From 4764a9bde093f6b61d0370653c6c9d12949ed145 Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Sat, 21 Aug 2021 12:08:37 +0200 Subject: Add partial XChaCha20-Poly1305 support (mount flag only) Mount flag only at the moment, not saved to gocryptfs.conf. https://github.com/rfjakob/gocryptfs/issues/452 --- mount.go | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'mount.go') diff --git a/mount.go b/mount.go index 810f008..f8347f1 100644 --- a/mount.go +++ b/mount.go @@ -19,6 +19,8 @@ import ( "syscall" "time" + "golang.org/x/crypto/chacha20poly1305" + "github.com/hanwen/go-fuse/v2/fs" "github.com/hanwen/go-fuse/v2/fuse" @@ -249,12 +251,17 @@ func initFuseFrontend(args *argContainer) (rootNode fs.InodeEmbedder, wipeKeys f // Reconciliate CLI and config file arguments into a fusefrontend.Args struct // that is passed to the filesystem implementation cryptoBackend := cryptocore.BackendGoGCM + IVBits := contentenc.DefaultIVBits if args.openssl { cryptoBackend = cryptocore.BackendOpenSSL } if args.aessiv { cryptoBackend = cryptocore.BackendAESSIV } + if args.xchacha { + cryptoBackend = cryptocore.BackendXChaCha20Poly1305 + IVBits = chacha20poly1305.NonceSizeX * 8 + } // forceOwner implies allow_other, as documented. // Set this early, so args.allow_other can be relied on below this point. if args._forceOwner != nil { @@ -287,10 +294,23 @@ func initFuseFrontend(args *argContainer) (rootNode fs.InodeEmbedder, wipeKeys f args.hkdf = confFile.IsFeatureFlagSet(configfile.FlagHKDF) if confFile.IsFeatureFlagSet(configfile.FlagAESSIV) { cryptoBackend = cryptocore.BackendAESSIV + IVBits = contentenc.DefaultIVBits } else if args.reverse { tlog.Fatal.Printf("AES-SIV is required by reverse mode, but not enabled in the config file") os.Exit(exitcodes.Usage) } + if confFile.IsFeatureFlagSet(configfile.FlagXChaCha20Poly1305) { + cryptoBackend = cryptocore.BackendXChaCha20Poly1305 + IVBits = chacha20poly1305.NonceSizeX * 8 + } + // If neither AES-SIV nor XChaCha are selected, we must be using AES-GCM + if !confFile.IsFeatureFlagSet(configfile.FlagAESSIV) && !confFile.IsFeatureFlagSet(configfile.FlagXChaCha20Poly1305) { + cryptoBackend = cryptocore.BackendGoGCM + if args.openssl { + cryptoBackend = cryptocore.BackendOpenSSL + } + IVBits = contentenc.DefaultIVBits + } } // If allow_other is set and we run as root, try to give newly created files to // the right user. @@ -299,7 +319,7 @@ func initFuseFrontend(args *argContainer) (rootNode fs.InodeEmbedder, wipeKeys f } // Init crypto backend - cCore := cryptocore.New(masterkey, cryptoBackend, contentenc.DefaultIVBits, args.hkdf, args.forcedecode) + cCore := cryptocore.New(masterkey, cryptoBackend, IVBits, args.hkdf, args.forcedecode) cEnc := contentenc.New(cCore, contentenc.DefaultBS, args.forcedecode) nameTransform := nametransform.New(cCore.EMECipher, frontendArgs.LongNames, args.raw64, []string(args.badname), frontendArgs.DeterministicNames) -- cgit v1.2.3