summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakob Unterwurzacher2018-02-17 15:02:01 +0100
committerJakob Unterwurzacher2018-02-17 15:02:01 +0100
commit7e0fefe970b98be7e455f671dbd0e994abd52110 (patch)
tree3cd2903d7d3aa3573c61104c9962cdd834cdecf8
parenta3694e0c073b686b33c7ba34508c6e18a5508dd5 (diff)
stupidgcm: switch to pointer receivers
What the key slice does not get copied around will make it possible to check if the key has been wiped.
-rw-r--r--internal/stupidgcm/stupidgcm.go11
-rw-r--r--internal/stupidgcm/without_openssl.go12
2 files changed, 12 insertions, 11 deletions
diff --git a/internal/stupidgcm/stupidgcm.go b/internal/stupidgcm/stupidgcm.go
index d690f93..2660808 100644
--- a/internal/stupidgcm/stupidgcm.go
+++ b/internal/stupidgcm/stupidgcm.go
@@ -29,6 +29,7 @@ type stupidGCM struct {
forceDecode bool
}
+// Verify that we satisfy the cipher.AEAD interface
var _ cipher.AEAD = &stupidGCM{}
// New returns a new cipher.AEAD implementation..
@@ -36,19 +37,19 @@ func New(key []byte, forceDecode bool) cipher.AEAD {
if len(key) != keyLen {
log.Panicf("Only %d-byte keys are supported", keyLen)
}
- return stupidGCM{key: key, forceDecode: forceDecode}
+ return &stupidGCM{key: key, forceDecode: forceDecode}
}
-func (g stupidGCM) NonceSize() int {
+func (g *stupidGCM) NonceSize() int {
return ivLen
}
-func (g stupidGCM) Overhead() int {
+func (g *stupidGCM) Overhead() int {
return tagLen
}
// Seal encrypts "in" using "iv" and "authData" and append the result to "dst"
-func (g stupidGCM) Seal(dst, iv, in, authData []byte) []byte {
+func (g *stupidGCM) Seal(dst, iv, in, authData []byte) []byte {
if len(iv) != ivLen {
log.Panicf("Only %d-byte IVs are supported", ivLen)
}
@@ -132,7 +133,7 @@ func (g stupidGCM) Seal(dst, iv, in, authData []byte) []byte {
}
// Open decrypts "in" using "iv" and "authData" and append the result to "dst"
-func (g stupidGCM) Open(dst, iv, in, authData []byte) ([]byte, error) {
+func (g *stupidGCM) Open(dst, iv, in, authData []byte) ([]byte, error) {
if len(iv) != ivLen {
log.Panicf("Only %d-byte IVs are supported", ivLen)
}
diff --git a/internal/stupidgcm/without_openssl.go b/internal/stupidgcm/without_openssl.go
index efd37f3..0c1c149 100644
--- a/internal/stupidgcm/without_openssl.go
+++ b/internal/stupidgcm/without_openssl.go
@@ -21,28 +21,28 @@ func errExit() {
os.Exit(exitcodes.OpenSSL)
}
-func New(_ []byte, _ bool) stupidGCM {
+func New(_ []byte, _ bool) *stupidGCM {
errExit()
// Never reached
- return stupidGCM{}
+ return &stupidGCM{}
}
-func (g stupidGCM) NonceSize() int {
+func (g *stupidGCM) NonceSize() int {
errExit()
return -1
}
-func (g stupidGCM) Overhead() int {
+func (g *stupidGCM) Overhead() int {
errExit()
return -1
}
-func (g stupidGCM) Seal(_, _, _, _ []byte) []byte {
+func (g *stupidGCM) Seal(_, _, _, _ []byte) []byte {
errExit()
return nil
}
-func (g stupidGCM) Open(_, _, _, _ []byte) ([]byte, error) {
+func (g *stupidGCM) Open(_, _, _, _ []byte) ([]byte, error) {
errExit()
return nil, nil
}