func Import(password, filename string) (mk *MetaKey, err error) { b64in, err := ioutil.ReadFile(filename) if err != nil { return } in, err := armour.DecodeBase64(b64in) if err != nil { return } salt := in[:hash.SaltLength] in = in[hash.SaltLength:] key := binaryKeyFromDerivedKey( hash.DeriveKeyWithSalt(password, salt)) dec, err := armour.Decrypt(key, in) if err != nil { return } h := dec[:hash.HashLen] dec = dec[hash.HashLen:] if !bytes.Equal(h, hash.New(dec).Digest()) { err = fmt.Errorf("invalid digest") return } buf := bytes.NewBuffer(dec) return Read(buf) }
func validateChallenge(chal string, resp string) bool { data := []byte(Password) data = append(data, []byte(chal)...) data = hash.New(data).Digest() if string(data) != resp { return false } return true }
func Decrypt(key []byte, ct []byte) (msg []byte, err error) { msg, err = symmetric.Decrypt(key, ct) if err != nil { return } h := msg[:hash.HashLen] msg = msg[hash.HashLen:] if !bytes.Equal(h, hash.New(msg).Digest()) { err = ErrInvalidMessage } return }
func (mk *MetaKey) Export(password, filename string) (err error) { buf := new(bytes.Buffer) err = mk.Write(buf) if err != nil { return } pk := hash.DeriveKey(password) out := hash.New(buf.Bytes()).Digest() out = append(out, buf.Bytes()...) enc, err := armour.Encrypt(binaryKeyFromDerivedKey(pk), out, false) if err != nil { return } out = pk.Salt out = append(out, enc...) err = ioutil.WriteFile(filename, armour.EncodeBase64(out), 0644) return }
func connect(address string) { conn, err := net.Dial("tcp", address) if err != nil { fmt.Println("[!] failed to connect:", err.Error()) os.Exit(1) } fmt.Println("[+] connected!") challenge := make([]byte, 64) n, err := conn.Read(challenge) if err != nil { fmt.Println("[!] error getting challenge from server:", err.Error()) os.Exit(1) } challenge = challenge[:n] response := []byte(password) response = append(response, challenge...) response = hash.New(response).Digest() _, err = conn.Write(response) if err != nil { fmt.Println("[!] failed to send response:", err.Error()) os.Exit(1) } response = make([]byte, 512) n, err = conn.Read(response) if err != nil { fmt.Println("[!] failed to receive response from server:", err.Error()) } response = response[:n] if errRegexp.Match(response) { fmt.Printf("[!] %s\n", string(response)) } else { fmt.Printf("[+] server response: %s\n", string(response)) } }
func Encrypt(key []byte, msg []byte) (ct []byte, err error) { h := hash.New(msg) pt := h.Digest() pt = append(pt, msg...) return symmetric.Encrypt(key, pt) }