From da9420230cd4ed2ff1d8685c96b99043e529da62 Mon Sep 17 00:00:00 2001 From: Sergey Matveev Date: Sat, 29 Oct 2016 15:43:22 +0300 Subject: [PATCH] Replace blake2b with golang.org/x/crypto implementation Just to have fewer repository dependencies. --- .gitmodules | 3 --- doc/installation.texi | 1 - doc/sources.texi | 1 - src/cypherpunks.ru/govpn/aont/oaep.go | 12 +++++++++--- src/cypherpunks.ru/govpn/handshake.go | 7 +++++-- src/cypherpunks.ru/govpn/identity.go | 8 ++++++-- src/cypherpunks.ru/govpn/peer.go | 7 +++++-- src/cypherpunks.ru/govpn/verifier.go | 13 +++++++++++-- src/github.com/dchest/blake2b | 1 - utils/makedist.sh | 2 +- 10 files changed, 37 insertions(+), 18 deletions(-) delete mode 160000 src/github.com/dchest/blake2b diff --git a/.gitmodules b/.gitmodules index bb2b1f8..82df1f7 100644 --- a/.gitmodules +++ b/.gitmodules @@ -7,9 +7,6 @@ [submodule "src/golang.org/x/crypto"] path = src/golang.org/x/crypto url = https://go.googlesource.com/crypto -[submodule "src/github.com/dchest/blake2b"] - path = src/github.com/dchest/blake2b - url = https://github.com/dchest/blake2b.git [submodule "src/github.com/go-yaml/yaml"] path = src/github.com/go-yaml/yaml url = https://github.com/go-yaml/yaml.git diff --git a/doc/installation.texi b/doc/installation.texi index 01ac54b..1443d7f 100644 --- a/doc/installation.texi +++ b/doc/installation.texi @@ -26,7 +26,6 @@ Included required libraries: @headitem Library @tab Platform @tab Licence @item @code{github.com/agl/ed25519} @tab All @tab BSD 3-Clause @item @code{github.com/bigeagle/water} @tab GNU/Linux @tab BSD 3-Clause -@item @code{github.com/dchest/blake2b} @tab All @tab CC0 1.0 @item @code{github.com/go-yaml/yaml} @tab All @tab LGPLv3 and MIT @item @code{golang.org/x/crypto} @tab All @tab BSD 3-Clause @end multitable diff --git a/doc/sources.texi b/doc/sources.texi index 778a786..e7a1375 100644 --- a/doc/sources.texi +++ b/doc/sources.texi @@ -25,7 +25,6 @@ repositories will be unavailable (they are seldom updated): @item @code{cypherpunks.ru/govpn} @tab @url{https://github.com/stargrave/govpn.git} @item @code{github.com/agl/ed25519} @tab @url{git://git.cypherpunks.ru/ed25519.git} @item @code{github.com/bigeagle/water} @tab @url{git://git.cypherpunks.ru/water.git} -@item @code{github.com/dchest/blake2b} @tab @url{git://git.cypherpunks.ru/blake2b.git} @item @code{github.com/go-yaml/yaml} @tab @url{git://git.cypherpunks.ru/yaml.git} @item @code{golang.org/x/crypto} @tab @url{git://git.cypherpunks.ru/crypto.git} @end multitable diff --git a/src/cypherpunks.ru/govpn/aont/oaep.go b/src/cypherpunks.ru/govpn/aont/oaep.go index 35d92fe..3d1a1c6 100644 --- a/src/cypherpunks.ru/govpn/aont/oaep.go +++ b/src/cypherpunks.ru/govpn/aont/oaep.go @@ -38,7 +38,7 @@ import ( "crypto/subtle" "errors" - "github.com/dchest/blake2b" + "golang.org/x/crypto/blake2b" "golang.org/x/crypto/salsa20" ) @@ -56,7 +56,10 @@ var ( func Encode(r *[RSize]byte, in []byte) ([]byte, error) { out := make([]byte, len(in)+HSize+RSize) copy(out, in) - h := blake2b.New256() + h, err := blake2b.New256(nil) + if err != nil { + return nil, err + } h.Write(r[:]) h.Write(in) copy(out[len(in):], h.Sum(nil)) @@ -77,7 +80,10 @@ func Decode(in []byte) ([]byte, error) { if len(in) < HSize+RSize { return nil, errors.New("Too small input buffer") } - h := blake2b.New256() + h, err := blake2b.New256(nil) + if err != nil { + return nil, err + } h.Write(in[:len(in)-RSize]) salsaKey := new([32]byte) for i, b := range h.Sum(nil)[:RSize] { diff --git a/src/cypherpunks.ru/govpn/handshake.go b/src/cypherpunks.ru/govpn/handshake.go index 9c536b3..fb486f5 100644 --- a/src/cypherpunks.ru/govpn/handshake.go +++ b/src/cypherpunks.ru/govpn/handshake.go @@ -27,7 +27,7 @@ import ( "github.com/agl/ed25519" "github.com/agl/ed25519/extra25519" - "github.com/dchest/blake2b" + "golang.org/x/crypto/blake2b" "golang.org/x/crypto/curve25519" "golang.org/x/crypto/salsa20" ) @@ -136,7 +136,10 @@ func idTag(id *PeerId, timeSync int, data []byte) []byte { enc := make([]byte, 8) copy(enc, data) AddTimeSync(timeSync, enc) - mac := blake2b.NewMAC(8, id[:]) + mac, err := blake2b.New256(id[:]) + if err != nil { + panic(err) + } mac.Write(enc) mac.Sum(enc[:0]) return enc diff --git a/src/cypherpunks.ru/govpn/identity.go b/src/cypherpunks.ru/govpn/identity.go index 4dc74ee..ece2dfc 100644 --- a/src/cypherpunks.ru/govpn/identity.go +++ b/src/cypherpunks.ru/govpn/identity.go @@ -27,7 +27,7 @@ import ( "sync" "time" - "github.com/dchest/blake2b" + "golang.org/x/crypto/blake2b" ) const ( @@ -73,8 +73,12 @@ func (mc *MACCache) Update(peers *map[PeerId]*PeerConf) { mc.cache[pid].ts = pc.TimeSync } else { log.Println("Adding key", pid) + mac, err := blake2b.New256(pid[:]) + if err != nil { + panic(err) + } mc.cache[pid] = &MACAndTimeSync{ - mac: blake2b.NewMAC(8, pid[:]), + mac: mac, ts: pc.TimeSync, } } diff --git a/src/cypherpunks.ru/govpn/peer.go b/src/cypherpunks.ru/govpn/peer.go index 5a620a9..213e817 100644 --- a/src/cypherpunks.ru/govpn/peer.go +++ b/src/cypherpunks.ru/govpn/peer.go @@ -28,7 +28,7 @@ import ( "sync/atomic" "time" - "github.com/dchest/blake2b" + "golang.org/x/crypto/blake2b" "golang.org/x/crypto/poly1305" "golang.org/x/crypto/salsa20" ) @@ -52,7 +52,10 @@ const ( func newNonces(key *[32]byte, i uint64) chan *[NonceSize]byte { macKey := make([]byte, 32) salsa20.XORKeyStream(macKey, make([]byte, 32), make([]byte, 8), key) - mac := blake2b.NewMAC(NonceSize, macKey) + mac, err := blake2b.New256(macKey) + if err != nil { + panic(err) + } nonces := make(chan *[NonceSize]byte, NonceBucketSize*3) go func() { for { diff --git a/src/cypherpunks.ru/govpn/verifier.go b/src/cypherpunks.ru/govpn/verifier.go index b68063b..832fafe 100644 --- a/src/cypherpunks.ru/govpn/verifier.go +++ b/src/cypherpunks.ru/govpn/verifier.go @@ -23,6 +23,7 @@ import ( "encoding/base64" "errors" "fmt" + "hash" "io/ioutil" "log" "os" @@ -30,7 +31,7 @@ import ( "cypherpunks.ru/balloon" "github.com/agl/ed25519" - "github.com/dchest/blake2b" + "golang.org/x/crypto/blake2b" "golang.org/x/crypto/ssh/terminal" ) @@ -54,10 +55,18 @@ func VerifierNew(s, t, p int, id *PeerId) *Verifier { return &Verifier{S: s, T: t, P: p, Id: id} } +func blake2bKeyless() hash.Hash { + h, err := blake2b.New256(nil) + if err != nil { + panic(err) + } + return h +} + // Apply the password: create Ed25519 keypair based on it, save public // key in verifier. func (v *Verifier) PasswordApply(password string) *[ed25519.PrivateKeySize]byte { - r := balloon.H(blake2b.New256, []byte(password), v.Id[:], v.S, v.T, v.P) + r := balloon.H(blake2bKeyless, []byte(password), v.Id[:], v.S, v.T, v.P) defer SliceZero(r) src := bytes.NewBuffer(r) pub, prv, err := ed25519.GenerateKey(src) diff --git a/src/github.com/dchest/blake2b b/src/github.com/dchest/blake2b deleted file mode 160000 index 3c8c640..0000000 --- a/src/github.com/dchest/blake2b +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 3c8c640cd7bea3ca78209d812b5854442ab92fed diff --git a/utils/makedist.sh b/utils/makedist.sh index e5423e8..8ad291c 100755 --- a/utils/makedist.sh +++ b/utils/makedist.sh @@ -10,7 +10,6 @@ repos=" src/cypherpunks.ru/balloon src/github.com/agl/ed25519 src/github.com/bigeagle/water - src/github.com/dchest/blake2b src/github.com/go-yaml/yaml src/golang.org/x/crypto " @@ -27,6 +26,7 @@ golang.org/x/crypto/CONTRIBUTORS golang.org/x/crypto/LICENSE golang.org/x/crypto/PATENTS golang.org/x/crypto/README +golang.org/x/crypto/blake2b golang.org/x/crypto/curve25519 golang.org/x/crypto/poly1305 golang.org/x/crypto/salsa20 -- 2.44.0