From e913ae859b4324fe11b0256b9520ff4f51e7498a Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Wed, 19 Apr 2017 14:12:53 +0200 Subject: kiss --- keys.go | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) (limited to 'keys.go') diff --git a/keys.go b/keys.go index 1183b81..9ca7e73 100644 --- a/keys.go +++ b/keys.go @@ -5,6 +5,7 @@ import ( "crypto/rand" "crypto/sha512" "encoding/binary" + "errors" "dim13.org/signify/bhash" @@ -13,6 +14,12 @@ import ( const DefaultRounds = 42 +var ( + ErrInvalidKDF = errors.New("unsupported KDF") + ErrPassphrase = errors.New("incorrect passphrase") + ErrKeyNum = errors.New("verification failed: checked against wrong key") +) + var ( PKAlg = [2]byte{'E', 'd'} KDFAlg = [2]byte{'B', 'K'} @@ -20,13 +27,13 @@ var ( type Sig struct { PKAlg [2]byte - KeyNum uint64 + KeyNum [8]byte Sig [ed25519.SignatureSize]byte } type PubKey struct { PKAlg [2]byte - KeyNum uint64 + KeyNum [8]byte PubKey [ed25519.PublicKeySize]byte } @@ -36,7 +43,7 @@ type EncKey struct { KDFRounds uint32 Salt [16]byte Checksum [8]byte - KeyNum uint64 + KeyNum [8]byte SecKey [ed25519.PrivateKeySize]byte } @@ -56,10 +63,7 @@ func (v *PubKey) Verify(message []byte, sig *Sig) bool { } func (v *EncKey) Sign(message []byte) *Sig { - sig := &Sig{ - PKAlg: v.PKAlg, - KeyNum: v.KeyNum, - } + sig := &Sig{PKAlg: v.PKAlg, KeyNum: v.KeyNum} copy(sig.Sig[:], ed25519.Sign(ed25519.PrivateKey(v.SecKey[:]), message)) return sig } @@ -100,18 +104,14 @@ func Marshal(v interface{}) ([]byte, error) { } func NewKey() (PubKey, EncKey, error) { - var keyNum uint64 - if err := binary.Read(rand.Reader, binary.BigEndian, &keyNum); err != nil { - return PubKey{}, EncKey{}, err - } - - pubKey := PubKey{PKAlg: PKAlg, KeyNum: keyNum} - encKey := EncKey{PKAlg: PKAlg, KDFAlg: KDFAlg, KeyNum: keyNum} - pub, sec, err := ed25519.GenerateKey(rand.Reader) if err != nil { return PubKey{}, EncKey{}, err } + + pubKey := PubKey{PKAlg: PKAlg} + encKey := EncKey{PKAlg: PKAlg, KDFAlg: KDFAlg} + copy(pubKey.PubKey[:], pub) copy(encKey.SecKey[:], sec) @@ -119,6 +119,8 @@ func NewKey() (PubKey, EncKey, error) { copy(encKey.Checksum[:], checkSum[:len(encKey.Checksum)]) rand.Read(encKey.Salt[:]) + rand.Read(encKey.KeyNum[:]) + pubKey.KeyNum = encKey.KeyNum return pubKey, encKey, nil } -- cgit v1.2.3