From 462d166d5355d33a05271d24de4d52f30dd62f67 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers@google.com>
Date: Sun, 15 Dec 2019 19:31:39 -0800
Subject: Add keyring package

In preparation for introducing support for the new filesystem-level
keyrings, move the existing user keyring management code from
security/keyring.go and crypto/crypto.go into a new package, 'keyring'.

This package provides functions AddEncryptionKey, RemoveEncryptionKey,
and GetEncryptionKeyStatus which delegate to either the filesystem
keyring (added by a later patch) or to the user keyring.  This provides
a common interface to both types of keyrings, to the extent possible.
---
 crypto/crypto.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'crypto/crypto.go')

diff --git a/crypto/crypto.go b/crypto/crypto.go
index 8de8134..ec961b6 100644
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -167,7 +167,7 @@ func Unwrap(wrappingKey *Key, data *metadata.WrappedKeyData) (*Key, error) {
 		return nil, ErrBadAuth
 	}
 
-	secretKey, err := newBlankKey(len(data.EncryptedKey))
+	secretKey, err := NewBlankKey(len(data.EncryptedKey))
 	if err != nil {
 		return nil, err
 	}
@@ -196,7 +196,7 @@ func PassphraseHash(passphrase *Key, salt []byte, costs *metadata.HashingCosts)
 	p := uint8(costs.Parallelism)
 	key := argon2.IDKey(passphrase.data, salt, t, m, p, metadata.InternalKeyLen)
 
-	hash, err := newBlankKey(metadata.InternalKeyLen)
+	hash, err := NewBlankKey(metadata.InternalKeyLen)
 	if err != nil {
 		return nil, err
 	}
-- 
cgit v1.2.3