hardcoresushi
/
libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

cryptocore: rename "BackendTypeEnum" -> "AEADTypeEnum" 

There are two independent backends, one for name encryption,
the other one, AEAD, for file content.

"BackendTypeEnum" only applies to AEAD (file content), so make that
clear in the name.
This commit is contained in:
Jakob Unterwurzacher 2017-03-05 17:08:16 +01:00
parent e032539e2c
commit 874e4fb5e9
2 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
internal/cryptocore/cryptocore.go
View File

@ -15,8 +15,8 @@ import (
"github.com/rfjakob/gocryptfs/internal/stupidgcm" "github.com/rfjakob/gocryptfs/internal/stupidgcm"
) )
// BackendTypeEnum indicates the type of backend in use. // BackendTypeEnum indicates the type of AEAD backend in use.
type BackendTypeEnum int type AEADTypeEnum int
const ( const (
// KeyLen is the cipher key length in bytes. 32 for AES-256. // KeyLen is the cipher key length in bytes. 32 for AES-256.
@ -26,11 +26,11 @@ const (
_ = iota // Skip zero _ = iota // Skip zero
// BackendOpenSSL specifies the OpenSSL backend. // BackendOpenSSL specifies the OpenSSL backend.
BackendOpenSSL BackendTypeEnum = iota BackendOpenSSL AEADTypeEnum = iota
// BackendGoGCM specifies the Go based GCM backend. // BackendGoGCM specifies the Go based GCM backend.
BackendGoGCM BackendTypeEnum = iota BackendGoGCM AEADTypeEnum = iota
// BackendAESSIV specifies an AESSIV backend. // BackendAESSIV specifies an AESSIV backend.
BackendAESSIV BackendTypeEnum = iota BackendAESSIV AEADTypeEnum = iota
) )
// CryptoCore is the low level crypto implementation. // CryptoCore is the low level crypto implementation.
@ -40,7 +40,7 @@ type CryptoCore struct {
// GCM or AES-SIV. This is used for content encryption. // GCM or AES-SIV. This is used for content encryption.
AEADCipher cipher.AEAD AEADCipher cipher.AEAD
// Which backend is behind AEADCipher? // Which backend is behind AEADCipher?
AEADBackend BackendTypeEnum AEADBackend AEADTypeEnum
// GCM needs unique IVs (nonces) // GCM needs unique IVs (nonces)
IVGenerator *nonceGenerator IVGenerator *nonceGenerator
IVLen int IVLen int
@ -51,7 +51,7 @@ type CryptoCore struct {
// Even though the "GCMIV128" feature flag is now mandatory, we must still // Even though the "GCMIV128" feature flag is now mandatory, we must still
// support 96-bit IVs here because they are used for encrypting the master // support 96-bit IVs here because they are used for encrypting the master
// key in gocryptfs.conf. // key in gocryptfs.conf.
func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore { func New(key []byte, aeadType AEADTypeEnum, IVBitLen int) *CryptoCore {
if len(key) != KeyLen { if len(key) != KeyLen {
log.Panic(fmt.Sprintf("Unsupported key length %d", len(key))) log.Panic(fmt.Sprintf("Unsupported key length %d", len(key)))
} }
@ -67,7 +67,7 @@ func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore {
emeCipher := eme.New(blockCipher) emeCipher := eme.New(blockCipher)
var aeadCipher cipher.AEAD var aeadCipher cipher.AEAD
switch backend { switch aeadType {
case BackendOpenSSL: case BackendOpenSSL:
if IVLen != 16 { if IVLen != 16 {
log.Panic("stupidgcm only supports 128-bit IVs") log.Panic("stupidgcm only supports 128-bit IVs")
@ -95,7 +95,7 @@ func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore {
return &CryptoCore{ return &CryptoCore{
EMECipher: emeCipher, EMECipher: emeCipher,
AEADCipher: aeadCipher, AEADCipher: aeadCipher,
AEADBackend: backend, AEADBackend: aeadType,
IVGenerator: &nonceGenerator{nonceLen: IVLen}, IVGenerator: &nonceGenerator{nonceLen: IVLen},
IVLen: IVLen, IVLen: IVLen,
} }

2
internal/fusefrontend/args.go
View File

@ -8,7 +8,7 @@ import (
type Args struct { type Args struct {
Masterkey []byte Masterkey []byte
Cipherdir string Cipherdir string
CryptoBackend cryptocore.BackendTypeEnum CryptoBackend cryptocore.AEADTypeEnum
PlaintextNames bool PlaintextNames bool
LongNames bool LongNames bool
// Should we chown a file after it has been created? // Should we chown a file after it has been created?