stupidgcm: completely replace spacemonkeygo/openssl

4 files changed, 5 insertions, 180 deletions

diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index f286896..7e7f099 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -4,6 +4,8 @@ import (
 	"crypto/aes"
 	"crypto/cipher"
 	"fmt"
+
+	"github.com/rfjakob/gocryptfs/internal/stupidgcm"
 )
 
 const (
@@ -39,8 +41,9 @@ func New(key []byte, useOpenssl bool, GCMIV128 bool) *CryptoCore {
 	}
 
 	var gcm cipher.AEAD
-	if useOpenssl {
-		gcm = opensslGCM{key}
+	if useOpenssl && GCMIV128 {
+		// stupidgcm only supports 128-bit IVs
+		gcm = stupidgcm.New(key)
 	} else {
 		gcm, err = goGCMWrapper(blockCipher, IVLen)
 		if err != nil {
diff --git a/internal/cryptocore/openssl_aead.go b/internal/cryptocore/openssl_aead.go
deleted file mode 100644
index d4ed64b..0000000
--- a/internal/cryptocore/openssl_aead.go
+++ /dev/null
@@ -1,100 +0,0 @@
-package cryptocore
-
-// Implements cipher.AEAD with OpenSSL backend
-
-import (
-	"bytes"
-	"github.com/spacemonkeygo/openssl"
-)
-
-// Supports all nonce sizes
-type opensslGCM struct {
-	key []byte
-}
-
-func (be opensslGCM) Overhead() int {
-	return AuthTagLen
-}
-
-func (be opensslGCM) NonceSize() int {
-	// We support any nonce size
-	return -1
-}
-
-// Seal encrypts and authenticates plaintext, authenticates the
-// additional data and appends the result to dst, returning the updated
-// slice. opensslGCM supports any nonce size.
-func (be opensslGCM) Seal(dst, nonce, plaintext, data []byte) []byte {
-
-	// Preallocate output buffer
-	var cipherBuf bytes.Buffer
-	cipherBuf.Grow(len(dst) + len(plaintext) + AuthTagLen)
-	// Output will be appended to dst
-	cipherBuf.Write(dst)
-
-	ectx, err := openssl.NewGCMEncryptionCipherCtx(KeyLen*8, nil, be.key, nonce)
-	if err != nil {
-		panic(err)
-	}
-	err = ectx.ExtraData(data)
-	if err != nil {
-		panic(err)
-	}
-	part, err := ectx.EncryptUpdate(plaintext)
-	if err != nil {
-		panic(err)
-	}
-	cipherBuf.Write(part)
-	part, err = ectx.EncryptFinal()
-	if err != nil {
-		panic(err)
-	}
-	cipherBuf.Write(part)
-	part, err = ectx.GetTag()
-	if err != nil {
-		panic(err)
-	}
-	cipherBuf.Write(part)
-
-	return cipherBuf.Bytes()
-}
-
-// Open decrypts and authenticates ciphertext, authenticates the
-// additional data and, if successful, appends the resulting plaintext
-// to dst, returning the updated slice. The nonce must be NonceSize()
-// bytes long and both it and the additional data must match the
-// value passed to Seal.
-//
-// The ciphertext and dst may alias exactly or not at all.
-func (be opensslGCM) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) {
-
-	l := len(ciphertext)
-	tag := ciphertext[l-AuthTagLen : l]
-	ciphertext = ciphertext[0 : l-AuthTagLen]
-	plainBuf := bytes.NewBuffer(dst)
-
-	dctx, err := openssl.NewGCMDecryptionCipherCtx(KeyLen*8, nil, be.key, nonce)
-	if err != nil {
-		return nil, err
-	}
-	err = dctx.ExtraData(data)
-	if err != nil {
-		return nil, err
-	}
-	part, err := dctx.DecryptUpdate(ciphertext)
-	if err != nil {
-		return nil, err
-	}
-	plainBuf.Write(part)
-	err = dctx.SetTag(tag)
-	if err != nil {
-		return nil, err
-	}
-	part, err = dctx.DecryptFinal()
-	if err != nil {
-		return nil, err
-	}
-	plainBuf.Write(part)
-
-	return plainBuf.Bytes(), nil
-}
diff --git a/internal/cryptocore/openssl_benchmark.bash b/internal/cryptocore/openssl_benchmark.bash
deleted file mode 100755
index df29628..0000000
--- a/internal/cryptocore/openssl_benchmark.bash
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/bash
-
-go test -run NONE -bench BenchmarkEnc
diff --git a/internal/cryptocore/openssl_test.go b/internal/cryptocore/openssl_test.go
deleted file mode 100644
index 94b696a..0000000
--- a/internal/cryptocore/openssl_test.go
+++ /dev/null
@@ -1,75 +0,0 @@
-package cryptocore
-
-// Benchmark go built-int GCM against spacemonkey openssl bindings
-//
-// Note: The benchmarks in this file supersede the ones in the openssl_benchmark
-//       directory as they use the same code paths that gocryptfs actually uses.
-//
-// Run benchmark:
-// go test -bench Enc
-
-import (
-	"crypto/aes"
-	"testing"
-)
-
-func benchmarkGoEnc(b *testing.B, plaintext []byte, key []byte, nonce []byte) (ciphertext []byte) {
-	b.SetBytes(int64(len(plaintext)))
-	aes, err := aes.NewCipher(key[:])
-	if err != nil {
-		b.Fatal(err)
-	}
-	aesgcm, err := goGCMWrapper(aes, len(nonce))
-	if err != nil {
-		b.Fatal(err)
-	}
-	// This would be fileID + blockNo
-	aData := make([]byte, 24)
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		// Encrypt plaintext and append to nonce
-		ciphertext = aesgcm.Seal(nonce, nonce, plaintext, aData)
-	}
-	return ciphertext
-}
-
-func benchmarkOpensslEnc(b *testing.B, plaintext []byte, key []byte, nonce []byte) (ciphertext []byte) {
-	b.SetBytes(int64(len(plaintext)))
-	var aesgcm opensslGCM
-	aesgcm.key = key
-	// This would be fileID + blockNo
-	aData := make([]byte, 24)
-	for i := 0; i < b.N; i++ {
-		// Encrypt plaintext and append to nonce
-		ciphertext = aesgcm.Seal(nonce, nonce, plaintext, aData)
-	}
-	return ciphertext
-}
-
-func BenchmarkEnc_Go_4k_AES256_nonce96(b *testing.B) {
-	plaintext := make([]byte, 4048)
-	key := make([]byte, 256/8)
-	nonce := make([]byte, 96/8)
-	benchmarkGoEnc(b, plaintext, key, nonce)
-}
-
-func BenchmarkEnc_Go_4k_AES256_nonce128(b *testing.B) {
-	plaintext := make([]byte, 4048)
-	key := make([]byte, 256/8)
-	nonce := make([]byte, 128/8)
-	benchmarkGoEnc(b, plaintext, key, nonce)
-}
-
-func BenchmarkEnc_OpenSSL_4k_AES256_nonce96(b *testing.B) {
-	plaintext := make([]byte, 4048)
-	key := make([]byte, 256/8)
-	nonce := make([]byte, 96/8)
-	benchmarkOpensslEnc(b, plaintext, key, nonce)
-}
-
-func BenchmarkEnc_OpenSSL_4k_AES256_nonce128(b *testing.B) {
-	plaintext := make([]byte, 4048)
-	key := make([]byte, 256/8)
-	nonce := make([]byte, 96/8)
-	benchmarkOpensslEnc(b, plaintext, key, nonce)
-}