summaryrefslogtreecommitdiff
path: root/internal/siv_aead
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-03-05 21:59:55 +0100
committerJakob Unterwurzacher2017-03-05 21:59:55 +0100
commitd0bc7970f721cee607d993406d97d32e2c660abe (patch)
tree894b016af6e7785bb707e3d2e0f660608ceeea06 /internal/siv_aead
parent4fadcbaf68ce25dcdc7665059f43226f5f9a4da5 (diff)
full stack: implement HKDF support
...but keep it disabled by default for new filesystems. We are still missing an example filesystem and CLI arguments to explicitely enable and disable it.
Diffstat (limited to 'internal/siv_aead')
-rw-r--r--internal/siv_aead/correctness_test.go4
-rw-r--r--internal/siv_aead/siv_aead.go14
2 files changed, 16 insertions, 2 deletions
diff --git a/internal/siv_aead/correctness_test.go b/internal/siv_aead/correctness_test.go
index a9885e7..b52774b 100644
--- a/internal/siv_aead/correctness_test.go
+++ b/internal/siv_aead/correctness_test.go
@@ -15,7 +15,7 @@ func TestKeyLens(t *testing.T) {
plaintext := []byte("foobar")
for _, keyLen := range keyLens {
key := make([]byte, keyLen)
- a := New(key)
+ a := new2(key)
ciphertext2 := a.Seal(nil, nonce, plaintext, nil)
ciphertext, err := siv.Encrypt(nil, key, plaintext, [][]byte{nil, nonce})
@@ -42,7 +42,7 @@ func TestK32(t *testing.T) {
if err != nil {
t.Fatal(err)
}
- a := New(key)
+ a := new2(key)
aResult := a.Seal(nonce, nonce, plaintext, aData)
if !bytes.Equal(sResult, aResult) {
t.Errorf("siv and siv_aead produce different results")
diff --git a/internal/siv_aead/siv_aead.go b/internal/siv_aead/siv_aead.go
index 6cfa937..d5df4ac 100644
--- a/internal/siv_aead/siv_aead.go
+++ b/internal/siv_aead/siv_aead.go
@@ -15,8 +15,22 @@ type sivAead struct {
var _ cipher.AEAD = &sivAead{}
+const (
+ KeyLen = 64
+)
+
// New returns a new cipher.AEAD implementation.
func New(key []byte) cipher.AEAD {
+ if len(key) != KeyLen {
+ // SIV supports more 32, 48 or 64-byte keys, but in gocryptfs we
+ // exclusively use 64.
+ log.Panicf("Key must be %d byte long (you passed %d)", KeyLen, len(key))
+ }
+ return new2(key)
+}
+
+// Same as "New" without the 64-byte restriction.
+func new2(key []byte) cipher.AEAD {
return &sivAead{
key: key,
}