Browse Source

encoder accepts empty string as unencoded bytes

pull/1782/head
Ethan Frey 7 years ago
parent
commit
54260853d5
2 changed files with 51 additions and 6 deletions
  1. +12
    -6
      keys/cryptostore/encoder.go
  2. +39
    -0
      keys/cryptostore/encoder_test.go

+ 12
- 6
keys/cryptostore/encoder.go View File

@ -28,18 +28,24 @@ func secret(passphrase string) []byte {
type secretbox struct{}
func (e secretbox) Encrypt(key crypto.PrivKey, pass string) ([]byte, error) {
if pass == "" {
return key.Bytes(), nil
}
s := secret(pass)
cipher := crypto.EncryptSymmetric(key.Bytes(), s)
return cipher, nil
}
func (e secretbox) Decrypt(data []byte, pass string) (crypto.PrivKey, error) {
s := secret(pass)
private, err := crypto.DecryptSymmetric(data, s)
if err != nil {
return crypto.PrivKey{}, errors.Wrap(err, "Invalid Passphrase")
func (e secretbox) Decrypt(data []byte, pass string) (key crypto.PrivKey, err error) {
private := data
if pass != "" {
s := secret(pass)
private, err = crypto.DecryptSymmetric(data, s)
if err != nil {
return crypto.PrivKey{}, errors.Wrap(err, "Invalid Passphrase")
}
}
key, err := crypto.PrivKeyFromBytes(private)
key, err = crypto.PrivKeyFromBytes(private)
return key, errors.Wrap(err, "Invalid Passphrase")
}


+ 39
- 0
keys/cryptostore/encoder_test.go View File

@ -60,3 +60,42 @@ func TestSecretBox(t *testing.T) {
require.Nil(err)
assert.Equal(key, pk)
}
func TestSecretBoxNoPass(t *testing.T) {
assert, require := assert.New(t), require.New(t)
enc := cryptostore.SecretBox
key := cryptostore.GenEd25519.Generate(cmn.RandBytes(16))
cases := []struct {
encode string
decode string
valid bool
}{
{"foo", "foo", true},
{"foo", "food", false},
{"", "", true},
{"", "a", false},
{"a", "", false},
}
for i, tc := range cases {
b, err := enc.Encrypt(key, tc.encode)
require.Nil(err, "%d: %+v", i, err)
assert.NotEmpty(b, "%d", i)
pk, err := enc.Decrypt(b, tc.decode)
if tc.valid {
require.Nil(err, "%d: %+v", i, err)
assert.Equal(key, pk, "%d", i)
} else {
require.NotNil(err, "%d", i)
}
}
// now let's make sure raw bytes also work...
b := key.Bytes()
pk, err := enc.Decrypt(b, "")
require.Nil(err, "%+v", err)
assert.Equal(key, pk)
}

Loading…
Cancel
Save