forked from onflow/flow-go
-
Notifications
You must be signed in to change notification settings - Fork 0
/
common.go
100 lines (83 loc) · 3 KB
/
common.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
package crypto
import (
"crypto/rand"
"errors"
"fmt"
)
//revive:disable:var-naming
// the `go generate` command requires bash scripting, `cmake` and `git`.
//go:generate bash ./build_dependency.sh
const (
// Minimum targeted bits of security.
// This is used as a reference but it doesn't mean all implemented primitives provide this minimum.
securityBits = 128
// keygen seed length conditions
// enforce seed to be at least double the security bits and have enough entropy.
// it is still recommened that seed is generated using a secure RNG.
KeyGenSeedMinLen = 2 * (securityBits / 8)
KeyGenSeedMaxLen = 256
// max relic PRG seed length in bytes
maxRelicPrgSeed = 1 << 32
)
// TODO: update this code to make sure
// the function isn't removed by the compiler
// https://github.com/golang/go/issues/21865
func overwrite(data []byte) {
_, err := rand.Read(data) // checking err is enough
if err != nil {
// zero the buffer if randomizing failed
for i := 0; i < len(data); i++ {
data[i] = 0
}
}
}
// invalidInputsError is an error returned when a crypto API receives invalid inputs.
// It allows a function caller differentiate unexpected program errors from errors caused by
// invalid inputs.
type invalidInputsError struct {
error
}
func (e invalidInputsError) Unwrap() error {
return e.error
}
// invalidInputsErrorf constructs a new invalidInputsError
func invalidInputsErrorf(msg string, args ...interface{}) error {
return &invalidInputsError{
error: fmt.Errorf(msg, args...),
}
}
// IsInvalidInputsError checks if the input error is of an invalidInputsError type
// invalidInputsError is returned when the API is provided invalid inputs.
// Some specific errors are assigned specific sentinel errors for a simpler error check
// while the remaining input errors trigger an invalidInputsError.
func IsInvalidInputsError(err error) bool {
var target *invalidInputsError
return errors.As(err, &target)
}
var nilHasherError = errors.New("hasher cannot be nil")
// IsNilHasherError checks if the input error wraps a nilHasherError.
// nilHasherError is returned when a nil hasher is used.
func IsNilHasherError(err error) bool {
return errors.Is(err, nilHasherError)
}
// invalidHasherSizeError is an error returned when a crypto API is called with a hasher
// with an output size not suited with the cryptographic operation.
type invalidHasherSizeError struct {
error
}
func (e invalidHasherSizeError) Unwrap() error {
return e.error
}
// invalidHasherSizeErrorf constructs a new invalidHasherSizeError
func invalidHasherSizeErrorf(msg string, args ...interface{}) error {
return &invalidHasherSizeError{
error: fmt.Errorf(msg, args...),
}
}
// IsInvalidHasherSizeError checks if the input error is of an invalidHasherSizeError type.
// invalidHasherSizeError is an error returned when a crypto API is called with a hasher
// with an output size not suited with the cryptographic operation.
func IsInvalidHasherSizeError(err error) bool {
var target *invalidHasherSizeError
return errors.As(err, &target)
}