func TestHMAC(t *testing.T) {
firstMac := kdf.NewHMAC([]byte("aardvark"), kdf.DefaultReps)
secondMac := kdf.NewHMAC([]byte("aardvark"), kdf.DefaultReps)
if hmac.Equal(firstMac, secondMac) {
t.Error("Macs should not be equal")
}
if !kdf.VerifyHMAC([]byte("aardvark"), firstMac, kdf.DefaultReps) {
t.Error("Mac should have verified")
}
if !kdf.VerifyHMAC([]byte("aardvark"), secondMac, kdf.DefaultReps) {
t.Error("Second Mac should have verified")
}
if kdf.VerifyHMAC([]byte("be"), firstMac, kdf.DefaultReps) {
t.Error("Mac should not have verified")
}
if kdf.VerifyHMAC([]byte("be"), secondMac, kdf.DefaultReps) {
t.Error("Second Mac should not have verified")
}
}
// InitWithKey initializes this user instance with a user name and password
// so that the user uses key as its key.
func (u *User) InitWithKey(name, password string, key *Key) (err error) {
u.Owner = key.Id
u.Name = name
if u.Key, err = aes.EncryptB(
key.Value,
kdf.KDF(
[]byte(password),
kdf.DefaultSalt,
kdf.DefaultReps)); err != nil {
return
}
u.Checksum = base64.StdEncoding.EncodeToString(
kdf.NewHMAC(key.Value, kdf.DefaultReps))
return
}