From bc01c84a5970e3ef476dc6d216146d3dfc77d23b Mon Sep 17 00:00:00 2001 From: Cole Brown Date: Wed, 10 Jul 2019 17:30:45 -0400 Subject: [PATCH 1/4] Remove support for blowfish --- crypto/key.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/crypto/key.go b/crypto/key.go index 50167db..b939b83 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -191,10 +191,6 @@ func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedK case "AES-256": ivSize = 16 cipherKeySize = 32 - case "Blowfish": - ivSize = 8 - // Note: cypherKeySize arbitrarily selected, needs more thought - cipherKeySize = 32 } hmacKeySize := 20 From 0ae8685baf15c4a99fa90e10722bf31cb5e4742f Mon Sep 17 00:00:00 2001 From: Cole Brown Date: Wed, 17 Jul 2019 17:34:22 -0400 Subject: [PATCH 2/4] Add defualt case with meaningful panic --- crypto/key.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/key.go b/crypto/key.go index b939b83..2706a7a 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -191,6 +191,8 @@ func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedK case "AES-256": ivSize = 16 cipherKeySize = 32 + default: + panic("Unrecognized cipher, programmer error?") } hmacKeySize := 20 From 58281f5c6d035ceda3969b12c2e85280357ff55c Mon Sep 17 00:00:00 2001 From: Cole Brown Date: Tue, 6 Aug 2019 11:18:41 -0400 Subject: [PATCH 3/4] Add note about panic to KeyStretcher comments --- crypto/key.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/crypto/key.go b/crypto/key.go index 2706a7a..310fd47 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -180,7 +180,11 @@ type StretchedKeys struct { } // KeyStretcher returns a set of keys for each party by stretching the shared key. -// (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey) +// (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey). +// This function accepts the following cipher types: +// - AES-128 +// - AES-256 +// The function will panic upon receiving an unknown cipherType func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedKeys, StretchedKeys) { var cipherKeySize int var ivSize int From 47983a3ab5872e983408f05b0d2aa29a89597a53 Mon Sep 17 00:00:00 2001 From: Cole Brown Date: Tue, 6 Aug 2019 12:15:40 -0400 Subject: [PATCH 4/4] Add test for panic on unknown cipher type --- crypto/key_test.go | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/crypto/key_test.go b/crypto/key_test.go index 2a5e89a..882e4be 100644 --- a/crypto/key_test.go +++ b/crypto/key_test.go @@ -145,3 +145,23 @@ func (pk testkey) Raw() ([]byte, error) { func (pk testkey) Equals(k Key) bool { return KeyEqual(pk, k) } + +func TestPanicOnUnknownCipherType(t *testing.T) { + passed := false + defer func() { + if !passed { + t.Fatal("expected known cipher and hash to succeed") + } + err := recover() + errStr, ok := err.(string) + if !ok { + t.Fatal("expected string in panic") + } + if errStr != "Unrecognized cipher, programmer error?" { + t.Fatal("expected \"Unrecognized cipher, programmer error?\"") + } + }() + KeyStretcher("AES-256", "SHA1", []byte("foo")) + passed = true + KeyStretcher("Fooba", "SHA1", []byte("foo")) +}