Skip to content

Commit

Permalink
change Correct() return to (error) instead of (bool, error)
Browse files Browse the repository at this point in the history
  • Loading branch information
@zamicol
zamicol committed Jun 8, 2023
1 parent 1631d5d commit f322803
Show file tree
Hide file tree
Showing 2 changed files with 39 additions and 25 deletions.
29 changes: 14 additions & 15 deletions key.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ func (c *Key) UnmarshalJSON(b []byte) error {
}

*c = *(*Key)(czk2)
_, err = c.Correct() // Correct sets tmb.
err = c.Correct() // Correct sets tmb.
if err != nil {
return err
}
Expand Down Expand Up @@ -335,14 +335,13 @@ func (c *Key) Valid() (valid bool) {
// verifies the key by verifying a generated signature.
// 4. If possible, sets tmb and/or x.
//
// TODO: This function should only return error, not bool. Functions that call
// correct can then say `if key.Correct() != nil`
func (c *Key) Correct() (b bool, err error) {
// Functions that call correct can check for correctness by `if key.Correct() != nil`
func (c *Key) Correct() (err error) {
if c.Alg == "" {
return false, errors.New("Correct: alg must be set")
return errors.New("Correct: alg must be set")
}
if len(c.Tmb) == 0 && len(c.X) == 0 && len(c.D) == 0 {
return false, errors.New("Correct: at least one of [x, tmb, d] must be set")
return errors.New("Correct: at least one of [x, tmb, d] must be set")
}

// d is set.
Expand All @@ -351,42 +350,42 @@ func (c *Key) Correct() (b bool, err error) {
givenX := c.X
c.X = c.calcX()
if len(givenX) != 0 && !bytes.Equal(c.X, givenX) {
return false, fmt.Errorf("Correct: incorrect X; calculated: %s, given: %s, ", c.X, givenX)
return fmt.Errorf("Correct: incorrect X; calculated: %s, given: %s, ", c.X, givenX)
}
if !c.Valid() {
return false, fmt.Errorf("Correct: key is invalid")
return fmt.Errorf("Correct: key is invalid")
}
}

// x is set.
// Calculate tmb from x and if tmb was given compare.
if len(c.X) != 0 {
if len(c.X) != c.Alg.XSize() {
return false, fmt.Errorf("Correct: incorrect x size: %d", len(c.X))
return fmt.Errorf("Correct: incorrect x size: %d", len(c.X))
}
givenTmb := c.Tmb
err := c.Thumbprint()
if err != nil {
return false, err
return err
}
if len(givenTmb) != 0 && !bytes.Equal(c.Tmb, givenTmb) {
return false, fmt.Errorf("Correct: incorrect tmb; calculated: %s, given: %s", c.Tmb, givenTmb)
return fmt.Errorf("Correct: incorrect tmb; calculated: %s, given: %s", c.Tmb, givenTmb)
}
}

// tmb only key. (Coze assumes `x` is calculable from `d`, so at this point
// `tmb` should always be set. See `checksum_and_seed.md` for exposition.
if len(c.Tmb) != c.Alg.Hash().Size() {
return false, fmt.Errorf("Correct: incorrect tmb length; expected %d, given %d", c.Alg.Hash().Size(), len(c.Tmb))
return fmt.Errorf("Correct: incorrect tmb length; expected %d, given %d", c.Alg.Hash().Size(), len(c.Tmb))
}

return true, nil
return nil
}

// Revoke returns a signed revoke coze and sets `rvk` on the key itself.
func (c *Key) Revoke() (coze *Coze, err error) {
correct, err := c.Correct()
if !correct || err != nil {
err = c.Correct()
if err != nil {
return nil, fmt.Errorf("Revoke: Coze key is not correct; err: %s", err)
}

Expand Down
35 changes: 25 additions & 10 deletions key_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -308,11 +308,25 @@ func ExampleNewKey_bad() {
// Output: <nil> NewKey: unsupported alg: SHA-256
}

// ExampleKey_Correct demonstrates the expectations from Correct() when
// different key fields appear. Note that some calls to Correct() pass on
// _invalid_ keys depending on given fields.
func ExampleKey_Correct() {
// Note that some calls to Correct() pass on **invalid** keys depending on
// given fields. Second static key is valid so all field combinations pass.
keys := []Key{GoldenKeyBad, GoldenKey}
// helper print function
tf := func(err ...error) {
for i, e := range err {
if e != nil {
fmt.Printf("%t", false)
} else {
fmt.Printf("%t", true)
}
if i < len(err)-1 {
fmt.Printf(", ")
}
}
}

keys := []Key{GoldenKeyBad, GoldenKey}
// Test new keys. These keys should pass every test.
algs := []string{"ES224", "ES256", "ES384", "ES512", "Ed25519"}
for _, alg := range algs {
Expand All @@ -327,36 +341,37 @@ func ExampleKey_Correct() {
gk2 := k // Make a copy

// Key with with [alg,d,tmb,x]
p1, _ := gk2.Correct()
p1 := gk2.Correct()

// A key with [alg,tmb,d]
gk2 = k
gk2.X = []byte{}
p2, _ := gk2.Correct()
p2 := gk2.Correct()

// Key with [alg,d].
gk2 = k
gk2.X = []byte{}
gk2.Tmb = []byte{}
p3, _ := gk2.Correct()
p3 := gk2.Correct()

// A key with [alg,x,d].
gk2 = k
gk2.Tmb = []byte{}
p4, _ := gk2.Correct()
p4 := gk2.Correct()

// A key with [alg,x,tmb]
gk2 = k
gk2.D = []byte{}
p5, _ := gk2.Correct()
p5 := gk2.Correct()

// Key with [alg,tmb]
gk2 = k
gk2.D = []byte{}
gk2.X = []byte{}
p6, _ := gk2.Correct()
p6 := gk2.Correct()

fmt.Printf("%t, %t, %t, %t, %t, %t\n", p1, p2, p3, p4, p5, p6)
tf(p1, p2, p3, p4, p5, p6)
fmt.Printf("\n")
}

// Output:
Expand Down

0 comments on commit f322803

Please sign in to comment.