2015-09-03 18:57:28 +02:00
|
|
|
package cryptfs
|
2015-09-03 18:22:18 +02:00
|
|
|
|
2015-09-05 20:30:20 +02:00
|
|
|
// CryptFS is the crypto backend of GoCryptFS
|
|
|
|
|
|
2015-09-03 18:22:18 +02:00
|
|
|
import (
|
2015-09-03 18:57:28 +02:00
|
|
|
"crypto/cipher"
|
|
|
|
|
"crypto/aes"
|
2015-09-03 18:22:18 +02:00
|
|
|
)
|
|
|
|
|
|
2015-09-03 18:57:28 +02:00
|
|
|
const (
|
|
|
|
|
NONCE_LEN = 12
|
|
|
|
|
AUTH_TAG_LEN = 16
|
|
|
|
|
DEFAULT_PLAINBS = 4096
|
|
|
|
|
)
|
|
|
|
|
|
2015-09-04 20:31:06 +02:00
|
|
|
type CryptFS struct {
|
2015-09-03 18:57:28 +02:00
|
|
|
blockCipher cipher.Block
|
|
|
|
|
gcm cipher.AEAD
|
2015-09-05 20:11:20 +02:00
|
|
|
plainBS uint64
|
|
|
|
|
cipherBS uint64
|
2015-09-03 18:57:28 +02:00
|
|
|
}
|
|
|
|
|
|
2015-09-06 10:38:43 +02:00
|
|
|
func NewCryptFS(key [16]byte, useOpenssl bool) *CryptFS {
|
2015-09-03 18:57:28 +02:00
|
|
|
|
|
|
|
|
b, err := aes.NewCipher(key[:])
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-06 10:38:43 +02:00
|
|
|
var gcm cipher.AEAD
|
|
|
|
|
if useOpenssl {
|
|
|
|
|
gcm = opensslGCM{key}
|
|
|
|
|
} else {
|
|
|
|
|
gcm, err = cipher.NewGCM(b)
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
2015-09-03 18:57:28 +02:00
|
|
|
}
|
|
|
|
|
|
2015-09-04 20:31:06 +02:00
|
|
|
return &CryptFS{
|
2015-09-03 18:57:28 +02:00
|
|
|
blockCipher: b,
|
2015-09-06 10:38:43 +02:00
|
|
|
gcm: gcm,
|
2015-09-03 18:57:28 +02:00
|
|
|
plainBS: DEFAULT_PLAINBS,
|
|
|
|
|
cipherBS: DEFAULT_PLAINBS + NONCE_LEN + AUTH_TAG_LEN,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-05 20:11:20 +02:00
|
|
|
func (be *CryptFS) PlainBS() uint64 {
|
2015-09-05 19:07:20 +02:00
|
|
|
return be.plainBS
|
|
|
|
|
}
|
