func auth(conn net.Conn) (secret []byte, err error) { challenge, err := readPack(conn) if err != nil { return } log(DEBUG, "challenge: %X\n", challenge) a := crypt.Randomkey() A := crypt.DHExchange(a) err = writePack(conn, A.Bytes()) if err != nil { return } log(DEBUG, "A: %X\n", A.Bytes()) B, err := readPack(conn) if err != nil { return } log(DEBUG, "B: %X\n", B) z := new(big.Int) z.SetBytes(B) s := crypt.DHSecret(a, z) log(DEBUG, "secret: %X\n", s.Bytes()) mac := hmac.New(sha256.New, s.Bytes()) mac.Write(challenge) err = writePack(conn, mac.Sum(nil)) if err != nil { return } if len(s.Bytes()) < 16 { err = errors.New("secret length less than 16 bytes") return } secret = s.Bytes()[:16] return }
func dhsecret(conn net.Conn) (secret []byte, err error) { challenge := make([]byte, 8) binary.BigEndian.PutUint64(challenge, uint64(rand.Int63())) err = writePack(conn, challenge) if err != nil { return } B, err := readPack(conn) if err != nil { return } a := crypt.Randomkey() A := crypt.DHExchange(a) err = writePack(conn, A.Bytes()) if err != nil { return } z := new(big.Int) z.SetBytes(B) s := crypt.DHSecret(a, z) response, err := readPack(conn) if err != nil { return } if !challengeCheck(challenge, s.Bytes(), response) { err = errors.New("challenge failed") return } secret = s.Bytes()[:16] return }