hardcoresushi/libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

openssl AEAD wrapper: handle authenticated data

Browse Source
This commit is contained in:
Jakob Unterwurzacher 2015-10-04 23:55:58 +02:00
parent e6b7353f4e
commit 53ecebc71e
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cryptfs/openssl_aead.go
View File

@ -23,8 +23,6 @@ func (be opensslGCM) NonceSize() int {
// additional data and appends the result to dst, returning the updated
// slice. The nonce must be NonceSize() bytes long and unique for all
// time, for a given key.
//
// The plaintext and dst may alias exactly or not at all.
func (be opensslGCM) Seal(dst, nonce, plaintext, data []byte) []byte {
cipherBuf := bytes.NewBuffer(dst)
@ -33,6 +31,10 @@ func (be opensslGCM) Seal(dst, nonce, plaintext, data []byte) []byte {
if err != nil {
panic(err)
}
err = ectx.ExtraData(data)
if err != nil {
panic(err)
}
part, err := ectx.EncryptUpdate(plaintext)
if err != nil {
panic(err)
@ -88,6 +90,10 @@ func (be opensslGCM) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) {
return nil, err
}
plainBuf.Write(part)
err = dctx.ExtraData(data)
if err != nil {
return nil, err
}
return plainBuf.Bytes(), nil
}