mirror
/
oragono
peilaus alkaen https://github.com/oragono/oragono
Tarkkaile 1
Äänestä 0
Fork 0
Koodi Ongelmat 0 Julkaisut 69 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1710 Commitit
21 Branchit
Puu: 63029e2ff5
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from '63029e2ff5'
${ noResults }
oragono/irc/utils/crypto.go

crypto.go 1.1KB
Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839 
  1. // Copyright (c) 2018 Shivaram Lingamneni <slingamn@cs.stanford.edu>

  2. // released under the MIT license

  3. 

  4. package utils

  5. 

  6. import (

  7. 	"crypto/rand"

  8. 	"crypto/subtle"

  9. 	"encoding/base32"

  10. )

  11. 

  12. var (

  13. 	// slingamn's own private b32 alphabet, removing 1, l, o, and 0

  14. 	b32encoder = base32.NewEncoding("abcdefghijkmnpqrstuvwxyz23456789").WithPadding(base32.NoPadding)

  15. )

  16. 

  17. const (

  18. 	SecretTokenLength = 26

  19. )

  20. 

  21. // generate a secret token that cannot be brute-forced via online attacks

  22. func GenerateSecretToken() string {

  23. 	// 128 bits of entropy are enough to resist any online attack:

  24. 	var buf [16]byte

  25. 	rand.Read(buf[:])

  26. 	// 26 ASCII characters, should be fine for most purposes

  27. 	return b32encoder.EncodeToString(buf[:])

  28. }

  29. 

  30. // securely check if a supplied token matches a stored token

  31. func SecretTokensMatch(storedToken string, suppliedToken string) bool {

  32. 	// XXX fix a potential gotcha: if the stored token is uninitialized,

  33. 	// then nothing should match it, not even supplying an empty token.

  34. 	if len(storedToken) == 0 {

  35. 		return false

  36. 	}

  37. 

  38. 	return subtle.ConstantTimeCompare([]byte(storedToken), []byte(suppliedToken)) == 1

  39. }