Example #1
0
func TestRekey(t *testing.T) {
	tmpdir, err := ioutil.TempDir("", "msgdb_test")
	if err != nil {
		t.Fatal(err)
	}
	defer os.RemoveAll(tmpdir)
	dbname := filepath.Join(tmpdir, "msgdb")
	passphrase := []byte(cipher.RandPass(cipher.RandReader))
	if err := Create(dbname, passphrase, 64000); err != nil {
		t.Fatal(err)
	}
	msgDB, err := Open(dbname, passphrase)
	if err != nil {
		t.Fatal(err)
	}
	msgDB.Close()
	newPassphrase := []byte(cipher.RandPass(cipher.RandReader))
	if err := Rekey(dbname, passphrase, newPassphrase, 32000); err != nil {
		t.Fatal(err)
	}
	msgDB, err = Open(dbname, newPassphrase)
	if err != nil {
		t.Fatal(err)
	}
	if err := msgDB.Close(); err != nil {
		t.Fatal(err)
	}
}
Example #2
0
func createDB() (tmpdir string, msgDB *MsgDB, err error) {
	tmpdir, err = ioutil.TempDir("", "msgdb_test")
	if err != nil {
		return "", nil, err
	}
	dbname := filepath.Join(tmpdir, "msgdb")
	passphrase := []byte(cipher.RandPass(cipher.RandReader))
	if err := Create(dbname, passphrase, 64000); err != nil {
		return "", nil, err
	}
	msgDB, err = Open(dbname, passphrase)
	if err != nil {
		return "", nil, err
	}
	return
}
Example #3
0
func (lh *loginHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		if err := t.Execute(w, nil); err != nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
	} else {
		if err := r.ParseForm(); err != nil {
			http.Error(w, err.Error(), http.StatusBadRequest)
			return
		}
		passphrase := r.Form["passphrase"][0]
		lh.ce.passphrase = []byte(passphrase)
		if err := lh.ce.prepare(lh.c, true, true); err != nil {
			// TODO: allow to input passphrase again
			http.Error(w, err.Error(), http.StatusForbidden)
			return
		}
		fmt.Fprintln(lh.statusfp, "successful login")

		// set cookie
		secret := cipher.RandPass(cipher.RandReader)
		auth.Lock()
		auth.secret = secret
		auth.Unlock()
		cookie := &http.Cookie{
			Name:    "mute",
			Value:   secret,
			Path:    "/",
			Expires: time.Now().UTC().AddDate(0, 0, 30),
		}
		http.SetCookie(w, cookie)

		// redirect to SPA
		http.Redirect(w, r, "/", http.StatusSeeOther)
	}
}