2 GoVPN -- simple secure free software virtual private network daemon
3 Copyright (C) 2014-2016 Sergey Matveev <stargrave@stargrave.org>
5 This program is free software: you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation, either version 3 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
31 "github.com/agl/ed25519"
32 "github.com/magical/argon2"
33 "golang.org/x/crypto/ssh/terminal"
42 type Verifier struct {
47 Pub *[ed25519.PublicKeySize]byte
50 // Generate new verifier for given peer, with specified password and
51 // hashing parameters.
52 func VerifierNew(m, t, p int, id *PeerId) *Verifier {
53 return &Verifier{M: m, T: t, P: p, Id: id}
56 // Apply the password: create Ed25519 keypair based on it, save public
58 func (v *Verifier) PasswordApply(password string) *[ed25519.PrivateKeySize]byte {
59 r, err := argon2.Key([]byte(password), v.Id[:], v.T, v.P, int64(v.M), 32)
61 log.Fatalln("Unable to apply Argon2d", err)
64 src := bytes.NewBuffer(r)
65 pub, prv, err := ed25519.GenerateKey(src)
67 log.Fatalln("Unable to generate Ed25519 keypair", err)
73 // Parse either short or long verifier form.
74 func VerifierFromString(input string) (*Verifier, error) {
75 s := strings.Split(input, "$")
76 if !(len(s) != 4 || len(s) != 5) || s[1] != "argon2d" {
77 return nil, errors.New("Invalid verifier structure")
80 n, err := fmt.Sscanf(s[2], "m=%d,t=%d,p=%d", &m, &t, &p)
81 if n != 3 || err != nil {
82 return nil, errors.New("Invalid verifier parameters")
84 salt, err := base64.RawStdEncoding.DecodeString(s[3])
88 v := Verifier{M: m, T: t, P: p}
89 id := new([IDSize]byte)
94 pub, err := base64.RawStdEncoding.DecodeString(s[4])
98 v.Pub = new([ed25519.PublicKeySize]byte)
104 // Short verifier string form -- it is useful for the client.
105 // Does not include public key.
106 func (v *Verifier) ShortForm() string {
108 "$argon2d$m=%d,t=%d,p=%d$%s",
109 v.M, v.T, v.P, base64.RawStdEncoding.EncodeToString(v.Id[:]),
113 // Long verifier string form -- it is useful for the server.
114 // Includes public key.
115 func (v *Verifier) LongForm() string {
117 "%s$%s", v.ShortForm(),
118 base64.RawStdEncoding.EncodeToString(v.Pub[:]),
122 // Read the key either from text file (if path is specified), or
123 // from the terminal.
124 func KeyRead(path string) (string, error) {
129 os.Stderr.Write([]byte("Passphrase:"))
130 p, err = terminal.ReadPassword(0)
131 os.Stderr.Write([]byte("\n"))
134 p, err = ioutil.ReadFile(path)
135 pass = strings.TrimRight(string(p), "\n")
141 return "", errors.New("Empty passphrase submitted")