From ee10adc91e79bca395a6b069797a99863fc957dd Mon Sep 17 00:00:00 2001 From: Joe Richey Date: Thu, 2 Mar 2017 14:01:20 -0800 Subject: crypto: reading and writing recovery keys This commit adds in the concept of recovery codes: human-readable strings that contain the necessary information to rederive a cryptographic key. These keys look like: 73PZBXVP-DKJX7SKV-NNTFIC7A-QEGRPZUX-4K5ORRH2-MTKMKP3B-HFCA==== They are input or output directly to a io.Reader or io.Writer respectively. This prevents the data from passing through unsecured memory before it gets to its destination. Of course, if the provided io.Reader or io.Writer is insecure, there is nothing we can do. In most cases the provided io.Reader or io.Writer will be stdin or stdout. In some rare cases you might want to pipe the output to another key. This commit also adds tests and benchmarks for encoding/decoding recovery codes. It also tests that encoding/decoding will fail in the correct situations. A benchmark is also added to measure the effect of locking the keys in memory. Change-Id: Ifa0bc4c08582789785cf1cdd9a4acfe76c79534f --- crypto/crypto_test.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'crypto/crypto_test.go') diff --git a/crypto/crypto_test.go b/crypto/crypto_test.go index 6f5c8f0..fe5edf1 100644 --- a/crypto/crypto_test.go +++ b/crypto/crypto_test.go @@ -368,6 +368,18 @@ func BenchmarkUnwrap(b *testing.B) { } } +func BenchmarkUnwrapNolock(b *testing.B) { + UseMlock = false + defer func() { + UseMlock = true + }() + data, _ := Wrap(fakeWrappingKey, fakeValidPolicyKey) + + for n := 0; n < b.N; n++ { + _, _ = Unwrap(fakeWrappingKey, data) + } +} + func BenchmarkRandomWrapUnwrap(b *testing.B) { for n := 0; n < b.N; n++ { wk, _ := NewRandomKey(InternalKeyLen) -- cgit v1.3