diff options
-rw-r--r-- | internal/cryptocore/cryptocore.go | 2 | ||||
-rw-r--r-- | internal/speed/speed.go | 2 | ||||
-rw-r--r-- | internal/speed/speed_test.go | 2 | ||||
-rw-r--r-- | internal/stupidgcm/chacha.go | 2 | ||||
-rw-r--r-- | internal/stupidgcm/gcm.go | 4 | ||||
-rw-r--r-- | internal/stupidgcm/gcm_test.go | 2 | ||||
-rw-r--r-- | internal/stupidgcm/without_openssl.go | 11 | ||||
-rw-r--r-- | internal/stupidgcm/xchacha.go | 4 |
8 files changed, 16 insertions, 13 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go index 1b692ff..d7b7527 100644 --- a/internal/cryptocore/cryptocore.go +++ b/internal/cryptocore/cryptocore.go @@ -120,7 +120,7 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec if IVBitLen != 128 { log.Panicf("stupidgcm only supports 128-bit IVs, you wanted %d", IVBitLen) } - aeadCipher = stupidgcm.New(gcmKey, forceDecode) + aeadCipher = stupidgcm.NewAES256GCM(gcmKey, forceDecode) case BackendGoGCM: goGcmBlockCipher, err := aes.NewCipher(gcmKey) if err != nil { diff --git a/internal/speed/speed.go b/internal/speed/speed.go index a696703..2f818d0 100644 --- a/internal/speed/speed.go +++ b/internal/speed/speed.go @@ -116,7 +116,7 @@ func bStupidGCM(b *testing.B) { if stupidgcm.BuiltWithoutOpenssl { b.Skip("openssl has been disabled at compile-time") } - bEncrypt(b, stupidgcm.New(randBytes(32), false)) + bEncrypt(b, stupidgcm.NewAES256GCM(randBytes(32), false)) } // bGoGCM benchmarks Go stdlib GCM diff --git a/internal/speed/speed_test.go b/internal/speed/speed_test.go index e9bbc0d..11c68d0 100644 --- a/internal/speed/speed_test.go +++ b/internal/speed/speed_test.go @@ -31,7 +31,7 @@ func BenchmarkStupidGCMDecrypt(b *testing.B) { if stupidgcm.BuiltWithoutOpenssl { b.Skip("openssl has been disabled at compile-time") } - bDecrypt(b, stupidgcm.New(randBytes(32), false)) + bDecrypt(b, stupidgcm.NewAES256GCM(randBytes(32), false)) } func BenchmarkGoGCM(b *testing.B) { diff --git a/internal/stupidgcm/chacha.go b/internal/stupidgcm/chacha.go index 1117d97..e09ed0b 100644 --- a/internal/stupidgcm/chacha.go +++ b/internal/stupidgcm/chacha.go @@ -37,7 +37,7 @@ func init() { // block by XChaCha20-Poly1305. // // Only 32-bytes keys and 12-byte IVs are supported. -func NewChacha20poly1305(key []byte) *stupidChacha20poly1305 { +func NewChacha20poly1305(key []byte) cipher.AEAD { if len(key) != chacha20poly1305.KeySize { log.Panicf("Only %d-byte keys are supported, you passed %d bytes", chacha20poly1305.KeySize, len(key)) } diff --git a/internal/stupidgcm/gcm.go b/internal/stupidgcm/gcm.go index a9377b1..c38dd5f 100644 --- a/internal/stupidgcm/gcm.go +++ b/internal/stupidgcm/gcm.go @@ -23,10 +23,10 @@ type stupidGCM struct { stupidAEADCommon } -// New returns a new AES-GCM-256 cipher that satisfies the cipher.AEAD interface. +// NewAES256GCM returns a new AES-256-GCM cipher that satisfies the cipher.AEAD interface. // // Only 32-bytes keys and 16-byte IVs are supported. -func New(keyIn []byte, forceDecode bool) cipher.AEAD { +func NewAES256GCM(keyIn []byte, forceDecode bool) cipher.AEAD { if len(keyIn) != keyLen { log.Panicf("Only %d-byte keys are supported", keyLen) } diff --git a/internal/stupidgcm/gcm_test.go b/internal/stupidgcm/gcm_test.go index 5323afa..b587e58 100644 --- a/internal/stupidgcm/gcm_test.go +++ b/internal/stupidgcm/gcm_test.go @@ -13,7 +13,7 @@ import ( func TestStupidGCM(t *testing.T) { key := randBytes(32) - sGCM := New(key, false) + sGCM := NewAES256GCM(key, false) gAES, err := aes.NewCipher(key) if err != nil { diff --git a/internal/stupidgcm/without_openssl.go b/internal/stupidgcm/without_openssl.go index 81bae07..93efcb4 100644 --- a/internal/stupidgcm/without_openssl.go +++ b/internal/stupidgcm/without_openssl.go @@ -11,19 +11,22 @@ import ( "github.com/rfjakob/gocryptfs/v2/internal/exitcodes" ) -type StupidGCM struct{} - const ( // BuiltWithoutOpenssl indicates if openssl been disabled at compile-time BuiltWithoutOpenssl = true ) func errExit() { - fmt.Fprintln(os.Stderr, "gocryptfs has been compiled without openssl support but you are still trying to use openssl") + fmt.Fprintln(os.Stderr, "I have been compiled without openssl support but you are still trying to use openssl") os.Exit(exitcodes.OpenSSL) } -func New(_ []byte, _ bool) cipher.AEAD { +func NewAES256GCM(_ []byte, _ bool) cipher.AEAD { + errExit() + return nil +} + +func NewChacha20poly1305(_ []byte) cipher.AEAD { errExit() return nil } diff --git a/internal/stupidgcm/xchacha.go b/internal/stupidgcm/xchacha.go index deb6e2f..ca740e4 100644 --- a/internal/stupidgcm/xchacha.go +++ b/internal/stupidgcm/xchacha.go @@ -70,7 +70,7 @@ func (x *stupidXchacha20poly1305) Seal(dst, nonce, plaintext, additionalData []b } hKey, _ := chacha20.HChaCha20(x.key[:], nonce[0:16]) - c := NewChacha20poly1305(hKey) + c := NewChacha20poly1305(hKey).(*stupidChacha20poly1305) defer c.Wipe() // The first 4 bytes of the final nonce are unused counter space. @@ -95,7 +95,7 @@ func (x *stupidXchacha20poly1305) Open(dst, nonce, ciphertext, additionalData [] } hKey, _ := chacha20.HChaCha20(x.key[:], nonce[0:16]) - c := NewChacha20poly1305(hKey) + c := NewChacha20poly1305(hKey).(*stupidChacha20poly1305) defer c.Wipe() // The first 4 bytes of the final nonce are unused counter space. |