aboutsummaryrefslogtreecommitdiff
path: root/keys.go
diff options
context:
space:
mode:
Diffstat (limited to 'keys.go')
-rw-r--r--keys.go42
1 files changed, 30 insertions, 12 deletions
diff --git a/keys.go b/keys.go
index 9ca7e73..96e5c2a 100644
--- a/keys.go
+++ b/keys.go
@@ -15,9 +15,12 @@ import (
const DefaultRounds = 42
var (
+ ErrInvalidPK = errors.New("unsupported format")
ErrInvalidKDF = errors.New("unsupported KDF")
ErrPassphrase = errors.New("incorrect passphrase")
+ ErrInvalidKey = errors.New("invalid key")
ErrKeyNum = errors.New("verification failed: checked against wrong key")
+ ErrInvalidSig = errors.New("signature verfication failed")
)
var (
@@ -47,19 +50,28 @@ type EncKey struct {
SecKey [ed25519.PrivateKeySize]byte
}
-func (v *Sig) IsValid() bool {
- return v.PKAlg == PKAlg
+func (v *Sig) Check() error {
+ if v.PKAlg != PKAlg {
+ return ErrInvalidPK
+ }
+ return nil
}
-func (v *PubKey) IsValid() bool {
- return v.PKAlg == PKAlg
+func (v *PubKey) Check() error {
+ if v.PKAlg != PKAlg {
+ return ErrInvalidPK
+ }
+ return nil
}
-func (v *PubKey) Verify(message []byte, sig *Sig) bool {
- if v.PKAlg != sig.PKAlg || v.KeyNum != sig.KeyNum {
- return false
+func (v *PubKey) Verify(message []byte, sig *Sig) error {
+ if v.KeyNum != sig.KeyNum {
+ return ErrKeyNum
+ }
+ if !ed25519.Verify(ed25519.PublicKey(v.PubKey[:]), message, sig.Sig[:]) {
+ return ErrInvalidSig
}
- return ed25519.Verify(ed25519.PublicKey(v.PubKey[:]), message, sig.Sig[:])
+ return nil
}
func (v *EncKey) Sign(message []byte) *Sig {
@@ -68,12 +80,18 @@ func (v *EncKey) Sign(message []byte) *Sig {
return sig
}
-func (v *EncKey) IsValid() bool {
- if v.PKAlg != PKAlg || v.KDFAlg != KDFAlg {
- return false
+func (v *EncKey) Check() error {
+ if v.PKAlg != PKAlg {
+ return ErrInvalidPK
+ }
+ if v.KDFAlg != KDFAlg {
+ return ErrInvalidKDF
}
sum := sha512.Sum512(v.SecKey[:])
- return bytes.Equal(sum[:len(v.Checksum)], v.Checksum[:])
+ if !bytes.Equal(sum[:len(v.Checksum)], v.Checksum[:]) {
+ return ErrInvalidKey
+ }
+ return nil
}
func (e *EncKey) Kdf(pass string, rounds int) {