Add test for invalid (=zero) crypto keys

This commit is contained in:
Alexander Neumann 2015-05-01 17:31:57 +02:00
parent 98dc811536
commit 9010d7bb3a
2 changed files with 52 additions and 5 deletions

View file

@ -179,6 +179,28 @@ func (m *MACKey) UnmarshalJSON(data []byte) error {
return nil
}
// Valid tests whether the key k is valid (i.e. not zero).
func (k *MACKey) Valid() bool {
nonzeroK := false
for i := 0; i < len(k.K); i++ {
if k.K[i] != 0 {
nonzeroK = true
}
}
if !nonzeroK {
return false
}
for i := 0; i < len(k.R); i++ {
if k.R[i] != 0 {
return true
}
}
return false
}
func (k *EncryptionKey) MarshalJSON() ([]byte, error) {
return json.Marshal(k[:])
}
@ -194,6 +216,17 @@ func (k *EncryptionKey) UnmarshalJSON(data []byte) error {
return nil
}
// Valid tests whether the key k is valid (i.e. not zero).
func (k *EncryptionKey) Valid() bool {
for i := 0; i < len(k); i++ {
if k[i] != 0 {
return true
}
}
return false
}
// ErrInvalidCiphertext is returned when trying to encrypt into the slice that
// holds the plaintext.
var ErrInvalidCiphertext = errors.New("invalid ciphertext, same slice used for plaintext")
@ -304,3 +337,12 @@ func KDF(N, R, P int, salt []byte, password string) (*Key, error) {
return derKeys, nil
}
// Valid tests if the key is valid.
func (k *Key) Valid() bool {
if k.ChunkerPolynomial != 0 && !k.ChunkerPolynomial.Irreducible() {
return false
}
return k.Encrypt.Valid() && k.MAC.Valid()
}

View file

@ -88,13 +88,13 @@ func OpenKey(s *Server, name string, password string) (*Key, error) {
}
k.name = name
// test if polynomial is valid and irreducible
if k.master.ChunkerPolynomial == 0 {
return nil, errors.New("Polynomial for content defined chunking is zero")
if !k.Valid() {
return nil, errors.New("Invalid key for repository")
}
if !k.master.ChunkerPolynomial.Irreducible() {
return nil, errors.New("Polynomial for content defined chunking is invalid")
// test if the chunker polynomial is present in the master key
if k.master.ChunkerPolynomial == 0 {
return nil, errors.New("Polynomial for content defined chunking is zero")
}
debug.Log("OpenKey", "Master keys loaded, polynomial %v", k.master.ChunkerPolynomial)
@ -279,3 +279,8 @@ func (k *Key) String() string {
func (k Key) Name() string {
return k.name
}
// Valid tests whether the mac and encryption keys are valid (i.e. not zero)
func (k *Key) Valid() bool {
return k.user.Valid() && k.master.Valid()
}