From db1824a23ac8e47cda714796e55cf6927b0cbecc Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Tue, 28 Sep 2021 17:45:26 +0200 Subject: cryptocore: disentangle algorithm / library implementation name Used in gocryptfs-xray, and will also be used in -info. --- gocryptfs-xray/xray_main.go | 2 +- gocryptfs-xray/xray_tests/aesgcm_fs.xray.txt | 2 +- gocryptfs-xray/xray_tests/aessiv_fs.xray.txt | 2 +- internal/cryptocore/cryptocore.go | 24 ++++++++++++++++-------- internal/speed/speed.go | 10 +++++----- 5 files changed, 24 insertions(+), 16 deletions(-) diff --git a/gocryptfs-xray/xray_main.go b/gocryptfs-xray/xray_main.go index 8abd008..35f409f 100644 --- a/gocryptfs-xray/xray_main.go +++ b/gocryptfs-xray/xray_main.go @@ -39,7 +39,7 @@ func errExit(err error) { func prettyPrintHeader(h *contentenc.FileHeader, algo cryptocore.AEADTypeEnum) { id := hex.EncodeToString(h.ID) - fmt.Printf("Header: Version: %d, Id: %s, assuming %s mode\n", h.Version, id, algo.Name) + fmt.Printf("Header: Version: %d, Id: %s, assuming %s mode\n", h.Version, id, algo.Algo) } // printVersion prints a version string like this: diff --git a/gocryptfs-xray/xray_tests/aesgcm_fs.xray.txt b/gocryptfs-xray/xray_tests/aesgcm_fs.xray.txt index 386095c..a761264 100644 --- a/gocryptfs-xray/xray_tests/aesgcm_fs.xray.txt +++ b/gocryptfs-xray/xray_tests/aesgcm_fs.xray.txt @@ -1,3 +1,3 @@ -Header: Version: 2, Id: 8932adf303fe0289679d47fa84d2b241, assuming AES-GCM-256-Go mode +Header: Version: 2, Id: 8932adf303fe0289679d47fa84d2b241, assuming AES-GCM-256 mode Block 0: IV: c8536b4bfd92f5dc3c1e2ac29f116d4a, Tag: 22b20422749b2f4bba67ec7d3bb1ac34, Offset: 18 Len: 4128 Block 1: IV: 2de68f4965779bb137ef2b3c20453556, Tag: 3e8758d6872234b1fffab2504e623467, Offset: 4146 Len: 936 diff --git a/gocryptfs-xray/xray_tests/aessiv_fs.xray.txt b/gocryptfs-xray/xray_tests/aessiv_fs.xray.txt index 481b22a..e2ecb33 100644 --- a/gocryptfs-xray/xray_tests/aessiv_fs.xray.txt +++ b/gocryptfs-xray/xray_tests/aessiv_fs.xray.txt @@ -1,3 +1,3 @@ -Header: Version: 2, Id: d839806747918e345633fcdd0988e67c, assuming AES-SIV-512-Go mode +Header: Version: 2, Id: d839806747918e345633fcdd0988e67c, assuming AES-SIV-512 mode Block 0: IV: 1d3ce2b13260f83766ccf9a670478a4b, Tag: 0b6f95bd523b4c93704e15ecc6bef8e7, Offset: 18 Len: 4128 Block 1: IV: 7eb947d2adf18adf3bed39bbc8052968, Tag: 1a272903e5a987f53f07344840387c20, Offset: 4146 Len: 936 diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go index 48386f8..36c9d93 100644 --- a/internal/cryptocore/cryptocore.go +++ b/internal/cryptocore/cryptocore.go @@ -28,28 +28,36 @@ const ( // AEADTypeEnum indicates the type of AEAD backend in use. type AEADTypeEnum struct { - Name string + // Algo is the encryption algorithm. Example: "AES-GCM-256" + Algo string + // Lib is the library where Algo is implemented. Either "Go" or "OpenSSL". + Lib string NonceSize int } +// String returns something like "AES-GCM-256-OpenSSL" +func (a AEADTypeEnum) String() string { + return a.Algo + "-" + a.Lib +} + // BackendOpenSSL specifies the OpenSSL AES-256-GCM backend. // "AES-GCM-256-OpenSSL" in gocryptfs -speed. -var BackendOpenSSL AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-OpenSSL", 16} +var BackendOpenSSL AEADTypeEnum = AEADTypeEnum{"AES-GCM-256", "OpenSSL", 16} // BackendGoGCM specifies the Go based