diff options
author | Jakob Unterwurzacher | 2021-10-21 14:47:29 +0200 |
---|---|---|
committer | Jakob Unterwurzacher | 2021-10-21 14:55:30 +0200 |
commit | a652be805e1562948aff4dc232bd1c516ff01d00 (patch) | |
tree | 0f0bca9e3eaaa7493b50fcb17bd9050dc110fc67 | |
parent | 4ba0ced3c704c1cc8696ea76d96822efdd1c7157 (diff) |
configfile: replace broken switch/case logic with if
Because switch only matches once, we could have missed invalid
cases.
Replace the switch statements with a straight if rake.
-rw-r--r-- | internal/configfile/validate.go | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/internal/configfile/validate.go b/internal/configfile/validate.go index 511f704..1611ab0 100644 --- a/internal/configfile/validate.go +++ b/internal/configfile/validate.go @@ -23,22 +23,23 @@ func (cf *ConfFile) Validate() error { } // File content encryption { - switch { - case cf.IsFeatureFlagSet(FlagXChaCha20Poly1305) && cf.IsFeatureFlagSet(FlagAESSIV): + if cf.IsFeatureFlagSet(FlagXChaCha20Poly1305) && cf.IsFeatureFlagSet(FlagAESSIV) { return fmt.Errorf("Can't have both XChaCha20Poly1305 and AESSIV feature flags") - case cf.IsFeatureFlagSet(FlagAESSIV): - if !cf.IsFeatureFlagSet(FlagGCMIV128) { - return fmt.Errorf("AESSIV requires GCMIV128 feature flag") - } - case cf.IsFeatureFlagSet(FlagXChaCha20Poly1305): + } + if cf.IsFeatureFlagSet(FlagAESSIV) && !cf.IsFeatureFlagSet(FlagGCMIV128) { + + return fmt.Errorf("AESSIV requires GCMIV128 feature flag") + } + if cf.IsFeatureFlagSet(FlagXChaCha20Poly1305) { if cf.IsFeatureFlagSet(FlagGCMIV128) { return fmt.Errorf("XChaCha20Poly1305 conflicts with GCMIV128 feature flag") } if !cf.IsFeatureFlagSet(FlagHKDF) { return fmt.Errorf("XChaCha20Poly1305 requires HKDF feature flag") } + } // The absence of other flags means AES-GCM (oldest algorithm) - case !cf.IsFeatureFlagSet(FlagXChaCha20Poly1305) && !cf.IsFeatureFlagSet(FlagAESSIV): + if !cf.IsFeatureFlagSet(FlagXChaCha20Poly1305) && !cf.IsFeatureFlagSet(FlagAESSIV) { if !cf.IsFeatureFlagSet(FlagGCMIV128) { return fmt.Errorf("AES-GCM requires GCMIV128 feature flag") } @@ -46,10 +47,10 @@ func (cf *ConfFile) Validate() error { } // Filename encryption { - switch { - case cf.IsFeatureFlagSet(FlagPlaintextNames) && cf.IsFeatureFlagSet(FlagEMENames): + if cf.IsFeatureFlagSet(FlagPlaintextNames) && cf.IsFeatureFlagSet(FlagEMENames) { return fmt.Errorf("Can't have both PlaintextNames and EMENames feature flags") - case cf.IsFeatureFlagSet(FlagPlaintextNames): + } + if cf.IsFeatureFlagSet(FlagPlaintextNames) { if cf.IsFeatureFlagSet(FlagDirIV) { return fmt.Errorf("PlaintextNames conflicts with DirIV feature flag") } @@ -59,7 +60,8 @@ func (cf *ConfFile) Validate() error { if cf.IsFeatureFlagSet(FlagRaw64) { return fmt.Errorf("PlaintextNames conflicts with Raw64 feature flag") } - case cf.IsFeatureFlagSet(FlagEMENames): + } + if cf.IsFeatureFlagSet(FlagEMENames) { // All combinations of DirIV, LongNames, Raw64 allowed } } |