Signed-off-by: Sergey Matveev <stargrave@stargrave.org>
"crypto/subtle"
"flag"
"fmt"
"crypto/subtle"
"flag"
"fmt"
mOpt = flag.Int("m", govpn.DefaultM, "Argon2d memory parameter (KiBs)")
tOpt = flag.Int("t", govpn.DefaultT, "Argon2d iteration parameter")
pOpt = flag.Int("p", govpn.DefaultP, "Argon2d parallelizm parameter")
mOpt = flag.Int("m", govpn.DefaultM, "Argon2d memory parameter (KiBs)")
tOpt = flag.Int("t", govpn.DefaultT, "Argon2d iteration parameter")
pOpt = flag.Int("p", govpn.DefaultP, "Argon2d parallelizm parameter")
+ egdPath = flag.String("egd", "", "Optional path to EGD socket")
)
func main() {
flag.Parse()
)
func main() {
flag.Parse()
+ if *egdPath != "" {
+ govpn.EGDInit(*egdPath)
+ }
if *verifier == "" {
id := new([govpn.IDSize]byte)
if *verifier == "" {
id := new([govpn.IDSize]byte)
- if _, err := rand.Read(id[:]); err != nil {
+ if _, err := govpn.Rand.Read(id[:]); err != nil {
log.Fatalln(err)
}
pid := govpn.PeerId(*id)
log.Fatalln(err)
}
pid := govpn.PeerId(*id)
+ Rand io.Reader = rand.Reader
-func EGDInit(path string) {
- egdPath = path
-}
// Read n bytes from EGD, blocking mode.
// Read n bytes from EGD, blocking mode.
-func EGDRead(b []byte) error {
- c, err := net.Dial("unix", egdPath)
+func (egdPath EGDRand) Read(b []byte) (int, error) {
+ conn, err := net.Dial("unix", string(egdPath))
- defer c.Close()
- c.Write([]byte{0x02, byte(len(b))})
- r, err := c.Read(b)
+ conn.Write([]byte{0x02, byte(len(b))})
+ read, err := conn.Read(b)
+ conn.Close()
+ return read, err
- if r != len(b) {
- return errors.New("Got less bytes than expected from EGD")
+ if read != len(b) {
+ conn.Close()
+ return read, errors.New("Got less bytes than expected from EGD")
+ conn.Close()
+ return read, nil
+}
+
+func EGDInit(path string) {
+ Rand = EGDRand(path)
"crypto/subtle"
"encoding/binary"
"io"
"crypto/subtle"
"encoding/binary"
"io"
-func randRead(b []byte) error {
- var err error
- if egdPath == "" {
- _, err = rand.Read(b)
- } else {
- err = EGDRead(b)
- }
- return err
-}
-
func dhKeypairGen() (*[32]byte, *[32]byte) {
priv := new([32]byte)
pub := new([32]byte)
repr := new([32]byte)
reprFound := false
for !reprFound {
func dhKeypairGen() (*[32]byte, *[32]byte) {
priv := new([32]byte)
pub := new([32]byte)
repr := new([32]byte)
reprFound := false
for !reprFound {
- if err := randRead(priv[:]); err != nil {
+ if _, err := Rand.Read(priv[:]); err != nil {
log.Fatalln("Error reading random for DH private key:", err)
}
reprFound = extra25519.ScalarBaseMult(pub, repr, priv)
log.Fatalln("Error reading random for DH private key:", err)
}
reprFound = extra25519.ScalarBaseMult(pub, repr, priv)
state.dhPriv, dhPubRepr = dhKeypairGen()
state.rNonce = new([RSize]byte)
state.dhPriv, dhPubRepr = dhKeypairGen()
state.rNonce = new([RSize]byte)
- if err := randRead(state.rNonce[:]); err != nil {
+ if _, err := Rand.Read(state.rNonce[:]); err != nil {
log.Fatalln("Error reading random for nonce:", err)
}
var enc []byte
log.Fatalln("Error reading random for nonce:", err)
}
var enc []byte
// Generate R* and encrypt them
h.rServer = new([RSize]byte)
// Generate R* and encrypt them
h.rServer = new([RSize]byte)
- if err := randRead(h.rServer[:]); err != nil {
+ var err error
+ if _, err = Rand.Read(h.rServer[:]); err != nil {
log.Fatalln("Error reading random for R:", err)
}
h.sServer = new([SSize]byte)
log.Fatalln("Error reading random for R:", err)
}
h.sServer = new([SSize]byte)
- if err := randRead(h.sServer[:]); err != nil {
+ if _, err = Rand.Read(h.sServer[:]); err != nil {
log.Fatalln("Error reading random for S:", err)
}
var encRs []byte
log.Fatalln("Error reading random for S:", err)
}
var encRs []byte
// Generate R* and signature and encrypt them
h.rClient = new([RSize]byte)
// Generate R* and signature and encrypt them
h.rClient = new([RSize]byte)
- if err := randRead(h.rClient[:]); err != nil {
+ var err error
+ if _, err = Rand.Read(h.rClient[:]); err != nil {
log.Fatalln("Error reading random for R:", err)
}
h.sClient = new([SSize]byte)
log.Fatalln("Error reading random for R:", err)
}
h.sClient = new([SSize]byte)
- if err := randRead(h.sClient[:]); err != nil {
+ if _, err = Rand.Read(h.sClient[:]); err != nil {
log.Fatalln("Error reading random for S:", err)
}
sign := ed25519.Sign(h.Conf.DSAPriv, h.key[:])
log.Fatalln("Error reading random for S:", err)
}
sign := ed25519.Sign(h.Conf.DSAPriv, h.key[:])