0xFelix
diff --git a/‎Makefile‎
Lines changed: 1 addition & 1 deletion b/‎Makefile‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎go.mod‎
Lines changed: 1 addition & 3 deletions b/‎go.mod‎
Lines changed: 1 addition & 3 deletions
diff --git a/‎go.sum‎
Lines changed: 0 additions & 2 deletions b/‎go.sum‎
Lines changed: 0 additions & 2 deletions
diff --git a/‎main.go‎
Lines changed: 16 additions & 7 deletions b/‎main.go‎
Lines changed: 16 additions & 7 deletions
diff --git a/‎vendor/golang.org/x/crypto/LICENSE‎
Lines changed: 0 additions & 27 deletions b/‎vendor/golang.org/x/crypto/LICENSE‎
Lines changed: 0 additions & 27 deletions
diff --git a/‎vendor/golang.org/x/crypto/PATENTS‎
Lines changed: 0 additions & 22 deletions b/‎vendor/golang.org/x/crypto/PATENTS‎
Lines changed: 0 additions & 22 deletions
diff --git a/‎vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go‎
Lines changed: 0 additions & 77 deletions b/‎vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go‎
Lines changed: 0 additions & 77 deletions
diff --git a/‎vendor/modules.txt‎
Lines changed: 0 additions & 3 deletions b/‎vendor/modules.txt‎
Lines changed: 0 additions & 3 deletions
@@ -9,7 +9,7 @@ clean:
 
 .PHONY: fmt
 fmt: gofumpt ## Run gofumt against code.
-	go mod tidy -compat=1.23
+	go mod tidy -compat=1.24
 	$(GOFUMPT) -w -extra .
 
 .PHONY: vendor
 
@@ -1,5 +1,3 @@
 module cga-led
 
-go 1.23
-
-require golang.org/x/crypto v0.33.0
+go 1.24
@@ -1,2 +0,0 @@
-golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus=
-golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M=
@@ -2,6 +2,7 @@ package main
 
 import (
 	"context"
+	"crypto/pbkdf2"
 	"crypto/sha256"
 	"encoding/hex"
 	"encoding/json"
@@ -14,8 +15,6 @@ import (
 	"net/url"
 	"strconv"
 	"strings"
-
-	"golang.org/x/crypto/pbkdf2"
 )
 
 type genericResponse struct {
@@ -104,7 +103,11 @@ func (c *cgaLed) login() error {
 		return err
 	}
 
-	if _, err := c.sendSessionLogin(deriveChallenge(res, c.password)); err != nil {
+	challenge, err := deriveChallenge(res, c.password)
+	if err != nil {
+		return err
+	}
+	if _, err := c.sendSessionLogin(challenge); err != nil {
 		return err
 	}
 
@@ -250,12 +253,18 @@ func sendRequest[T apiResponse](client *http.Client, method, u string, body io.R
 	return &apiRes, nil
 }
 
-func deriveChallenge(res *loginResponse, password string) string {
+func deriveChallenge(res *loginResponse, password string) (string, error) {
 	const iterations = 1000
 	const keyLen = 16
-	a := pbkdf2.Key([]byte(password), []byte(res.Salt), iterations, keyLen, sha256.New)
-	b := pbkdf2.Key([]byte(hex.EncodeToString(a)), []byte(res.SaltWebUI), iterations, keyLen, sha256.New)
-	return hex.EncodeToString(b)
+	a, err := pbkdf2.Key(sha256.New, password, []byte(res.Salt), iterations, keyLen)
+	if err != nil {
+		return "", err
+	}
+	b, err := pbkdf2.Key(sha256.New, hex.EncodeToString(a), []byte(res.SaltWebUI), iterations, keyLen)
+	if err != nil {
+		return "", err
+	}
+	return hex.EncodeToString(b), nil
 }
 
 func main() {
-Original file line number
+Diff line change
@@ @@ -1,5 +1,3 @@ @@
 module cga-led
 -go 1.23
+-
 -require golang.org/x/crypto v0.33.0
 +go 1.24
Original file line number	Diff line number	Diff line change
`@@ -1,2 +0,0 @@`
`1`		`-golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus=`
`2`		`-golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M=`