aboutsummaryrefslogtreecommitdiff
path: root/bhash/bhash.go
blob: 307d31d7076d872659ff7fd93a3189cd3c06ea46 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package bhash

import (
	"bytes"
	"crypto/sha512"
	"encoding/binary"

	"golang.org/x/crypto/blowfish"
)

var magic = []byte("OxychromaticBlowfishSwatDynamite")

const rounds = 64

func Hash(pass, salt []byte) []byte {
	c, err := blowfish.NewSaltedCipher(pass, salt)
	if err != nil {
		panic(err)
	}
	// key expansion
	for i := 0; i < rounds; i++ {
		blowfish.ExpandKey(salt, c)
		blowfish.ExpandKey(pass, c)
	}
	// encryption
	buf := new(bytes.Buffer)
	blockSize := c.BlockSize()
	for n := 0; n < len(magic)/blockSize; n++ {
		b := make([]byte, blockSize)
		copy(b, magic[n*blockSize:(n+1)*blockSize])
		for i := 0; i < rounds; i++ {
			c.Encrypt(b, b)
		}
		// swap bytes and copy out
		var u [2]uint32
		binary.Read(bytes.NewReader(b), binary.BigEndian, &u)
		binary.Write(buf, binary.LittleEndian, u)
	}
	return buf.Bytes()
}

func Pbkdf(pass, salt []byte, iter, keyLen int) []byte {
	// collapse password
	h := sha512.New()
	h.Write(pass)
	sha2pass := h.Sum(nil)

	hashLen := 4 * blowfish.BlockSize
	numBlocks := (keyLen + hashLen - 1) / hashLen

	out := make([]byte, hashLen)
	key := make([]byte, hashLen*numBlocks)

	for n := 1; n <= numBlocks; n++ {
		// first round, salt is salt
		h.Reset()
		h.Write(salt)
		binary.Write(h, binary.BigEndian, uint32(n))
		tmp := Hash(sha2pass, h.Sum(nil))
		copy(out, tmp)

		for i := 1; i < iter; i++ {
			h.Reset()
			h.Write(tmp)
			tmp = Hash(sha2pass, h.Sum(nil))
			for x := range tmp {
				out[x] ^= tmp[x]
			}
		}
		// pbkdf2 deviation: output the key material non-linearly
		for x := range out {
			dst := x*numBlocks + (n - 1)
			key[dst] = out[x]
		}
	}
	return key[:keyLen]
}