aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2017-07-20 23:54:15 +0200
committerDimitri Sokolyuk <demon@dim13.org>2017-07-20 23:54:15 +0200
commitc9e595e61bcde6a0b90fbebe0becb39bf1c6f618 (patch)
tree288e1a83627c5a3b2356953616ad2f9c4d51d893
parent9e9418b7c0d32102e29324eff68909fb1f396e5c (diff)
Don't panic
-rw-r--r--ask/ask.go4
-rw-r--r--bhash/bhash.go20
-rw-r--r--bhash/bhash_test.go10
3 files changed, 23 insertions, 11 deletions
diff --git a/ask/ask.go b/ask/ask.go
index 205ad4c..f021ffd 100644
--- a/ask/ask.go
+++ b/ask/ask.go
@@ -28,7 +28,7 @@ func (Passphrase) Derive(salt []byte, rounds int, length int) ([]byte, error) {
if err != nil {
return nil, err
}
- return bhash.Pbkdf([]byte(pass), salt, rounds, length), nil
+ return bhash.Pbkdf([]byte(pass), salt, rounds, length)
}
type Confirmed struct{}
@@ -38,7 +38,7 @@ func (Confirmed) Derive(salt []byte, rounds int, length int) ([]byte, error) {
if err != nil {
return nil, err
}
- return bhash.Pbkdf([]byte(pass), salt, rounds, length), nil
+ return bhash.Pbkdf([]byte(pass), salt, rounds, length)
}
// confirmed asks for password twice
diff --git a/bhash/bhash.go b/bhash/bhash.go
index 0c1d659..614a30c 100644
--- a/bhash/bhash.go
+++ b/bhash/bhash.go
@@ -20,10 +20,10 @@ const (
)
// Hash computes bcrypt hash
-func Hash(pass, salt []byte) []byte {
+func Hash(pass, salt []byte) ([]byte, error) {
c, err := blowfish.NewSaltedCipher(pass, salt)
if err != nil {
- panic(err)
+ return nil, err
}
// key expansion
for i := 0; i < rounds; i++ {
@@ -42,11 +42,11 @@ func Hash(pass, salt []byte) []byte {
binary.Read(bytes.NewReader(v), binary.LittleEndian, &u)
binary.Write(buf, binary.BigEndian, u)
}
- return buf.Bytes()
+ return buf.Bytes(), nil
}
// Pbkdf returns derivated key
-func Pbkdf(pass, salt []byte, iter, keyLen int) []byte {
+func Pbkdf(pass, salt []byte, iter, keyLen int) ([]byte, error) {
// collapse password
h := sha512.New()
h.Write(pass)
@@ -61,13 +61,19 @@ func Pbkdf(pass, salt []byte, iter, keyLen int) []byte {
h.Reset()
h.Write(salt)
binary.Write(h, binary.BigEndian, uint32(n))
- tmp := Hash(sha2pass, h.Sum(nil))
+ tmp, err := Hash(sha2pass, h.Sum(nil))
+ if err != nil {
+ return nil, err
+ }
copy(out, tmp)
for i := 1; i < iter; i++ {
h.Reset()
h.Write(tmp)
- tmp = Hash(sha2pass, h.Sum(nil))
+ tmp, err = Hash(sha2pass, h.Sum(nil))
+ if err != nil {
+ return nil, err
+ }
for x := range tmp {
out[x] ^= tmp[x]
}
@@ -78,5 +84,5 @@ func Pbkdf(pass, salt []byte, iter, keyLen int) []byte {
key[dst] = out[x]
}
}
- return key[:keyLen]
+ return key[:keyLen], nil
}
diff --git a/bhash/bhash_test.go b/bhash/bhash_test.go
index bce8313..a8870eb 100644
--- a/bhash/bhash_test.go
+++ b/bhash/bhash_test.go
@@ -14,7 +14,10 @@ func TestHash(t *testing.T) {
0x4d, 0x84, 0x22, 0xba, 0xc0, 0xa7, 0x92, 0x6c,
}
zero := make([]byte, 32)
- res := Hash(zero, zero)
+ res, err := Hash(zero, zero)
+ if err != nil {
+ t.Fatal(err)
+ }
if !bytes.Equal(res, golden) {
t.Errorf("got %x, want %x", res, golden)
}
@@ -108,7 +111,10 @@ func TestPbkdf(t *testing.T) {
tc := tc
t.Run(fmt.Sprint(len(tc)), func(t *testing.T) {
t.Parallel()
- res := Pbkdf(zero, zero, rounds, len(tc))
+ res, err := Pbkdf(zero, zero, rounds, len(tc))
+ if err != nil {
+ t.Fatal(err)
+ }
if !bytes.Equal(res, tc) {
t.Errorf("got %x, want %x", res, tc)
}