Skip to content

feat(key): pad keys up to the nearest 16/24/32 byte#9

Open
Inphi wants to merge 3 commits intoblaskovicz:masterfrom
Inphi:padding
Open

feat(key): pad keys up to the nearest 16/24/32 byte#9
Inphi wants to merge 3 commits intoblaskovicz:masterfrom
Inphi:padding

Conversation

@Inphi
Copy link
Copy Markdown

@Inphi Inphi commented Sep 26, 2019

via PKCS#7 padding.

I guess the user can do this themselves. So this is more of a convenience.
Caveat: if this is merged, we'll be locked into a given padding algorithm. Any change in padding would require a new incompatible API.

@coveralls
Copy link
Copy Markdown

coveralls commented Sep 26, 2019
edited
Loading

Pull Request Test Coverage Report for Build 30

  • 45 of 54 (83.33%) changed or added relevant lines in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage decreased (-2.4%) to 88.398%
Changes Missing Coverage Covered Lines Changed/Added Lines %
cryptkeeper.go 45 54 83.33%
Totals Coverage Status
Change from base Build 28: -2.4%
Covered Lines: 160
Relevant Lines: 181
💛 - Coveralls

blaskovicz
blaskovicz reviewed Sep 30, 2019
View reviewed changes
Comment thread cryptkeeper.go Outdated
}
key, err := pkcs7Unpad(cryptKeeperKey)
if err != nil {
panic("bug")
Copy link
Copy Markdown
Owner

@blaskovicz blaskovicz Sep 30, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you put a more descriptive message here like

Suggested change
panic("bug")
panic(fmt.Errorf("unpad of key failed, this should not happen: %s", err))

blaskovicz
blaskovicz reviewed Sep 30, 2019
View reviewed changes
Comment thread cryptkeeper.go Outdated

// pkcs7pad pads b to the nearest 16, 24 or 32 byte
func pkcs7Pad(b []byte) ([]byte, error) {
if len(b) == 0 {
Copy link
Copy Markdown
Owner

@blaskovicz blaskovicz Sep 30, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you assign len(b) to a variable for usage in this function

blaskovicz
blaskovicz reviewed Sep 30, 2019
View reviewed changes
Comment thread cryptkeeper.go Outdated
}

func pkcs7Unpad(b []byte) ([]byte, error) {
if len(b) == 0 {
Copy link
Copy Markdown
Owner

@blaskovicz blaskovicz Sep 30, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same here, can you assign len(b) to a variable

@blaskovicz
Copy link
Copy Markdown
Owner

blaskovicz commented Sep 30, 2019

@Inphi how about we add another variable with getters/setters (similar to cryptKeeperKey) called keyPaddingMode; that way, we can say keyPaddingMode = PaddingModePKS7, GetKeyPaddingMode, etc which will allow us to add / support other modes in the future? Thoughts?

blaskovicz
blaskovicz reviewed Sep 30, 2019
View reviewed changes
Comment thread cryptkeeper.go Outdated
}

func getBlockSize(n int) int {
if n <= 16 {
Copy link
Copy Markdown
Owner

@blaskovicz blaskovicz Sep 30, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is a switch / case statement more concise here?

@Inphi
Copy link
Copy Markdown
Author

Inphi commented Oct 5, 2019

@Inphi how about we add another variable with getters/setters (similar to cryptKeeperKey) called keyPaddingMode; that way, we can say keyPaddingMode = PaddingModePKS7, GetKeyPaddingMode, etc which will allow us to add / support other modes in the future? Thoughts?

I considered this but was hesitant to do this because it'll require users to also keep track of the padding algorithm. I presume, a goal of this library, based on its design, is simplicity: You don't need to specify the blocksize or encryption algorithm; only the secret key is required. This enables the sender and receiver to easily pass opaque data around using simple API calls; Encrypt(stuff) and Decrypt(cipherStuff).
Requiring the user to also specify the padding mode (in the case where the non-default padding mode is required) seems contra to simplicity.
But perhaps the complexity is worth it. If you think it's a good idea then I can add that in too.

@blaskovicz
Copy link
Copy Markdown
Owner

blaskovicz commented Oct 10, 2019

@Inphi let's skip the extra complexity for now. i thought more about it and can't see us changing padding algorithm. let's just clean up the other things and then we can get this merged. Also, can you make sure the test coverage doesn't go down? Thanks!

@Inphi
Copy link
Copy Markdown
Author

Inphi commented Oct 11, 2019

@blaskovicz Any idea what's up with coveralls?

@blaskovicz
Copy link
Copy Markdown
Owner

blaskovicz commented Oct 11, 2019

@Inphi it's free so it probably gets overloaded once and a while. I can try to re-trigger it.

@Inphi Inphi requested a review from blaskovicz October 12, 2019 17:32
blaskovicz
blaskovicz reviewed Oct 17, 2019
View reviewed changes
Comment thread cryptkeeper_test.go
}
} else {
t.Errorf("pkcs7pad failed. Error: %v\n", err)
}
Copy link
Copy Markdown
Owner

@blaskovicz blaskovicz Oct 17, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Inphi can you add an unpad check here as well, then it's good to 🚢

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@blaskovicz blaskovicz blaskovicz left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Inphi @coveralls @blaskovicz