diff options
| author | Jakob Unterwurzacher | 2021-09-02 10:50:45 +0200 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2021-09-07 18:14:05 +0200 |
| commit | 591a56e7ae06a5766747eb91cb1e7fade7f3a704 (patch) | |
| tree | 9e0a2a73ccbfc3c23ce754fc0bd9190728f20854 | |
| parent | 5df7ee815dcd91d33e6167c20cebcbd5c51c2c7a (diff) | |
stupidgcm: stupidChacha20poly1305: normalize panic messages
| -rw-r--r-- | internal/stupidgcm/stupidchacha.go | 7 | ||||
| -rw-r--r-- | internal/stupidgcm/stupidchacha_test.go | 3 |
2 files changed, 3 insertions, 7 deletions
diff --git a/internal/stupidgcm/stupidchacha.go b/internal/stupidgcm/stupidchacha.go index be8accb..a6fe318 100644 --- a/internal/stupidgcm/stupidchacha.go +++ b/internal/stupidgcm/stupidchacha.go @@ -45,7 +45,7 @@ func (g *stupidChacha20poly1305) Overhead() int { // Seal encrypts "in" using "iv" and "authData" and append the result to "dst" func (g *stupidChacha20poly1305) Seal(dst, iv, in, authData []byte) []byte { if g.wiped { - panic("BUG: tried to use wiped stupidChacha20poly1305") + panic("BUG: tried to use wiped key") } if len(iv) != g.NonceSize() { log.Panicf("Only %d-byte IVs are supported, you passed %d bytes", g.NonceSize(), len(iv)) @@ -130,7 +130,7 @@ func (g *stupidChacha20poly1305) Seal(dst, iv, in, authData []byte) []byte { // Open decrypts "in" using "iv" and "authData" and append the result to "dst" func (g *stupidChacha20poly1305) Open(dst, iv, in, authData []byte) ([]byte, error) { if g.wiped { - panic("BUG: tried to use wiped stupidChacha20poly1305") + panic("BUG: tried to use wiped key") } if len(iv) != g.NonceSize() { log.Panicf("Only %d-byte IVs are supported", g.NonceSize()) @@ -216,8 +216,7 @@ func (g *stupidChacha20poly1305) Open(dst, iv, in, authData []byte) ([]byte, err return append(dst, buf...), nil } -// Wipe tries to wipe the AES key from memory by overwriting it with zeros -// and setting the reference to nil. +// Wipe tries to wipe the key from memory by overwriting it with zeros. // // This is not bulletproof due to possible GC copies, but // still raises the bar for extracting the key. diff --git a/internal/stupidgcm/stupidchacha_test.go b/internal/stupidgcm/stupidchacha_test.go index 2690f85..513b68f 100644 --- a/internal/stupidgcm/stupidchacha_test.go +++ b/internal/stupidgcm/stupidchacha_test.go @@ -1,8 +1,5 @@ // +build !without_openssl -// We compare against Go's built-in GCM implementation. Since stupidgcm only -// supports 128-bit IVs and Go only supports that from 1.5 onward, we cannot -// run these tests on older Go versions. package stupidgcm import ( |