diff --git a/crypto/crypto.go b/crypto/crypto.go index 5509d394c..482a5a748 100644 --- a/crypto/crypto.go +++ b/crypto/crypto.go @@ -42,17 +42,17 @@ var ( // structure. For the master key, the secret random polynomial used for content // defined chunking is included. type Key struct { - Sign MACKey `json:"sign"` - Encrypt AESKey `json:"encrypt"` - ChunkerPolynomial chunker.Pol `json:"chunker_polynomial,omitempty"` + Sign SigningKey `json:"sign"` + Encrypt EncryptionKey `json:"encrypt"` + ChunkerPolynomial chunker.Pol `json:"chunker_polynomial,omitempty"` } -type AESKey [32]byte -type MACKey struct { - K [16]byte // for AES128 - R [16]byte // for Poly1305 +type EncryptionKey [32]byte +type SigningKey struct { + K [16]byte `json:"k"` // for AES128 + R [16]byte `json:"r"` // for Poly1305 } -type IV [ivSize]byte +type iv [ivSize]byte // mask for key, (cf. http://cr.yp.to/mac/poly1305-20050329.pdf) var poly1305KeyMask = [16]byte{ @@ -75,7 +75,7 @@ var poly1305KeyMask = [16]byte{ } // key is a [32]byte, in the form k||r -func poly1305_sign(msg []byte, nonce []byte, key *MACKey) []byte { +func poly1305_sign(msg []byte, nonce []byte, key *SigningKey) []byte { // prepare key for low-level poly1305.Sum(): r||n var k [32]byte @@ -100,7 +100,7 @@ func poly1305_sign(msg []byte, nonce []byte, key *MACKey) []byte { } // mask poly1305 key -func maskKey(k *MACKey) { +func maskKey(k *SigningKey) { if k == nil { return } @@ -110,14 +110,14 @@ func maskKey(k *MACKey) { } // construct mac key from slice (k||r), with masking -func macKeyFromSlice(mk *MACKey, data []byte) { +func macKeyFromSlice(mk *SigningKey, data []byte) { copy(mk.K[:], data[:16]) copy(mk.R[:], data[16:32]) maskKey(mk) } // key: k||r -func poly1305_verify(msg []byte, nonce []byte, key *MACKey, mac []byte) bool { +func poly1305_verify(msg []byte, nonce []byte, key *SigningKey, mac []byte) bool { // prepare key for low-level poly1305.Sum(): r||n var k [32]byte @@ -141,8 +141,8 @@ func poly1305_verify(msg []byte, nonce []byte, key *MACKey, mac []byte) bool { return poly1305.Verify(&m, msg, &k) } -// GenerateKey returns new encryption and signing keys. -func GenerateKey() (k *Key) { +// NewKey returns new encryption and signing keys. +func NewKey() (k *Key) { k = &Key{} n, err := rand.Read(k.Encrypt[:]) if n != aesKeySize || err != nil { @@ -164,7 +164,7 @@ func GenerateKey() (k *Key) { return k } -func generateRandomIV() (iv IV) { +func newIV() (iv iv) { n, err := rand.Read(iv[:]) if n != ivSize || err != nil { panic("unable to read enough random bytes for iv") @@ -177,11 +177,11 @@ type jsonMACKey struct { R []byte `json:"r"` } -func (m *MACKey) MarshalJSON() ([]byte, error) { +func (m *SigningKey) MarshalJSON() ([]byte, error) { return json.Marshal(jsonMACKey{K: m.K[:], R: m.R[:]}) } -func (m *MACKey) UnmarshalJSON(data []byte) error { +func (m *SigningKey) UnmarshalJSON(data []byte) error { j := jsonMACKey{} err := json.Unmarshal(data, &j) if err != nil { @@ -193,11 +193,11 @@ func (m *MACKey) UnmarshalJSON(data []byte) error { return nil } -func (k *AESKey) MarshalJSON() ([]byte, error) { +func (k *EncryptionKey) MarshalJSON() ([]byte, error) { return json.Marshal(k[:]) } -func (k *AESKey) UnmarshalJSON(data []byte) error { +func (k *EncryptionKey) UnmarshalJSON(data []byte) error { d := make([]byte, aesKeySize) err := json.Unmarshal(data, &d) if err != nil { @@ -215,7 +215,7 @@ func Encrypt(ks *Key, ciphertext, plaintext []byte) (int, error) { return 0, ErrBufferTooSmall } - iv := generateRandomIV() + iv := newIV() copy(ciphertext, iv[:]) c, err := aes.NewCipher(ks.Encrypt[:]) @@ -302,7 +302,7 @@ func KDF(N, R, P int, salt []byte, password string) (*Key, error) { } type encryptWriter struct { - iv IV + iv iv wroteIV bool data *bytes.Buffer key *Key @@ -378,7 +378,7 @@ func (e *encryptWriter) Write(p []byte) (int, error) { // is called, the data is encrypted an written to the underlying writer. func EncryptTo(ks *Key, wr io.Writer) io.WriteCloser { ew := &encryptWriter{ - iv: generateRandomIV(), + iv: newIV(), data: bytes.NewBuffer(getBuffer()[:0]), key: ks, origWr: wr, diff --git a/crypto/crypto_int_test.go b/crypto/crypto_int_test.go index 5c5351303..8998085b4 100644 --- a/crypto/crypto_int_test.go +++ b/crypto/crypto_int_test.go @@ -45,7 +45,7 @@ var poly1305_tests = []struct { func TestPoly1305(t *testing.T) { for _, test := range poly1305_tests { - key := &MACKey{} + key := &SigningKey{} copy(key.K[:], test.k) copy(key.R[:], test.r) mac := poly1305_sign(test.msg, test.nonce, key) @@ -61,16 +61,16 @@ func TestPoly1305(t *testing.T) { } var test_values = []struct { - ekey AESKey - skey MACKey + ekey EncryptionKey + skey SigningKey ciphertext []byte plaintext []byte should_panic bool }{ { - ekey: AESKey([...]byte{0x30, 0x3e, 0x86, 0x87, 0xb1, 0xd7, 0xdb, 0x18, 0x42, 0x1b, 0xdc, 0x6b, 0xb8, 0x58, 0x8c, 0xca, + ekey: EncryptionKey([...]byte{0x30, 0x3e, 0x86, 0x87, 0xb1, 0xd7, 0xdb, 0x18, 0x42, 0x1b, 0xdc, 0x6b, 0xb8, 0x58, 0x8c, 0xca, 0xda, 0xc4, 0xd5, 0x9e, 0xe8, 0x7b, 0x8f, 0xf7, 0x0c, 0x44, 0xe6, 0x35, 0x79, 0x0c, 0xaf, 0xef}), - skey: MACKey{ + skey: SigningKey{ K: [...]byte{0xef, 0x4d, 0x88, 0x24, 0xcb, 0x80, 0xb2, 0xbc, 0xc5, 0xfb, 0xff, 0x8a, 0x9b, 0x12, 0xa4, 0x2c}, R: [...]byte{0xcc, 0x8d, 0x4b, 0x94, 0x8e, 0xe0, 0xeb, 0xfe, 0x1d, 0x41, 0x5d, 0xe9, 0x21, 0xd1, 0x03, 0x53}, }, diff --git a/crypto/crypto_test.go b/crypto/crypto_test.go index ec39211e9..a44133454 100644 --- a/crypto/crypto_test.go +++ b/crypto/crypto_test.go @@ -17,7 +17,7 @@ import ( var testLargeCrypto = flag.Bool("test.largecrypto", false, "also test crypto functions with large payloads") func TestEncryptDecrypt(t *testing.T) { - k := crypto.GenerateKey() + k := crypto.NewKey() tests := []int{5, 23, 2<<18 + 23, 1 << 20} if *testLargeCrypto { @@ -43,7 +43,7 @@ func TestEncryptDecrypt(t *testing.T) { } func TestSmallBuffer(t *testing.T) { - k := crypto.GenerateKey() + k := crypto.NewKey() size := 600 data := make([]byte, size) @@ -65,7 +65,7 @@ func TestLargeEncrypt(t *testing.T) { t.SkipNow() } - k := crypto.GenerateKey() + k := crypto.NewKey() for _, size := range []int{chunker.MaxSize, chunker.MaxSize + 1, chunker.MaxSize + 1<<20} { data := make([]byte, size) @@ -90,7 +90,7 @@ func BenchmarkEncryptWriter(b *testing.B) { size := 8 << 20 // 8MiB rd := RandomReader(23, size) - k := crypto.GenerateKey() + k := crypto.NewKey() b.ResetTimer() b.SetBytes(int64(size)) @@ -108,7 +108,7 @@ func BenchmarkEncrypt(b *testing.B) { size := 8 << 20 // 8MiB data := make([]byte, size) - k := crypto.GenerateKey() + k := crypto.NewKey() buf := make([]byte, len(data)+crypto.Extension) b.ResetTimer() @@ -123,7 +123,7 @@ func BenchmarkEncrypt(b *testing.B) { func BenchmarkDecryptReader(b *testing.B) { size := 8 << 20 // 8MiB buf := Random(23, size) - k := crypto.GenerateKey() + k := crypto.NewKey() ciphertext := make([]byte, len(buf)+crypto.Extension) _, err := crypto.Encrypt(k, ciphertext, buf) @@ -145,7 +145,7 @@ func BenchmarkDecryptReader(b *testing.B) { } func BenchmarkEncryptDecryptReader(b *testing.B) { - k := crypto.GenerateKey() + k := crypto.NewKey() size := 8 << 20 // 8MiB rd := RandomReader(23, size) @@ -176,7 +176,7 @@ func BenchmarkDecrypt(b *testing.B) { size := 8 << 20 // 8MiB data := make([]byte, size) - k := crypto.GenerateKey() + k := crypto.NewKey() ciphertext := restic.GetChunkBuf("BenchmarkDecrypt") defer restic.FreeChunkBuf("BenchmarkDecrypt", ciphertext) @@ -196,7 +196,7 @@ func BenchmarkDecrypt(b *testing.B) { } func TestEncryptStreamWriter(t *testing.T) { - k := crypto.GenerateKey() + k := crypto.NewKey() tests := []int{5, 23, 2<<18 + 23, 1 << 20} if *testLargeCrypto { @@ -230,7 +230,7 @@ func TestEncryptStreamWriter(t *testing.T) { } func TestDecryptStreamReader(t *testing.T) { - k := crypto.GenerateKey() + k := crypto.NewKey() tests := []int{5, 23, 2<<18 + 23, 1 << 20} if *testLargeCrypto { @@ -264,7 +264,7 @@ func TestDecryptStreamReader(t *testing.T) { } func TestEncryptWriter(t *testing.T) { - k := crypto.GenerateKey() + k := crypto.NewKey() tests := []int{5, 23, 2<<18 + 23, 1 << 20} if *testLargeCrypto { diff --git a/key.go b/key.go index e7a62ce41..095cd2223 100644 --- a/key.go +++ b/key.go @@ -176,7 +176,7 @@ func AddKey(s Server, password string, template *Key) (*Key, error) { if template == nil { // generate new random master keys - newkey.master = crypto.GenerateKey() + newkey.master = crypto.NewKey() // generate random polynomial for cdc p, err := chunker.RandomPolynomial() if err != nil {