The string used for selecting the transaction type should
be copied because it is passed by reference.
Augment HMAC to validate entire decryption request
All the valued fields need to be hashed for incoming
encrypted file. This is to keep the integrity of the
request.
Add static test case for core
Test the output of a pre-computed encrypted blob with associated
vault.
Support hosting static file under /index
Require client auth only when server CA present
Add tests for cryptor.go
Improve comments.
The makeRandom() function was ignoring its argument and always returning 16
bytes of random data (this didn't matter because it was only ever called with
16 as its argument).
Take another look at this file and perform general clean up of comments and
go style.
Spotted another small bug where an error was set using
err = errors.New()
but there was no return statement so the error was ignored.
The major work here has been:
1. Clean up some go idioms to make the code more idiomatic and simplify
functions where possible to minimize number of lines where there was
unnecessary code.
2. Document as many of the functions and packages as possible.
3. Add a test suite for the padding package.
4. Force 'go fmt' when 'make' is performed.
5. Better handling of errors throughout the code. There were quite a few
that were ignored, now they are handled and reported on (e.g. if the
JSON in the password vault is broken it will no longer be ignored, etc.)
6. Changed the names of a number of functions to make them clearer.
The code could now do with someone who knows it well to go through and
document everything clearly for release.
