diff options
author | Jakob Unterwurzacher | 2017-03-05 13:58:24 +0100 |
---|---|---|
committer | Jakob Unterwurzacher | 2017-03-05 13:58:24 +0100 |
commit | e032539e2c09cd4d1f007d33d7ef97b0fec689ed (patch) | |
tree | 0dddfa591a048c8494580cef954c365aa32eced0 /internal/cryptocore | |
parent | b2f154a9a908e6ec097de90c04ce45118adc76de (diff) |
cryptocore: use eme v1.1 interface
Version 1.1 of the EME package (github.com/rfjakob/eme) added
a more convenient interface. Use it.
Note that you have to upgrade your EME package (go get -u)!
Diffstat (limited to 'internal/cryptocore')
-rw-r--r-- | internal/cryptocore/cryptocore.go | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go index 13b278f..d3af7de 100644 --- a/internal/cryptocore/cryptocore.go +++ b/internal/cryptocore/cryptocore.go @@ -9,6 +9,8 @@ import ( "fmt" "log" + "github.com/rfjakob/eme" + "github.com/rfjakob/gocryptfs/internal/siv_aead" "github.com/rfjakob/gocryptfs/internal/stupidgcm" ) @@ -33,8 +35,8 @@ const ( // CryptoCore is the low level crypto implementation. type CryptoCore struct { - // AES-256 block cipher. This is used for EME filename encryption. - BlockCipher cipher.Block + // EME is used for filename encryption. + EMECipher *eme.EMECipher // GCM or AES-SIV. This is used for content encryption. AEADCipher cipher.AEAD // Which backend is behind AEADCipher? @@ -56,12 +58,13 @@ func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore { // We want the IV size in bytes IVLen := IVBitLen / 8 - // Name encryption always uses built-in Go AES through BlockCipher. + // Name encryption always uses built-in Go AES through blockCipher. // Content encryption uses BlockCipher only if useOpenssl=false. blockCipher, err := aes.NewCipher(key) if err != nil { log.Panic(err) } + emeCipher := eme.New(blockCipher) var aeadCipher cipher.AEAD switch backend { @@ -90,7 +93,7 @@ func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore { } return &CryptoCore{ - BlockCipher: blockCipher, + EMECipher: emeCipher, AEADCipher: aeadCipher, AEADBackend: backend, IVGenerator: &nonceGenerator{nonceLen: IVLen}, |