diff options
| -rw-r--r-- | go.mod | 2 | ||||
| -rw-r--r-- | go.sum | 4 | ||||
| -rw-r--r-- | main.go | 59 |
3 files changed, 57 insertions, 8 deletions
@@ -6,6 +6,8 @@ toolchain go1.23.6 require ( github.com/adrg/xdg v0.5.3 // indirect + github.com/keybase/go-codec v0.0.0-20180928230036-164397562123 // indirect + github.com/keybase/saltpack v0.0.0-20250124001807-83b98d5a6acc // indirect github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea // indirect golang.org/x/crypto v0.37.0 // indirect golang.org/x/sync v0.13.0 // indirect @@ -2,6 +2,10 @@ code.cloudfoundry.org/bytefmt v0.29.0 h1:QaKuXtEY+gcSd1kXgdBN5U8h3mYmTvI2XyNh/5j code.cloudfoundry.org/bytefmt v0.29.0/go.mod h1:fVVUtTfimWCyT90RyJvmwZ0o8Q1d51RP8ByMvyceOXA= github.com/adrg/xdg v0.5.3 h1:xRnxJXne7+oWDatRhR1JLnvuccuIeCoBu2rtuLqQB78= github.com/adrg/xdg v0.5.3/go.mod h1:nlTsY+NNiCBGCK2tpm09vRqfVzrc2fLmXGpBLF0zlTQ= +github.com/keybase/go-codec v0.0.0-20180928230036-164397562123 h1:yg56lYPqh9suJepqxOMd/liFgU/x+maRPiB30JNYykM= +github.com/keybase/go-codec v0.0.0-20180928230036-164397562123/go.mod h1:r/eVVWCngg6TsFV/3HuS9sWhDkAzGG8mXhiuYA+Z/20= +github.com/keybase/saltpack v0.0.0-20250124001807-83b98d5a6acc h1:/rG0QRbjq8mquwE5pXPiCVDbwv6WfmPwUL/SWpI0Jw8= +github.com/keybase/saltpack v0.0.0-20250124001807-83b98d5a6acc/go.mod h1:kRahN9ZYWfpRaXu0czVmfvqXuzKoMKEEXM3pCd+KRJQ= github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea h1:SXhTLE6pb6eld/v/cCndK0AMpt1wiVFb/YYmqB3/QG0= github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea/go.mod h1:WPnis/6cRcDZSUvVmezrxJPkiO87ThFYsoUiMwWNDJk= golang.org/x/crypto v0.37.0 h1:kJNSjF/Xp7kU0iB2Z+9viTPMW4EqqsrywMXLJOOsXSE= @@ -2,17 +2,23 @@ package main import ( "flag" + "fmt" + "github.com/keybase/saltpack" + "github.com/keybase/saltpack/basic" "github.com/tonistiigi/units" "io" "net" + "net/netip" "os" "git.samanthony.xyz/hose/handshake" + "git.samanthony.xyz/hose/hosts" + "git.samanthony.xyz/hose/key" "git.samanthony.xyz/hose/util" ) const ( - port = "60321" + port = 60321 network = "tcp" usage = "Usage: hose <-handshake <rhost> | -r | -s <rhost>>" ) @@ -46,7 +52,7 @@ func main() { // recv pipes data from the remote host to stdout. func recv() error { - laddr := net.JoinHostPort("", port) + laddr := net.JoinHostPort("", fmt.Sprintf("%d", port)) ln, err := net.Listen(network, laddr) if err != nil { return err @@ -67,17 +73,54 @@ func recv() error { } // send pipes data from stdin to the remote host. -func send(rhost string) error { - raddr := net.JoinHostPort(rhost, port) - util.Logf("connecting to %s...", raddr) - conn, err := net.Dial(network, raddr) +func send(rHostName string) error { + var keyCreator basic.EphemeralKeyCreator + + // Load sender signing keypair. + util.Logf("loading signing key") + sigKeypair, err := key.LoadSigKeypair() + if err != nil { + return err + } + + // Create symmetric session key. + sessionKey, err := key.NewReceiverSymmetricKey() + if err != nil { + return err + } + + // Load receiver encryption key. + util.Logf("loading encryption key for %s", rHostName) + rAddr, err := netip.ParseAddr(rHostName) + if err != nil { + return err + } + rHost, err := hosts.Lookup(rAddr) + if err != nil { + return err + } + + // Connect to remote host. + rAddrPort := netip.AddrPortFrom(rAddr, port) + util.Logf("connecting to %s", rAddrPort) + conn, err := net.Dial(network, rAddrPort.String()) if err != nil { return err } defer conn.Close() - util.Logf("connected to %s", raddr) - n, err := io.Copy(conn, os.Stdin) + // Create signcrypted stream. + util.Logf("signcrypting stream") + rcvrBoxKeys := []saltpack.BoxPublicKey{rHost.BoxPublicKey} + rcvrSymmetricKeys := []saltpack.ReceiverSymmetricKey{sessionKey} + plaintext, err := saltpack.NewSigncryptSealStream(conn, keyCreator, sigKeypair, rcvrBoxKeys, rcvrSymmetricKeys) + if err != nil { + return err + } + defer plaintext.Close() + + // Send data. + n, err := io.Copy(plaintext, os.Stdin) util.Logf("sent %.2f", units.Bytes(n)*units.B) return err } |