aboutsummaryrefslogtreecommitdiff
path: root/internal/cryptocore
diff options
context:
space:
mode:
Diffstat (limited to 'internal/cryptocore')
-rw-r--r--internal/cryptocore/cryptocore.go17
-rw-r--r--internal/cryptocore/nonce.go4
2 files changed, 14 insertions, 7 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index 05c0704..7cb5c95 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -12,18 +12,25 @@ import (
"github.com/rfjakob/gocryptfs/internal/stupidgcm"
)
+// BackendTypeEnum indicates the type of backend in use.
type BackendTypeEnum int
const (
- KeyLen = 32 // AES-256
+ // KeyLen is the cipher key length in bytes. 32 for AES-256.
+ KeyLen = 32
+ // AuthTagLen is the length of a GCM auth tag in bytes.
AuthTagLen = 16
- _ = iota // Skip zero
+ _ = iota // Skip zero
+ // BackendOpenSSL specifies the OpenSSL backend.
BackendOpenSSL BackendTypeEnum = iota
- BackendGoGCM BackendTypeEnum = iota
- BackendAESSIV BackendTypeEnum = iota
+ // BackendGoGCM specifies the Go based GCM backend.
+ BackendGoGCM BackendTypeEnum = iota
+ // BackendAESSIV specifies an AESSIV backend.
+ BackendAESSIV BackendTypeEnum = iota
)
+// CryptoCore is the low level crypto implementation.
type CryptoCore struct {
// AES-256 block cipher. This is used for EME filename encryption.
BlockCipher cipher.Block
@@ -36,7 +43,7 @@ type CryptoCore struct {
IVLen int
}
-// "New" returns a new CryptoCore object or panics.
+// New returns a new CryptoCore object or panics.
//
// Even though the "GCMIV128" feature flag is now mandatory, we must still
// support 96-bit IVs here because they are used for encrypting the master
diff --git a/internal/cryptocore/nonce.go b/internal/cryptocore/nonce.go
index 6b0c31d..973d2d8 100644
--- a/internal/cryptocore/nonce.go
+++ b/internal/cryptocore/nonce.go
@@ -10,7 +10,7 @@ import (
"github.com/rfjakob/gocryptfs/internal/tlog"
)
-// Get "n" random bytes from /dev/urandom or panic
+// RandBytes gets "n" random bytes from /dev/urandom or panics
func RandBytes(n int) []byte {
b := make([]byte, n)
_, err := rand.Read(b)
@@ -20,7 +20,7 @@ func RandBytes(n int) []byte {
return b
}
-// Return a secure random uint64
+// RandUint64 returns a secure random uint64
func RandUint64() uint64 {
b := RandBytes(8)
return binary.BigEndian.Uint64(b)