后，利用自己手上的私钥和对方的公钥就可以计算出双方一致的密钥，这样就完成了密钥交换过程：
+
+```
+// C
+uint64_t secert = dh64_secert(my_private_key, another_publick_key);
+
+// Go
+secert := dh64.Secert(myPrivateKey, anotherPublicKey);
+
+// C#
+ulong secert = dh64.Secert(myPrivateKey, anotherPublicKey);
+```
+
+最终这个密钥就可以用于RC4之类的加密算法来对双发的后续通讯内容做加密了。
+
+进阶用法
+=======
+
+默认的生成方式使用的是语言内置的伪随机函数，如果要加强安全性可以自己用真随机来生成一个64位的私钥，然后单独生成DH64交换用的公钥：
+
+```
+// C
+uint64_t my_private_key = my_real_random64();
+uint64_t my_public_key = dh64_public_key(my_private_key);
+
+// Go
+myPrivateKey := MyRealRandom64();
+myPublicKey := dh64.PublicKey(myPrivateKey);
+
+// C#
+ulong myPrivateKey = MyRealRandom64();
+ulong myPublicKey = dh64.PublicKey(myPrivateKey);
+```
+
+NOTE: 请注意自己生成私钥的时候，私钥必须大于等于1，这是DH算法要求的。
+
+相关链接
+=======
+
+1. [迪菲－赫尔曼密钥交换](https://zh.wikipedia.org/wiki/%E8%BF%AA%E8%8F%B2%EF%BC%8D%E8%B5%AB%E5%B0%94%E6%9B%BC%E5%AF%86%E9%92%A5%E4%BA%A4%E6%8D%A2)
+2. [云风开源的C版本代码](https://gist.github.com/cloudwu/8838724)
+3. [DH64密钥交换 + RC4加密的演示](https://github.com/funny/crypto/tree/master/rc4)

package/pto/crypto/dh64/c/dh64.c

@@ -0,0 +1,75 @@
+// The biggest 64bit prime
+#define P 0xffffffffffffffc5ull
+#define G 5
+
+#include <stdlib.h>
+
+#include "dh64.h"
+
+// calc a * b % p , avoid 64bit overflow
+static inline uint64_t
+mul_mod_p(uint64_t a, uint64_t b) {
+	uint64_t m = 0;
+	while (b) {
+		if (b&1) {
+			uint64_t t = P - a;
+			if (m >= t) {
+				m -= t;
+			} else {
+				m += a;
+			}
+		}
+		if (a >= P - a) {
+			a = a * 2 - P;
+		} else {
+			a = a * 2;
+		}
+		b >>= 1;
+	}
+	return m;
+}
+
+static inline uint64_t
+pow_mod_p(uint64_t a, uint64_t b) {
+	if (b == 1) {
+		return a;
+	}
+	uint64_t t = pow_mod_p(a, b>>1);
+	t = mul_mod_p(t, t);
+	if (b % 2) {
+		t = mul_mod_p(t, a);
+	}
+	return t;
+}
+
+// calc a^b % p
+static inline uint64_t
+powmodp(uint64_t a, uint64_t b) {
+	if (a == 0)
+		return 1;
+	if (b == 0)
+		return 1;
+	if (a > P)
+		a %= P;
+	return pow_mod_p(a, b);
+}
+
+void 
+dh64_key_pair(uint64_t* private_key, uint64_t* public_key) {
+	uint64_t a = rand();
+	uint64_t b = rand() & 0xFFFF;
+	uint64_t c = rand() & 0xFFFF;
+	uint64_t d = (rand() & 0xFFFF) + 1;
+	*private_key = a << 48 | b << 32 | c << 16 | d;
+	*public_key  = powmodp(G, *private_key);
+}
+
+uint64_t 
+dh64_public_key(const uint64_t private_key) {
+	return powmodp(G, private_key);
+}
+
+uint64_t
+dh64_secret(const uint64_t private_key, const uint64_t another_public_key) {
+	return powmodp(another_public_key, private_key);
+}

package/pto/crypto/dh64/c/dh64.h

@@ -0,0 +1,12 @@
+#ifndef DH64_H
+#define DH64_H
+
+#include <stdint.h>
+
+void dh64_key_pair(uint64_t* private_key, uint64_t* public_key);
+
+uint64_t dh64_public_key(const uint64_t private_key);
+
+uint64_t dh64_secret(const uint64_t private_key, const uint64_t another_public_key);
+
+#endif

package/pto/crypto/dh64/c/dh64_test.c

@@ -0,0 +1,30 @@
+#include <stdio.h>
+#include <assert.h>
+#include <stdlib.h>
+
+#include "dh64.h"
+
+// cc dh64.c dh64_test.c
+int main(int argc, char **argv) {
+	int n = 10000;
+	if (argc > 1) {
+		n = atoi(argv[1]);
+	}
+	for (int i = 0; i < n; i ++) {
+		uint64_t private_key1;
+		uint64_t public_key1;
+		dh64_key_pair(&private_key1, &public_key1);
+
+
+		uint64_t private_key2;
+		uint64_t public_key2;
+		dh64_key_pair(&private_key2, &public_key2);
+		
+		uint64_t secret1 = dh64_secret(private_key1, public_key2);
+		uint64_t secret2 = dh64_secret(private_key2, public_key1);
+
+		assert(secret1 == secret2);
+		printf("{0x%016llX, 0x%016llX, 0x%016llX},\n", public_key1, private_key1, secret1);
+		printf("{0x%016llX, 0x%016llX, 0x%016llX},\n", public_key2, private_key2, secret2);
+	}
+}

package/pto/crypto/dh64/csharp/dh64.cs

@@ -0,0 +1,77 @@
+using System;
+
+namespace Funny.Crypto
+{
+	public class DH64
+	{
+		private const ulong p = 0xffffffffffffffc5;
+		private const ulong g = 5;
+
+		private static ulong mul_mod_p(ulong a, ulong b) {
+			ulong m = 0;
+			while (b > 0) {
+				if ((b&1) > 0) {
+					var t = p - a;
+					if (m >= t) {
+						m -= t;
+					} else {
+						m += a;
+					}
+				}
+				if (a >= p-a) {
+					a = a*2 - p;
+				} else {
+					a = a * 2;
+				}
+				b >>= 1;
+			}
+			return m;
+		}
+
+		private static ulong pow_mod_p(ulong a, ulong b) {
+			if (b == 1) {
+				return a;
+			}
+			var t = pow_mod_p(a, b>>1);
+			t = mul_mod_p(t, t);
+			if ((b%2) > 0) {
+				t = mul_mod_p(t, a);
+			}
+			return t;
+		}
+
+		private static ulong powmodp(ulong a , ulong b) {
+			if (a == 0) {
+				throw new Exception("DH64 zero public key");
+			}
+			if (b == 0) {
+				throw new Exception("DH64 zero private key");
+			}
+			if (a > p) {
+				a %= p;
+			}
+			return pow_mod_p(a, b);
+		}
+
+		private Random rand;
+
+		public DH64() {
+			rand = new Random();
+		}
+
+		public void KeyPair(out ulong privateKey, out ulong publicKey) {
+			var a = (ulong)rand.Next();
+			var b = (ulong)rand.Next() + 1;
+			privateKey = (a<<32) | b;
+			publicKey = PublicKey(privateKey);
+		}
+
+		public ulong PublicKey(ulong privateKey) {
+			return powmodp(g, privateKey);
+		}
+
+		public ulong Secret(ulong privateKey, ulong anotherPublicKey) {
+			return powmodp(anotherPublicKey, privateKey);
+		}
+	}
+}