summaryrefslogtreecommitdiff
path: root/internal
diff options
context:
space:
mode:
authorJakob Unterwurzacher2021-09-08 20:32:16 +0200
committerJakob Unterwurzacher2021-09-08 20:32:16 +0200
commit94e8004b6ce497dafd13e8c3f6f6596b49169970 (patch)
treed5b2412ce9e52429f2b1cd74ad60abca0ea7f3bc /internal
parent1a5866729387c09eca1cdc9737d1b02c74c25901 (diff)
Make -openssl also apply to xchacha
Now that stupidgcm supports xchacha, make it available on mount.
Diffstat (limited to 'internal')
-rw-r--r--internal/cryptocore/cryptocore.go16
1 files changed, 12 insertions, 4 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index d7b7527..dd7c98b 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -32,11 +32,11 @@ type AEADTypeEnum struct {
NonceSize int
}
-// BackendOpenSSL specifies the OpenSSL backend.
+// BackendOpenSSL specifies the OpenSSL AES-256-GCM backend.
// "AES-GCM-256-OpenSSL" in gocryptfs -speed.
var BackendOpenSSL AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-OpenSSL", 16}
-// BackendGoGCM specifies the Go based GCM backend.
+// BackendGoGCM specifies the Go based AES-256-GCM backend.
// "AES-GCM-256-Go" in gocryptfs -speed.
var BackendGoGCM AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-Go", 16}
@@ -130,6 +130,8 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
if err != nil {
log.Panic(err)
}
+ default:
+ log.Panicf("BUG: unhandled case: %v", aeadType)
}
for i := range gcmKey {
gcmKey[i] = 0
@@ -154,7 +156,7 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
for i := range key64 {
key64[i] = 0
}
- } else if aeadType == BackendXChaCha20Poly1305 {
+ } else if aeadType == BackendXChaCha20Poly1305 || aeadType == BackendXChaCha20Poly1305OpenSSL {
// We don't support legacy modes with XChaCha20-Poly1305
if IVBitLen != chacha20poly1305.NonceSizeX*8 {
log.Panicf("XChaCha20-Poly1305 must use 192-bit IVs, you wanted %d", IVBitLen)
@@ -163,7 +165,13 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
log.Panic("XChaCha20-Poly1305 must use HKDF, but it is disabled")
}
derivedKey := hkdfDerive(key, hkdfInfoXChaChaPoly1305Content, chacha20poly1305.KeySize)
- aeadCipher, err = chacha20poly1305.NewX(derivedKey)
+ if aeadType == BackendXChaCha20Poly1305 {
+ aeadCipher, err = chacha20poly1305.NewX(derivedKey)
+ } else if aeadType == BackendXChaCha20Poly1305OpenSSL {
+ aeadCipher = stupidgcm.NewXchacha20poly1305(derivedKey)
+ } else {
+ log.Panicf("BUG: unhandled case: %v", aeadType)
+ }
if err != nil {
log.Panic(err)
}