Add test for invalid (=zero) crypto keys

2025-08-25 06:17:30 +00:00 · 2015-05-01 17:31:57 +02:00
parent 98dc811536
commit 9010d7bb3a
2 changed files with 52 additions and 5 deletions
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -179,6 +179,28 @@ func (m *MACKey) UnmarshalJSON(data []byte) error {
 	return nil
 }

+// Valid tests whether the key k is valid (i.e. not zero).
+func (k *MACKey) Valid() bool {
+	nonzeroK := false
+	for i := 0; i < len(k.K); i++ {
+		if k.K[i] != 0 {
+			nonzeroK = true
+		}
+	}
+
+	if !nonzeroK {
+		return false
+	}
+
+	for i := 0; i < len(k.R); i++ {
+		if k.R[i] != 0 {
+			return true
+		}
+	}
+
+	return false
+}
+
 func (k *EncryptionKey) MarshalJSON() ([]byte, error) {
 	return json.Marshal(k[:])
 }
@@ -194,6 +216,17 @@ func (k *EncryptionKey) UnmarshalJSON(data []byte) error {
 	return nil
 }

+// Valid tests whether the key k is valid (i.e. not zero).
+func (k *EncryptionKey) Valid() bool {
+	for i := 0; i < len(k); i++ {
+		if k[i] != 0 {
+			return true
+		}
+	}
+
+	return false
+}
+
 // ErrInvalidCiphertext is returned when trying to encrypt into the slice that
 // holds the plaintext.
 var ErrInvalidCiphertext = errors.New("invalid ciphertext, same slice used for plaintext")
@@ -304,3 +337,12 @@ func KDF(N, R, P int, salt []byte, password string) (*Key, error) {

 	return derKeys, nil
 }
+
+// Valid tests if the key is valid.
+func (k *Key) Valid() bool {
+	if k.ChunkerPolynomial != 0 && !k.ChunkerPolynomial.Irreducible() {
+		return false
+	}
+
+	return k.Encrypt.Valid() && k.MAC.Valid()
+}