aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2017-07-19 00:35:59 +0200
committerDimitri Sokolyuk <demon@dim13.org>2017-07-19 00:35:59 +0200
commit3a4c53ba05302cdf76bc5620e5d5bc5e654d3e05 (patch)
tree49a02cd9a2463d5fdee6aaabb8061e0d12872cf3
parent6853bddf6db6e76566809f8368a9b1534e9a91b3 (diff)
comments
-rw-r--r--key/enc.go3
-rw-r--r--key/key.go11
-rw-r--r--key/pub.go1
-rw-r--r--key/sig.go2
-rw-r--r--sign.go4
-rw-r--r--verify.go8
6 files changed, 21 insertions, 8 deletions
diff --git a/key/enc.go b/key/enc.go
index 9c81dbf..898eb4c 100644
--- a/key/enc.go
+++ b/key/enc.go
@@ -17,6 +17,7 @@ type Enc struct {
Key [ed25519.PrivateKeySize]byte
}
+// Public key of encryption key
func (v *Enc) Public() *Pub {
key := ed25519.PrivateKey(v.Key[:]).Public().(ed25519.PublicKey)
pub := &Pub{PKAlg: pkAlg, KeyNum: v.KeyNum}
@@ -24,6 +25,7 @@ func (v *Enc) Public() *Pub {
return pub
}
+// Sign message
func (v *Enc) Sign(message []byte) *Sig {
sig := &Sig{PKAlg: v.PKAlg, KeyNum: v.KeyNum}
copy(sig.Sig[:], ed25519.Sign(ed25519.PrivateKey(v.Key[:]), message))
@@ -52,6 +54,7 @@ func (v *Enc) UnmarshalBinary(data []byte) error {
return unmarshal(data, v)
}
+// NewEnc returns a parsed and decoded encryption key
func NewEnc(data []byte, der KeyDeriver) (*Enc, error) {
enc := new(Enc)
if err := enc.UnmarshalBinary(data); err != nil {
diff --git a/key/key.go b/key/key.go
index 3c3e98b..bddd6ac 100644
--- a/key/key.go
+++ b/key/key.go
@@ -11,6 +11,7 @@ import (
"golang.org/x/crypto/ed25519"
)
+// DefaultRounds of KDF
const DefaultRounds = 42
var (
@@ -27,10 +28,12 @@ var (
kdfAlg = [2]byte{'B', 'K'}
)
+// KeyDeriver returns a derived key from passphrase
type KeyDeriver interface {
DeriveKey(salt []byte, rounds int, length int) ([]byte, error)
}
+// Generate a new key pair
func Generate(der KeyDeriver) (*Pub, *Enc, error) {
pubKey, encKey, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
@@ -44,8 +47,12 @@ func Generate(der KeyDeriver) (*Pub, *Enc, error) {
checkSum := sha512.Sum512(encKey)
copy(enc.Checksum[:], checkSum[:len(enc.Checksum)])
- rand.Read(enc.Salt[:])
- rand.Read(enc.KeyNum[:])
+ if _, err := rand.Read(enc.Salt[:]); err != nil {
+ return err
+ }
+ if _, err := rand.Read(enc.KeyNum[:]); err != nil {
+ return err
+ }
// Pbdkf
if der != nil {
diff --git a/key/pub.go b/key/pub.go
index 9b6ac49..edc8acf 100644
--- a/key/pub.go
+++ b/key/pub.go
@@ -23,6 +23,7 @@ func (v *Pub) UnmarshalBinary(data []byte) error {
return unmarshal(data, v)
}
+// NewPub returns a parsed public key
func NewPub(data []byte) (*Pub, error) {
pub := new(Pub)
if err := pub.UnmarshalBinary(data); err != nil {
diff --git a/key/sig.go b/key/sig.go
index 0c95c10..00ca5ef 100644
--- a/key/sig.go
+++ b/key/sig.go
@@ -15,6 +15,7 @@ func (v *Sig) Err() error {
return nil
}
+// Verify message with public key
func (v *Sig) Verify(message []byte, pub *Pub) error {
if v.KeyNum != pub.KeyNum {
return ErrKeyNum
@@ -33,6 +34,7 @@ func (v *Sig) UnmarshalBinary(data []byte) error {
return unmarshal(data, v)
}
+// NewSig return parsed signature
func NewSig(data []byte) (*Sig, error) {
sig := new(Sig)
if err := sig.UnmarshalBinary(data); err != nil {
diff --git a/sign.go b/sign.go
index 4eb645b..17092ca 100644
--- a/sign.go
+++ b/sign.go
@@ -34,7 +34,7 @@ func sign(args []string) error {
}
_ = zip // TODO
- encKey, err := OpenEnc(*encFile)
+ encKey, err := openEnc(*encFile)
if err != nil {
return err
}
@@ -60,7 +60,7 @@ func sign(args []string) error {
return nil
}
-func OpenEnc(fname string) (*key.Enc, error) {
+func openEnc(fname string) (*key.Enc, error) {
block, err := file.DecodeFile(fname)
if err != nil {
return nil, err
diff --git a/verify.go b/verify.go
index 20f3123..dd90c55 100644
--- a/verify.go
+++ b/verify.go
@@ -36,14 +36,14 @@ func verify(args []string) error {
}
_ = keyType // TODO
- sig, msg, verifyWith, err := OpenSig(*sigFile)
+ sig, msg, verifyWith, err := openSig(*sigFile)
if err != nil {
return err
}
if *pubFile == "" {
*pubFile = verifyWith
}
- pubKey, err := OpenPub(*pubFile)
+ pubKey, err := openPub(*pubFile)
if err != nil {
return err
}
@@ -62,7 +62,7 @@ func verify(args []string) error {
return nil
}
-func OpenPub(fname string) (*key.Pub, error) {
+func openPub(fname string) (*key.Pub, error) {
block, err := file.DecodeFile(fname)
if err != nil {
return nil, err
@@ -70,7 +70,7 @@ func OpenPub(fname string) (*key.Pub, error) {
return key.NewPub(block.Bytes)
}
-func OpenSig(fname string) (*key.Sig, []byte, string, error) {
+func openSig(fname string) (*key.Sig, []byte, string, error) {
block, err := file.DecodeFile(fname)
if err != nil {
return nil, nil, "", err