contentenc: rename constant "IVBitLen" to "DefaultIVBits" and clarify comment
128-bit IVs are NOT used everywhere.
This commit is contained in:
parent
b883dd10a6
commit
abd61d968d
|
@ -12,7 +12,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
IVLen = contentenc.IVBitLen / 8
|
IVLen = contentenc.DefaultIVBits / 8
|
||||||
blockSize = contentenc.DefaultBS + IVLen + cryptocore.AuthTagLen
|
blockSize = contentenc.DefaultBS + IVLen + cryptocore.AuthTagLen
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -16,8 +16,9 @@ type NonceMode int
|
||||||
const (
|
const (
|
||||||
// Default plaintext block size
|
// Default plaintext block size
|
||||||
DefaultBS = 4096
|
DefaultBS = 4096
|
||||||
// We always use 128-bit IVs for file content encryption
|
// We always use 128-bit IVs for file content, but the
|
||||||
IVBitLen = 128
|
// key in the config file is encrypted with a 96-bit IV.
|
||||||
|
DefaultIVBits = 128
|
||||||
|
|
||||||
_ = iota // skip zero
|
_ = iota // skip zero
|
||||||
RandomNonce NonceMode = iota
|
RandomNonce NonceMode = iota
|
||||||
|
|
|
@ -23,7 +23,7 @@ func TestSplitRange(t *testing.T) {
|
||||||
testRange{6654, 8945})
|
testRange{6654, 8945})
|
||||||
|
|
||||||
key := make([]byte, cryptocore.KeyLen)
|
key := make([]byte, cryptocore.KeyLen)
|
||||||
cc := cryptocore.New(key, cryptocore.BackendOpenSSL, IVBitLen)
|
cc := cryptocore.New(key, cryptocore.BackendOpenSSL, DefaultIVBits)
|
||||||
f := New(cc, DefaultBS)
|
f := New(cc, DefaultBS)
|
||||||
|
|
||||||
for _, r := range ranges {
|
for _, r := range ranges {
|
||||||
|
@ -51,7 +51,7 @@ func TestCiphertextRange(t *testing.T) {
|
||||||
testRange{6654, 8945})
|
testRange{6654, 8945})
|
||||||
|
|
||||||
key := make([]byte, cryptocore.KeyLen)
|
key := make([]byte, cryptocore.KeyLen)
|
||||||
cc := cryptocore.New(key, cryptocore.BackendOpenSSL, IVBitLen)
|
cc := cryptocore.New(key, cryptocore.BackendOpenSSL, DefaultIVBits)
|
||||||
f := New(cc, DefaultBS)
|
f := New(cc, DefaultBS)
|
||||||
|
|
||||||
for _, r := range ranges {
|
for _, r := range ranges {
|
||||||
|
@ -74,7 +74,7 @@ func TestCiphertextRange(t *testing.T) {
|
||||||
|
|
||||||
func TestBlockNo(t *testing.T) {
|
func TestBlockNo(t *testing.T) {
|
||||||
key := make([]byte, cryptocore.KeyLen)
|
key := make([]byte, cryptocore.KeyLen)
|
||||||
cc := cryptocore.New(key, cryptocore.BackendOpenSSL, IVBitLen)
|
cc := cryptocore.New(key, cryptocore.BackendOpenSSL, DefaultIVBits)
|
||||||
f := New(cc, DefaultBS)
|
f := New(cc, DefaultBS)
|
||||||
|
|
||||||
b := f.CipherOffToBlockNo(788)
|
b := f.CipherOffToBlockNo(788)
|
||||||
|
|
|
@ -37,7 +37,7 @@ type FS struct {
|
||||||
|
|
||||||
// Encrypted FUSE overlay filesystem
|
// Encrypted FUSE overlay filesystem
|
||||||
func NewFS(args Args) *FS {
|
func NewFS(args Args) *FS {
|
||||||
cryptoCore := cryptocore.New(args.Masterkey, args.CryptoBackend, contentenc.IVBitLen)
|
cryptoCore := cryptocore.New(args.Masterkey, args.CryptoBackend, contentenc.DefaultIVBits)
|
||||||
contentEnc := contentenc.New(cryptoCore, contentenc.DefaultBS)
|
contentEnc := contentenc.New(cryptoCore, contentenc.DefaultBS)
|
||||||
nameTransform := nametransform.New(cryptoCore, args.LongNames)
|
nameTransform := nametransform.New(cryptoCore, args.LongNames)
|
||||||
|
|
||||||
|
|
|
@ -44,7 +44,7 @@ type reverseFS struct {
|
||||||
|
|
||||||
// Encrypted FUSE overlay filesystem
|
// Encrypted FUSE overlay filesystem
|
||||||
func NewFS(args fusefrontend.Args) *reverseFS {
|
func NewFS(args fusefrontend.Args) *reverseFS {
|
||||||
cryptoCore := cryptocore.New(args.Masterkey, args.CryptoBackend, contentenc.IVBitLen)
|
cryptoCore := cryptocore.New(args.Masterkey, args.CryptoBackend, contentenc.DefaultIVBits)
|
||||||
contentEnc := contentenc.New(cryptoCore, contentenc.DefaultBS)
|
contentEnc := contentenc.New(cryptoCore, contentenc.DefaultBS)
|
||||||
nameTransform := nametransform.New(cryptoCore, args.LongNames)
|
nameTransform := nametransform.New(cryptoCore, args.LongNames)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue