aboutsummaryrefslogtreecommitdiff
path: root/internal/cryptocore
diff options
context:
space:
mode:
Diffstat (limited to 'internal/cryptocore')
-rw-r--r--internal/cryptocore/cryptocore.go10
1 files changed, 8 insertions, 2 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index 1ad928d..aafe12b 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -72,7 +72,7 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
emeCipher = eme.New(emeBlockCipher)
}
- // Initilize an AEAD cipher for file content encryption.
+ // Initialize an AEAD cipher for file content encryption.
var aeadCipher cipher.AEAD
if aeadType == BackendOpenSSL || aeadType == BackendGoGCM {
gcmKey := key
@@ -84,7 +84,13 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
if IVLen != 16 {
log.Panic("stupidgcm only supports 128-bit IVs")
}
- aeadCipher = stupidgcm.New(gcmKey, forceDecode)
+ // stupidgcm does not create a private copy of the key, so things
+ // break when initFuseFrontend() overwrites it with zeros. Create
+ // a copy here. This is unneccessary when useHKDF == true, but
+ // does no harm.
+ var stupidgcmKey []byte
+ stupidgcmKey = append(stupidgcmKey, gcmKey...)
+ aeadCipher = stupidgcm.New(stupidgcmKey, forceDecode)
case BackendGoGCM:
goGcmBlockCipher, err := aes.NewCipher(gcmKey)
if err != nil {