AES-256-GCM backend. // "AES-GCM-256-Go" in gocryptfs -speed. -var BackendGoGCM AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-Go", 16} +var BackendGoGCM AEADTypeEnum = AEADTypeEnum{"AES-GCM-256", "Go", 16} // BackendAESSIV specifies an AESSIV backend. // "AES-SIV-512-Go" in gocryptfs -speed. -var BackendAESSIV AEADTypeEnum = AEADTypeEnum{"AES-SIV-512-Go", siv_aead.NonceSize} +var BackendAESSIV AEADTypeEnum = AEADTypeEnum{"AES-SIV-512", "Go", siv_aead.NonceSize} // BackendXChaCha20Poly1305 specifies XChaCha20-Poly1305-Go. // "XChaCha20-Poly1305-Go" in gocryptfs -speed. -var BackendXChaCha20Poly1305 AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305-Go", chacha20poly1305.NonceSizeX} +var BackendXChaCha20Poly1305 AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305", "Go", chacha20poly1305.NonceSizeX} // BackendXChaCha20Poly1305OpenSSL specifies XChaCha20-Poly1305-OpenSSL. -var BackendXChaCha20Poly1305OpenSSL AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305-OpenSSL", chacha20poly1305.NonceSizeX} +var BackendXChaCha20Poly1305OpenSSL AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305", "OpenSSL", chacha20poly1305.NonceSizeX} // CryptoCore is the low level crypto implementation. type CryptoCore struct { @@ -176,7 +184,7 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool) *CryptoC log.Panic(err) } } else { - log.Panicf("unknown cipher backend %q", aeadType.Name) + log.Panicf("unknown cipher backend %q", aeadType) } if aeadCipher.NonceSize()*8 != IVBitLen { @@ -205,7 +213,7 @@ type wiper interface { func (c *CryptoCore) Wipe() { be := c.AEADBackend if be == BackendOpenSSL || be == BackendAESSIV { - tlog.Debug.Printf("CryptoCore.Wipe: Wiping AEADBackend %s key", be.Name) + tlog.Debug.Printf("CryptoCore.Wipe: Wiping AEADBackend %q key", be) // We don't use "x, ok :=" because we *want* to crash loudly if the // type assertion fails. w := c.AEADCipher.(wiper) diff --git a/internal/speed/speed.go b/internal/speed/speed.go index 0b1a51a..aef3ad6 100644 --- a/internal/speed/speed.go +++ b/internal/speed/speed.go @@ -42,11 +42,11 @@ func Run() { f func(*testing.B) preferred bool }{ - {name: cryptocore.BackendOpenSSL.Name, f: bStupidGCM, preferred: stupidgcm.PreferOpenSSLAES256GCM()}, - {name: cryptocore.BackendGoGCM.Name, f: bGoGCM, preferred: !stupidgcm.PreferOpenSSLAES256GCM()}, - {name: cryptocore.BackendAESSIV.Name, f: bAESSIV, preferred: false}, - {name: cryptocore.BackendXChaCha20Poly1305OpenSSL.Name, f: bStupidXchacha, preferred: stupidgcm.PreferOpenSSLXchacha20poly1305()}, - {name: cryptocore.BackendXChaCha20Poly1305.Name, f: bXchacha20poly1305, preferred: !stupidgcm.PreferOpenSSLXchacha20poly1305()}, + {name: cryptocore.BackendOpenSSL.String(), f: bStupidGCM, preferred: stupidgcm.PreferOpenSSLAES256GCM()}, + {name: cryptocore.BackendGoGCM.String(), f: bGoGCM, preferred: !stupidgcm.PreferOpenSSLAES256GCM()}, + {name: cryptocore.BackendAESSIV.String(), f: bAESSIV, preferred: false}, + {name: cryptocore.BackendXChaCha20Poly1305OpenSSL.String(), f: bStupidXchacha, preferred: stupidgcm.PreferOpenSSLXchacha20poly1305()}, + {name: cryptocore.BackendXChaCha20Poly1305.String(), f: bXchacha20poly1305, preferred: !stupidgcm.PreferOpenSSLXchacha20poly1305()}, } for _, b := range bTable { fmt.Printf("%-26s\t", b.name) -- cgit v1.2.3