From 06c2e8eeb7bdad927ba72616bfed10fa4fdcd23b Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Wed, 19 Apr 2017 16:11:49 +0200 Subject: errors --- keys.go | 42 ++++++++++++++++++++++++++++++------------ keys_test.go | 8 ++++---- main.go | 25 +++++++++---------------- 3 files changed, 43 insertions(+), 32 deletions(-) diff --git a/keys.go b/keys.go index 9ca7e73..96e5c2a 100644 --- a/keys.go +++ b/keys.go @@ -15,9 +15,12 @@ import ( const DefaultRounds = 42 var ( + ErrInvalidPK = errors.New("unsupported format") ErrInvalidKDF = errors.New("unsupported KDF") ErrPassphrase = errors.New("incorrect passphrase") + ErrInvalidKey = errors.New("invalid key") ErrKeyNum = errors.New("verification failed: checked against wrong key") + ErrInvalidSig = errors.New("signature verfication failed") ) var ( @@ -47,19 +50,28 @@ type EncKey struct { SecKey [ed25519.PrivateKeySize]byte } -func (v *Sig) IsValid() bool { - return v.PKAlg == PKAlg +func (v *Sig) Check() error { + if v.PKAlg != PKAlg { + return ErrInvalidPK + } + return nil } -func (v *PubKey) IsValid() bool { - return v.PKAlg == PKAlg +func (v *PubKey) Check() error { + if v.PKAlg != PKAlg { + return ErrInvalidPK + } + return nil } -func (v *PubKey) Verify(message []byte, sig *Sig) bool { - if v.PKAlg != sig.PKAlg || v.KeyNum != sig.KeyNum { - return false +func (v *PubKey) Verify(message []byte, sig *Sig) error { + if v.KeyNum != sig.KeyNum { + return ErrKeyNum + } + if !ed25519.Verify(ed25519.PublicKey(v.PubKey[:]), message, sig.Sig[:]) { + return ErrInvalidSig } - return ed25519.Verify(ed25519.PublicKey(v.PubKey[:]), message, sig.Sig[:]) + return nil } func (v *EncKey) Sign(message []byte) *Sig { @@ -68,12 +80,18 @@ func (v *EncKey) Sign(message []byte) *Sig { return sig } -func (v *EncKey) IsValid() bool { - if v.PKAlg != PKAlg || v.KDFAlg != KDFAlg { - return false +func (v *EncKey) Check() error { + if v.PKAlg != PKAlg { + return ErrInvalidPK + } + if v.KDFAlg != KDFAlg { + return ErrInvalidKDF } sum := sha512.Sum512(v.SecKey[:]) - return bytes.Equal(sum[:len(v.Checksum)], v.Checksum[:]) + if !bytes.Equal(sum[:len(v.Checksum)], v.Checksum[:]) { + return ErrInvalidKey + } + return nil } func (e *EncKey) Kdf(pass string, rounds int) { diff --git a/keys_test.go b/keys_test.go index 0eb7e0c..92c222b 100644 --- a/keys_test.go +++ b/keys_test.go @@ -47,8 +47,8 @@ func TestUnmarshalEnc(t *testing.T) { if !bytes.Equal(raw, out) { t.Errorf("want %v, got %v", raw, out) } - if !v.IsValid() { - t.Error("invalid %+v", v) + if err := v.Check(); err != nil { + t.Error(err) } } @@ -64,7 +64,7 @@ func TestUnmarshalKDF(t *testing.T) { t.Errorf("want %v, got %v", raw, out) } v.Kdf("test", DefaultRounds) - if !v.IsValid() { - t.Errorf("invalid %+v", v) + if err := v.Check(); err != nil { + t.Error(err) } } diff --git a/main.go b/main.go index 08e9cd9..7f97d99 100644 --- a/main.go +++ b/main.go @@ -1,7 +1,6 @@ package main import ( - "errors" "flag" "fmt" "io/ioutil" @@ -16,12 +15,6 @@ import ( signify -V [-eqz] [-p pubkey] [-t keytype] [-x sigfile] -m message */ -var ( - ErrInvalidKey = errors.New("invalid key") - ErrInvalidSig = errors.New("signature verfication failed") - verOK = "Signature Verfied" -) - var ( checksum = flag.Bool("C", false, "Verify a signed checksum list") generate = flag.Bool("G", false, "Generate a new key pair") @@ -121,8 +114,8 @@ func OpenSec(fname string) (*EncKey, error) { } encKey.Kdf(pass, int(encKey.KDFRounds)) } - if !encKey.IsValid() { - return nil, ErrInvalidKey + if err := encKey.Check(); err != nil { + return nil, err } return encKey, nil } @@ -136,8 +129,8 @@ func OpenPub(fname string) (*PubKey, error) { if err := Unmarshal(f.RawKey, pubKey); err != nil { return nil, err } - if !pubKey.IsValid() { - return nil, ErrInvalidKey + if err := pubKey.Check(); err != nil { + return nil, err } return pubKey, nil } @@ -151,8 +144,8 @@ func OpenSig(fname string) (*Sig, []byte, error) { if err := Unmarshal(f.RawKey, sig); err != nil { return nil, nil, err } - if !sig.IsValid() { - return nil, nil, ErrInvalidKey + if err := sig.Check(); err != nil { + return nil, nil, err } if f.Embedded() { return sig, f.Message, nil @@ -200,9 +193,9 @@ func Verify(msgFile, pubFile string) error { if err != nil { return err } - if !pubKey.Verify(body, sig) { - return ErrInvalidSig + if err := pubKey.Verify(body, sig); err != nil { + return err } - log.Println(verOK) + log.Println("Signature Verfied") return nil } -- cgit v1.2.3