func encodePassword(password string) string {
fixedSlice := sha3.Sum512([]byte(password))
byteSlice := make([]byte, 64)
for i := 0; i < len(fixedSlice); i++ {
byteSlice[i] = fixedSlice[i]
}
return hex.EncodeToString(byteSlice)
}
// Generate hash
func hash(f *os.File) ([64]byte, error) {
if _, err := f.Seek(0, 0); err != nil {
return [64]byte{}, err
}
b, err := ioutil.ReadAll(f)
if err != nil {
return [64]byte{}, err
}
return sha3.Sum512(b), nil
}
func Leaptransp_auth_simple_password_constructMsgAsT(la *Leapauth)string{
s:= la.AuthKey +"!+AUTH"
x:=sha3.Sum512([]byte(s))
d:=make([]byte,0,64)
d:=append(d,x...)
o:=base64.StdEncoding.EncodeToString(d)
oo:="AUTH@simple_password@"+la.Id+"@"+o
return oo
}
func Leaptransp_authV_simple_password(la *map[string]Leapauths,un,p6 string)int{
if lu,ok:=Leapauths[un];ok{
s:= lu.AuthKey +"!+AUTH"
x:=sha3.Sum512([]byte(s))
d:=make([]byte,0,64)
d:=append(d,x...)
o:=base64.StdEncoding.EncodeToString(d)
if o==p6 {
return 0 //auth ok
}
}else{
return 1 //password isn't correct
}
}else{
// runAuth runs the protocol pointed out above.
func (ath *AuthReadWriter) runAuth() error {
// Generate our own nonce:
rA := make([]byte, nonceSize)
if _, err := io.ReadFull(rand.Reader, rA); err != nil {
return err
}
// Send our challenge encrypted with remote's public key.
chlForBob, err := ath.pubKey.Encrypt(rA)
if err != nil {
return err
}
if _, err := writeSizePack(ath.rwc, chlForBob); err != nil {
return err
}
// Read their challenge (nonce encrypted with our pubkey)
chlFromBob, err := readSizePack(ath.rwc)
if err != nil {
return err
}
// nonceFromBob is their nonce:
nonceFromBob, err := ath.privKey.Decrypt(chlFromBob)
if err != nil {
return err
}
if len(nonceFromBob) != nonceSize {
return fmt.Errorf(
"Bad nonce size from partner: %d (not %d)",
len(nonceFromBob),
nonceSize,
)
}
// Send back our challenge-response
respHash := sha3.Sum512(nonceFromBob)
if _, err := ath.rwc.Write(respHash[:]); err != nil {
return err
}
// Read the response from bob to our challenge
hashFromBob := make([]byte, 512/8)
if _, err := io.ReadFull(ath.rwc, hashFromBob); err != nil {
return err
}
ownHash := sha3.Sum512(rA)
if !bytes.Equal(hashFromBob, ownHash[:]) {
return fmt.Errorf("Bad nonce; might communicate with imposter")
}
keySource := make([]byte, nonceSize)
for i := range keySource {
keySource[i] = nonceFromBob[i] ^ rA[i]
}
key := Scrypt(keySource, keySource[:nonceSize/2], 32)
inv := Scrypt(keySource, keySource[nonceSize/2:], aes.BlockSize)
rw, err := WrapReadWriter(inv, key, ath.rwc)
if err != nil {
return err
}
ath.symkey = key
ath.crypted = rw
ath.authorised = true
return nil
}
func Sum512(password string) string {
buf := []byte(password)
hash := sha3.Sum512(buf)
return string(hash[:])
}
