From 5f726aaa9d95be30ecfcb61637df3ccc133bf2ea Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Tue, 20 Sep 2016 22:59:10 +0200 Subject: contentenc: add GCM-SIV support Also add ReverseDummyNonce nonce generation. --- internal/configfile/config_file.go | 7 +++++-- internal/configfile/config_test.go | 16 +++++++++++++++- 2 files changed, 20 insertions(+), 3 deletions(-) (limited to 'internal/configfile') diff --git a/internal/configfile/config_file.go b/internal/configfile/config_file.go index 178890b..b1504b4 100644 --- a/internal/configfile/config_file.go +++ b/internal/configfile/config_file.go @@ -45,7 +45,7 @@ type ConfFile struct { // CreateConfFile - create a new config with a random key encrypted with // "password" and write it to "filename". // Uses scrypt with cost parameter logN. -func CreateConfFile(filename string, password string, plaintextNames bool, logN int, creator string) error { +func CreateConfFile(filename string, password string, plaintextNames bool, logN int, creator string, reverse bool) error { var cf ConfFile cf.filename = filename cf.Creator = creator @@ -67,6 +67,9 @@ func CreateConfFile(filename string, password string, plaintextNames bool, logN cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagEMENames]) cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagLongNames]) } + if reverse { + cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagGCMSIV]) + } // Write file to disk return cf.WriteFile() @@ -165,7 +168,7 @@ func (cf *ConfFile) EncryptKey(key []byte, password string, logN int) { // Lock master key using password-based key cc := cryptocore.New(scryptHash, cryptocore.BackendGoGCM, 96) ce := contentenc.New(cc, 4096) - cf.EncryptedKey = ce.EncryptBlock(key, 0, nil) + cf.EncryptedKey = ce.EncryptBlock(key, 0, nil, contentenc.RandomNonce) } // WriteFile - write out config in JSON format to file "filename.tmp" diff --git a/internal/configfile/config_test.go b/internal/configfile/config_test.go index e34a3cd..72c25f6 100644 --- a/internal/configfile/config_test.go +++ b/internal/configfile/config_test.go @@ -60,7 +60,7 @@ func TestLoadV2StrangeFeature(t *testing.T) { } func TestCreateConfFile(t *testing.T) { - err := CreateConfFile("config_test/tmp.conf", "test", false, 10, "test") + err := CreateConfFile("config_test/tmp.conf", "test", false, 10, "test", false) if err != nil { t.Fatal(err) } @@ -71,6 +71,20 @@ func TestCreateConfFile(t *testing.T) { } +func TestCreateConfFileReverse(t *testing.T) { + err := CreateConfFile("config_test/tmp.conf", "test", false, 10, "test", true) + if err != nil { + t.Fatal(err) + } + _, c, err := LoadConfFile("config_test/tmp.conf", "test") + if err != nil { + t.Fatal(err) + } + if !c.IsFeatureFlagSet(FlagGCMSIV) { + t.Error("GCMSIV flag should be set but is not") + } +} + func TestIsFeatureFlagKnown(t *testing.T) { // Test a few hardcoded values testKnownFlags := []string{"DirIV", "PlaintextNames", "EMENames", "GCMIV128", "LongNames"} -- cgit v1.2.3