diff --git a/core/crypto/key.go b/core/crypto/key.go index 137a807fa6..1b7ac8bae4 100644 --- a/core/crypto/key.go +++ b/core/crypto/key.go @@ -5,21 +5,16 @@ package crypto import ( "crypto/elliptic" - "crypto/hmac" "crypto/rand" - "crypto/sha1" - "crypto/sha512" "crypto/subtle" "encoding/base64" "errors" "fmt" - "hash" "io" pb "github.com/libp2p/go-libp2p-core/crypto/pb" "github.com/gogo/protobuf/proto" - "github.com/minio/sha256-simd" ) const ( @@ -170,106 +165,6 @@ func GenerateEKeyPair(curveName string) ([]byte, GenSharedKey, error) { return pubKey, done, nil } -// StretchedKeys ... -type StretchedKeys struct { - IV []byte - MacKey []byte - CipherKey []byte -} - -// PENDING DEPRECATION: KeyStretcher() will be deprecated with secio; for new -// code, please use PBKDF2 (golang.org/x/crypto/pbkdf2) instead. -// KeyStretcher returns a set of keys for each party by stretching the shared key. -// (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey). -// This function accepts the following cipher types: -// - AES-128 -// - AES-256 -// The function will panic upon receiving an unknown cipherType -func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedKeys, StretchedKeys) { - var cipherKeySize int - var ivSize int - switch cipherType { - case "AES-128": - ivSize = 16 - cipherKeySize = 16 - case "AES-256": - ivSize = 16 - cipherKeySize = 32 - default: - panic("Unrecognized cipher, programmer error?") - } - - hmacKeySize := 20 - - seed := []byte("key expansion") - - result := make([]byte, 2*(ivSize+cipherKeySize+hmacKeySize)) - - var h func() hash.Hash - - switch hashType { - case "SHA1": - h = sha1.New - case "SHA256": - h = sha256.New - case "SHA512": - h = sha512.New - default: - panic("Unrecognized hash function, programmer error?") - } - - m := hmac.New(h, secret) - // note: guaranteed to never return an error - m.Write(seed) - - a := m.Sum(nil) - - j := 0 - for j < len(result) { - m.Reset() - - // note: guaranteed to never return an error. - m.Write(a) - m.Write(seed) - - b := m.Sum(nil) - - todo := len(b) - - if j+todo > len(result) { - todo = len(result) - j - } - - copy(result[j:j+todo], b) - - j += todo - - m.Reset() - - // note: guaranteed to never return an error. - m.Write(a) - - a = m.Sum(nil) - } - - half := len(result) / 2 - r1 := result[:half] - r2 := result[half:] - - var k1 StretchedKeys - var k2 StretchedKeys - - k1.IV = r1[0:ivSize] - k1.CipherKey = r1[ivSize : ivSize+cipherKeySize] - k1.MacKey = r1[ivSize+cipherKeySize:] - - k2.IV = r2[0:ivSize] - k2.CipherKey = r2[ivSize : ivSize+cipherKeySize] - k2.MacKey = r2[ivSize+cipherKeySize:] - - return k1, k2 -} - // UnmarshalPublicKey converts a protobuf serialized public key into its // representative object func UnmarshalPublicKey(data []byte) (PubKey, error) { diff --git a/core/crypto/key_test.go b/core/crypto/key_test.go index 3089b90fee..7c960bfc8d 100644 --- a/core/crypto/key_test.go +++ b/core/crypto/key_test.go @@ -13,11 +13,11 @@ import ( "reflect" "testing" - btcec "github.com/btcsuite/btcd/btcec" + "github.com/btcsuite/btcd/btcec" . "github.com/libp2p/go-libp2p-core/crypto" pb "github.com/libp2p/go-libp2p-core/crypto/pb" "github.com/libp2p/go-libp2p-core/test" - sha256 "github.com/minio/sha256-simd" + "github.com/minio/sha256-simd" ) func TestKeys(t *testing.T) { @@ -304,23 +304,3 @@ func TestUnknownCurveErrors(t *testing.T) { t.Fatal("expected invalid key type to error") } } - -func TestPanicOnUnknownCipherType(t *testing.T) { - passed := false - defer func() { - if !passed { - t.Fatal("expected known cipher and hash to succeed") - } - err := recover() - errStr, ok := err.(string) - if !ok { - t.Fatal("expected string in panic") - } - if errStr != "Unrecognized cipher, programmer error?" { - t.Fatal("expected \"Unrecognized cipher, programmer error?\"") - } - }() - KeyStretcher("AES-256", "SHA1", []byte("foo")) - passed = true - KeyStretcher("Fooba", "SHA1", []byte("foo")) -}