Add support for generating shared keys in PKC packages.

Also adds benchmarking to support this.
kisom · Aug 22, 2013 · 29d46e8 · 29d46e8
1 parent 35fb24a
commit 29d46e8
Show file tree

Hide file tree

Showing 6 changed files with 40 additions and 4 deletions.
diff --git a/box/box.go b/box/box.go
@@ -80,6 +80,11 @@ func ecdh(key PrivateKey, peer PublicKey) ([]byte, bool) {
 	return append(skey, mkey...), true
 }
 
+// SharedKey precomputes a key for encrypting with strongbox.
+func SharedKey(key PrivateKey, peer PublicKey) (secretbox.Key, bool) {
+	return ecdh(key, peer)
+}
+
 // GenerateKey generates an appropriate private and public keypair for
 // use in box.
 func GenerateKey() (PrivateKey, PublicKey, bool) {

diff --git a/box/box_test.go b/box/box_test.go
@@ -260,3 +260,14 @@ func BenchmarkOpenSigned(b *testing.B) {
 		}
 	}
 }
+
+// Benchmark the SharedKey function.
+func BenchmarkSharedKey(b *testing.B) {
+	for i := 0; i < b.N; i++ {
+		_, ok := SharedKey(testGoodKey, testPeerPub)
+		if !ok {
+			fmt.Println("Computing shared key failed: benchmark aborted.")
+			b.FailNow()
+		}
+	}
+}
diff --git a/secretbox/secretbox.go b/secretbox/secretbox.go
@@ -148,9 +148,11 @@ func Open(box []byte, key Key) (message []byte, ok bool) {
 	}
 
 	msgLen := len(box) - sha256.Size
+	if !checkTag(key[cryptKeySize:], box) {
+		return nil, ok
+	}
 	message, err := decrypt(key[:cryptKeySize], box[:msgLen])
-	ok = checkTag(key[cryptKeySize:], box)
-	ok = ok && err == nil
+	ok = err == nil
 	return
 }
 

diff --git a/stoutbox/stoutbox.go b/stoutbox/stoutbox.go
@@ -78,6 +78,11 @@ func ecdh(key PrivateKey, peer PublicKey) ([]byte, bool) {
 	return append(skey, mkey...), true
 }
 
+// SharedKey precomputes a key for encrypting with strongbox.
+func SharedKey(key PrivateKey, peer PublicKey) (strongbox.Key, bool) {
+	return ecdh(key, peer)
+}
+
 // GenerateKey generates an appropriate private and public keypair for
 // use in stoutbox.
 func GenerateKey() (PrivateKey, PublicKey, bool) {

diff --git a/stoutbox/stoutbox_test.go b/stoutbox/stoutbox_test.go
@@ -299,3 +299,14 @@ func BenchmarkOpenSigned(b *testing.B) {
 		}
 	}
 }
+
+// Benchmark the SharedKey function.
+func BenchmarkSharedKey(b *testing.B) {
+	for i := 0; i < b.N; i++ {
+		_, ok := SharedKey(testGoodKey, testPeerPub)
+		if !ok {
+			fmt.Println("Computing shared key failed: benchmark aborted.")
+			b.FailNow()
+		}
+	}
+}
diff --git a/strongbox/strongbox.go b/strongbox/strongbox.go
@@ -147,9 +147,11 @@ func Open(box []byte, key Key) (message []byte, ok bool) {
 	}
 
 	msgLen := len(box) - sha512.Size384
+	if !checkTag(key[cryptKeySize:], box) {
+		return nil, false
+	}
 	message, err := decrypt(key[:cryptKeySize], box[:msgLen])
-	ok = checkTag(key[cryptKeySize:], box)
-	ok = ok && err == nil
+	ok =  err == nil
 	return
 }