/*
GoVPN -- simple secure free software virtual private network daemon
-Copyright (C) 2014-2016 Sergey Matveev <stargrave@stargrave.org>
+Copyright (C) 2014-2017 Sergey Matveev <stargrave@stargrave.org>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
"encoding/base64"
"errors"
"fmt"
+ "hash"
"io/ioutil"
"log"
"os"
"cypherpunks.ru/balloon"
"github.com/agl/ed25519"
- "github.com/dchest/blake2b"
+ "golang.org/x/crypto/blake2b"
"golang.org/x/crypto/ssh/terminal"
)
S int
T int
P int
- Id *PeerId
+ ID *PeerID
Pub *[ed25519.PublicKeySize]byte
}
// Generate new verifier for given peer, with specified password and
// hashing parameters.
-func VerifierNew(s, t, p int, id *PeerId) *Verifier {
- return &Verifier{S: s, T: t, P: p, Id: id}
+func VerifierNew(s, t, p int, id *PeerID) *Verifier {
+ return &Verifier{S: s, T: t, P: p, ID: id}
+}
+
+func blake2bKeyless() hash.Hash {
+ h, err := blake2b.New256(nil)
+ if err != nil {
+ panic(err)
+ }
+ return h
}
// Apply the password: create Ed25519 keypair based on it, save public
// key in verifier.
func (v *Verifier) PasswordApply(password string) *[ed25519.PrivateKeySize]byte {
- r := balloon.H(blake2b.New256, []byte(password), v.Id[:], v.S, v.T, v.P)
+ r := balloon.H(blake2bKeyless, []byte(password), v.ID[:], v.S, v.T, v.P)
defer SliceZero(r)
src := bytes.NewBuffer(r)
pub, prv, err := ed25519.GenerateKey(src)
v := Verifier{S: s, T: t, P: p}
id := new([IDSize]byte)
copy(id[:], salt)
- pid := PeerId(*id)
- v.Id = &pid
+ pid := PeerID(*id)
+ v.ID = &pid
if len(ss) == 5 {
pub, err := base64.RawStdEncoding.DecodeString(ss[4])
if err != nil {
func (v *Verifier) ShortForm() string {
return fmt.Sprintf(
"$balloon$s=%d,t=%d,p=%d$%s",
- v.S, v.T, v.P, base64.RawStdEncoding.EncodeToString(v.Id[:]),
+ v.S, v.T, v.P, base64.RawStdEncoding.EncodeToString(v.ID[:]),
)
}