2015-09-06 10:38:43 +02:00
|
|
|
package cryptfs
|
|
|
|
|
|
|
|
|
|
// Implements cipher.AEAD with OpenSSL backend
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"bytes"
|
|
|
|
|
"github.com/spacemonkeygo/openssl"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type opensslGCM struct {
|
2015-10-06 20:51:35 +02:00
|
|
|
key []byte
|
2015-09-06 10:38:43 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (be opensslGCM) Overhead() int {
|
|
|
|
|
return AUTH_TAG_LEN
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (be opensslGCM) NonceSize() int {
|
|
|
|
|
return NONCE_LEN
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Seal encrypts and authenticates plaintext, authenticates the
|
|
|
|
|
// additional data and appends the result to dst, returning the updated
|
|
|
|
|
// slice. The nonce must be NonceSize() bytes long and unique for all
|
|
|
|
|
// time, for a given key.
|
|
|
|
|
func (be opensslGCM) Seal(dst, nonce, plaintext, data []byte) []byte {
|
|
|
|
|
|
|
|
|
|
cipherBuf := bytes.NewBuffer(dst)
|
|
|
|
|
|
2015-10-06 20:51:35 +02:00
|
|
|
ectx, err := openssl.NewGCMEncryptionCipherCtx(KEY_LEN*8, nil, be.key, nonce)
|
2015-09-06 10:38:43 +02:00
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
2015-10-04 23:55:58 +02:00
|
|
|
err = ectx.ExtraData(data)
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
2015-09-06 10:38:43 +02:00
|
|
|
part, err := ectx.EncryptUpdate(plaintext)
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
|
|
|
|
cipherBuf.Write(part)
|
|
|
|
|
part, err = ectx.EncryptFinal()
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
|
|
|
|
cipherBuf.Write(part)
|
|
|
|
|
part, err = ectx.GetTag()
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
|
|
|
|
cipherBuf.Write(part)
|
|
|
|
|
|
|
|
|
|
return cipherBuf.Bytes()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Open decrypts and authenticates ciphertext, authenticates the
|
|
|
|
|
// additional data and, if successful, appends the resulting plaintext
|
|
|
|
|
// to dst, returning the updated slice. The nonce must be NonceSize()
|
|
|
|
|
// bytes long and both it and the additional data must match the
|
|
|
|
|
// value passed to Seal.
|
|
|
|
|
//
|
|
|
|
|
// The ciphertext and dst may alias exactly or not at all.
|
|
|
|
|
func (be opensslGCM) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) {
|
|
|
|
|
|
|
|
|
|
l := len(ciphertext)
|
2015-10-04 14:36:20 +02:00
|
|
|
tag := ciphertext[l-AUTH_TAG_LEN : l]
|
|
|
|
|
ciphertext = ciphertext[0 : l-AUTH_TAG_LEN]
|
2015-09-06 10:38:43 +02:00
|
|
|
plainBuf := bytes.NewBuffer(dst)
|
|
|
|
|
|
2015-10-06 20:51:35 +02:00
|
|
|
dctx, err := openssl.NewGCMDecryptionCipherCtx(KEY_LEN*8, nil, be.key, nonce)
|
2015-09-06 10:38:43 +02:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2015-10-06 22:27:37 +02:00
|
|
|
err = dctx.ExtraData(data)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2015-09-06 10:38:43 +02:00
|
|
|
part, err := dctx.DecryptUpdate(ciphertext)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
plainBuf.Write(part)
|
|
|
|
|
err = dctx.SetTag(tag)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
part, err = dctx.DecryptFinal()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
plainBuf.Write(part)
|
|
|
|
|
|
|
|
|
|
return plainBuf.Bytes(), nil
|
|
|
|
|
}
|
