Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
material: add Material type
Material holds non-secret encryption data; usually ciphertext. It is
used to store non sensitive data in the vault used for input to unlock
a vault.
  • Loading branch information
benburkert committed Dec 6, 2015
1 parent be7e5cb commit 698e92c
Show file tree
Hide file tree
Showing 6 changed files with 492 additions and 0 deletions.
10 changes: 10 additions & 0 deletions material/db.go
@@ -0,0 +1,10 @@
package material

// DB interface for loading and storing material.
type DB interface {
// LoadMaterial retrieves Material data from a backing store.
LoadMaterial([]byte) (*Material, error)

// StoreMaterial saves Material data to a backing store.
StoreMaterial(*Material) error
}
43 changes: 43 additions & 0 deletions material/material.go
@@ -0,0 +1,43 @@
package material

import (
"crypto/hmac"
"crypto/rand"
"crypto/sha256"
"io"
)

// New constructs a new Material for an id & data.
func New(id []byte, data [][]byte) (*Material, error) {
nonce := make([]byte, 24)
if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
return nil, err
}

return &Material{
Data: data,
ID: id,
Nonce: nonce,
}, nil
}

// Comment string
func (m *Material) Comment() string { return m.comment }

// Digest returns a unique series of bytes that identify the Material.
func (m *Material) Digest() ([]byte, error) {
// SHA256(Nonce,ID|Data[*])
hash := hmac.New(sha256.New, m.Nonce)

if _, err := hash.Write(m.ID); err != nil {
return nil, err
}

for _, chunk := range m.Data {
if _, err := hash.Write(chunk); err != nil {
return nil, err
}
}

return hash.Sum(nil), nil
}

0 comments on commit 698e92c

Please sign in to comment.