Exemplo n.º 1
0
// ExportKeys exports this sync's keys to the given path, protecting them with
// the given password.
func (s *SyncInfo) ExportKeys(outPath, pw string) error {
	salt, err := gocrypt.SecureBytes(aes.KeyLength)
	if err != nil {
		return &ErrSync{"Unable to get salt for export", err}
	}

	exportKeys := generatePbkdf2KeyCombo(pw, salt)

	origBuf := memstream.New()
	origBuf.Write(s.Keys().CryptoKey)
	origBuf.Write(s.Keys().AuthKey)
	origBuf.Rewind()

	encryptedBuf := memstream.New()
	encryptedBuf.Write(salt)
	_, _, err = aes.Encrypt(origBuf, encryptedBuf, exportKeys)
	if err != nil {
		return &ErrSync{"Unable to encrypt keys", err}
	}

	encoded := gocrypt.BytesToB64(encryptedBuf.Bytes())
	err = ioutil.WriteFile(outPath, []byte(encoded), 0770)
	if err != nil {
		return &ErrSync{"Unable to open key file", err}
	}

	return nil
}
Exemplo n.º 2
0
// newIV generates a new, cryptographically secure IV for use with
func newIV() (gocrypt.IV, error) {
	return gocrypt.SecureBytes(aes.BlockSize)
}
Exemplo n.º 3
0
// NewKey generates a new random, cryptographically secure gocrypt.Key for use with
// Encrypt and Decrypt.
func NewKey() (gocrypt.Key, error) {
	return gocrypt.SecureBytes(KeyLength)
}