FAQ
ha, more comments i forgot to publish


https://codereview.appspot.com/6820114/diff/6006/src/pkg/crypto/x509/pem_decrypt.go
File src/pkg/crypto/x509/pem_decrypt.go (right):

https://codereview.appspot.com/6820114/diff/6006/src/pkg/crypto/x509/pem_decrypt.go#newcode95
src/pkg/crypto/x509/pem_decrypt.go:95: return nil, errors.New("x509:
wrong IV size")
On 2012/11/09 15:38:14, agl1 wrote:
s/wrong/incorrect/
Done.

https://codereview.appspot.com/6820114/diff/6006/src/pkg/crypto/x509/pem_decrypt.go#newcode145
src/pkg/crypto/x509/pem_decrypt.go:145: func EncryptPEMBlock(blockType
string, rand io.Reader, data, password []byte, alg string) (*pem.Block,
error) {
On 2012/11/09 15:38:14, agl1 wrote:
rand is typically the first argument.
I also think that alg should be type and not a generic string.
So
type PEMCipher int
const (
PEMCipherDES PEMCipher = iota
...
PEMCipherAES256
)
And I'd add PEMCipher as an element of rfc1423Algo and turn
rfc1423Algos into a
slice, rather than a map. When we need to look one up, the code can
just iterate
over the members.
Done. I considered keying the indexes of the slice by PEMCipher, but it
seemed a bit too precious.

I made the zero value an invalid cipher, but another possibility might
be to make the zero value be strong (e.g. PEMCipherAES256).

https://codereview.appspot.com/6820114/diff/6006/src/pkg/crypto/x509/pem_decrypt.go#newcode152
src/pkg/crypto/x509/pem_decrypt.go:152: return nil, errors.New("cannot
generate IV: " + err.Error())
On 2012/11/09 15:38:14, agl1 wrote:
"x509: "
Done.

https://codereview.appspot.com/6820114/diff/6006/src/pkg/crypto/x509/pem_decrypt.go#newcode154
src/pkg/crypto/x509/pem_decrypt.go:154: key := ciph.deriveKey(password,
iv[:8])
On 2012/11/09 15:38:14, agl1 wrote:
I'll take your word that the IV is truncated for this but a reference would be
nice if it's written down somewhere.
It matches the deriveKey call in DecryptPEMBlock. I've added a comment
to that effect.

https://codereview.appspot.com/6820114/diff/6006/src/pkg/crypto/x509/pem_decrypt.go#newcode159
src/pkg/crypto/x509/pem_decrypt.go:159: dec :=
cipher.NewCBCEncrypter(block, iv)
On 2012/11/09 15:38:14, agl1 wrote:
surely the /en/crypter shouldn't be called 'dec'?
Done.

https://codereview.appspot.com/6820114/

Search Discussions

Discussion Posts

Previous

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 7 of 8 | next ›
Discussion Overview
groupgolang-dev @
categoriesgo
postedNov 7, '12 at 7:18p
activeNov 12, '12 at 3:31p
posts8
users3
websitegolang.org

3 users in discussion

Rogpeppe: 5 posts Agl: 2 posts Adam Langley: 1 post

People

Translate

site design / logo © 2022 Grokbase