/
rfcdigest.go
123 lines (104 loc) · 3.07 KB
/
rfcdigest.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
package pq
import (
"crypto/hmac"
"crypto/sha1"
"fmt"
"strings"
"crypto/sha256"
"golang.org/x/crypto/pbkdf2"
)
func charToByte(c byte) byte {
return byte(strings.Index("0123456789ABCDEF", string(c)))
}
func hexStringToBytes(hexString string) []byte {
if hexString == "" {
return []byte("")
}
upperString := strings.ToUpper(hexString)
bytes_len := len(upperString) / 2
array := make([]byte, bytes_len)
for i := 0; i < bytes_len; i++ {
pos := i * 2
array[i] = byte(charToByte(upperString[pos])<<4 | charToByte(upperString[pos+1]))
}
return array
}
func generateKFromPBKDF2NoSerIter(password string, random64code string) []byte {
return generateKFromPBKDF2(password, random64code, 2048)
}
func generateKFromPBKDF2(password string, random64code string, serverIteration int) []byte {
random32code := hexStringToBytes(random64code)
pwdEn := pbkdf2.Key([]byte(password), random32code, serverIteration, 32, sha1.New)
return pwdEn
}
func bytesToHexString(src []byte) string {
s := ""
for i := 0; i < len(src); i++ {
v := src[i] & 0xFF
hv := fmt.Sprintf("%x", v)
if len(hv) < 2 {
s += hv
s += "0"
} else {
s += hv
}
}
return s
}
func getKeyFromHmac(key []byte, data []byte) []byte {
h := hmac.New(sha256.New, key)
h.Write(data)
return h.Sum(nil)
}
func getSha256(message []byte) []byte {
hash := sha256.New()
hash.Write(message)
return hash.Sum(nil)
}
func XorBetweenPassword(password1 []byte, password2 []byte, length int) []byte {
array := make([]byte, length)
for i := 0; i < length; i++ {
array[i] = (password1[i] ^ password2[i])
}
return array
}
func bytesToHex(bytes []byte) []byte {
lookup :=
[16]byte{'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'}
result := make([]byte, len(bytes)*2)
pos := 0
for i := 0; i < len(bytes); i++ {
c := int(bytes[i] & 0xFF)
j := c >> 4
result[pos] = lookup[j]
pos++
j = c & 0xF
result[pos] = lookup[j]
pos++
}
return result
}
func RFC5802Algorithm(password string, random64code string, token string, serverSignature string, serverIteration int) []byte {
k := generateKFromPBKDF2(password, random64code, serverIteration)
serverKey := getKeyFromHmac(k, []byte("Sever Key"))
clientKey := getKeyFromHmac(k, []byte("Client Key"))
storedKey := getSha256(clientKey)
tokenByte := hexStringToBytes(token)
clientSignature := getKeyFromHmac(serverKey, tokenByte)
if serverSignature != "" && serverSignature != bytesToHexString(clientSignature) {
return []byte("")
}
hmacResult := getKeyFromHmac(storedKey, tokenByte)
h := XorBetweenPassword(hmacResult, clientKey, len(clientKey))
result := bytesToHex(h)
return result
}
func Md5Sha256encode(password, random64code string, salt []byte) []byte {
k := generateKFromPBKDF2NoSerIter(password, random64code)
serverKey := getKeyFromHmac(k, []byte("Sever Key"))
clientKey := getKeyFromHmac(k, []byte("Client Key"))
storedKey := getSha256(clientKey)
EncryptString := random64code + bytesToHexString(serverKey) + bytesToHexString(storedKey)
passDigest := md5s(EncryptString + string(salt))
return bytesToHex([]byte(passDigest)[:16])
}