diff options
-rw-r--r-- | src/lib.go | 36 | ||||
-rw-r--r-- | tests/lib_test.go | 107 |
2 files changed, 92 insertions, 51 deletions
@@ -137,8 +137,6 @@ func (uuid UUID) ToString() string { return string(dst[:]) } - - type LogLevel int8 const ( @@ -369,7 +367,13 @@ pbkdf2.Key. // // Using a higher iteration count will increase the cost of an exhaustive // search but will also make derivation proportionally slower. -func PBKDF2Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte { +func PBKDF2Key( + password []byte, + salt []byte, + iter int, + keyLen int, + h func() hash.Hash, +) []byte { prf := hmac.New(h, password) hashLen := prf.Size() numBlocks := (keyLen + hashLen - 1) / hashLen @@ -588,7 +592,7 @@ func smix(b []byte, r, N int, v, xy []uint32) { // Key derives a key from the password, salt, and cost parameters, returning // a byte slice of length keyLen that can be used as cryptographic key. // -// N is a CPU/memory cost parameter, which must be a power of two greater than 1. +// N is a CPU/memory cost parameter, which must be a power of 2 greater than 1. // r and p must satisfy r * p < 2³⁰. If the parameters do not satisfy the // limits, the function returns a nil byte slice and an error. // @@ -605,7 +609,8 @@ func Scrypt(password, salt []byte, N, r, p, keyLen int) ([]byte, error) { if N <= 1 || N&(N-1) != 0 { return nil, errors.New("scrypt: N must be > 1 and a power of 2") } - if uint64(r)*uint64(p) >= 1<<30 || r > maxInt/128/p || r > maxInt/256 || N > maxInt/128/r { + if uint64(r)*uint64(p) >= 1<<30 || + r > maxInt/128/p || r > maxInt/256 || N > maxInt/128/r { return nil, errors.New("scrypt: parameters are too large") } @@ -768,7 +773,12 @@ func HandlePRIVMSG(ctx *Context, msg Message) { } defer stmt.Close() - ret, err := stmt.Exec(NewUUID().ToString(), "FIXME", "FIXME", time.Now()) + ret, err := stmt.Exec( + NewUUID().ToString(), + "FIXME", + "FIXME", + time.Now(), + ) if err != nil { // FIXME: reply error fmt.Println("xablau can't prepare: ", err) @@ -912,8 +922,8 @@ func PingLoop(ctx *Context, connection *Connection) { if (time.Since(connection.lastReadFrom) <= PingWindow) { continue } - - if ((connection.lastWrittenTo.Sub(connection.lastReadFrom)) <= PingWindow) { + window := connection.lastWrittenTo.Sub(connection.lastReadFrom) + if (window <= PingWindow) { connection.replyChan <- "PING" continue } @@ -954,14 +964,19 @@ func IRCdLoop(ctx *Context, publicSocketPath string) { // conn.Close() // FIXME: is conn nil? continue } - go HandleConnection(ctx, conn) // FIXME: where does it get closed + // FIXME: where does it get closed + go HandleConnection(ctx, conn) } } func CommandListenerLoop(ctx *Context, commandSocketPath string) { listener, err := net.Listen("unix", commandSocketPath) FatalIf(err) - Info("command listener started", "component-up", "component", "command-listener") + Info( + "command listener started", + "component-up", + "component", "command-listener", + ) for { conn, err := listener.Accept() @@ -1146,6 +1161,7 @@ var ( ) ) + func Main() { Init() flag.Parse() diff --git a/tests/lib_test.go b/tests/lib_test.go index 2a27ae9..2e872ec 100644 --- a/tests/lib_test.go +++ b/tests/lib_test.go @@ -27,6 +27,12 @@ func errorIf(t *testing.T, err error) { } } +func errorIfNotI(t *testing.T, i int, err error) { + if err == nil { + t.Errorf("Expected error, got nil (i = %d)\n", i) + } +} + func assertEqualI(t *testing.T, i