From 39f3a24484ffc343d2d5225d5c419082aabb9baa Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Wed, 4 May 2016 19:09:14 +0200 Subject: stupidgcm: completely replace spacemonkeygo/openssl --- internal/cryptocore/cryptocore.go | 7 +- internal/cryptocore/openssl_aead.go | 100 ----------------------------- internal/cryptocore/openssl_benchmark.bash | 3 - internal/cryptocore/openssl_test.go | 75 ---------------------- 4 files changed, 5 insertions(+), 180 deletions(-) delete mode 100644 internal/cryptocore/openssl_aead.go delete mode 100755 internal/cryptocore/openssl_benchmark.bash delete mode 100644 internal/cryptocore/openssl_test.go (limited to 'internal') diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go index f286896..7e7f099 100644 --- a/internal/cryptocore/cryptocore.go +++ b/internal/cryptocore/cryptocore.go @@ -4,6 +4,8 @@ import ( "crypto/aes" "crypto/cipher" "fmt" + + "github.com/rfjakob/gocryptfs/internal/stupidgcm" ) const ( @@ -39,8 +41,9 @@ func New(key []byte, useOpenssl bool, GCMIV128 bool) *CryptoCore { } var gcm cipher.AEAD - if useOpenssl { - gcm = opensslGCM{key} + if useOpenssl && GCMIV128 { + // stupidgcm only supports 128-bit IVs + gcm = stupidgcm.New(key) } else { gcm, err = goGCMWrapper(blockCipher, IVLen) if err != nil { diff --git a/internal/cryptocore/openssl_aead.go b/internal/cryptocore/openssl_aead.go deleted file mode 100644 index d4ed64b..0000000 --- a/internal/cryptocore/openssl_aead.go +++ /dev/null @@ -1,100 +0,0 @@ -package cryptocore - -// Implements cipher.AEAD with OpenSSL backend - -import ( - "bytes" - "github.com/spacemonkeygo/openssl" -) - -// Supports all nonce sizes -type opensslGCM struct { - key []byte -} - -func (be opensslGCM) Overhead() int { - return AuthTagLen -} - -func (be opensslGCM) NonceSize() int { - // We support any nonce size - return -1 -} - -// Seal encrypts and authenticates plaintext, authenticates the -// additional data and appends the result to dst, returning the updated -// slice. opensslGCM supports any nonce size. -func (be opensslGCM) Seal(dst, nonce, plaintext, data []byte) []byte { - - // Preallocate output buffer - var cipherBuf bytes.Buffer - cipherBuf.Grow(len(dst) + len(plaintext) + AuthTagLen) - // Output will be appended to dst - cipherBuf.Write(dst) - - ectx, err := openssl.NewGCMEncryptionCipherCtx(KeyLen*8, nil, be.key, nonce) - if err != nil { - panic(err) - } - err = ectx.ExtraData(data) - if err != nil { - panic(err) - } - part, err := ectx.EncryptUpdate(plaintext) - if err != nil { - panic(err) - } - cipherBuf.Write(part) - part, err = ectx.EncryptFinal() - if err != nil { - panic(err) - } - cipherBuf.Write(part) - part, err = ectx.GetTag() - if err != nil { - panic(err) - } - cipherBuf.Write(part) - - return cipherBuf.Bytes() -} - -// Open decrypts and authenticates ciphertext, authenticates the -// additional data and, if successful, appends the resulting plaintext -// to dst, returning the updated slice. The nonce must be NonceSize() -// bytes long and both it and the additional data must match the -// value passed to Seal. -// -// The ciphertext and dst may alias exactly or not at all. -func (be opensslGCM) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) { - - l := len(ciphertext) - tag := ciphertext[l-AuthTagLen : l] - ciphertext = ciphertext[0 : l-AuthTagLen] - plainBuf := bytes.NewBuffer(dst) - - dctx, err := openssl.NewGCMDecryptionCipherCtx(KeyLen*8, nil, be.key, nonce) - if err != nil { - return nil, err - } - err = dctx.ExtraData(data) - if err != nil { - return nil, err - } - part, err := dctx.DecryptUpdate(ciphertext) - if err != nil { - return nil, err - } - plainBuf.Write(part) - err = dctx.SetTag(tag) - if err != nil { - return nil, err - } - part, err = dctx.DecryptFinal() - if err != nil { - return nil, err - } - plainBuf.Write(part) - - return plainBuf.Bytes(), nil -} diff --git a/internal/cryptocore/openssl_benchmark.bash b/internal/cryptocore/openssl_benchmark.bash deleted file mode 100755 index df29628..0000000 --- a/internal/cryptocore/openssl_benchmark.bash +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash - -go test -run NONE -bench BenchmarkEnc diff --git a/internal/cryptocore/openssl_test.go b/internal/cryptocore/openssl_test.go deleted file mode 100644 index 94b696a..0000000 --- a/internal/cryptocore/openssl_test.go +++ /dev/null @@ -1,75 +0,0 @@ -package cryptocore - -// Benchmark go built-int GCM against spacemonkey openssl bindings -// -// Note: The benchmarks in this file supersede the ones in the openssl_benchmark -// directory as they use the same code paths that gocryptfs actually uses. -// -// Run benchmark: -// go test -bench Enc - -import ( - "crypto/aes" - "testing" -) - -func benchmarkGoEnc(b *testing.B, plaintext []byte, key []byte, nonce []byte) (ciphertext []byte) { - b.SetBytes(int64(len(plaintext))) - aes, err := aes.NewCipher(key[:]) - if err != nil { - b.Fatal(err) - } - aesgcm, err := goGCMWrapper(aes, len(nonce)) - if err != nil { - b.Fatal(err) - } - // This would be fileID + blockNo - aData := make([]byte, 24) - b.ResetTimer() - for i := 0; i < b.N; i++ { - // Encrypt plaintext and append to nonce - ciphertext = aesgcm.Seal(nonce, nonce, plaintext, aData) - } - return ciphertext -} - -func benchmarkOpensslEnc(b *testing.B, plaintext []byte, key []byte, nonce []byte) (ciphertext []byte) { - b.SetBytes(int64(len(plaintext))) - var aesgcm opensslGCM - aesgcm.key = key - // This would be fileID + blockNo - aData := make([]byte, 24) - for i := 0; i < b.N; i++ { - // Encrypt plaintext and append to nonce - ciphertext = aesgcm.Seal(nonce, nonce, plaintext, aData) - } - return ciphertext -} - -func BenchmarkEnc_Go_4k_AES256_nonce96(b *testing.B) { - plaintext := make([]byte, 4048) - key := make([]byte, 256/8) - nonce := make([]byte, 96/8) - benchmarkGoEnc(b, plaintext, key, nonce) -} - -func BenchmarkEnc_Go_4k_AES256_nonce128(b *testing.B) { - plaintext := make([]byte, 4048) - key := make([]byte, 256/8) - nonce := make([]byte, 128/8) - benchmarkGoEnc(b, plaintext, key, nonce) -} - -func BenchmarkEnc_OpenSSL_4k_AES256_nonce96(b *testing.B) { - plaintext := make([]byte, 4048) - key := make([]byte, 256/8) - nonce := make([]byte, 96/8) - benchmarkOpensslEnc(b, plaintext, key, nonce) -} - -func BenchmarkEnc_OpenSSL_4k_AES256_nonce128(b *testing.B) { - plaintext := make([]byte, 4048) - key := make([]byte, 256/8) - nonce := make([]byte, 96/8) - benchmarkOpensslEnc(b, plaintext, key, nonce) -} -- cgit v1.2.3