From 4bc207967df1d8232f7a7b9fd3a31fffef7ca648 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juhani=20Krekel=C3=A4?= <juhani@krekelä.fi>
Date: Wed, 11 Dec 2019 00:58:41 +0200
Subject: [PATCH] Move to base32 check strings instead

---
 kishib.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/kishib.py b/kishib.py
index 6fe16da..170c189 100644
--- a/kishib.py
+++ b/kishib.py
@@ -111,7 +111,7 @@ def auth_hash(client_pubkey, server_pubkey):
 	combined_hash = sha512(client_pubkey_hash + server_pubkey_hash)
 
 	truncated_hash = combined_hash[:32]
-	hash_check = sha512(truncated_hash)[:4]
+	hash_check = sha512(truncated_hash)[:5]
 	return truncated_hash + hash_check
 
 def chunk(sliceable, length):
@@ -119,9 +119,9 @@ def chunk(sliceable, length):
 		yield sliceable[i:i + length]
 
 def format_hash(hash_bytes):
-	hash_base64 = base64.b64encode(hash_bytes).decode()
-	chunked_base64 = chunk(hash_base64, 4)
-	return '-'.join(chunked_base64)
+	hash_base32 = base64.b32encode(hash_bytes).decode().lower().replace('=', '')
+	chunked_base32 = chunk(hash_base32, 5)
+	return '-'.join(chunked_base32)
 
 def verify(client_pubkey, server_pubkey):
 	own_hash = auth_hash(client_pubkey, server_pubkey)