summaryrefslogtreecommitdiff
path: root/internal/cryptocore
diff options
context:
space:
mode:
authorJakob Unterwurzacher2016-05-04 19:09:14 +0200
committerJakob Unterwurzacher2016-05-04 19:56:07 +0200
commit39f3a24484ffc343d2d5225d5c419082aabb9baa (patch)
tree04b9d7aa98ef3e18f05b00efe39e5288baeed5c4 /internal/cryptocore
parentc92190bf07d27a4c7fbecba5778d11c77c52574e (diff)
stupidgcm: completely replace spacemonkeygo/openssl
Diffstat (limited to 'internal/cryptocore')
-rw-r--r--internal/cryptocore/cryptocore.go7
-rw-r--r--internal/cryptocore/openssl_aead.go100
-rwxr-xr-xinternal/cryptocore/openssl_benchmark.bash3
-rw-r--r--internal/cryptocore/openssl_test.go75
4 files changed, 5 insertions, 180 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index f286896..7e7f099 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -4,6 +4,8 @@ import (
"crypto/aes"
"crypto/cipher"
"fmt"
+
+ "github.com/rfjakob/gocryptfs/internal/stupidgcm"
)
const (
@@ -39,8 +41,9 @@ func New(key []byte, useOpenssl bool, GCMIV128 bool) *CryptoCore {
}
var gcm cipher.AEAD
- if useOpenssl {
- gcm = opensslGCM{key}
+ if useOpenssl && GCMIV128 {
+ // stupidgcm only supports 128-bit IVs
+ gcm = stupidgcm.New(key)
} else {
gcm, err = goGCMWrapper(blockCipher, IVLen)
if err != nil {
diff --git a/internal/cryptocore/openssl_aead.go b/internal/cryptocore/openssl_aead.go
deleted file mode 100644
index d4ed64b..0000000
--- a/internal/cryptocore/openssl_aead.go
+++ /dev/null
@@ -1,100 +0,0 @@
-package cryptocore
-
-// Implements cipher.AEAD with OpenSSL backend
-
-import (
- "bytes"
- "github.com/spacemonkeygo/openssl"
-)
-
-// Supports all nonce sizes
-type opensslGCM struct {
- key []byte
-}
-
-func (be opensslGCM) Overhead() int {
- return AuthTagLen
-}
-
-func (be opensslGCM) NonceSize() int {
- // We support any nonce size
- return -1
-}
-
-// Seal encrypts and authenticates plaintext, authenticates the
-// additional data and appends the result to dst, returning the updated
-// slice. opensslGCM supports any nonce size.
-func (be opensslGCM) Seal(dst, nonce, plaintext, data []byte) []byte {
-
- // Preallocate output buffer
- var cipherBuf bytes.Buffer
- cipherBuf.Grow(len(dst) + len(plaintext) + AuthTagLen)
- // Output will be appended to dst
- cipherBuf.Write(dst)
-
- ectx, err := openssl.NewGCMEncryptionCipherCtx(KeyLen*8, nil, be.key, nonce)
- if err != nil {
- panic(err)
- }
- err = ectx.ExtraData(data)
- if err != nil {
- panic(err)
- }
- part, err := ectx.EncryptUpdate(plaintext)
- if err != nil {
- panic(err)
- }
- cipherBuf.Write(part)
- part, err = ectx.EncryptFinal()
- if err != nil {
- panic(err)
- }
- cipherBuf.Write(part)
- part, err = ectx.GetTag()
- if err != nil {
- panic(err)
- }
- cipherBuf.Write(part)
-
- return cipherBuf.Bytes()
-}
-
-// Open decrypts and authenticates ciphertext, authenticates the
-// additional data and, if successful, appends the resulting plaintext
-// to dst, returning the updated slice. The nonce must be NonceSize()
-// bytes long and both it and the additional data must match the
-// value passed to Seal.
-//
-// The ciphertext and dst may alias exactly or not at all.
