stupidgcm: switch to pointer receivers
What the key slice does not get copied around will make it possible to check if the key has been wiped.
This commit is contained in:
Jakob Unterwurzacher
parent
a3694e0c07
commit
7e0fefe970
|
|
@ -29,6 +29,7 @@ type stupidGCM struct {
|
||||||
forceDecode bool
|
forceDecode bool
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Verify that we satisfy the cipher.AEAD interface
|
||||||
var _ cipher.AEAD = &stupidGCM{}
|
var _ cipher.AEAD = &stupidGCM{}
|
||||||
|
|
||||||
// New returns a new cipher.AEAD implementation..
|
// New returns a new cipher.AEAD implementation..
|
||||||
|
|
@ -36,19 +37,19 @@ func New(key []byte, forceDecode bool) cipher.AEAD {
|
||||||
if len(key) != keyLen {
|
if len(key) != keyLen {
|
||||||
log.Panicf("Only %d-byte keys are supported", keyLen)
|
log.Panicf("Only %d-byte keys are supported", keyLen)
|
||||||
}
|
}
|
||||||
return stupidGCM{key: key, forceDecode: forceDecode}
|
return &stupidGCM{key: key, forceDecode: forceDecode}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (g stupidGCM) NonceSize() int {
|
func (g *stupidGCM) NonceSize() int {
|
||||||
return ivLen
|
return ivLen
|
||||||
}
|
}
|
||||||
|
|
||||||
func (g stupidGCM) Overhead() int {
|
func (g *stupidGCM) Overhead() int {
|
||||||
return tagLen
|
return tagLen
|
||||||
}
|
}
|
||||||
|
|
||||||
// Seal encrypts "in" using "iv" and "authData" and append the result to "dst"
|
// Seal encrypts "in" using "iv" and "authData" and append the result to "dst"
|
||||||
func (g stupidGCM) Seal(dst, iv, in, authData []byte) []byte {
|
func (g *stupidGCM) Seal(dst, iv, in, authData []byte) []byte {
|
||||||
if len(iv) != ivLen {
|
if len(iv) != ivLen {
|
||||||
log.Panicf("Only %d-byte IVs are supported", ivLen)
|
log.Panicf("Only %d-byte IVs are supported", ivLen)
|
||||||
}
|
}
|
||||||
|
|
@ -132,7 +133,7 @@ func (g stupidGCM) Seal(dst, iv, in, authData []byte) []byte {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Open decrypts "in" using "iv" and "authData" and append the result to "dst"
|
// Open decrypts "in" using "iv" and "authData" and append the result to "dst"
|
||||||
func (g stupidGCM) Open(dst, iv, in, authData []byte) ([]byte, error) {
|
func (g *stupidGCM) Open(dst, iv, in, authData []byte) ([]byte, error) {
|
||||||
if len(iv) != ivLen {
|
if len(iv) != ivLen {
|
||||||
log.Panicf("Only %d-byte IVs are supported", ivLen)
|
log.Panicf("Only %d-byte IVs are supported", ivLen)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -21,28 +21,28 @@ func errExit() {
|
||||||
os.Exit(exitcodes.OpenSSL)
|
os.Exit(exitcodes.OpenSSL)
|
||||||
}
|
}
|
||||||
|
|
||||||
func New(_ []byte, _ bool) stupidGCM {
|
func New(_ []byte, _ bool) *stupidGCM {
|
||||||
errExit()
|
errExit()
|
||||||
// Never reached
|
// Never reached
|
||||||
return stupidGCM{}
|
return &stupidGCM{}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (g stupidGCM) NonceSize() int {
|
func (g *stupidGCM) NonceSize() int {
|
||||||
errExit()
|
errExit()
|
||||||
return -1
|
return -1
|
||||||
}
|
}
|
||||||
|
|
||||||
func (g stupidGCM) Overhead() int {
|
func (g *stupidGCM) Overhead() int {
|
||||||
errExit()
|
errExit()
|
||||||
return -1
|
return -1
|
||||||
}
|
}
|
||||||
|
|
||||||
func (g stupidGCM) Seal(_, _, _, _ []byte) []byte {
|
func (g *stupidGCM) Seal(_, _, _, _ []byte) []byte {
|
||||||
errExit()
|
errExit()
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (g stupidGCM) Open(_, _, _, _ []byte) ([]byte, error) {
|
func (g *stupidGCM) Open(_, _, _, _ []byte) ([]byte, error) {
|
||||||
errExit()
|
errExit()
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue