summaryrefslogtreecommitdiff
path: root/internal/cryptocore
diff options
context:
space:
mode:
authorJakob Unterwurzacher2021-09-10 12:14:19 +0200
committerJakob Unterwurzacher2021-09-10 12:14:19 +0200
commitd023cd6c95fcbc6b5056ba1f425d2ac3df4abc5a (patch)
tree8e5df3a175b183f0db989a9d8f940a3c5c7434b0 /internal/cryptocore
parentc974116322f057a36ffb0b2ec0338b7f60872773 (diff)
cli: drop -forcedecode flag
The rewritten openssl backend does not support this flag anymore, and it was inherently dangerour. Drop it (ignored for compatibility)
Diffstat (limited to 'internal/cryptocore')
-rw-r--r--internal/cryptocore/cryptocore.go8
-rw-r--r--internal/cryptocore/cryptocore_test.go8
2 files changed, 8 insertions, 8 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index dd7c98b..48386f8 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -73,9 +73,9 @@ type CryptoCore struct {
//
// Note: "key" is either the scrypt hash of the password (when decrypting
// a config file) or the masterkey (when finally mounting the filesystem).
-func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDecode bool) *CryptoCore {
- tlog.Debug.Printf("cryptocore.New: key=%d bytes, aeadType=%v, IVBitLen=%d, useHKDF=%v, forceDecode=%v",
- len(key), aeadType, IVBitLen, useHKDF, forceDecode)
+func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool) *CryptoCore {
+ tlog.Debug.Printf("cryptocore.New: key=%d bytes, aeadType=%v, IVBitLen=%d, useHKDF=%v",
+ len(key), aeadType, IVBitLen, useHKDF)
if len(key) != KeyLen {
log.Panicf("Unsupported key length of %d bytes", len(key))
@@ -120,7 +120,7 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
if IVBitLen != 128 {
log.Panicf("stupidgcm only supports 128-bit IVs, you wanted %d", IVBitLen)
}
- aeadCipher = stupidgcm.NewAES256GCM(gcmKey, forceDecode)
+ aeadCipher = stupidgcm.NewAES256GCM(gcmKey)
case BackendGoGCM:
goGcmBlockCipher, err := aes.NewCipher(gcmKey)
if err != nil {
diff --git a/internal/cryptocore/cryptocore_test.go b/internal/cryptocore/cryptocore_test.go
index 319a900..d37e941 100644
--- a/internal/cryptocore/cryptocore_test.go
+++ b/internal/cryptocore/cryptocore_test.go
@@ -10,18 +10,18 @@ import (
func TestCryptoCoreNew(t *testing.T) {
key := make([]byte, 32)
for _, useHKDF := range []bool{true, false} {
- c := New(key, BackendGoGCM, 96, useHKDF, false)
+ c := New(key, BackendGoGCM, 96, useHKDF)
if c.IVLen != 12 {
t.Fail()
}
- c = New(key, BackendGoGCM, 128, useHKDF, false)
+ c = New(key, BackendGoGCM, 128, useHKDF)
if c.IVLen != 16 {
t.Fail()
}
if stupidgcm.BuiltWithoutOpenssl {
continue
}
- c = New(key, BackendOpenSSL, 128, useHKDF, false)
+ c = New(key, BackendOpenSSL, 128, useHKDF)
if c.IVLen != 16 {
t.Fail()
}
@@ -37,5 +37,5 @@ func TestNewPanic(t *testing.T) {
}()
key := make([]byte, 16)
- New(key, BackendOpenSSL, 128, true, false)
+ New(key, BackendOpenSSL, 128, true)
}