diff options
| author | Jakob Unterwurzacher | 2021-09-08 20:32:16 +0200 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2021-09-08 20:32:16 +0200 |
| commit | 94e8004b6ce497dafd13e8c3f6f6596b49169970 (patch) | |
| tree | d5b2412ce9e52429f2b1cd74ad60abca0ea7f3bc /internal | |
| parent | 1a5866729387c09eca1cdc9737d1b02c74c25901 (diff) | |
Make -openssl also apply to xchacha
Now that stupidgcm supports xchacha, make it available
on mount.
Diffstat (limited to 'internal')
| -rw-r--r-- | internal/cryptocore/cryptocore.go | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go index d7b7527..dd7c98b 100644 --- a/internal/cryptocore/cryptocore.go +++ b/internal/cryptocore/cryptocore.go @@ -32,11 +32,11 @@ type AEADTypeEnum struct { NonceSize int } -// BackendOpenSSL specifies the OpenSSL backend. +// BackendOpenSSL specifies the OpenSSL AES-256-GCM backend. // "AES-GCM-256-OpenSSL" in gocryptfs -speed. var BackendOpenSSL AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-OpenSSL", 16} -// BackendGoGCM specifies the Go based GCM backend. +// BackendGoGCM specifies the Go based AES-256-GCM backend. // "AES-GCM-256-Go" in gocryptfs -speed. var BackendGoGCM AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-Go", 16} @@ -130,6 +130,8 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec if err != nil { log.Panic(err) } + default: + log.Panicf("BUG: unhandled case: %v", aeadType) } for i := range gcmKey { gcmKey[i] = 0 @@ -154,7 +156,7 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec for i := range key64 { key64[i] = 0 } - } else if aeadType == BackendXChaCha20Poly1305 { + } else if aeadType == BackendXChaCha20Poly1305 || aeadType == BackendXChaCha20Poly1305OpenSSL { // We don't support legacy modes with XChaCha20-Poly1305 if IVBitLen != chacha20poly1305.NonceSizeX*8 { log.Panicf("XChaCha20-Poly1305 must use 192-bit IVs, you wanted %d", IVBitLen) @@ -163,7 +165,13 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec log.Panic("XChaCha20-Poly1305 must use HKDF, but it is disabled") } derivedKey := hkdfDerive(key, hkdfInfoXChaChaPoly1305Content, chacha20poly1305.KeySize) - aeadCipher, err = chacha20poly1305.NewX(derivedKey) + if aeadType == BackendXChaCha20Poly1305 { + aeadCipher, err = chacha20poly1305.NewX(derivedKey) + } else if aeadType == BackendXChaCha20Poly1305OpenSSL { + aeadCipher = stupidgcm.NewXchacha20poly1305(derivedKey) + } else { + log.Panicf("BUG: unhandled case: %v", aeadType) + } if err != nil { log.Panic(err) } |