ceph-csi/vendor/github.com/google/fscrypt/metadata/constants.go
Marcel Lauhoff f8faffac89 vendor: vendor fscrypt integration dependencies
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-10-17 17:33:52 +00:00

58 lines
1.9 KiB
Go

/*
* constants.go - Some metadata constants used throughout fscrypt
*
* Copyright 2017 Google Inc.
* Author: Joe Richey (joerichey@google.com)
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of
* the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
package metadata
import (
"crypto/sha256"
"golang.org/x/sys/unix"
)
// Lengths for our keys, buffers, and strings used in fscrypt.
const (
// Length of policy descriptor (in hex chars) for v1 encryption policies
PolicyDescriptorLenV1 = 2 * unix.FSCRYPT_KEY_DESCRIPTOR_SIZE
// Length of protector descriptor (in hex chars)
ProtectorDescriptorLen = PolicyDescriptorLenV1
// Length of policy descriptor (in hex chars) for v2 encryption policies
PolicyDescriptorLenV2 = 2 * unix.FSCRYPT_KEY_IDENTIFIER_SIZE
// We always use 256-bit keys internally (compared to 512-bit policy keys).
InternalKeyLen = 32
IVLen = 16
SaltLen = 16
// We use SHA256 for the HMAC, and len(HMAC) == len(hash size).
HMACLen = sha256.Size
// PolicyKeyLen is the length of all keys passed directly to the Keyring
PolicyKeyLen = unix.FSCRYPT_MAX_KEY_SIZE
)
var (
// DefaultOptions use the supported encryption modes, max padding, and
// policy version 1.
DefaultOptions = &EncryptionOptions{
Padding: 32,
Contents: EncryptionOptions_AES_256_XTS,
Filenames: EncryptionOptions_AES_256_CTS,
PolicyVersion: 1,
}
// DefaultSource is the source we use if none is specified.
DefaultSource = SourceType_custom_passphrase
)