Make -openssl also apply to xchacha
Now that stupidgcm supports xchacha, make it available on mount.
This commit is contained in:
parent
1a58667293
commit
94e8004b6c
|
@ -253,7 +253,11 @@ func parseCliOpts(osArgs []string) (args argContainer) {
|
||||||
}
|
}
|
||||||
// "-openssl" needs some post-processing
|
// "-openssl" needs some post-processing
|
||||||
if opensslAuto == "auto" {
|
if opensslAuto == "auto" {
|
||||||
args.openssl = stupidgcm.PreferOpenSSLAES256GCM()
|
if args.xchacha {
|
||||||
|
args.openssl = stupidgcm.PreferOpenSSLXchacha20poly1305()
|
||||||
|
} else {
|
||||||
|
args.openssl = stupidgcm.PreferOpenSSLAES256GCM()
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
args.openssl, err = strconv.ParseBool(opensslAuto)
|
args.openssl, err = strconv.ParseBool(opensslAuto)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -32,11 +32,11 @@ type AEADTypeEnum struct {
|
||||||
NonceSize int
|
NonceSize int
|
||||||
}
|
}
|
||||||
|
|
||||||
// BackendOpenSSL specifies the OpenSSL backend.
|
// BackendOpenSSL specifies the OpenSSL AES-256-GCM backend.
|
||||||
// "AES-GCM-256-OpenSSL" in gocryptfs -speed.
|
// "AES-GCM-256-OpenSSL" in gocryptfs -speed.
|
||||||
var BackendOpenSSL AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-OpenSSL", 16}
|
var BackendOpenSSL AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-OpenSSL", 16}
|
||||||
|
|
||||||
// BackendGoGCM specifies the Go based GCM backend.
|
// BackendGoGCM specifies the Go based AES-256-GCM backend.
|
||||||
// "AES-GCM-256-Go" in gocryptfs -speed.
|
// "AES-GCM-256-Go" in gocryptfs -speed.
|
||||||
var BackendGoGCM AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-Go", 16}
|
var BackendGoGCM AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-Go", 16}
|
||||||
|
|
||||||
|
@ -130,6 +130,8 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Panic(err)
|
log.Panic(err)
|
||||||
}
|
}
|
||||||
|
default:
|
||||||
|
log.Panicf("BUG: unhandled case: %v", aeadType)
|
||||||
}
|
}
|
||||||
for i := range gcmKey {
|
for i := range gcmKey {
|
||||||
gcmKey[i] = 0
|
gcmKey[i] = 0
|
||||||
|
@ -154,7 +156,7 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
|
||||||
for i := range key64 {
|
for i := range key64 {
|
||||||
key64[i] = 0
|
key64[i] = 0
|
||||||
}
|
}
|
||||||
} else if aeadType == BackendXChaCha20Poly1305 {
|
} else if aeadType == BackendXChaCha20Poly1305 || aeadType == BackendXChaCha20Poly1305OpenSSL {
|
||||||
// We don't support legacy modes with XChaCha20-Poly1305
|
// We don't support legacy modes with XChaCha20-Poly1305
|
||||||
if IVBitLen != chacha20poly1305.NonceSizeX*8 {
|
if IVBitLen != chacha20poly1305.NonceSizeX*8 {
|
||||||
log.Panicf("XChaCha20-Poly1305 must use 192-bit IVs, you wanted %d", IVBitLen)
|
log.Panicf("XChaCha20-Poly1305 must use 192-bit IVs, you wanted %d", IVBitLen)
|
||||||
|
@ -163,7 +165,13 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
|
||||||
log.Panic("XChaCha20-Poly1305 must use HKDF, but it is disabled")
|
log.Panic("XChaCha20-Poly1305 must use HKDF, but it is disabled")
|
||||||
}
|
}
|
||||||
derivedKey := hkdfDerive(key, hkdfInfoXChaChaPoly1305Content, chacha20poly1305.KeySize)
|
