예제 #1
0
파일: crypto_test.go 프로젝트: schmich/ward
func (s *CryptoSuite) TestNewLoadCipher(c *C) {
	key := crypto.NewKey()
	newCipher, _ := crypto.NewCipher(key)
	loadCipher, _ := crypto.LoadCipher(key, newCipher.GetNonce())
	c.Assert(loadCipher, NotNil)
	c.Assert(loadCipher.GetNonce(), DeepEquals, newCipher.GetNonce())
}
예제 #2
0
파일: crypto_test.go 프로젝트: schmich/ward
func (s *CryptoSuite) TestDecrypt(c *C) {
	key := crypto.NewKey()
	encipher, _ := crypto.NewCipher(key)
	plaintext := []byte{1, 2, 3, 4, 5}
	ciphertext := encipher.Encrypt(plaintext)
	decipher, _ := crypto.LoadCipher(key, encipher.GetNonce())
	plaintextVerify := decipher.Decrypt(ciphertext)
	c.Assert(plaintextVerify, NotNil)
	c.Assert(plaintextVerify, DeepEquals, plaintext)
}
예제 #3
0
파일: crypto_test.go 프로젝트: schmich/ward
func (s *CryptoSuite) TestTryDecryptFail(c *C) {
	key := crypto.NewKey()
	encipher, _ := crypto.NewCipher(key)
	plaintext := []byte{1, 2, 3, 4, 5}
	ciphertext := encipher.Encrypt(plaintext)
	newKey := crypto.NewKey()
	c.Assert(key, Not(DeepEquals), newKey)
	decipher, _ := crypto.LoadCipher(newKey, encipher.GetNonce())
	plaintextVerify, err := decipher.TryDecrypt(ciphertext)
	c.Assert(err, NotNil)
	c.Assert(len(plaintextVerify), Equals, 0)
}
예제 #4
0
파일: crypto_test.go 프로젝트: schmich/ward
func (s *CryptoSuite) TestLoadCipher(c *C) {
	nonce := make([]byte, 12)
	cipher, err := crypto.LoadCipher(crypto.NewKey(), nonce)
	c.Assert(cipher, NotNil)
	c.Assert(err, IsNil)
}
예제 #5
0
파일: store.go 프로젝트: schmich/ward
func Open(fileName string, password string) (*Store, error) {
	if _, err := os.Stat(fileName); os.IsNotExist(err) {
		return nil, errors.New("Credential database does not exist.")
	}

	db, err := sql.Open("sqlite3", fileName)
	if err != nil {
		return nil, err
	}

	query := `
    SELECT password_salt, password_stretch, password_nonce, encrypted_key, key_nonce, version
    FROM settings
  `

	rows, err := db.Query(query)
	if err != nil {
		return nil, err
	}

	defer rows.Close()

	rows.Next()

	var passwordSalt, passwordNonce, encryptedKey, keyNonce []byte
	var passwordStretch, version int
	rows.Scan(&passwordSalt, &passwordStretch, &passwordNonce, &encryptedKey, &keyNonce, &version)

	if version > 1 {
		return nil, errors.New(fmt.Sprintf("Unsupported version: %d.", version))
	}

	if len(encryptedKey) <= 0 {
		return nil, errors.New("Invalid encrypted key.")
	}

	passwordKey, err := crypto.LoadPasswordKey(password, passwordSalt, passwordStretch)
	if err != nil {
		return nil, err
	}

	passwordCipher, err := crypto.LoadCipher(passwordKey, passwordNonce)
	if err != nil {
		return nil, err
	}

	key, err := passwordCipher.TryDecrypt(encryptedKey)
	if err != nil {
		return nil, err
	}

	keyCipher, err := crypto.LoadCipher(key, keyNonce)
	if err != nil {
		return nil, err
	}

	return &Store{
		db:             db,
		passwordCipher: passwordCipher,
		keyCipher:      keyCipher,
	}, nil
}