Merge pull request #31 from libp2p/bug/remove-blowfish-support

Remove support for blowfish
2025-01-15 02:30:05 +08:00 · 2019-08-06 12:29:59 -04:00 · 2019-08-06 12:29:59 -04:00 · 9698a72f45
commit 9698a72f45
parent 33faefebfc 47983a3ab5
2 changed files with 27 additions and 5 deletions
--- a/crypto/key.go
+++ b/crypto/key.go
@ -182,7 +182,11 @@ type StretchedKeys struct {
 }

 // KeyStretcher returns a set of keys for each party by stretching the shared key.
-// (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey)
+// (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey).
+// This function accepts the following cipher types:
+// - AES-128
+// - AES-256
+// The function will panic upon receiving an unknown cipherType
 func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedKeys, StretchedKeys) {
 	var cipherKeySize int
 	var ivSize int
@ -193,10 +197,8 @@ func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedK
 	case "AES-256":
 		ivSize = 16
 		cipherKeySize = 32
-	case "Blowfish":
-		ivSize = 8
-		// Note: cypherKeySize arbitrarily selected, needs more thought
-		cipherKeySize = 32
+	default:
+		panic("Unrecognized cipher, programmer error?")
 	}

 	hmacKeySize := 20
--- a/crypto/key_test.go
+++ b/crypto/key_test.go
@ -171,3 +171,23 @@ func TestUnknownCurveErrors(t *testing.T) {
 		t.Fatal("expected invalid key type to error")
 	}
 }
+
+func TestPanicOnUnknownCipherType(t *testing.T) {
+	passed := false
+	defer func() {
+		if !passed {
+			t.Fatal("expected known cipher and hash to succeed")
+		}
+		err := recover()
+		errStr, ok := err.(string)
+		if !ok {
+			t.Fatal("expected string in panic")
+		}
+		if errStr != "Unrecognized cipher, programmer error?" {
+			t.Fatal("expected \"Unrecognized cipher, programmer error?\"")
+		}
+	}()
+	KeyStretcher("AES-256", "SHA1", []byte("foo"))
+	passed = true
+	KeyStretcher("Fooba", "SHA1", []byte("foo"))
+}