aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2017-04-14 01:46:18 +0200
committerDimitri Sokolyuk <demon@dim13.org>2017-04-14 01:46:18 +0200
commit8097f16e6c20d5b663ae1893b7970b3c91a3f80d (patch)
treea5587844973b4c4599badd56d5663155a37ce240
parentf7f69134a9bf352d3e6cfb0fa081c08f53beebc8 (diff)
...
-rw-r--r--base64.go23
-rw-r--r--gen.go4
-rw-r--r--keys.go11
-rw-r--r--keys_test.go34
-rw-r--r--main.go2
-rw-r--r--pbkdf.go10
-rw-r--r--testdata/kdf.pub2
-rw-r--r--testdata/kdf.sec2
-rw-r--r--testdata/kdf.txt1
9 files changed, 69 insertions, 20 deletions
diff --git a/base64.go b/base64.go
index 56a7324..c2ba2eb 100644
--- a/base64.go
+++ b/base64.go
@@ -6,16 +6,23 @@ import (
"encoding/binary"
)
-func DecodeBase64(v interface{}, b []byte) error {
- buf := bytes.NewBuffer(b)
+func DecodeB64(v interface{}, b []byte) error {
+ buf := bytes.NewReader(b)
dec := base64.NewDecoder(base64.StdEncoding, buf)
- return binary.Read(dec, binary.BigEndian, v)
+ if err := binary.Read(dec, binary.BigEndian, v); err != nil {
+ return err
+ }
+ return nil
}
-func EncodeBase64(v interface{}) ([]byte, error) {
- buf := &bytes.Buffer{}
+func EncodeB64(v interface{}) ([]byte, error) {
+ buf := new(bytes.Buffer)
enc := base64.NewEncoder(base64.StdEncoding, buf)
- err := binary.Write(enc, binary.BigEndian, v)
- enc.Close()
- return buf.Bytes(), err
+ if err := binary.Write(enc, binary.BigEndian, v); err != nil {
+ return nil, err
+ }
+ if err := enc.Close(); err != nil {
+ return nil, err
+ }
+ return buf.Bytes(), nil
}
diff --git a/gen.go b/gen.go
index 2d2ddd4..23639aa 100644
--- a/gen.go
+++ b/gen.go
@@ -24,7 +24,7 @@ func Generate(pubkeyfile, seckeyfile, comment string, rounds int) error {
rand.Read(enckey.Salt[:])
copy(enckey.Checksum[:], digest[:len(enckey.Checksum)])
- sb64, err := EncodeBase64(enckey)
+ sb64, err := EncodeB64(enckey)
if err != nil {
return err
}
@@ -42,7 +42,7 @@ func Generate(pubkeyfile, seckeyfile, comment string, rounds int) error {
copy(pubkey.KeyNum[:], enckey.KeyNum[:])
copy(pubkey.PubKey[:], pub[:])
- pb64, err := EncodeBase64(enckey)
+ pb64, err := EncodeB64(enckey)
if err != nil {
return err
}
diff --git a/keys.go b/keys.go
index a84d663..0fcfee9 100644
--- a/keys.go
+++ b/keys.go
@@ -34,7 +34,16 @@ type EncKey struct {
SecKey [ed25519.PrivateKeySize]byte
}
-func (v *EncKey) Valid() bool {
+func xor(text, key []byte) {
+ if len(text) != len(key) {
+ return
+ }
+ for i := 0; i < len(text); i++ {
+ text[i] ^= key[i]
+ }
+}
+
+func (v *EncKey) IsValid() bool {
sum := sha512.Sum512(v.SecKey[:])
return bytes.Equal(sum[:8], v.Checksum[:])
}
diff --git a/keys_test.go b/keys_test.go
index 06a3730..02a0a6b 100644
--- a/keys_test.go
+++ b/keys_test.go
@@ -8,29 +8,51 @@ import (
func TestUnmarshalSig(t *testing.T) {
b64sig := []byte(`RWRbOC0bBf7abaGwGtq45KLDK63tgcF7CO4qTZSlTKCSbZTYlDfFm/DISQ60u+/jEzrk22suvXXAEsxQTe2xUOfV90get1YRGQo=`)
