releasing key guide under CC 4.0 BY-SA
This commit is contained in:
@@ -1,17 +1,26 @@
|
||||
package null
|
||||
|
||||
import (
|
||||
`bytes`
|
||||
`io`
|
||||
"bytes"
|
||||
|
||||
`r00t2.io/sshkeys/cipher/aes`
|
||||
`r00t2.io/sshkeys/cipher/aes/aes128`
|
||||
`r00t2.io/sshkeys/internal`
|
||||
`r00t2.io/sshkeys/cipher`
|
||||
"r00t2.io/sshkeys/internal"
|
||||
)
|
||||
|
||||
/*
|
||||
Setup populates a Cipher from a key.
|
||||
|
||||
This is basically a no-op as null.Cipher does not offer any encryption, so there's no setup necessary.
|
||||
*/
|
||||
func (c *Cipher) Setup(key []byte) (err error) {
|
||||
|
||||
// TODO
|
||||
if c == nil {
|
||||
*c = Cipher{}
|
||||
}
|
||||
|
||||
if err = c.keyChk(); err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
@@ -39,21 +48,26 @@ func (c *Cipher) NameBytes() (name []byte) {
|
||||
// BlockSize returns the blocksize of this Cipher.
|
||||
func (c *Cipher) BlockSize() (size int) {
|
||||
|
||||
size = aes.BlockSize
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// KdfKeySize returns the target key length from KDF to use with this Cipher.
|
||||
func (c *Cipher) KdfKeySize() (size int) {
|
||||
|
||||
size = aes128.KeySize
|
||||
size = BlockSize
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
/*
|
||||
Encrypt encrypts data (a string, []byte, byte, *bytes.Buffer, or *bytes.Reader) to the *bytes.Reader encrypted.
|
||||
KdfKeySize returns the target key length from KDF to use with this Cipher.
|
||||
|
||||
Because this function is only here for interface compat, it always returns 0
|
||||
(as a Null cipher uses no KDF).
|
||||
*/
|
||||
func (c *Cipher) KdfKeySize() (size int) {
|
||||
|
||||
size = 0
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
/*
|
||||
Encrypt "encrypts" data (a string, []byte, byte, *bytes.Buffer, or *bytes.Reader) to the *bytes.Reader encrypted.
|
||||
|
||||
NOTE: Padding IS applied automatically.
|
||||
|
||||
@@ -61,31 +75,15 @@ func (c *Cipher) KdfKeySize() (size int) {
|
||||
It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Cipher.Encrypt.
|
||||
|
||||
NOTE: If data is a *bytes.Reader, ALL bytes WILL be consumed.
|
||||
|
||||
NOTE: No actual encryption takes place, only padding.
|
||||
*/
|
||||
func (c *Cipher) Encrypt(data interface{}) (encrypted *bytes.Reader, err error) {
|
||||
|
||||
var b []byte
|
||||
var cryptDst []byte
|
||||
var padded *bytes.Reader
|
||||
|
||||
if b, err = internal.SerializeData(data); err != nil {
|
||||
if encrypted, err = c.Pad(data); err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
if padded, err = c.Pad(b); err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
b = make([]byte, padded.Len())
|
||||
if b, err = io.ReadAll(padded); err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
cryptDst = make([]byte, len(b))
|
||||
|
||||
// TODO
|
||||
_ = cryptDst
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
@@ -125,17 +123,38 @@ func (c *Cipher) AllocateEncrypt(data interface{}) (encrypted *bytes.Reader, err
|
||||
}
|
||||
|
||||
/*
|
||||
Pad will pad data (a string, []byte, byte, or *bytes.Buffer) to the Cipher.BlockSize (if necessary).
|
||||
The resulting padded buffer is returned.
|
||||
Pad will pad data (a string, []byte, byte, *bytes.Buffer, *bytes.Reader) to the Cipher.BlockSize. The resulting padded *bytes.Reader is returned.
|
||||
|
||||
NOTE: If data is a *bytes.Buffer, no bytes will be consumed -- the bytes are taken in entirety without consuming them (Buffer.Bytes()).
|
||||
It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Cipher.Pad.
|
||||
It is up to the caller to consume the buffer as desired beforehand or isolate to a specific sub-buffer beforehand to pass to Pad.
|
||||
|
||||
NOTE: If data is a *bytes.Reader, ALL bytes WILL be consumed.
|
||||
*/
|
||||
func (c *Cipher) Pad(data interface{}) (paddedBuf *bytes.Reader, err error) {
|
||||
|
||||
// TODO
|
||||
var b []byte
|
||||
var padNum int
|
||||
var pad []byte
|
||||
var buf *bytes.Buffer
|
||||
|
||||
if err = c.keyChk(); err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
if b, err = internal.UnpackBytes(data); err != nil {
|
||||
return
|
||||
}
|
||||
buf = bytes.NewBuffer(b)
|
||||
|
||||
for padIdx := 1; (buf.Len() % BlockSize) != 0; padIdx++ {
|
||||
|
||||
padNum = padIdx & cipher.PadMod
|
||||
pad = []byte{byte(uint32(padNum))}
|
||||
|
||||
if _, err = buf.Write(pad); err != nil {
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
@@ -152,17 +171,13 @@ func (c *Cipher) Pad(data interface{}) (paddedBuf *bytes.Reader, err error) {
|
||||
*/
|
||||
func (c *Cipher) Decrypt(data interface{}) (decrypted *bytes.Reader, err error) {
|
||||
|
||||
var b []byte
|
||||
var decryptDst []byte
|
||||
var plain []byte
|
||||
|
||||
if b, err = internal.SerializeData(data); err != nil {
|
||||
if plain, err = internal.SerializeData(data); err != nil {
|
||||
return
|
||||
}
|
||||
|
||||
decryptDst = make([]byte, len(b))
|
||||
|
||||
// TODO
|
||||
_ = decryptDst
|
||||
decrypted = bytes.NewReader(plain)
|
||||
|
||||
return
|
||||
}
|
||||
@@ -195,11 +210,21 @@ func (c *Cipher) AllocatedDecrypt(data interface{}) (decrypted *bytes.Reader, er
|
||||
/*
|
||||
IsPlain indicates if this Cipher is a plain/null encryption (cipher.null.Null).
|
||||
|
||||
It will always return false. It is included for interface compatability.
|
||||
It will always return true. It is included for interface compatability.
|
||||
*/
|
||||
func (c *Cipher) IsPlain() (plain bool) {
|
||||
|
||||
plain = false
|
||||
plain = true
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
// keyChk is more or less a no-op but provides some basic sanity checking.
|
||||
func (c *Cipher) keyChk() (err error) {
|
||||
|
||||
if c == nil {
|
||||
*c = Cipher{}
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user