-func (be opensslGCM) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) {
-
- l := len(ciphertext)
- tag := ciphertext[l-AuthTagLen : l]
- ciphertext = ciphertext[0 : l-AuthTagLen]
- plainBuf := bytes.NewBuffer(dst)
-
- dctx, err := openssl.NewGCMDecryptionCipherCtx(KeyLen*8, nil, be.key, nonce)
- if err != nil {
- return nil, err
- }
- err = dctx.ExtraData(data)
- if err != nil {
- return nil, err
- }
- part, err := dctx.DecryptUpdate(ciphertext)
- if err != nil {
- return nil, err
- }
- plainBuf.Write(part)
- err = dctx.SetTag(tag)
- if err != nil {
- return nil, err
- }
- part, err = dctx.DecryptFinal()
- if err != nil {
- return nil, err
- }
- plainBuf.Write(part)
-
- return plainBuf.Bytes(), nil
-}
diff --git a/internal/cryptocore/openssl_benchmark.bash b/internal/cryptocore/openssl_benchmark.bash
deleted file mode 100755
index df29628..0000000
--- a/internal/cryptocore/openssl_benchmark.bash
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/bash
-
-go test -run NONE -bench BenchmarkEnc
diff --git a/internal/cryptocore/openssl_test.go b/internal/cryptocore/openssl_test.go
deleted file mode 100644
index 94b696a..0000000
--- a/internal/cryptocore/openssl_test.go
+++ /dev/null
@@ -1,75 +0,0 @@
-package cryptocore
-
-// Benchmark go built-int GCM against spacemonkey openssl bindings
-//
-// Note: The benchmarks in this file supersede the ones in the openssl_benchmark
-// directory as they use the same code paths that gocryptfs actually uses.
-//
-// Run benchmark:
-// go test -bench Enc
-
-import (
- "crypto/aes"
- "testing"
-)
-
-func benchmarkGoEnc(b *testing.B, plaintext []byte, key []byte, nonce []byte) (ciphertext []byte) {
- b.SetBytes(int64(len(plaintext)))
- aes, err := aes.NewCipher(key[:])
- if err != nil {
- b.Fatal(err)
- }
- aesgcm, err := goGCMWrapper(aes, len(nonce))
- if err != nil {
- b.Fatal(err)
- }
- // This would be fileID + blockNo
- aData := make([]byte, 24)
- b.ResetTimer()
- for i := 0; i < b.N; i++ {
- // Encrypt plaintext and append to nonce
- ciphertext = aesgcm.Seal(nonce, nonce, plaintext, aData)
- }
- return ciphertext
-}
-
-func benchmarkOpensslEnc(b *testing.B, plaintext []byte, key []byte, nonce []byte) (ciphertext []byte) {
- b.SetBytes(int64(len(plaintext)))
- var aesgcm opensslGCM
- aesgcm.key = key
- // This would be fileID + blockNo
- aData := make([]byte, 24)
- for i := 0; i < b.N; i++ {
- // Encrypt plaintext and append to nonce
- ciphertext = aesgcm.Seal(nonce, nonce, plaintext, aData)
- }
- return ciphertext
-}
-
-func BenchmarkEnc_Go_4k_AES256_nonce96(b *testing.B) {
- plaintext := make([]byte, 4048)
- key := make([]byte, 256/8)
- nonce := make([]byte, 96/8)
- benchmarkGoEnc(b, plaintext, key, nonce)
-}
-
-func BenchmarkEnc_Go_4k_AES256_nonce128(b *testing.B) {
- plaintext := make([]byte, 4048)
- key := make([]byte, 256/8)
- nonce := make([]byte, 128/8)
- benchmarkGoEnc(b, plaintext, key, nonce)
-}
-
-func BenchmarkEnc_OpenSSL_4k_AES256_nonce96(b *testing.B) {
- plaintext := make([]byte, 4048)
- key := make([]byte, 256/8)
- nonce := make([]byte, 96/8)
- benchmarkOpensslEnc(b, plaintext, key, nonce)
-}
-
-func BenchmarkEnc_OpenSSL_4k_AES256_nonce128(b *testing.B) {
- plaintext := make([]byte, 4048)
- key := make([]byte, 256/8)
- nonce := make([]byte, 96/8)
- benchmarkOpensslEnc(b, plaintext, key, nonce)
-}