diff options
author | Jakob Unterwurzacher | 2018-02-17 15:02:01 +0100 |
---|---|---|
committer | Jakob Unterwurzacher | 2018-02-17 15:02:01 +0100 |
commit | 7e0fefe970b98be7e455f671dbd0e994abd52110 (patch) | |
tree | 3cd2903d7d3aa3573c61104c9962cdd834cdecf8 | |
parent | a3694e0c073b686b33c7ba34508c6e18a5508dd5 (diff) |
stupidgcm: switch to pointer receivers
What the key slice does not get copied around
will make it possible to check if the key has been wiped.
-rw-r--r-- | internal/stupidgcm/stupidgcm.go | 11 | ||||
-rw-r--r-- | internal/stupidgcm/without_openssl.go | 12 |
2 files changed, 12 insertions, 11 deletions
diff --git a/internal/stupidgcm/stupidgcm.go b/internal/stupidgcm/stupidgcm.go index d690f93..2660808 100644 --- a/internal/stupidgcm/stupidgcm.go +++ b/internal/stupidgcm/stupidgcm.go @@ -29,6 +29,7 @@ type stupidGCM struct { forceDecode bool } +// Verify that we satisfy the cipher.AEAD interface var _ cipher.AEAD = &stupidGCM{} // New returns a new cipher.AEAD implementation.. @@ -36,19 +37,19 @@ func New(key []byte, forceDecode bool) cipher.AEAD { if len(key) != keyLen { log.Panicf("Only %d-byte keys are supported", keyLen) } - return stupidGCM{key: key, forceDecode: forceDecode} + return &stupidGCM{key: key, forceDecode: forceDecode} } -func (g stupidGCM) NonceSize() int { +func (g *stupidGCM) NonceSize() int { return ivLen } -func (g stupidGCM) Overhead() int { +func (g *stupidGCM) Overhead() int { return tagLen } // Seal encrypts "in" using "iv" and "authData" and append the result to "dst" -func (g stupidGCM) Seal(dst, iv, in, authData []byte) []byte { +func (g *stupidGCM) Seal(dst, iv, in, authData []byte) []byte { if len(iv) != ivLen { log.Panicf("Only %d-byte IVs are supported", ivLen) } @@ -132,7 +133,7 @@ func (g stupidGCM) Seal(dst, iv, in, authData []byte) []byte { } // Open decrypts "in" using "iv" and "authData" and append the result to "dst" -func (g stupidGCM) Open(dst, iv, in, authData []byte) ([]byte, error) { +func (g *stupidGCM) Open(dst, iv, in, authData []byte) ([]byte, error) { if len(iv) != ivLen { log.Panicf("Only %d-byte IVs are supported", ivLen) } diff --git a/internal/stupidgcm/without_openssl.go b/internal/stupidgcm/without_openssl.go index efd37f3..0c1c149 100644 --- a/internal/stupidgcm/without_openssl.go +++ b/internal/stupidgcm/without_openssl.go @@ -21,28 +21,28 @@ func errExit() { os.Exit(exitcodes.OpenSSL) } -func New(_ []byte, _ bool) stupidGCM { +func New(_ []byte, _ bool) *stupidGCM { errExit() // Never reached - return stupidGCM{} + return &stupidGCM{} } -func (g stupidGCM) NonceSize() int { +func (g *stupidGCM) NonceSize() int { errExit() return -1 } -func (g stupidGCM) Overhead() int { +func (g *stupidGCM) Overhead() int { errExit() return -1 } -func (g stupidGCM) Seal(_, _, _, _ []byte) []byte { +func (g *stupidGCM) Seal(_, _, _, _ []byte) []byte { errExit() return nil } -func (g stupidGCM) Open(_, _, _, _ []byte) ([]byte, error) { +func (g *stupidGCM) Open(_, _, _, _ []byte) ([]byte, error) { errExit() return nil, nil } |