libgocryptfs/cryptfs/cryptfs.go
2015-12-08 16:17:04 +01:00

68 lines
1.3 KiB
Go

package cryptfs
// CryptFS is the crypto backend of GoCryptFS
import (
"crypto/aes"
"crypto/cipher"
"fmt"
)
const (
DEFAULT_PLAINBS = 4096
KEY_LEN = 32 // AES-256
NONCE_LEN = 12
AUTH_TAG_LEN = 16
BLOCK_OVERHEAD = NONCE_LEN + AUTH_TAG_LEN
DIRIV_LEN = 16 // identical to AES block size
DIRIV_FILENAME = "gocryptfs.diriv"
)
type CryptFS struct {
blockCipher cipher.Block
gcm cipher.AEAD
plainBS uint64
cipherBS uint64
// Stores an all-zero block of size cipherBS
allZeroBlock []byte
// DirIV cache for filename encryption
DirIVCacheEnc DirIVCache
}
func NewCryptFS(key []byte, useOpenssl bool, plaintextNames bool) *CryptFS {
if len(key) != KEY_LEN {
panic(fmt.Sprintf("Unsupported key length %d", len(key)))
}
b, err := aes.NewCipher(key)
if err != nil {
panic(err)
}
var gcm cipher.AEAD
if useOpenssl {
gcm = opensslGCM{key}
} else {
gcm, err = cipher.NewGCM(b)
if err != nil {
panic(err)
}
}
cipherBS := DEFAULT_PLAINBS + NONCE_LEN + AUTH_TAG_LEN
return &CryptFS{
blockCipher: b,
gcm: gcm,
plainBS: DEFAULT_PLAINBS,
cipherBS: uint64(cipherBS),
allZeroBlock: make([]byte, cipherBS),
}
}
// Get plaintext block size
func (be *CryptFS) PlainBS() uint64 {
return be.plainBS
}