This program is my homework for the IoT course, demonstrating the use of symmetric encryption AES and asymmetric encryption RSA.
- Create a socket and listen for TCP connections.
- Upon receiving a connection, perform corresponding operations based on the client's request:
utils.PacketTypeInit
: Encrypt its own RSA public key with the pre-shared AES key and send it to the client.utils.PacketTypeComm
: Decrypt and print the message sent by the client usingRSA-OAEP
with the private key, then encrypt its replyment with a self-made signature algorithm using the RSA private key and send it.
- When the client actively disconnects, one processing ends.
- Establish a TCP connection to the server address.
- Send a
utils.PacketTypeInit
packet to the server to request the RSA key. - Continuously send
Hello
to the server usingEncryptOAEP
while decrypting and printing the message sent by server with its public key using the self-made signature algorithm. - When the user manually terminates, close the connection to the server.
The overall encapsulation is defined in utils/packet.go.
0 15 23
┌─────────┬────┬──────────────┐
│ len │type│ ... data ... │
└─────────┴────┴──────────────┘
The length of the packet without itself.
Defined in utils/packet.go.
const (
PacketTypeInit PacketType = iota // PacketTypeInit pass RSA pubkey by AES pre-shared key
PacketTypeComm // PacketTypeComm normal communication
PacketTypeTop // PacketTypeTop for valid checking
)
The payload, whose type is described by the type
field.
Defined in utils/packet_init.go.
0 7 23 87
┌────┬────────┬─────────────────┬──────────────────────┐
│type│ length │ pub key crc64 │ x509rsapubkey │
└────┴────────┴─────────────────┴──────────────────────┘
- type:
PacketInitTypeReq
orPacketInitTypeAck
- length: length of
x509rsapubkey
The whole data field is encrypted by RSA and can fill in with any data, which is plain text in this demo.
The Implementation of Base16384
Base16384 is a base64-like algorithm designed by me. It can encode binary file to printable utf16be, and vice versa.
In this demo, the RSA Private Key and AES key is saved and passed by base16384 format.
In the file utils/rsa.go, I use go:linkname
to hook the private function of crypto/rsa
library and realized a self-made signature algorithm that can get the decoding result but not just verify whether it is valid (unlike the official method rsa.VerifyPKCS1v15
).
See the video below.