int, given any, expected any) { if !reflect.DeepEqual(given, expected) { t.Errorf("given != expected (i = %d)\n", i) @@ -108,17 +114,19 @@ var sha1TestVectors = []pbkdfTestVector { 0x65, 0xa4, 0x29, 0xc1, }, }, - // // This one takes too long - // { - // "password", - // "salt", - // 16777216, - // []byte { - // 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4, - // 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c, - // 0x26, 0x34, 0xe9, 0x84, - // }, - // }, + /* + // This one takes too long + { + "password", + "salt", + 16777216, + []byte { + 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4, + 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c, + 0x26, 0x34, 0xe9, 0x84, + }, + }, + */ { "passwordPASSWORDpassword", "saltSALTsaltSALTsaltSALTsaltSALTsalt", @@ -196,12 +204,21 @@ var sha256TestVectors = []pbkdfTestVector { }, } -func testHash(t *testing.T, h func() hash.Hash, hashName string, vectors []pbkdfTestVector) { +func testHash( + t *testing.T, + h func() hash.Hash, + hashName string, + vectors []pbkdfTestVector, +) { for i, v := range vectors { - o := papod.PBKDF2Key([]byte(v.password), []byte(v.salt), v.iter, len(v.output), h) - if !bytes.Equal(o, v.output) { - t.Errorf("%s %d: expected %x, got %x", hashName, i, v.output, o) - } + o := papod.PBKDF2Key( + []byte(v.password), + []byte(v.salt), + v.iter, + len(v.output), + h, + ) + assertEqualI(t, i, v.output, o) } } @@ -314,21 +331,21 @@ var good = []scryptTestVector { }, }, /* - // Disabled: needs 1 GiB RAM and takes too long for a simple test. - { - "pleaseletmein", "SodiumChloride", - 1048576, 8, 1, - []byte{ - 0x21, 0x01, 0xcb, 0x9b, 0x6a, 0x51, 0x1a, 0xae, 0xad, - 0xdb, 0xbe, 0x09, 0xcf, 0x70, 0xf8, 0x81, 0xec, 0x56, - 0x8d, 0x57, 0x4a, 0x2f, 0xfd, 0x4d, 0xab, 0xe5, 0xee, - 0x98, 0x20, 0xad, 0xaa, 0x47, 0x8e, 0x56, 0xfd, 0x8f, - 0x4b, 0xa5, 0xd0, 0x9f, 0xfa, 0x1c, 0x6d, 0x92, 0x7c, - 0x40, 0xf4, 0xc3, 0x37, 0x30, 0x40, 0x49, 0xe8, 0xa9, - 0x52, 0xfb, 0xcb, 0xf4, 0x5c, 0x6f, 0xa7, 0x7a, 0x41, - 0xa4, - }, + // Disabled: needs 1 GiB RAM and takes too long for a simple test. + { + "pleaseletmein", "SodiumChloride", + 1048576, 8, 1, + []byte{ + 0x21, 0x01, 0xcb, 0x9b, 0x6a, 0x51, 0x1a, 0xae, 0xad, + 0xdb, 0xbe, 0x09, 0xcf, 0x70, 0xf8, 0x81, 0xec, 0x56, + 0x8d, 0x57, 0x4a, 0x2f, 0xfd, 0x4d, 0xab, 0xe5, 0xee, + 0x98, 0x20, 0xad, 0xaa, 0x47, 0x8e, 0x56, 0xfd, 0x8f, + 0x4b, 0xa5, 0xd0, 0x9f, 0xfa, 0x1c, 0x6d, 0x92, 0x7c, + 0x40, 0xf4, 0xc3, 0x37, 0x30, 0x40, 0x49, 0xe8, 0xa9, + 0x52, 0xfb, 0xcb, 0xf4, 0x5c, 0x6f, 0xa7, 0x7a, 0x41, + 0xa4, }, + }, */ } @@ -343,19 +360,27 @@ var bad = []scryptTestVector { func TestKey(t *testing.T) { for i, v := range good { - k, err := papod.Scrypt([]byte(v.password), []byte(v.salt), v.N, v.r, v.p, len(v.output)) - if err != nil { - t.Errorf("%d: got unexpected error: %s", i, err) - } - if !bytes.Equal(k, v.output) { - t.Errorf("%d: expected %x, got %x", i, v.output, k) - } + k, err := papod.Scrypt( + []byte(v.password), + []byte(v.salt), + v.N, + v.r, + v.p, + len(v.output), + ) + errorIf(t, err) + assertEqualI(t, i, v.output, k) } for i, v := range bad { - _, err := papod.Scrypt([]byte(v.password), []byte(v.salt), v.N, v.r, v.p, 32) - if err == nil { - t.Errorf("%d: expected error, got nil", i) - } + _, err := papod.Scrypt( + []byte(v.password), + []byte(v.salt), + v.N, + v.r, + v.p, + 32, + ) + errorIfNotI(t, i, err) } } |