Add test for invalid (=zero) crypto keys
This commit is contained in:
parent
98dc811536
commit
9010d7bb3a
2 changed files with 52 additions and 5 deletions
|
@ -179,6 +179,28 @@ func (m *MACKey) UnmarshalJSON(data []byte) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// Valid tests whether the key k is valid (i.e. not zero).
|
||||
func (k *MACKey) Valid() bool {
|
||||
nonzeroK := false
|
||||
for i := 0; i < len(k.K); i++ {
|
||||
if k.K[i] != 0 {
|
||||
nonzeroK = true
|
||||
}
|
||||
}
|
||||
|
||||
if !nonzeroK {
|
||||
return false
|
||||
}
|
||||
|
||||
for i := 0; i < len(k.R); i++ {
|
||||
if k.R[i] != 0 {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
func (k *EncryptionKey) MarshalJSON() ([]byte, error) {
|
||||
return json.Marshal(k[:])
|
||||
}
|
||||
|
@ -194,6 +216,17 @@ func (k *EncryptionKey) UnmarshalJSON(data []byte) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// Valid tests whether the key k is valid (i.e. not zero).
|
||||
func (k *EncryptionKey) Valid() bool {
|
||||
for i := 0; i < len(k); i++ {
|
||||
if k[i] != 0 {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
// ErrInvalidCiphertext is returned when trying to encrypt into the slice that
|
||||
// holds the plaintext.
|
||||
var ErrInvalidCiphertext = errors.New("invalid ciphertext, same slice used for plaintext")
|
||||
|
@ -304,3 +337,12 @@ func KDF(N, R, P int, salt []byte, password string) (*Key, error) {
|
|||
|
||||
return derKeys, nil
|
||||
}
|
||||
|
||||
// Valid tests if the key is valid.
|
||||
func (k *Key) Valid() bool {
|
||||
if k.ChunkerPolynomial != 0 && !k.ChunkerPolynomial.Irreducible() {
|
||||
return false
|
||||
}
|
||||
|
||||
return k.Encrypt.Valid() && k.MAC.Valid()
|
||||
}
|
||||
|
|
|
@ -88,13 +88,13 @@ func OpenKey(s *Server, name string, password string) (*Key, error) {
|
|||
}
|
||||
k.name = name
|
||||
|
||||
// test if polynomial is valid and irreducible
|
||||
if k.master.ChunkerPolynomial == 0 {
|
||||
return nil, errors.New("Polynomial for content defined chunking is zero")
|
||||
if !k.Valid() {
|
||||
return nil, errors.New("Invalid key for repository")
|
||||
}
|
||||
|
||||
if !k.master.ChunkerPolynomial.Irreducible() {
|
||||
return nil, errors.New("Polynomial for content defined chunking is invalid")
|
||||
// test if the chunker polynomial is present in the master key
|
||||
if k.master.ChunkerPolynomial == 0 {
|
||||
return nil, errors.New("Polynomial for content defined chunking is zero")
|
||||
}
|
||||
|
||||
debug.Log("OpenKey", "Master keys loaded, polynomial %v", k.master.ChunkerPolynomial)
|
||||
|
@ -279,3 +279,8 @@ func (k *Key) String() string {
|
|||
func (k Key) Name() string {
|
||||
return k.name
|
||||
}
|
||||
|
||||
// Valid tests whether the mac and encryption keys are valid (i.e. not zero)
|
||||
func (k *Key) Valid() bool {
|
||||
return k.user.Valid() && k.master.Valid()
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue