Make -openssl also apply to xchacha
Now that stupidgcm supports xchacha, make it available on mount.
This commit is contained in:
Jakob Unterwurzacher
parent
1a58667293
commit
94e8004b6c
|
|
@ -253,7 +253,11 @@ func parseCliOpts(osArgs []string) (args argContainer) {
|
|||
}
|
||||
// "-openssl" needs some post-processing
|
||||
if opensslAuto == "auto" {
|
||||
args.openssl = stupidgcm.PreferOpenSSLAES256GCM()
|
||||
if args.xchacha {
|
||||
args.openssl = stupidgcm.PreferOpenSSLXchacha20poly1305()
|
||||
} else {
|
||||
args.openssl = stupidgcm.PreferOpenSSLAES256GCM()
|
||||
}
|
||||
} else {
|
||||
args.openssl, err = strconv.ParseBool(opensslAuto)
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -32,11 +32,11 @@ type AEADTypeEnum struct {
|
|||
NonceSize int
|
||||
}
|
||||
|
||||
// BackendOpenSSL specifies the OpenSSL backend.
|
||||
// BackendOpenSSL specifies the OpenSSL AES-256-GCM backend.
|
||||
// "AES-GCM-256-OpenSSL" in gocryptfs -speed.
|
||||
var BackendOpenSSL AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-OpenSSL", 16}
|
||||
|
||||
// BackendGoGCM specifies the Go based GCM backend.
|
||||
// BackendGoGCM specifies the Go based AES-256-GCM backend.
|
||||
// "AES-GCM-256-Go" in gocryptfs -speed.
|
||||
var BackendGoGCM AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-Go", 16}
|
||||
|
||||
|
|
@ -130,6 +130,8 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
|
|||
if err != nil {
|
||||
log.Panic(err)
|
||||
}
|
||||
default:
|
||||
log.Panicf("BUG: unhandled case: %v", aeadType)
|
||||
}
|
||||
for i := range gcmKey {
|
||||
gcmKey[i] = 0
|
||||
|
|
@ -154,7 +156,7 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
|
|||
for i := range key64 {
|
||||
key64[i] = 0
|
||||
}
|
||||
} else if aeadType == BackendXChaCha20Poly1305 {
|
||||
} else if aeadType == BackendXChaCha20Poly1305 || aeadType == BackendXChaCha20Poly1305OpenSSL {
|
||||
// We don't support legacy modes with XChaCha20-Poly1305
|
||||
if IVBitLen != chacha20poly1305.NonceSizeX*8 {
|
||||
log.Panicf("XChaCha20-Poly1305 must use 192-bit IVs, you wanted %d", IVBitLen)
|
||||
|
|
@ -163,7 +165,13 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool, forceDec
|
|||
log.Panic("XChaCha20-Poly1305 must use HKDF, but it is disabled")
|
||||
}
|
||||
derivedKey := hkdfDerive(key, hkdfInfoXChaChaPoly1305Content, chacha20poly1305.KeySize)
|
||||
aeadCipher, err = chacha20poly1305.NewX(derivedKey)
|
||||
if aeadType == BackendXChaCha20Poly1305 {
|
||||
aeadCipher, err = chacha20poly1305.NewX(derivedKey)
|
||||
} else if aeadType == BackendXChaCha20Poly1305OpenSSL {
|
||||
aeadCipher = stupidgcm.NewXchacha20poly1305(derivedKey)
|
||||
} else {
|
||||
log.Panicf("BUG: unhandled case: %v", aeadType)
|
||||
}
|
||||
if err != nil {
|
||||
log.Panic(err)
|
||||
}
|
||||
|
|
|
|||
17
mount.go
17
mount.go
|
|
@ -259,7 +259,11 @@ func initFuseFrontend(args *argContainer) (rootNode fs.InodeEmbedder, wipeKeys f
|
|||
cryptoBackend = cryptocore.BackendAESSIV
|
||||
}
|
||||
if args.xchacha {
|
||||
cryptoBackend = cryptocore.BackendXChaCha20Poly1305
|
||||
if args.openssl {
|
||||
cryptoBackend = cryptocore.BackendXChaCha20Poly1305OpenSSL
|
||||
} else {
|
||||
cryptoBackend = cryptocore.BackendXChaCha20Poly1305
|
||||
}
|
||||
IVBits = chacha20poly1305.NonceSizeX * 8
|
||||
}
|
||||
// forceOwner implies allow_other, as documented.
|
||||
|
|
@ -291,6 +295,7 @@ func initFuseFrontend(args *argContainer) (rootNode fs.InodeEmbedder, wipeKeys f
|
|||
frontendArgs.DeterministicNames = !confFile.IsFeatureFlagSet(configfile.FlagDirIV)
|
||||
args.raw64 = confFile.IsFeatureFlagSet(configfile.FlagRaw64)
|
||||
args.hkdf = confFile.IsFeatureFlagSet(configfile.FlagHKDF)
|
||||
// Note: this will always return the non-openssl variant
|
||||
cryptoBackend, err = confFile.ContentEncryption()
|
||||
if err != nil {
|
||||
tlog.Fatal.Printf("%v", err)
|
||||
|
|
@ -301,8 +306,14 @@ func initFuseFrontend(args *argContainer) (rootNode fs.InodeEmbedder, wipeKeys f
|
|||
tlog.Fatal.Printf("AES-SIV is required by reverse mode, but not enabled in the config file")
|
||||
os.Exit(exitcodes.Usage)
|
||||
}
|
||||
if cryptoBackend == cryptocore.BackendGoGCM && args.openssl {
|
||||
cryptoBackend = cryptocore.BackendOpenSSL
|
||||
// Upgrade to OpenSSL variant if requested
|
||||
if args.openssl {
|
||||
switch cryptoBackend {
|
||||
case cryptocore.BackendGoGCM:
|
||||
cryptoBackend = cryptocore.BackendOpenSSL
|
||||
case cryptocore.BackendXChaCha20Poly1305:
|
||||
cryptoBackend = cryptocore.BackendXChaCha20Poly1305OpenSSL
|
||||
}
|
||||
}
|
||||
}
|
||||
// If allow_other is set and we run as root, try to give newly created files to
|
||||
|
|
|
|||
Loading…
Reference in New Issue