refactor(general): simplify insecure key deriver for testing

kastenhq · Apr 19, 2024 · 9e81499 · 9e81499
1 parent 76d55d0
commit 9e81499
Showing 1 changed file with 14 additions and 30 deletions.
diff --git a/internal/crypto/key_derivation_testing.go b/internal/crypto/key_derivation_testing.go
@@ -5,46 +5,30 @@ package crypto
 
 import (
 	"crypto/sha256"
-
-	"github.com/pkg/errors"
 )
 
 const (
-	// DefaultKeyDerivationAlgorithm is the key derivation algorithm for new configurations.
-	DefaultKeyDerivationAlgorithm = "testing-only-insecure"
+	testingOnlyInsecureAlgorithm = "testing-only-insecure"
 
-	// MasterKeyLength describes the length of the master key.
-	MasterKeyLength = 32
-
-	V1SaltLength    = 32
-	HashVersion1    = 1 // this translates to Scrypt KeyDerivationAlgorithm
-	ScryptAlgorithm = "scrypt-65536-8-1"
-	Pbkdf2Algorithm = "pbkdf2"
+	// DefaultKeyDerivationAlgorithm is the key derivation algorithm for new configurations.
+	DefaultKeyDerivationAlgorithm = testingOnlyInsecureAlgorithm
 )
 
-// DeriveKeyFromPassword derives encryption key using the provided password and per-repository unique ID.
-func DeriveKeyFromPassword(password string, salt []byte, algorithm string) ([]byte, error) {
-	const masterKeySize = 32
-
-	switch algorithm {
-	case DefaultKeyDerivationAlgorithm, ScryptAlgorithm, Pbkdf2Algorithm:
-		h := sha256.New()
-		// Adjust password so that we get a different key for each algorithm
-		if _, err := h.Write([]byte(password + algorithm)); err != nil {
-			return nil, err
-		}
+func init() {
+	RegisterKeyDerivers(testingOnlyInsecureAlgorithm, &insecureKeyDeriver{})
+}
 
-		return h.Sum(nil), nil
+type insecureKeyDeriver struct{}
 
-	default:
-		return nil, errors.Errorf("unsupported key algorithm: %v", algorithm)
+func (s *insecureKeyDeriver) DeriveKeyFromPassword(password string, salt []byte) ([]byte, error) {
+	h := sha256.New()
+	if _, err := h.Write([]byte(password)); err != nil {
+		return nil, err
 	}
-}
 
-func RecommendedSaltLength(algorithm string) (int, error) {
-	return V1SaltLength, nil
+	return h.Sum(nil), nil
 }
 
-func AllowedKeyDerivationAlgorithms() []string {
-	return []string{DefaultKeyDerivationAlgorithm}
+func (s *insecureKeyDeriver) RecommendedSaltLength() int {
+	return V1SaltLength
 }