github.com/la5nta/wl2k-go@v0.11.8/fbb/secure.go

github.com/la5nta/wl2k-go@v0.11.8/fbb/secure.go (about)

     1  // Copyright 2015 Martin Hebnes Pedersen (LA5NTA). All rights reserved.
     2  // Use of this source code is governed by the MIT-license that can be
     3  // found in the LICENSE file.
     4  
     5  package fbb
     6  
     7  import (
     8  	"crypto/md5"
     9  	"fmt"
    10  )
    11  
    12  // This salt was found in paclink-unix's source code.
    13  var winlinkSecureSalt = []byte{
    14  	77, 197, 101, 206, 190, 249,
    15  	93, 200, 51, 243, 93, 237,
    16  	71, 94, 239, 138, 68, 108,
    17  	70, 185, 225, 137, 217, 16,
    18  	51, 122, 193, 48, 194, 195,
    19  	198, 175, 172, 169, 70, 84,
    20  	61, 62, 104, 186, 114, 52,
    21  	61, 168, 66, 129, 192, 208,
    22  	187, 249, 232, 193, 41, 113,
    23  	41, 45, 240, 16, 29, 228,
    24  	208, 228, 61, 20}
    25  
    26  // This algorithm for generating a secure login response token has been ported
    27  // to Go from the paclink-unix implementation.
    28  func secureLoginResponse(challenge, password string) string {
    29  	payload := challenge + password + string(winlinkSecureSalt)
    30  
    31  	sum := md5.Sum([]byte(payload))
    32  
    33  	pr := int32(sum[3] & 0x3f)
    34  	for i := 2; i >= 0; i-- {
    35  		pr = (pr << 8) | int32(sum[i])
    36  	}
    37  
    38  	str := fmt.Sprintf("%08d", pr)
    39  
    40  	return str[len(str)-8:]
    41  }