X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=src%2Fcypherpunks.ru%2Fgovpn%2Fidentity.go;h=89b12ab5cb118687415ef05c0cbbed79cbd10a9c;hb=8b30dc0a74d068b1a081e897dc0bb6d4d80281ab;hp=4dc74eed0e330f4a3ec73570e0c9d73b2503baee;hpb=4cc7cf27a64355bbe1f64418a55e860baeb63ac0;p=govpn.git

diff --git a/src/cypherpunks.ru/govpn/identity.go b/src/cypherpunks.ru/govpn/identity.go
index 4dc74ee..89b12ab 100644
--- a/src/cypherpunks.ru/govpn/identity.go
+++ b/src/cypherpunks.ru/govpn/identity.go
@@ -1,6 +1,6 @@
 /*
 GoVPN -- simple secure free software virtual private network daemon
-Copyright (C) 2014-2016 Sergey Matveev <stargrave@stargrave.org>
+Copyright (C) 2014-2017 Sergey Matveev <stargrave@stargrave.org>
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -27,7 +27,7 @@ import (
 	"sync"
 	"time"
 
-	"github.com/dchest/blake2b"
+	"golang.org/x/crypto/blake2b"
 )
 
 const (
@@ -73,8 +73,12 @@ func (mc *MACCache) Update(peers *map[PeerId]*PeerConf) {
 			mc.cache[pid].ts = pc.TimeSync
 		} else {
 			log.Println("Adding key", pid)
+			mac, err := blake2b.New256(pid[:])
+			if err != nil {
+				panic(err)
+			}
 			mc.cache[pid] = &MACAndTimeSync{
-				mac: blake2b.NewMAC(8, pid[:]),
+				mac: mac,
 				ts:  pc.TimeSync,
 			}
 		}
@@ -102,6 +106,7 @@ func (mc *MACCache) Find(data []byte) *PeerId {
 		return nil
 	}
 	buf := make([]byte, 8)
+	sum := make([]byte, 32)
 	mc.l.RLock()
 	for pid, mt := range mc.cache {
 		copy(buf, data)
@@ -109,9 +114,9 @@ func (mc *MACCache) Find(data []byte) *PeerId {
 		mt.l.Lock()
 		mt.mac.Reset()
 		mt.mac.Write(buf)
-		mt.mac.Sum(buf[:0])
+		mt.mac.Sum(sum[:0])
 		mt.l.Unlock()
-		if subtle.ConstantTimeCompare(buf, data[len(data)-8:]) == 1 {
+		if subtle.ConstantTimeCompare(sum[len(sum)-8:], data[len(data)-8:]) == 1 {
 			ppid := PeerId(pid)
 			mc.l.RUnlock()
 			return &ppid