Use ssh/terminal package for reading passwords directly from terminal

[govpn.git] / src / govpn / cmd / govpn-verifier / main.go

diff --git a/src/govpn/cmd/govpn-verifier/main.go b/src/govpn/cmd/govpn-verifier/main.go
index ede2de7438a370c43f770120a818ed454a453b71..10bd90b0902e2c934c8c435cc3b5e5e9dbce1a48 100644 (file)
--- a/src/govpn/cmd/govpn-verifier/main.go
+++ b/src/govpn/cmd/govpn-verifier/main.go
@@ -1,6 +1,6 @@
 /*
 GoVPN -- simple secure free software virtual private network daemon
-Copyright (C) 2014-2015 Sergey Matveev <stargrave@stargrave.org>
+Copyright (C) 2014-2016 Sergey Matveev <stargrave@stargrave.org>
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -20,8 +20,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package main
 
 import (
-       "crypto/subtle"
-       "encoding/hex"
+       "bytes"
        "flag"
        "fmt"
        "log"
@@ -30,25 +29,43 @@ import (
 )
 
 var (
-       IDRaw        = flag.String("id", "", "Client identification")
-       keyPath      = flag.String("key", "", "Path to passphrase file")
-       verifierPath = flag.String("verifier", "", "Optional path to verifier")
+       keyPath  = flag.String("key", "", "Path to passphrase file")
+       verifier = flag.String("verifier", "", "Optional verifier")
+       mOpt     = flag.Int("m", govpn.DefaultM, "Argon2d memory parameter (KiBs)")
+       tOpt     = flag.Int("t", govpn.DefaultT, "Argon2d iteration parameter")
+       pOpt     = flag.Int("p", govpn.DefaultP, "Argon2d parallelizm parameter")
+       egdPath  = flag.String("egd", "", "Optional path to EGD socket")
 )
 
 func main() {
        flag.Parse()
-       id, err := govpn.IDDecode(*IDRaw)
+       if *egdPath != "" {
+               govpn.EGDInit(*egdPath)
+       }
+       key, err := govpn.KeyRead(*keyPath)
        if err != nil {
-               log.Fatalln(err)
+               log.Fatalln("Unable to read the key", err)
        }
-       pub, _ := govpn.NewVerifier(id, govpn.StringFromFile(*keyPath))
-       if *verifierPath == "" {
-               fmt.Println(hex.EncodeToString(pub[:]))
-       } else {
-               verifier, err := hex.DecodeString(govpn.StringFromFile(*verifierPath))
-               if err != nil {
-                       log.Fatalln("Can not decode verifier:", err)
+       if *verifier == "" {
+               id := new([govpn.IDSize]byte)
+               if _, err := govpn.Rand.Read(id[:]); err != nil {
+                       log.Fatalln(err)
                }
-               fmt.Println(subtle.ConstantTimeCompare(verifier[:], pub[:]) == 1)
+               pid := govpn.PeerId(*id)
+               v := govpn.VerifierNew(*mOpt, *tOpt, *pOpt, &pid)
+               v.PasswordApply(key)
+               fmt.Println(v.LongForm())
+               fmt.Println(v.ShortForm())
+               return
+       }
+       v, err := govpn.VerifierFromString(*verifier)
+       if err != nil {
+               log.Fatalln("Can not decode verifier", err)
+       }
+       if v.Pub == nil {
+               log.Fatalln("Verifier does not contain public key")
        }
+       pub := *v.Pub
+       v.PasswordApply(key)
+       fmt.Println(bytes.Equal(v.Pub[:], pub[:]))
 }