aboutsummaryrefslogtreecommitdiff
path: root/internal/configfile
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-03-05 18:03:03 +0100
committerJakob Unterwurzacher2017-03-05 18:03:03 +0100
commitb7328815183b7a4ff37156085fb78e8e86aff165 (patch)
tree650e24e8767ede99c76a5d78804de72f993eaf1a /internal/configfile
parenta8d154765ab1cea4f21cd9f7dd0b4d6ba7183cca (diff)
configfile: switch to 128-bit IVs for master key encryption
There is no security reason for doing this, but it will allow to consolidate the code once we drop compatibility with gocryptfs v1.2 (and earlier) filesystems.
Diffstat (limited to 'internal/configfile')
-rw-r--r--internal/configfile/config_file.go14
1 files changed, 10 insertions, 4 deletions
diff --git a/internal/configfile/config_file.go b/internal/configfile/config_file.go
index 1233d8a..d28b1d4 100644
--- a/internal/configfile/config_file.go
+++ b/internal/configfile/config_file.go
@@ -154,9 +154,15 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) {
scryptHash := cf.ScryptObject.DeriveKey(password)
// Unlock master key using password-based key
- // We use stock go GCM instead of OpenSSL here as we only use 96-bit IVs,
- // speed is not important and we get better error messages
- cc := cryptocore.New(scryptHash, cryptocore.BackendGoGCM, 96)
+ // gocryptfs v1.2 and older used 96-bit IVs for master key encryption.
+ // v1.3 and up use 128 bits, which makes EncryptedKey longer (64 bytes).
+ IVLen := contentenc.DefaultIVBits
+ if len(cf.EncryptedKey) == 60 {
+ IVLen = 96
+ }
+ // We use stock Go GCM instead of OpenSSL as speed is not
+ // important and we get better error messages
+ cc := cryptocore.New(scryptHash, cryptocore.BackendGoGCM, IVLen)
ce := contentenc.New(cc, 4096)
tlog.Warn.Enabled = false // Silence DecryptBlock() error messages on incorrect password
@@ -180,7 +186,7 @@ func (cf *ConfFile) EncryptKey(key []byte, password string, logN int) {
scryptHash := cf.ScryptObject.DeriveKey(password)
// Lock master key using password-based key
- cc := cryptocore.New(scryptHash, cryptocore.BackendGoGCM, 96)
+ cc := cryptocore.New(scryptHash, cryptocore.BackendGoGCM, contentenc.DefaultIVBits)
ce := contentenc.New(cc, 4096)
cf.EncryptedKey = ce.EncryptBlock(key, 0, nil)
}