X-Git-Url: http://www.git.cypherpunks.ru/?p=govpn.git;a=blobdiff_plain;f=src%2Fcypherpunks.ru%2Fgovpn%2Fverifier.go;h=8be6ea7ac62c1f25e1d2222d4176c7465b7b1c71;hp=b68063b94823361f25bc5734d50cd7aa43a6502b;hb=f47fff1e42f75b736e7067ec06c2e81394833d46;hpb=21dee974626eb44b6c3904621dea946fef7e17fc

diff --git a/src/cypherpunks.ru/govpn/verifier.go b/src/cypherpunks.ru/govpn/verifier.go
index b68063b..8be6ea7 100644
--- a/src/cypherpunks.ru/govpn/verifier.go
+++ b/src/cypherpunks.ru/govpn/verifier.go
@@ -1,6 +1,6 @@
 /*
 GoVPN -- simple secure free software virtual private network daemon
-Copyright (C) 2014-2016 Sergey Matveev <stargrave@stargrave.org>
+Copyright (C) 2014-2017 Sergey Matveev <stargrave@stargrave.org>
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -23,6 +23,7 @@ import (
 	"encoding/base64"
 	"errors"
 	"fmt"
+	"hash"
 	"io/ioutil"
 	"log"
 	"os"
@@ -30,7 +31,7 @@ import (
 
 	"cypherpunks.ru/balloon"
 	"github.com/agl/ed25519"
-	"github.com/dchest/blake2b"
+	"golang.org/x/crypto/blake2b"
 	"golang.org/x/crypto/ssh/terminal"
 )
 
@@ -44,20 +45,28 @@ type Verifier struct {
 	S   int
 	T   int
 	P   int
-	Id  *PeerId
+	ID  *PeerID
 	Pub *[ed25519.PublicKeySize]byte
 }
 
 // Generate new verifier for given peer, with specified password and
 // hashing parameters.
-func VerifierNew(s, t, p int, id *PeerId) *Verifier {
-	return &Verifier{S: s, T: t, P: p, Id: id}
+func VerifierNew(s, t, p int, id *PeerID) *Verifier {
+	return &Verifier{S: s, T: t, P: p, ID: id}
+}
+
+func blake2bKeyless() hash.Hash {
+	h, err := blake2b.New256(nil)
+	if err != nil {
+		panic(err)
+	}
+	return h
 }
 
 // Apply the password: create Ed25519 keypair based on it, save public
 // key in verifier.
 func (v *Verifier) PasswordApply(password string) *[ed25519.PrivateKeySize]byte {
-	r := balloon.H(blake2b.New256, []byte(password), v.Id[:], v.S, v.T, v.P)
+	r := balloon.H(blake2bKeyless, []byte(password), v.ID[:], v.S, v.T, v.P)
 	defer SliceZero(r)
 	src := bytes.NewBuffer(r)
 	pub, prv, err := ed25519.GenerateKey(src)
@@ -86,8 +95,8 @@ func VerifierFromString(input string) (*Verifier, error) {
 	v := Verifier{S: s, T: t, P: p}
 	id := new([IDSize]byte)
 	copy(id[:], salt)
-	pid := PeerId(*id)
-	v.Id = &pid
+	pid := PeerID(*id)
+	v.ID = &pid
 	if len(ss) == 5 {
 		pub, err := base64.RawStdEncoding.DecodeString(ss[4])
 		if err != nil {
@@ -104,7 +113,7 @@ func VerifierFromString(input string) (*Verifier, error) {
 func (v *Verifier) ShortForm() string {
 	return fmt.Sprintf(
 		"$balloon$s=%d,t=%d,p=%d$%s",
-		v.S, v.T, v.P, base64.RawStdEncoding.EncodeToString(v.Id[:]),
+		v.S, v.T, v.P, base64.RawStdEncoding.EncodeToString(v.ID[:]),
 	)
 }