aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gen.go4
-rw-r--r--keys.go25
-rw-r--r--keys_test.go5
3 files changed, 14 insertions, 20 deletions
diff --git a/gen.go b/gen.go
index 918a508..1f612bf 100644
--- a/gen.go
+++ b/gen.go
@@ -34,10 +34,6 @@ func NewKey(rounds int, xorkey []byte) (PubKey, EncKey, error) {
copy(encKey.Checksum[:], checkSum[:len(encKey.Checksum)])
rand.Read(encKey.Salt[:])
- if rounds > 0 && xorkey != nil {
- encKey.XOR(xorkey)
- }
-
return pubKey, encKey, nil
}
diff --git a/keys.go b/keys.go
index d4c2e49..1e52ef1 100644
--- a/keys.go
+++ b/keys.go
@@ -37,15 +37,6 @@ type EncKey struct {
SecKey [ed25519.PrivateKeySize]byte
}
-func (v *EncKey) XOR(key []byte) {
- if len(key) != len(v.SecKey) {
- panic("invalid key len")
- }
- for i := range key {
- v.SecKey[i] ^= key[i]
- }
-}
-
func (v *Sig) IsValid() bool {
return v.PKAlg == PKAlg
}
@@ -70,18 +61,24 @@ func (v *EncKey) Sign(message []byte) *Sig {
return sig
}
-func (v *EncKey) IsValid(pass []byte) bool {
+func (v *EncKey) IsValid() bool {
if v.PKAlg != PKAlg || v.KDFAlg != KDFAlg {
return false
}
- if v.KDFRounds > 0 {
- key := bhash.Pbkdf(pass, v.Salt[:], int(v.KDFRounds), len(v.SecKey))
- v.XOR(key)
- }
sum := sha512.Sum512(v.SecKey[:])
return bytes.Equal(sum[:len(v.Checksum)], v.Checksum[:])
}
+func (e *EncKey) Kdf(pass string) {
+ if e.KDFRounds == 0 {
+ return
+ }
+ xorkey := bhash.Pbkdf([]byte(pass), e.Salt[:], int(e.KDFRounds), len(e.SecKey))
+ for i := range xorkey {
+ e.SecKey[i] ^= xorkey[i]
+ }
+}
+
func Unmarshal(b []byte, v interface{}) error {
buf := bytes.NewReader(b)
if err := binary.Read(buf, binary.BigEndian, v); err != nil {
diff --git a/keys_test.go b/keys_test.go
index 4aa0f03..db84b1a 100644
--- a/keys_test.go
+++ b/keys_test.go
@@ -47,7 +47,7 @@ func TestUnmarshalEnc(t *testing.T) {
if !bytes.Equal(raw, out) {
t.Errorf("want %v, got %v", raw, out)
}
- if !v.IsValid(nil) {
+ if !v.IsValid() {
t.Error("invalid %+v", v)
}
}
@@ -63,7 +63,8 @@ func TestUnmarshalKDF(t *testing.T) {
if !bytes.Equal(raw, out) {
t.Errorf("want %v, got %v", raw, out)
}
- if !v.IsValid([]byte("test")) {
+ v.Kdf("test")
+ if !v.IsValid() {
t.Errorf("invalid %+v", v)
}
}