@ref{Verifier structure, verifier}: @code{DSAPub}.
@item
Client computes verifier which produces @code{DSAPriv} and
-@code{DSAPub}. @code{H()} is @emph{HSalsa20} hash function.
+@code{DSAPub}. @code{H()} is @emph{BLAKE2b-256} hash function.
@item
Client generates DH keypair: @code{CDHPub} and @code{CDHPriv}.
Also it generates random 64-bit @code{R} that is used as a nonce for
@itemize
@item Server is configured using @url{http://yaml.org/, YAML} file. It
is very convenient to have comments and templates, comparing to JSON.
+@item Incompatible with previous versions replacement of @emph{HSalsa20}
+with @emph{BLAKE2b} in handshake code.
@end itemize
@item Release 5.0
"github.com/agl/ed25519"
"github.com/agl/ed25519/extra25519"
+ "github.com/dchest/blake2b"
"golang.org/x/crypto/curve25519"
"golang.org/x/crypto/salsa20"
- "golang.org/x/crypto/salsa20/salsa"
"golang.org/x/crypto/xtea"
)
return k
}
-// Apply HSalsa20 function for data. Used to hash public keys.
-func HApply(data *[32]byte) {
- salsa.HSalsa20(data, new([16]byte), data, &salsa.Sigma)
-}
-
// Zero handshake's memory state
func (h *Handshake) Zero() {
if h.rNonce != nil {
func dhKeyGen(priv, pub *[32]byte) *[32]byte {
key := new([32]byte)
curve25519.ScalarMult(key, priv, pub)
- HApply(key)
- return key
+ hashed := blake2b.Sum256(key[:])
+ return &hashed
}
// Create new handshake state.
}
state.dsaPubH = new([ed25519.PublicKeySize]byte)
copy(state.dsaPubH[:], state.Conf.Verifier.Pub[:])
- HApply(state.dsaPubH)
+ hashed := blake2b.Sum256(state.dsaPubH[:])
+ state.dsaPubH = &hashed
return &state
}