aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gen.go17
-rw-r--r--gen_test.go3
-rw-r--r--keys.go9
-rw-r--r--keys_test.go2
-rw-r--r--main.go25
5 files changed, 28 insertions, 28 deletions
diff --git a/gen.go b/gen.go
index 1f612bf..da93282 100644
--- a/gen.go
+++ b/gen.go
@@ -8,7 +8,7 @@ import (
"golang.org/x/crypto/ed25519"
)
-func NewKey(rounds int, xorkey []byte) (PubKey, EncKey, error) {
+func NewKey() (PubKey, EncKey, error) {
pub, sec, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
return PubKey{}, EncKey{}, err
@@ -24,10 +24,9 @@ func NewKey(rounds int, xorkey []byte) (PubKey, EncKey, error) {
copy(pubKey.PubKey[:], pub)
encKey := EncKey{
- PKAlg: PKAlg,
- KDFAlg: KDFAlg,
- KDFRounds: uint32(rounds),
- KeyNum: keyNum,
+ PKAlg: PKAlg,
+ KDFAlg: KDFAlg,
+ KeyNum: keyNum,
}
copy(encKey.SecKey[:], sec)
checkSum := sha512.Sum512(sec)
@@ -38,13 +37,17 @@ func NewKey(rounds int, xorkey []byte) (PubKey, EncKey, error) {
}
func Generate(pubkeyfile, seckeyfile, comment string, rounds int) error {
- pubKey, encKey, err := NewKey(rounds, nil)
+ pubKey, encKey, err := NewKey()
if err != nil {
return err
}
if rounds > 0 {
- // KDF
+ pass, err := AskPassword(nil, true)
+ if err != nil {
+ return err
+ }
+ encKey.Kdf(pass, rounds)
}
sb64, err := Marshal(encKey)
diff --git a/gen_test.go b/gen_test.go
index 3b8df7a..8f8bbba 100644
--- a/gen_test.go
+++ b/gen_test.go
@@ -3,8 +3,7 @@ package main
import "testing"
func TestNewKey(t *testing.T) {
- xorkey := make([]byte, 64)
- pub, sec, err := NewKey(42, xorkey)
+ pub, sec, err := NewKey()
if err != nil {
t.Error(err)
}
diff --git a/keys.go b/keys.go
index 1e52ef1..85675e2 100644
--- a/keys.go
+++ b/keys.go
@@ -10,6 +10,8 @@ import (
"golang.org/x/crypto/ed25519"
)
+const DefaultRounds = 42
+
var (
PKAlg = [2]byte{'E', 'd'}
KDFAlg = [2]byte{'B', 'K'}
@@ -69,14 +71,15 @@ func (v *EncKey) IsValid() bool {
return bytes.Equal(sum[:len(v.Checksum)], v.Checksum[:])
}
-func (e *EncKey) Kdf(pass string) {
- if e.KDFRounds == 0 {
+func (e *EncKey) Kdf(pass string, rounds int) {
+ if rounds == 0 {
return
}
- xorkey := bhash.Pbkdf([]byte(pass), e.Salt[:], int(e.KDFRounds), len(e.SecKey))
+ xorkey := bhash.Pbkdf([]byte(pass), e.Salt[:], rounds, len(e.SecKey))
for i := range xorkey {
e.SecKey[i] ^= xorkey[i]
}
+ e.KDFRounds = uint32(rounds)
}
func Unmarshal(b []byte, v interface{}) error {
diff --git a/keys_test.go b/keys_test.go
index db84b1a..0eb7e0c 100644
--- a/keys_test.go
+++ b/keys_test.go
@@ -63,7 +63,7 @@ func TestUnmarshalKDF(t *testing.T) {
if !bytes.Equal(raw, out) {
t.Errorf("want %v, got %v", raw, out)
}
- v.Kdf("test")
+ v.Kdf("test", DefaultRounds)
if !v.IsValid() {
t.Errorf("invalid %+v", v)
}
diff --git a/main.go b/main.go
index 2742f72..db4579f 100644
--- a/main.go
+++ b/main.go
@@ -1,15 +1,13 @@
package main
import (
- "encoding/base64"
"flag"
- "fmt"
+ "log"
)
const (
- verFailed = "signature verfication failed"
- verOK = "Signature Verfied"
- DefaultRounds = 42
+ verFailed = "signature verfication failed"
+ verOK = "Signature Verfied"
)
/*
@@ -23,8 +21,8 @@ var (
checksum = flag.Bool("C", false, "Verify a signed checksum list")
generate = flag.Bool("G", false, "Generate a new key pair")
sign = flag.Bool("S", false, "Sign the specfied message")
- vefify = flag.Bool("V", false, "Verify the message")
- comment = flag.String("c", "", "Comment")
+ verify = flag.Bool("V", false, "Verify the message")
+ comment = flag.String("c", "signify", "Comment")
embed = flag.Bool("e", false, "Embed the message")
msg = flag.String("m", "", "Message file")
nopass = flag.Bool("n", false, "No key passphrase")
@@ -42,16 +40,13 @@ func main() {
if *nopass {
rounds = 0
}
- _ = rounds
- /*
+ switch {
+ case *generate:
if err := Generate(*pub, *sec, *comment, rounds); err != nil {
log.Fatal(err)
}
- */
-
- s, _ := base64.StdEncoding.DecodeString("RWRCSwAAAACzJBN2gC5//jVvDiV76rs4m2aKXkljqDpbOC0bBf7abZhV/Zygr6b0KIbSI56JQutwzsQeouxnnHuVTZp3IW4M9qdpe5Nh8Jrr5g7r0rHLPxEPmcv/dNru6ZjqI7CcGsY=")
-
- ms, _ := Marshal(s)
- fmt.Println(string(ms))
+ case *sign:
+ case *verify:
+ }
}