derivedKey := hkdfDerive(key, hkdfInfoXChaChaPoly1305Content, chacha20poly1305.KeySize)
|
||||||
aeadCipher, err = chacha20poly1305.NewX(derivedKey)
|
if aeadType == BackendXChaCha20Poly1305 {
|
||||||
|
aeadCipher, err = chacha20poly1305.NewX(derivedKey)
|
||||||
|
} else if aeadType == BackendXChaCha20Poly1305OpenSSL {
|
||||||
|
aeadCipher = stupidgcm.NewXchacha20poly1305(derivedKey)
|
||||||
|
} else {
|
||||||
|
log.Panicf("BUG: unhandled case: %v", aeadType)
|
||||||
|
}
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Panic(err)
|
log.Panic(err)
|
||||||
}
|
}
|
||||||
|
|
17
mount.go
17
mount.go
|
@ -259,7 +259,11 @@ func initFuseFrontend(args *argContainer) (rootNode fs.InodeEmbedder, wipeKeys f
|
||||||
cryptoBackend = cryptocore.BackendAESSIV
|
cryptoBackend = cryptocore.BackendAESSIV
|
||||||
}
|
}
|
||||||
if args.xchacha {
|
if args.xchacha {
|
||||||
cryptoBackend = cryptocore.BackendXChaCha20Poly1305
|
if args.openssl {
|
||||||
|
cryptoBackend = cryptocore.BackendXChaCha20Poly1305OpenSSL
|
||||||
|
} else {
|
||||||
|
cryptoBackend = cryptocore.BackendXChaCha20Poly1305
|
||||||
|
}
|
||||||
IVBits = chacha20poly1305.NonceSizeX * 8
|
IVBits = chacha20poly1305.NonceSizeX * 8
|
||||||
}
|
}
|
||||||
// forceOwner implies allow_other, as documented.
|
// forceOwner implies allow_other, as documented.
|
||||||
|
@ -291,6 +295,7 @@ func initFuseFrontend(args *argContainer) (rootNode fs.InodeEmbedder, wipeKeys f
|
||||||
frontendArgs.DeterministicNames = !confFile.IsFeatureFlagSet(configfile.FlagDirIV)
|
frontendArgs.DeterministicNames = !confFile.IsFeatureFlagSet(configfile.FlagDirIV)
|
||||||
args.raw64 = confFile.IsFeatureFlagSet(configfile.FlagRaw64)
|
args.raw64 = confFile.IsFeatureFlagSet(configfile.FlagRaw64)
|
||||||
args.hkdf = confFile.IsFeatureFlagSet(configfile.FlagHKDF)
|
args.hkdf = confFile.IsFeatureFlagSet(configfile.FlagHKDF)
|
||||||
|
// Note: this will always return the non-openssl variant
|
||||||
cryptoBackend, err = confFile.ContentEncryption()
|
cryptoBackend, err = confFile.ContentEncryption()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
tlog.Fatal.Printf("%v", err)
|
tlog.Fatal.Printf("%v", err)
|
||||||
|
@ -301,8 +306,14 @@ func initFuseFrontend(args *argContainer) (rootNode fs.InodeEmbedder, wipeKeys f
|
||||||
tlog.Fatal.Printf("AES-SIV is required by reverse mode, but not enabled in the config file")
|
tlog.Fatal.Printf("AES-SIV is required by reverse mode, but not enabled in the config file")
|
||||||
os.Exit(exitcodes.Usage)
|
os.Exit(exitcodes.Usage)
|
||||||
}
|
}
|
||||||
if cryptoBackend == cryptocore.BackendGoGCM && args.openssl {
|
// Upgrade to OpenSSL variant if requested
|
||||||
cryptoBackend = cryptocore.BackendOpenSSL
|
if args.openssl {
|
||||||
|
switch cryptoBackend {
|
||||||
|
case cryptocore.BackendGoGCM:
|
||||||
|
cryptoBackend = cryptocore.BackendOpenSSL
|
||||||
|
case cryptocore.BackendXChaCha20Poly1305:
|
||||||
|
cryptoBackend = cryptocore.BackendXChaCha20Poly1305OpenSSL
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// If allow_other is set and we run as root, try to give newly created files to
|
// If allow_other is set and we run as root, try to give newly created files to
|
||||||
|
|
Loading…
Reference in New Issue