Skip to content

Commit

Permalink
Merge branch 'release/0.10.0'
Browse files Browse the repository at this point in the history
  • Loading branch information
nwtgck committed Aug 9, 2021
2 parents 2c4b28f + 76e6033 commit e61cab2
Show file tree
Hide file tree
Showing 19 changed files with 1,178 additions and 870 deletions.
39 changes: 33 additions & 6 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -100,8 +100,35 @@ jobs:
- name: Encrypt with AES-CTR
run: |
set -eux
./piping-tunnel -s http://localhost:8080 server -p 2022 --symmetric --cipher-type=aes-ctr --passphrase=mypass aaa bbb &
./piping-tunnel -s http://localhost:8080 client -p 3322 --symmetric --cipher-type=aes-ctr --passphrase=mypass aaa bbb &
./piping-tunnel -s http://localhost:8080 server -p 2022 --symmetric --cipher-type=aes-ctr --pass=mypass aesctraaa aesctrbbb &
./piping-tunnel -s http://localhost:8080 client -p 3322 --symmetric --cipher-type=aes-ctr --pass=mypass aesctraaa aesctrbbb &
sleep 1
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
ssh -p 3322 -o 'StrictHostKeyChecking no' guest@localhost hostname
- name: Encrypt with OpenSSL-compabile AES-CTR
run: |
set -eux
./piping-tunnel -s http://localhost:8080 server -p 2022 --symmetric --cipher-type=openssl-aes-256-ctr --pbkdf2='{"iter":100000,"hash":"sha256"}' --pass=mypass openssl1aaa openssl1bbb & echo $! > pid1
./piping-tunnel -s http://localhost:8080 client -p 3322 --symmetric --cipher-type=openssl-aes-256-ctr --pbkdf2='{"iter":100000,"hash":"sha256"}' --pass=mypass openssl1aaa openssl1bbb & echo $! > pid2
sleep 1
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
ssh -p 3322 -o 'StrictHostKeyChecking no' guest@localhost hostname
- name: Encrypt with OpenSSL-compabile AES-CTR using real openssl in server host
run: |
set -eux
curl -sSN http://localhost:8080/openssl2aaa | stdbuf -i0 -o0 openssl aes-256-ctr -d -pass "pass:mypass" -bufsize 1 -pbkdf2 -iter 100000 -md sha256 | nc localhost 2022 | stdbuf -i0 -o0 openssl aes-256-ctr -pass "pass:mypass" -bufsize 1 -pbkdf2 -iter 100000 -md sha256 | curl -sSNT - http://localhost:8080/openssl2bbb &
./piping-tunnel -s http://localhost:8080 client -p 3322 --symmetric --cipher-type=openssl-aes-256-ctr --pbkdf2='{"iter":100000,"hash":"sha256"}' --pass=mypass openssl2aaa openssl2bbb &
sleep 1
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
ssh -p 3322 -o 'StrictHostKeyChecking no' guest@localhost hostname
- name: Encrypt with OpenSSL-compabile AES-CTR using real openssl in client host
run: |
set -eux
./piping-tunnel -s http://localhost:8080 server -p 2022 --symmetric --cipher-type=openssl-aes-256-ctr --pbkdf2='{"iter":100000,"hash":"sha256"}' --pass=mypass openssl3aaa openssl3bbb &
curl -NsS http://localhost:8080/openssl3bbb | stdbuf -i0 -o0 openssl aes-256-ctr -d -pass "pass:mypass" -bufsize 1 -pbkdf2 -iter 100000 -md sha256 | nc -l -p 3322 | stdbuf -i0 -o0 openssl aes-256-ctr -pass "pass:mypass" -bufsize 1 -pbkdf2 -iter 100000 -md sha256 | curl -NsST - http://localhost:8080/openssl3aaa &
sleep 1
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
ssh -p 3322 -o 'StrictHostKeyChecking no' guest@localhost hostname
Expand All @@ -124,9 +151,9 @@ jobs:
run: |
set -eux
# Run server-host with yamux (encrypt with AES-CTR)
./piping-tunnel -s http://localhost:8080 server -p 2022 --yamux --symmetric --cipher-type=aes-ctr --passphrase=mypass aaa-yamux bbb-yamux & echo $! > pid1
./piping-tunnel -s http://localhost:8080 server -p 2022 --yamux --symmetric --cipher-type=aes-ctr --pass=mypass aaa-yamux bbb-yamux & echo $! > pid1
# Run client-host with yamux (encrypt with AES-CTR)
./piping-tunnel -s http://localhost:8080 client -p 4422 --yamux --symmetric --cipher-type=aes-ctr --passphrase=mypass aaa-yamux bbb-yamux & echo $! > pid2
./piping-tunnel -s http://localhost:8080 client -p 4422 --yamux --symmetric --cipher-type=aes-ctr --pass=mypass aaa-yamux bbb-yamux & echo $! > pid2
sleep 1
# Check whether ssh multiple times
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
Expand All @@ -150,9 +177,9 @@ jobs:
run: |
set -eux
# Run socks with yamux (encrypt with AES-CTR)
./piping-tunnel -s http://localhost:8080 socks --yamux --symmetric --cipher-type=aes-ctr --passphrase=mypass aaa-socks bbb-socks & echo $! > pid1
./piping-tunnel -s http://localhost:8080 socks --yamux --symmetric --cipher-type=aes-ctr --pass=mypass aaa-socks bbb-socks & echo $! > pid1
# Run client-host with yamux (encrypt with AES-CTR)
./piping-tunnel -s http://localhost:8080 client -p 1081 --yamux --symmetric --cipher-type=aes-ctr --passphrase=mypass aaa-socks bbb-socks & echo $! > pid2
./piping-tunnel -s http://localhost:8080 client -p 1081 --yamux --symmetric --cipher-type=aes-ctr --pass=mypass aaa-socks bbb-socks & echo $! > pid2
sleep 1
# NOTE: Depends on external resource: example.com
curl -x socks5h://localhost:1081 https://example.com
Expand Down
10 changes: 9 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,13 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)

