diff options
author | Jakob Unterwurzacher | 2015-12-19 14:41:39 +0100 |
---|---|---|
committer | Jakob Unterwurzacher | 2015-12-19 15:02:29 +0100 |
commit | 1caa9258685fa5fad8935d3bfcd0eac7d7f84f1e (patch) | |
tree | abc1e46f269f9ef8f05d812e13fcdf2bae68d298 /cryptfs/cryptfs.go | |
parent | 88826dc51d7919ef8b190c079955230e653323e2 (diff) |
Increase GCM IV size from 96 to 128 bits
This pushes back the birthday bound for collisions to make it virtually
irrelevant.
Diffstat (limited to 'cryptfs/cryptfs.go')
-rw-r--r-- | cryptfs/cryptfs.go | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/cryptfs/cryptfs.go b/cryptfs/cryptfs.go index 58cca74..ae62045 100644 --- a/cryptfs/cryptfs.go +++ b/cryptfs/cryptfs.go @@ -11,9 +11,7 @@ import ( const ( DEFAULT_PLAINBS = 4096 KEY_LEN = 32 // AES-256 - NONCE_LEN = 12 AUTH_TAG_LEN = 16 - BLOCK_OVERHEAD = NONCE_LEN + AUTH_TAG_LEN DIRIV_LEN = 16 // identical to AES block size DIRIV_FILENAME = "gocryptfs.diriv" ) @@ -21,6 +19,8 @@ const ( type CryptFS struct { blockCipher cipher.Block gcm cipher.AEAD + gcmIVLen int + gcmIVGen nonceGenerator plainBS uint64 cipherBS uint64 // Stores an all-zero block of size cipherBS @@ -29,7 +29,7 @@ type CryptFS struct { DirIVCacheEnc DirIVCache } -func NewCryptFS(key []byte, useOpenssl bool, plaintextNames bool) *CryptFS { +func NewCryptFS(key []byte, useOpenssl bool, plaintextNames bool, GCMIV128 bool) *CryptFS { if len(key) != KEY_LEN { panic(fmt.Sprintf("Unsupported key length %d", len(key))) @@ -40,22 +40,31 @@ func NewCryptFS(key []byte, useOpenssl bool, plaintextNames bool) *CryptFS { panic(err) } + // We want the IV size in bytes + gcmIV := 96 / 8 + if GCMIV128 { + gcmIV = 128 / 8 + } + var gcm cipher.AEAD if useOpenssl { gcm = opensslGCM{key} } else { - gcm, err = cipher.NewGCM(b) + gcm, err = cipher.NewGCMWithNonceSize(b, gcmIV) if err != nil { panic(err) } } - cipherBS := DEFAULT_PLAINBS + NONCE_LEN + AUTH_TAG_LEN + plainBS := DEFAULT_PLAINBS + cipherBS := plainBS + gcmIV + AUTH_TAG_LEN return &CryptFS{ blockCipher: b, gcm: gcm, - plainBS: DEFAULT_PLAINBS, + gcmIVLen: gcmIV, + gcmIVGen: nonceGenerator{nonceLen: gcmIV}, + plainBS: uint64(plainBS), cipherBS: uint64(cipherBS), allZeroBlock: make([]byte, cipherBS), } @@ -65,3 +74,8 @@ func NewCryptFS(key []byte, useOpenssl bool, plaintextNames bool) *CryptFS { func (be *CryptFS) PlainBS() uint64 { return be.plainBS } + +// Per-block storage overhead +func (be *CryptFS) BlockOverhead() uint64 { + return be.cipherBS - be.plainBS +} |