Browse Source

cryptocore: disentangle algorithm / library implementation name

Used in gocryptfs-xray, and will also be used in -info.
master
Jakob Unterwurzacher 9 months ago
parent
commit
db1824a23a
  1. 2
      gocryptfs-xray/xray_main.go
  2. 2
      gocryptfs-xray/xray_tests/aesgcm_fs.xray.txt
  3. 2
      gocryptfs-xray/xray_tests/aessiv_fs.xray.txt
  4. 24
      internal/cryptocore/cryptocore.go
  5. 10
      internal/speed/speed.go

2
gocryptfs-xray/xray_main.go

@ -39,7 +39,7 @@ func errExit(err error) {
func prettyPrintHeader(h *contentenc.FileHeader, algo cryptocore.AEADTypeEnum) {
id := hex.EncodeToString(h.ID)
fmt.Printf("Header: Version: %d, Id: %s, assuming %s mode\n", h.Version, id, algo.Name)
fmt.Printf("Header: Version: %d, Id: %s, assuming %s mode\n", h.Version, id, algo.Algo)
}
// printVersion prints a version string like this:

2
gocryptfs-xray/xray_tests/aesgcm_fs.xray.txt

@ -1,3 +1,3 @@
Header: Version: 2, Id: 8932adf303fe0289679d47fa84d2b241, assuming AES-GCM-256-Go mode
Header: Version: 2, Id: 8932adf303fe0289679d47fa84d2b241, assuming AES-GCM-256 mode
Block 0: IV: c8536b4bfd92f5dc3c1e2ac29f116d4a, Tag: 22b20422749b2f4bba67ec7d3bb1ac34, Offset: 18 Len: 4128
Block 1: IV: 2de68f4965779bb137ef2b3c20453556, Tag: 3e8758d6872234b1fffab2504e623467, Offset: 4146 Len: 936

2
gocryptfs-xray/xray_tests/aessiv_fs.xray.txt

@ -1,3 +1,3 @@
Header: Version: 2, Id: d839806747918e345633fcdd0988e67c, assuming AES-SIV-512-Go mode
Header: Version: 2, Id: d839806747918e345633fcdd0988e67c, assuming AES-SIV-512 mode
Block 0: IV: 1d3ce2b13260f83766ccf9a670478a4b, Tag: 0b6f95bd523b4c93704e15ecc6bef8e7, Offset: 18 Len: 4128
Block 1: IV: 7eb947d2adf18adf3bed39bbc8052968, Tag: 1a272903e5a987f53f07344840387c20, Offset: 4146 Len: 936

24
internal/cryptocore/cryptocore.go

@ -28,28 +28,36 @@ const (
// AEADTypeEnum indicates the type of AEAD backend in use.
type AEADTypeEnum struct {
Name string
// Algo is the encryption algorithm. Example: "AES-GCM-256"
Algo string
// Lib is the library where Algo is implemented. Either "Go" or "OpenSSL".
Lib string
NonceSize int
}
// String returns something like "AES-GCM-256-OpenSSL"
func (a AEADTypeEnum) String() string {
return a.Algo + "-" + a.Lib
}
// BackendOpenSSL specifies the OpenSSL AES-256-GCM backend.
// "AES-GCM-256-OpenSSL" in gocryptfs -speed.
var BackendOpenSSL AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-OpenSSL", 16}
var BackendOpenSSL AEADTypeEnum = AEADTypeEnum{"AES-GCM-256", "OpenSSL", 16}
// BackendGoGCM specifies the Go based AES-256-GCM backend.
// "AES-GCM-256-Go" in gocryptfs -speed.
var BackendGoGCM AEADTypeEnum = AEADTypeEnum{"AES-GCM-256-Go", 16}
var BackendGoGCM AEADTypeEnum = AEADTypeEnum{"AES-GCM-256", "Go", 16}
// BackendAESSIV specifies an AESSIV backend.
// "AES-SIV-512-Go" in gocryptfs -speed.
var BackendAESSIV AEADTypeEnum = AEADTypeEnum{"AES-SIV-512-Go", siv_aead.NonceSize}
var BackendAESSIV AEADTypeEnum = AEADTypeEnum{"AES-SIV-512", "Go", siv_aead.NonceSize}
// BackendXChaCha20Poly1305 specifies XChaCha20-Poly1305-Go.
// "XChaCha20-Poly1305-Go" in gocryptfs -speed.
var BackendXChaCha20Poly1305 AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305-Go", chacha20poly1305.NonceSizeX}
var BackendXChaCha20Poly1305 AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305", "Go", chacha20poly1305.NonceSizeX}
// BackendXChaCha20Poly1305OpenSSL specifies XChaCha20-Poly1305-OpenSSL.
var BackendXChaCha20Poly1305OpenSSL AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305-OpenSSL", chacha20poly1305.NonceSizeX}
var BackendXChaCha20Poly1305OpenSSL AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305", "OpenSSL", chacha20poly1305.NonceSizeX}
// CryptoCore is the low level crypto implementation.
type CryptoCore struct {
@ -176,7 +184,7 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int, useHKDF bool) *CryptoC
log.Panic(err)
}
} else {
log.Panicf("unknown cipher backend %q", aeadType.Name)
log.Panicf("unknown cipher backend %q", aeadType)
}
if aeadCipher.NonceSize()*8 != IVBitLen {
@ -205,7 +213,7 @@ type wiper interface {
func (c *CryptoCore) Wipe() {
be := c.AEADBackend
if be == BackendOpenSSL || be == BackendAESSIV {
tlog.Debug.Printf("CryptoCore.Wipe: Wiping AEADBackend %s key", be.Name)
tlog.Debug.Printf("CryptoCore.Wipe: Wiping AEADBackend %q key", be)
// We don't use "x, ok :=" because we *want* to crash loudly if the
// type assertion fails.
w := c.AEADCipher.(wiper)

10
internal/speed/speed.go

@ -42,11 +42,11 @@ func Run() {
f func(*testing.B)
preferred bool
}{
{name: cryptocore.BackendOpenSSL.Name, f: bStupidGCM, preferred: stupidgcm.PreferOpenSSLAES256GCM()},
{name: cryptocore.BackendGoGCM.Name, f: bGoGCM, preferred: !stupidgcm.PreferOpenSSLAES256GCM()},
{name: cryptocore.BackendAESSIV.Name, f: bAESSIV, preferred: false},
{name: cryptocore.BackendXChaCha20Poly1305OpenSSL.Name, f: bStupidXchacha, preferred: stupidgcm.PreferOpenSSLXchacha20poly1305()},
{name: cryptocore.BackendXChaCha20Poly1305.Name, f: bXchacha20poly1305, preferred: !stupidgcm.PreferOpenSSLXchacha20poly1305()},
{name: cryptocore.BackendOpenSSL.String(), f: bStupidGCM, preferred: stupidgcm.PreferOpenSSLAES256GCM()},
{name: cryptocore.BackendGoGCM.String(), f: bGoGCM, preferred: !stupidgcm.PreferOpenSSLAES256GCM()},
{name: cryptocore.BackendAESSIV.String(), f: bAESSIV, preferred: false},
{name: cryptocore.BackendXChaCha20Poly1305OpenSSL.String(), f: bStupidXchacha, preferred: stupidgcm.PreferOpenSSLXchacha20poly1305()},
{name: cryptocore.BackendXChaCha20Poly1305.String(), f: bXchacha20poly1305, preferred: !stupidgcm.PreferOpenSSLXchacha20poly1305()},
}
for _, b := range bTable {
fmt.Printf("%-26s\t", b.name)

Loading…
Cancel
Save