-
Notifications
You must be signed in to change notification settings - Fork 343
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor(general): avoid using empty master keys #3835
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
couple of minor nits, LG otherwise
@bathina2 PTAL |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #3835 +/- ##
==========================================
+ Coverage 75.86% 77.03% +1.16%
==========================================
Files 470 479 +9
Lines 37301 28713 -8588
==========================================
- Hits 28299 22119 -6180
+ Misses 7071 4697 -2374
+ Partials 1931 1897 -34 ☔ View full report in Codecov by Sentry. |
"github.com/kopia/kopia/internal/crypto" | ||
"github.com/stretchr/testify/require" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is going to fail linting.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thank you!
Previously, empty master keys were passed to the underlying cryptographic primitives (HKDF, AEAD, etc.).
While this worked because the authentication mechanisms returned an error, it's best to avoid passing empty master keys to these primitives in the first place. This refactor avoids passing empty master keys and enforces this via an assertion in the key derivation function.