func NewAESGCMClient(settings *AESGCMSettings) (*AESGCMClient, error) {
if settings.PBKDF2 == nil {
// Probably a safe which uses the old config, backwards-compatibility mode
settings.PBKDF2 = pbkdf2.New()
settings.PBKDF2.Hash = settings.Pbkdf2Hash
settings.PBKDF2.Iterations = settings.Pbkdf2Iterations
settings.PBKDF2.SaltLen = settings.Pbkdf2SaltLen
}
var kdf KeyDerivation
switch settings.KeyDerivation {
default:
if settings.KeyDerivation != "" {
fmt.Println("Invalid keyDerivation, using default")
}
fallthrough
case keyDerivationTypePBKDF2:
// Remove other settings
// TODO(leon): This is shitty.
settings.Scrypt = nil
kdf = settings.PBKDF2
case keyDerivationTypeScrypt:
// Remove other settings
// TODO(leon): This is shitty.
settings.PBKDF2 = nil
kdf = settings.Scrypt
}
return &AESGCMClient{
settings: *settings,
keyDerivation: kdf,
}, nil
}
func NewWeakPBKDF2() *pbkdf2.PBKDF2 {
p := pbkdf2.New()
p.Hash = hash
p.Iterations = iterations
p.SaltLen = saltLen
return p
}
func DefaultAESGCMSettings() *AESGCMSettings {
return &AESGCMSettings{
KeyLen: aesGCMDefaultKeyLen,
KeyDerivation: aesGCMDefaultKeyDerivation,
PBKDF2: pbkdf2.New(),
Scrypt: scrypt.New(),
}
}