aboutsummaryrefslogtreecommitdiff
path: root/internal/cryptocore
diff options
context:
space:
mode:
Diffstat (limited to 'internal/cryptocore')
-rw-r--r--internal/cryptocore/cryptocore.go13
-rw-r--r--internal/cryptocore/nonce.go5
2 files changed, 10 insertions, 8 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index db82f56..13b278f 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -7,6 +7,7 @@ import (
"crypto/cipher"
"crypto/sha512"
"fmt"
+ "log"
"github.com/rfjakob/gocryptfs/internal/siv_aead"
"github.com/rfjakob/gocryptfs/internal/stupidgcm"
@@ -50,7 +51,7 @@ type CryptoCore struct {
// key in gocryptfs.conf.
func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore {
if len(key) != KeyLen {
- panic(fmt.Sprintf("Unsupported key length %d", len(key)))
+ log.Panic(fmt.Sprintf("Unsupported key length %d", len(key)))
}
// We want the IV size in bytes
IVLen := IVBitLen / 8
@@ -59,14 +60,14 @@ func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore {
// Content encryption uses BlockCipher only if useOpenssl=false.
blockCipher, err := aes.NewCipher(key)
if err != nil {
- panic(err)
+ log.Panic(err)
}
var aeadCipher cipher.AEAD
switch backend {
case BackendOpenSSL:
if IVLen != 16 {
- panic("stupidgcm only supports 128-bit IVs")
+ log.Panic("stupidgcm only supports 128-bit IVs")
}
aeadCipher = stupidgcm.New(key)
case BackendGoGCM:
@@ -74,7 +75,7 @@ func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore {
case BackendAESSIV:
if IVLen != 16 {
// SIV supports any nonce size, but we only use 16.
- panic("AES-SIV must use 16-byte nonces")
+ log.Panic("AES-SIV must use 16-byte nonces")
}
// AES-SIV uses 1/2 of the key for authentication, 1/2 for
// encryption, so we need a 64-bytes key for AES-256. Derive it from
@@ -82,10 +83,10 @@ func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore {
key64 := sha512.Sum512(key)
aeadCipher = siv_aead.New(key64[:])
default:
- panic("unknown backend cipher")
+ log.Panic("unknown backend cipher")
}
if err != nil {
- panic(err)
+ log.Panic(err)
}
return &CryptoCore{
diff --git a/internal/cryptocore/nonce.go b/internal/cryptocore/nonce.go
index 973d2d8..3f56cc9 100644
--- a/internal/cryptocore/nonce.go
+++ b/internal/cryptocore/nonce.go
@@ -6,6 +6,7 @@ import (
"encoding/binary"
"encoding/hex"
"fmt"
+ "log"
"github.com/rfjakob/gocryptfs/internal/tlog"
)
@@ -15,7 +16,7 @@ func RandBytes(n int) []byte {
b := make([]byte, n)
_, err := rand.Read(b)
if err != nil {
- panic("Failed to read random bytes: " + err.Error())
+ log.Panic("Failed to read random bytes: " + err.Error())
}
return b
}
@@ -37,7 +38,7 @@ func (n *nonceGenerator) Get() []byte {
tlog.Debug.Printf("nonceGenerator.Get(): %s\n", hex.EncodeToString(nonce))
if bytes.Equal(nonce, n.lastNonce) {
m := fmt.Sprintf("Got the same nonce twice: %s. This should never happen!", hex.EncodeToString(nonce))
- panic(m)
+ log.Panic(m)
}
n.lastNonce = nonce
return nonce