v := new(Sig)
- DecodeBase64(v, b64sig)
- out, _ := EncodeBase64(v)
+ DecodeB64(v, b64sig)
+ out, _ := EncodeB64(v)
if !bytes.Equal(b64sig, out) {
t.Errorf("want %v, got %v", b64sig, out)
}
+ t.Logf("%+v", v)
}
func TestUnmarshalPub(t *testing.T) {
b64pub := []byte(`RWRbOC0bBf7abfanaXuTYfCa6+YO69Kxyz8RD5nL/3Ta7umY6iOwnBrG`)
v := new(PubKey)
- DecodeBase64(v, b64pub)
- out, _ := EncodeBase64(v)
+ DecodeB64(v, b64pub)
+ out, _ := EncodeB64(v)
if !bytes.Equal(b64pub, out) {
t.Errorf("want %v, got %v", b64pub, out)
}
+ t.Logf("%+v", v)
}
func TestUnmarshalEnc(t *testing.T) {
b64enc := []byte(`RWRCSwAAAACzJBN2gC5//jVvDiV76rs4m2aKXkljqDpbOC0bBf7abZhV/Zygr6b0KIbSI56JQutwzsQeouxnnHuVTZp3IW4M9qdpe5Nh8Jrr5g7r0rHLPxEPmcv/dNru6ZjqI7CcGsY=`)
v := new(EncKey)
- DecodeBase64(v, b64enc)
- out, _ := EncodeBase64(v)
+ DecodeB64(v, b64enc)
+ out, _ := EncodeB64(v)
if !bytes.Equal(b64enc, out) {
t.Errorf("want %v, got %v", b64enc, out)
}
+ t.Logf("%+v", v)
+ if !v.IsValid() {
+ t.Error("invalid")
+ }
+}
+
+func TestUnmarshalKDF(t *testing.T) {
+ b64enc := []byte(`RWRCSwAAACoXv4r2lp3RYYLEWZRsY+1Z+1mJtEScNBaKdOKcMdhUHrztnf8a4sUNGY19MoV3wX2cyW2Mn1MduKxi9s3Se070TGF0IZG/hH4SKiNUYi+yi1mandWAwmhY3ahIHApigTk=`)
+ v := new(EncKey)
+ DecodeB64(v, b64enc)
+ out, _ := EncodeB64(v)
+ if !bytes.Equal(b64enc, out) {
+ t.Errorf("want %v, got %v", b64enc, out)
+ }
+ t.Logf("%+v", v)
+ /* FIXME KDF missing
+ if !v.IsValid() {
+ t.Error("invalid")
+ }
+ */
}
diff --git a/main.go b/main.go
index 8d01333..4027a5a 100644
--- a/main.go
+++ b/main.go
@@ -57,6 +57,6 @@ func main() {
PKAlg: PKAlg,
}
rand.Read(ss.KeyNum[:])
- ms, _ := EncodeBase64(ss)
+ ms, _ := EncodeB64(ss)
fmt.Println(string(ms))
}
diff --git a/pbkdf.go b/pbkdf.go
index afc86d1..6a88fc1 100644
--- a/pbkdf.go
+++ b/pbkdf.go
@@ -1,9 +1,15 @@
package main
-import "hash"
+import (
+ "hash"
+
+ "golang.org/x/crypto/pbkdf2"
+)
// bcrypt_pbkdf
+const magic = "OxychromaticBlowfishSwatDynamite"
+
func Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte {
- return nil
+ return pbkdf2.Key(password, salt, iter, keyLen, h)
}
diff --git a/testdata/kdf.pub b/testdata/kdf.pub
new file mode 100644
index 0000000..abc3893
--- /dev/null
+++ b/testdata/kdf.pub
@@ -0,0 +1,2 @@
+untrusted comment: signify public key
+RWSKdOKcMdhUHtD9TWgPRZnRRTwl2WTeRpEZLCjtf4TTS24EfqT7uoPz
diff --git a/testdata/kdf.sec b/testdata/kdf.sec
new file mode 100644
index 0000000..b69b5e8
--- /dev/null
+++ b/testdata/kdf.sec
@@ -0,0 +1,2 @@
+untrusted comment: signify secret key
+RWRCSwAAACoXv4r2lp3RYYLEWZRsY+1Z+1mJtEScNBaKdOKcMdhUHrztnf8a4sUNGY19MoV3wX2cyW2Mn1MduKxi9s3Se070TGF0IZG/hH4SKiNUYi+yi1mandWAwmhY3ahIHApigTk=
diff --git a/testdata/kdf.txt b/testdata/kdf.txt
new file mode 100644
index 0000000..9daeafb
--- /dev/null
+++ b/testdata/kdf.txt
@@ -0,0 +1 @@
+test