mirror
/
oragono
mirror of https://github.com/oragono/oragono
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 70 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2330 Commits
21 Branches
Tree: 50783d5276
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '50783d5276'
${ noResults }
oragono/irc/utils/crypto.go

crypto.go 2.1KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 
  1. // Copyright (c) 2018 Shivaram Lingamneni <slingamn@cs.stanford.edu>

  2. // released under the MIT license

  3. 

  4. package utils

  5. 

  6. import (

  7. 	"crypto/rand"

  8. 	"crypto/subtle"

  9. 	"encoding/base32"

  10. 	"encoding/base64"

  11. )

  12. 

  13. var (

  14. 	// slingamn's own private b32 alphabet, removing 1, l, o, and 0

  15. 	B32Encoder = base32.NewEncoding("abcdefghijkmnpqrstuvwxyz23456789").WithPadding(base32.NoPadding)

  16. )

  17. 

  18. const (

  19. 	SecretTokenLength = 26

  20. )

  21. 

  22. // generate a secret token that cannot be brute-forced via online attacks

  23. func GenerateSecretToken() string {

  24. 	// 128 bits of entropy are enough to resist any online attack:

  25. 	var buf [16]byte

  26. 	rand.Read(buf[:])

  27. 	// 26 ASCII characters, should be fine for most purposes

  28. 	return B32Encoder.EncodeToString(buf[:])

  29. }

  30. 

  31. // "munge" a secret token to a new value. requirements:

  32. // 1. MUST be roughly as unlikely to collide with `GenerateSecretToken` outputs

  33. // as those outputs are with each other

  34. // 2. SHOULD be deterministic (motivation: if a JOIN line has msgid x,

  35. // create a deterministic msgid y for the fake HistServ PRIVMSG that "replays" it)

  36. // 3. SHOULD be in the same "namespace" as `GenerateSecretToken` outputs

  37. // (same length and character set)

  38. func MungeSecretToken(token string) (result string) {

  39. 	bytes, err := B32Encoder.DecodeString(token)

  40. 	if err != nil {

  41. 		// this should never happen

  42. 		return GenerateSecretToken()

  43. 	}

  44. 	// add 1 with carrying

  45. 	for i := len(bytes) - 1; 0 <= i; i -= 1 {

  46. 		bytes[i] += 1

  47. 		if bytes[i] != 0 {

  48. 			break

  49. 		} // else: overflow, carry to the next place

  50. 	}

  51. 	return B32Encoder.EncodeToString(bytes)

  52. }

  53. 

  54. // securely check if a supplied token matches a stored token

  55. func SecretTokensMatch(storedToken string, suppliedToken string) bool {

  56. 	// XXX fix a potential gotcha: if the stored token is uninitialized,

  57. 	// then nothing should match it, not even supplying an empty token.

  58. 	if len(storedToken) == 0 {

  59. 		return false

  60. 	}

  61. 

  62. 	return subtle.ConstantTimeCompare([]byte(storedToken), []byte(suppliedToken)) == 1

  63. }

  64. 

  65. // generate a 256-bit secret key that can be written into a config file

  66. func GenerateSecretKey() string {

  67. 	var buf [32]byte

  68. 	rand.Read(buf[:])

  69. 	return base64.RawURLEncoding.EncodeToString(buf[:])

  70. }