From 3a4c53ba05302cdf76bc5620e5d5bc5e654d3e05 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Wed, 19 Jul 2017 00:35:59 +0200 Subject: comments --- key/enc.go | 3 +++ key/key.go | 11 +++++++++-- key/pub.go | 1 + key/sig.go | 2 ++ sign.go | 4 ++-- verify.go | 8 ++++---- 6 files changed, 21 insertions(+), 8 deletions(-) diff --git a/key/enc.go b/key/enc.go index 9c81dbf..898eb4c 100644 --- a/key/enc.go +++ b/key/enc.go @@ -17,6 +17,7 @@ type Enc struct { Key [ed25519.PrivateKeySize]byte } +// Public key of encryption key func (v *Enc) Public() *Pub { key := ed25519.PrivateKey(v.Key[:]).Public().(ed25519.PublicKey) pub := &Pub{PKAlg: pkAlg, KeyNum: v.KeyNum} @@ -24,6 +25,7 @@ func (v *Enc) Public() *Pub { return pub } +// Sign message func (v *Enc) Sign(message []byte) *Sig { sig := &Sig{PKAlg: v.PKAlg, KeyNum: v.KeyNum} copy(sig.Sig[:], ed25519.Sign(ed25519.PrivateKey(v.Key[:]), message)) @@ -52,6 +54,7 @@ func (v *Enc) UnmarshalBinary(data []byte) error { return unmarshal(data, v) } +// NewEnc returns a parsed and decoded encryption key func NewEnc(data []byte, der KeyDeriver) (*Enc, error) { enc := new(Enc) if err := enc.UnmarshalBinary(data); err != nil { diff --git a/key/key.go b/key/key.go index 3c3e98b..bddd6ac 100644 --- a/key/key.go +++ b/key/key.go @@ -11,6 +11,7 @@ import ( "golang.org/x/crypto/ed25519" ) +// DefaultRounds of KDF const DefaultRounds = 42 var ( @@ -27,10 +28,12 @@ var ( kdfAlg = [2]byte{'B', 'K'} ) +// KeyDeriver returns a derived key from passphrase type KeyDeriver interface { DeriveKey(salt []byte, rounds int, length int) ([]byte, error) } +// Generate a new key pair func Generate(der KeyDeriver) (*Pub, *Enc, error) { pubKey, encKey, err := ed25519.GenerateKey(rand.Reader) if err != nil { @@ -44,8 +47,12 @@ func Generate(der KeyDeriver) (*Pub, *Enc, error) { checkSum := sha512.Sum512(encKey) copy(enc.Checksum[:], checkSum[:len(enc.Checksum)]) - rand.Read(enc.Salt[:]) - rand.Read(enc.KeyNum[:]) + if _, err := rand.Read(enc.Salt[:]); err != nil { + return err + } + if _, err := rand.Read(enc.KeyNum[:]); err != nil { + return err + } // Pbdkf if der != nil { diff --git a/key/pub.go b/key/pub.go index 9b6ac49..edc8acf 100644 --- a/key/pub.go +++ b/key/pub.go @@ -23,6 +23,7 @@ func (v *Pub) UnmarshalBinary(data []byte) error { return unmarshal(data, v) } +// NewPub returns a parsed public key func NewPub(data []byte) (*Pub, error) { pub := new(Pub) if err := pub.UnmarshalBinary(data); err != nil { diff --git a/key/sig.go b/key/sig.go index 0c95c10..00ca5ef 100644 --- a/key/sig.go +++ b/key/sig.go @@ -15,6 +15,7 @@ func (v *Sig) Err() error { return nil } +// Verify message with public key func (v *Sig) Verify(message []byte, pub *Pub) error { if v.KeyNum != pub.KeyNum { return ErrKeyNum @@ -33,6 +34,7 @@ func (v *Sig) UnmarshalBinary(data []byte) error { return unmarshal(data, v) } +// NewSig return parsed signature func NewSig(data []byte) (*Sig, error) { sig := new(Sig) if err := sig.UnmarshalBinary(data); err != nil { diff --git a/sign.go b/sign.go index 4eb645b..17092ca 100644 --- a/sign.go +++ b/sign.go @@ -34,7 +34,7 @@ func sign(args []string) error { } _ = zip // TODO - encKey, err := OpenEnc(*encFile) + encKey, err := openEnc(*encFile) if err != nil { return err } @@ -60,7 +60,7 @@ func sign(args []string) error { return nil } -func OpenEnc(fname string) (*key.Enc, error) { +func openEnc(fname string) (*key.Enc, error) { block, err := file.DecodeFile(fname) if err != nil { return nil, err diff --git a/verify.go b/verify.go index 20f3123..dd90c55 100644 --- a/verify.go +++ b/verify.go @@ -36,14 +36,14 @@ func verify(args []string) error { } _ = keyType // TODO - sig, msg, verifyWith, err := OpenSig(*sigFile) + sig, msg, verifyWith, err := openSig(*sigFile) if err != nil { return err } if *pubFile == "" { *pubFile = verifyWith } - pubKey, err := OpenPub(*pubFile) + pubKey, err := openPub(*pubFile) if err != nil { return err } @@ -62,7 +62,7 @@ func verify(args []string) error { return nil } -func OpenPub(fname string) (*key.Pub, error) { +func openPub(fname string) (*key.Pub, error) { block, err := file.DecodeFile(fname) if err != nil { return nil, err @@ -70,7 +70,7 @@ func OpenPub(fname string) (*key.Pub, error) { return key.NewPub(block.Bytes) } -func OpenSig(fname string) (*key.Sig, []byte, string, error) { +func openSig(fname string) (*key.Sig, []byte, string, error) { block, err := file.DecodeFile(fname) if err != nil { return nil, nil, "", err -- cgit v1.2.3