## [Unreleased]

## [0.10.0] - 2021-08-09
### Added
* Add OpenSSL-compatible AES-CTR encryption

### Changed
* (breaking change) Rename --passphrase flag to --pass flag

## [0.9.0] - 2021-04-23
### Added
* Create pmux, which is a multiplexer specialized in Piping Server
Expand Down Expand Up @@ -90,7 +97,8 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
### Added
* Initial release

[Unreleased]: https://github.com/nwtgck/go-piping-tunnel/compare/v0.9.0...HEAD
[Unreleased]: https://github.com/nwtgck/go-piping-tunnel/compare/v0.10.0...HEAD
[0.10.0]: https://github.com/nwtgck/go-piping-tunnel/compare/v0.9.0...v0.10.0
[0.9.0]: https://github.com/nwtgck/go-piping-tunnel/compare/v0.8.0...v0.9.0
[0.8.0]: https://github.com/nwtgck/go-piping-tunnel/compare/v0.7.0...v0.8.0
[0.7.0]: https://github.com/nwtgck/go-piping-tunnel/compare/v0.6.0...v0.7.0
Expand Down
15 changes: 9 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -82,11 +82,12 @@ Usage:
piping-tunnel server [flags]
Flags:
--cipher-type string Cipher type: aes-ctr, openpgp (default "aes-ctr")
--cipher-type string Cipher type: aes-ctr, openssl-aes-128-ctr, openssl-aes-256-ctr, openpgp (default "aes-ctr")
--cs-buf-size uint Buffer size of client-to-server in bytes (default 16)
-h, --help help for server
--host string Target host (default "localhost")
--passphrase string Passphrase for encryption
--pass string Passphrase for encryption
--pbkdf2 string e.g. {"iter":100000,"hash":"sha256"}
--pmux Multiplex connection by pmux (experimental)
--pmux-config string pmux config in JSON (experimental) (default "{\"hb\": true}")
-p, --port int TCP port of server host
Expand All @@ -113,9 +114,10 @@ Usage:
piping-tunnel client [flags]
Flags:
--cipher-type string Cipher type: aes-ctr, openpgp (default "aes-ctr")
--cipher-type string Cipher type: aes-ctr, openssl-aes-128-ctr, openssl-aes-256-ctr, openpgp (default "aes-ctr")
-h, --help help for client
--passphrase string Passphrase for encryption
--pass string Passphrase for encryption
--pbkdf2 string e.g. {"iter":100000,"hash":"sha256"}
--pmux Multiplex connection by pmux (experimental)
--pmux-config string pmux config in JSON (experimental) (default "{\"hb\": true}")
-p, --port int TCP port of client host
Expand Down Expand Up @@ -144,9 +146,10 @@ Usage:
piping-tunnel socks [flags]
Flags:
--cipher-type string Cipher type: aes-ctr, openpgp (default "aes-ctr")
--cipher-type string Cipher type: aes-ctr, openssl-aes-128-ctr, openssl-aes-256-ctr, openpgp (default "aes-ctr")
-h, --help help for socks
--passphrase string Passphrase for encryption
--pass string Passphrase for encryption
--pbkdf2 string e.g. {"iter":100000,"hash":"sha256"}
--pmux Multiplex connection by pmux (experimental)
--pmux-config string pmux config in JSON (experimental) (default "{\"hb\": true}")
-c, --symmetric Encrypt symmetrically
Expand Down
4 changes: 2 additions & 2 deletions crypto_duplex/aes_ctr.go → aes_ctr_duplex/aes_ctr_duplex.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package crypto_duplex
package aes_ctr_duplex

import (
"crypto"
Expand All @@ -19,7 +19,7 @@ type aesCtrDuplex struct {
closeBaseReader func() error
}

func EncryptDuplexWithAesCtr(baseWriter io.WriteCloser, baseReader io.ReadCloser, passphrase []byte) (*aesCtrDuplex, error) {
func Duplex(baseWriter io.WriteCloser, baseReader io.ReadCloser, passphrase []byte) (*aesCtrDuplex, error) {
// Generate salt
salt1, err := util.GenerateRandomBytes(saltLen)
if err != nil {
Expand Down
Loading

0 comments on commit e61cab2

Please sign in to comment.