crypto: replace KDF PBKDF2 with Argon2id

Signed-off-by: Steffen Vogel <post@steffenvogel.de>

pkg/core/interface.go

@@ -3,7 +3,6 @@ package core
 import (
 	"fmt"
 	"io"
-	"net"
 	"os"
 	"time"
 
@@ -14,12 +13,10 @@ import (
 	"github.com/stv0g/cunicu/pkg/crypto"
 	"github.com/stv0g/cunicu/pkg/device"
 	"github.com/stv0g/cunicu/pkg/util"
-	"github.com/stv0g/cunicu/pkg/util/buildinfo"
 	"github.com/stv0g/cunicu/pkg/wg"
 
 	proto "github.com/stv0g/cunicu/pkg/proto"
 	coreproto "github.com/stv0g/cunicu/pkg/proto/core"
-	pdiscproto "github.com/stv0g/cunicu/pkg/proto/feat/pdisc"
 )
 
 type Interface struct {
@@ -355,42 +352,3 @@ func (i *Interface) MarshalWithPeers(cb func(p *Peer) *coreproto.Peer) *coreprot
 
 	return q
 }
-
-func (i *Interface) MarshalDescription(chg pdiscproto.PeerDescriptionChange, pkOld *crypto.Key) (*pdiscproto.PeerDescription, error) {
-	allowedIPs := []*net.IPNet{
-		i.PublicKey().IPv6Address(),
-		i.PublicKey().IPv4Address(),
-	}
-
-	// Only allow a single IP from the network
-	for _, allowedIP := range allowedIPs {
-		for i := range allowedIP.Mask {
-			allowedIP.Mask[i] = 0xff
-		}
-	}
-
-	hn, err := os.Hostname()
-	if err != nil {
-		return nil, fmt.Errorf("failed to get hostname: %w", err)
-	}
-
-	pd := &pdiscproto.PeerDescription{
-		Change:     chg,
-		Hostname:   hn,
-		AllowedIps: util.StringSlice(allowedIPs),
-		BuildInfo:  buildinfo.BuildInfo(),
-	}
-
-	if pkOld != nil {
-		if pd.Change != pdiscproto.PeerDescriptionChange_PEER_UPDATE {
-			return nil, fmt.Errorf("can not change public key in non-update message")
-		}
-
-		pd.PublicKeyNew = i.PublicKey().Bytes()
-		pd.PublicKey = pkOld.Bytes()
-	} else {
-		pd.PublicKey = i.PublicKey().Bytes()
-	}
-
-	return pd, nil
-}

pkg/crypto/types.go

@@ -1,38 +1,35 @@
 package crypto
 
 import (
-	"crypto/sha512"
 	"encoding/base64"
 	"errors"
 	"net"
 
 	"github.com/dchest/siphash"
+	"golang.org/x/crypto/argon2"
 	"golang.org/x/crypto/curve25519"
-	"golang.org/x/crypto/pbkdf2"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
 
 // Keys
 
 const (
 	KeyLength = 32
-
-	pbkdf2Iterations = 4096
 )
 
 var (
 	// A cunīcu specific key for siphash to generate unique IPv6 addresses from the
 	// interfaces public key
 	addrHashKey = [...]byte{0x67, 0x67, 0x2c, 0x05, 0xd1, 0x3e, 0x11, 0x94, 0xbb, 0x38, 0x91, 0xff, 0x4f, 0x80, 0xb3, 0x97}
 
-	pbkdf2Salt = [...]byte{0x77, 0x31, 0x63, 0x33, 0x63, 0x30, 0x6e, 0x6e, 0x33, 0x63, 0x74, 0x73, 0x33, 0x76, 0x65, 0x72, 0x79, 0x62, 0x30, 0x64, 0x79}
+	argonSalt = [...]byte{0x77, 0x31, 0x63, 0x33, 0x63, 0x30, 0x6e, 0x6e, 0x33, 0x63, 0x74, 0x73, 0x33, 0x76, 0x65, 0x72, 0x79, 0x62, 0x30, 0x64, 0x79}
 )
 
 type Nonce []byte
 type Key [KeyLength]byte
 
 func GenerateKeyFromPassword(pw string) Key {
-	key := pbkdf2.Key([]byte(pw), pbkdf2Salt[:], pbkdf2Iterations, KeyLength, sha512.New)
+	key := argon2.IDKey([]byte(pw), argonSalt[:], 1, 64*1024, 4, KeyLength)
 
 	// Modify random bytes using algorithm described at:
 	// https://cr.yp.to/ecdh.html.

pkg/crypto/types_test.go

@@ -10,7 +10,7 @@ import (
 	. "github.com/onsi/gomega"
 )
 
-var _ = Describe("PBKDF2 Key derivation", func() {
+var _ = Describe("Argon2id key derivation", func() {
 	var key1, key2 crypto.Key
 
 	BeforeEach(func() {
@@ -19,7 +19,7 @@ var _ = Describe("PBKDF2 Key derivation", func() {
 	})
 
 	It("matches well known key", func() {
-		Expect(crypto.ParseKey("SAyMLIWTO+DSnTx/JDak+lRR5huci8m4JsEabkkIxFY=")).To(Equal(key1))
+		Expect(crypto.ParseKey("KJJj36cAiOLIaAImbnZtzvk6KmIpx87LLC4sCnriuUw=")).To(Equal(key1))
 	})
 
 	It("does not create equal keys", func() {

pkg/feat/feat.go

@@ -50,7 +50,7 @@ func NewFeatures(w *watcher.Watcher, cfg *config.Config, c *wgctrl.Client, b sig
 	}
 
 	if cfg.DefaultInterfaceSettings.PeerDisc.Enabled && cfg.DefaultInterfaceSettings.PeerDisc.Community != "" {
-		feats = append(feats, pdisc.New(w, c, b, cfg.DefaultInterfaceSettings.PeerDisc.Community, cfg.DefaultInterfaceSettings.PeerDisc.Whitelist))
+		feats = append(feats, pdisc.New(w, c, b, cfg))
 	}
 
 	if len(cfg.Hooks) > 0 {