import (
"crypto/subtle"
- "errors"
"chacha20"
+ "github.com/pkg/errors"
"golang.org/x/crypto/blake2b"
)
HSize = 32
// RSize size of generated random output in terms of OAEP
RSize = 16
+
+ wrapBlake2bNew256 = "blake2b.New256"
+ wrapHashWrite = "hash.Write"
)
var (
copy(out, in)
h, err := blake2b.New256(nil)
if err != nil {
- return nil, err
+ return nil, errors.Wrap(err, wrapBlake2bNew256)
+ }
+ if _, err = h.Write(r[:]); err != nil {
+ return nil, errors.Wrap(err, wrapHashWrite)
+ }
+ if _, err = h.Write(in); err != nil {
+ return nil, errors.Wrap(err, wrapHashWrite)
}
- h.Write(r[:])
- h.Write(in)
copy(out[len(in):], h.Sum(nil))
chachaKey := new([32]byte)
copy(chachaKey[:], r[:])
chacha20.XORKeyStream(out, out, dummyNonce, chachaKey)
h.Reset()
- h.Write(out[:len(in)+32])
+ if _, err = h.Write(out[:len(in)+32]); err != nil {
+ return nil, errors.Wrap(err, wrapHashWrite)
+ }
for i, b := range h.Sum(nil)[:RSize] {
out[len(in)+32+i] = b ^ r[i]
}
}
h, err := blake2b.New256(nil)
if err != nil {
- return nil, err
+ return nil, errors.Wrap(err, wrapBlake2bNew256)
+ }
+ if _, err = h.Write(in[:len(in)-RSize]); err != nil {
+ return nil, errors.Wrap(err, wrapHashWrite)
}
- h.Write(in[:len(in)-RSize])
chachaKey := new([32]byte)
for i, b := range h.Sum(nil)[:RSize] {
chachaKey[i] = b ^ in[len(in)-RSize+i]
}
h.Reset()
- h.Write(chachaKey[:RSize])
+ if _, err = h.Write(chachaKey[:RSize]); err != nil {
+ return nil, errors.Wrap(err, wrapHashWrite)
+ }
out := make([]byte, len(in)-RSize)
chacha20.XORKeyStream(out, in[:len(in)-RSize], dummyNonce, chachaKey)
- h.Write(out[:len(out)-HSize])
+ if _, err = h.Write(out[:len(out)-HSize]); err != nil {
+ return nil, errors.Wrap(err, wrapHashWrite)
+ }
if subtle.ConstantTimeCompare(h.Sum(nil), out[len(out)-HSize:]) != 1 {
return nil, errors.New("Invalid checksum")
}
import (
"crypto/subtle"
"encoding/binary"
- "errors"
"chacha20"
+ "github.com/pkg/errors"
"golang.org/x/crypto/poly1305"
)
/*
GoVPN -- simple secure free software virtual private network daemon
-Copyright (C) 2014-2017 Sergey Matveev <stargrave@stargrave.org>
+Copyright (C) 2014-2016 Sergey Matveev <stargrave@stargrave.org>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
import (
"io"
+ "github.com/pkg/errors"
+
"cypherpunks.ru/govpn/aont"
"cypherpunks.ru/govpn/cnw"
)
r := new([aont.RSize]byte)
var err error
if _, err = io.ReadFull(Rand, r[:]); err != nil {
- return nil, err
+ return nil, errors.Wrapf(err, wrapIoReadFull, "Rand")
}
aonted, err := aont.Encode(r, in)
if err != nil {
- return nil, err
+ return nil, errors.Wrap(err, "aont.Encode")
}
out := append(
cnw.Chaff(authKey, nonce[8:], aonted[:aont.RSize]),
authKey, nonce[8:], in[:aont.RSize*cnw.EnlargeFactor],
)
if err != nil {
- return nil, err
+ return nil, errors.Wrap(err, "cnw.Winnow")
}
out, err := aont.Decode(append(
winnowed, in[aont.RSize*cnw.EnlargeFactor:]...,
))
SliceZero(winnowed)
if err != nil {
- return nil, err
+ return nil, errors.Wrap(err, "aont.Decode")
}
return out, nil
}
/*
GoVPN -- simple secure free software virtual private network daemon
Copyright (C) 2014-2017 Sergey Matveev <stargrave@stargrave.org>
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package govpn
"io"
"os"
"path"
+
+ "github.com/pkg/errors"
)
-func newTAPer(ifaceName string) (io.ReadWriter, error) {
- return os.OpenFile(path.Join("/dev/", ifaceName), os.O_RDWR, os.ModePerm)
+func newTAPer(ifaceName string) (io.ReadWriteCloser, error) {
+ output, err := os.OpenFile(path.Join("/dev/", ifaceName), os.O_RDWR, os.ModePerm)
+ return output, errors.Wrap(err, "os.OpenFile")
}