示例#1
0
func (s *CryptoSuite) TestNewLoadPasswordKey(c *C) {
	password := "******"
	stretch := 1
	newKey, salt, _ := crypto.NewPasswordKey(password, stretch)
	loadKey, _ := crypto.LoadPasswordKey(password, salt, stretch)
	c.Assert(newKey, DeepEquals, loadKey)
}
示例#2
0
func (s *CryptoSuite) TestLoadPasswordKey(c *C) {
	salt := make([]byte, 64)
	key, err := crypto.LoadPasswordKey("pass", salt, 1)
	c.Assert(key, NotNil)
	c.Assert(err, IsNil)
}
示例#3
0
文件: store.go 项目: schmich/ward
func Open(fileName string, password string) (*Store, error) {
	if _, err := os.Stat(fileName); os.IsNotExist(err) {
		return nil, errors.New("Credential database does not exist.")
	}

	db, err := sql.Open("sqlite3", fileName)
	if err != nil {
		return nil, err
	}

	query := `
    SELECT password_salt, password_stretch, password_nonce, encrypted_key, key_nonce, version
    FROM settings
  `

	rows, err := db.Query(query)
	if err != nil {
		return nil, err
	}

	defer rows.Close()

	rows.Next()

	var passwordSalt, passwordNonce, encryptedKey, keyNonce []byte
	var passwordStretch, version int
	rows.Scan(&passwordSalt, &passwordStretch, &passwordNonce, &encryptedKey, &keyNonce, &version)

	if version > 1 {
		return nil, errors.New(fmt.Sprintf("Unsupported version: %d.", version))
	}

	if len(encryptedKey) <= 0 {
		return nil, errors.New("Invalid encrypted key.")
	}

	passwordKey, err := crypto.LoadPasswordKey(password, passwordSalt, passwordStretch)
	if err != nil {
		return nil, err
	}

	passwordCipher, err := crypto.LoadCipher(passwordKey, passwordNonce)
	if err != nil {
		return nil, err
	}

	key, err := passwordCipher.TryDecrypt(encryptedKey)
	if err != nil {
		return nil, err
	}

	keyCipher, err := crypto.LoadCipher(key, keyNonce)
	if err != nil {
		return nil, err
	}

	return &Store{
		db:             db,
		passwordCipher: passwordCipher,
		keyCipher:      keyCipher,
	}, nil
}