aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--internal/readpassword/trezor.go14
1 files changed, 14 insertions, 0 deletions
diff --git a/internal/readpassword/trezor.go b/internal/readpassword/trezor.go
index be9c22a..9020b33 100644
--- a/internal/readpassword/trezor.go
+++ b/internal/readpassword/trezor.go
@@ -1,6 +1,8 @@
package readpassword
import (
+ "bytes"
+ "log"
"os"
"github.com/rfjakob/gocryptfs/internal/exitcodes"
@@ -96,6 +98,18 @@ func Trezor(payload []byte) []byte {
os.Exit(exitcodes.TrezorError)
}
+ // Sanity checks
+ if len(key) != TrezorPayloadLen {
+ log.Panicf("BUG: decrypted value has wrong length %d", len(key))
+ }
+ if bytes.Equal(key, payload) {
+ log.Panicf("BUG: payload and decrypted value are identical")
+ }
+ zero := make([]byte, TrezorPayloadLen)
+ if bytes.Equal(key, zero) {
+ log.Panicf("BUG: decrypted value is all-zero")
+ }
+
// Everything ok
return key
}