From 4cdb1c37babfa4888c5dda9ba177bf4f5ff80b49 Mon Sep 17 00:00:00 2001
From: Thomas Waldmann <tw@waldmann-edv.de>
Date: Thu, 12 Mar 2015 19:03:27 +0100
Subject: [PATCH] use GMAC as default for now, integrate into maccer type
 system, adapt tests

---
 attic/archiver.py      |  1 +
 attic/key.py           |  8 +++++---
 attic/testsuite/key.py | 20 ++++++++++----------
 3 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/attic/archiver.py b/attic/archiver.py
index 001d9b434..16f7072d5 100644
--- a/attic/archiver.py
+++ b/attic/archiver.py
@@ -494,6 +494,7 @@ Type "Yes I am sure" if you understand this and want to continue.\n""")
         - 01      sha512-256 (just simple hash, no MAC, faster on 64bit CPU)
         - 10      hmac-sha256 (HMAC, faster on 32bit CPU)
         - 11      hmac-sha512-256 (HMAC, faster on 64bit CPU)
+        - 20      gmac (MAC, fastest on CPUs with AES-GCM HW support)
         """ % (COMPR_DEFAULT, HASH_DEFAULT, MAC_DEFAULT))
         subparser = subparsers.add_parser('init', parents=[common_parser],
                                           description=self.do_init.__doc__, epilog=init_epilog,
diff --git a/attic/key.py b/attic/key.py
index a2e2ef617..8cb92b001 100644
--- a/attic/key.py
+++ b/attic/key.py
@@ -115,6 +115,8 @@ class HMAC_SHA512_256(HMAC):
 
 
 class GMAC:
+    TYPE = 20
+
     def __init__(self, key, data):
         if key is None:
             raise Exception("do not use GMAC if you don't have a key")
@@ -129,7 +131,7 @@ class GMAC:
         return tag
 
 
-MAC_DEFAULT = HMAC_SHA256.TYPE
+MAC_DEFAULT = GMAC.TYPE
 
 
 class ZlibCompressor(object):  # uses 0..9 in the mapping
@@ -238,8 +240,7 @@ class AESKeyBase(KeyBase):
     only 295 exabytes!
     """
     def id_hash(self, data):
-        return GMAC(self.id_key, data).digest()
-        #return self.maccer(self.id_key, data).digest()
+        return self.maccer(self.id_key, data).digest()
 
     def encrypt(self, data):
         data = self.compressor.compress(data)
@@ -500,6 +501,7 @@ maccer_mapping = {
     # MACs:
     HMAC_SHA256.TYPE: HMAC_SHA256,
     HMAC_SHA512_256.TYPE: HMAC_SHA512_256,
+    GMAC.TYPE: GMAC,
 }
 
 
diff --git a/attic/testsuite/key.py b/attic/testsuite/key.py
index a169e0bdb..aec8ff85e 100644
--- a/attic/testsuite/key.py
+++ b/attic/testsuite/key.py
@@ -18,19 +18,19 @@ class KeyTestCase(AtticTestCase):
 
     keyfile2_key_file = """
 ATTIC KEY 0000000000000000000000000000000000000000000000000000000000000000
-hqppdGVyYXRpb25zzgABhqCkc2FsdNoAICiRWfijWqIuvr+70VzOsUS4Y6NM45FWm6LgCu
-2GyalGqWFsZ29yaXRobaRnbWFjpGhhc2jaACDgCK7u30Pi+Du1qHRyWBupAAAAAAAAAAAA
-AAAAAAAAAKd2ZXJzaW9uAaRkYXRh2gDQrlCtq2mzdmkuhwIoko5+amxYqnlfNHHZxRFiX9
-F8AliP7H6S0j9uHyrBKRDWtj7VGYWVW8COy/FncLRgRhspB59rH3y/GS6pfeEw7RWUPd32
-eOcB6v8q+IHUvGttyFRcN6PxSFHBhOKN0jqStP0UqXLv+d9rGWi6X/HNZGu9WPkqs/g0G9
-xnf48i9pOy19aQo3HV//ubf+VYWmc1J8zjCS2Og0JkMtxbqM6j4mShPjkURZZBXSJGtORV
-5IzNAzixJWmr8LR12TmFGVb0U9P79A==""".strip()
+hqlhbGdvcml0aG2kZ21hY6d2ZXJzaW9uAaRkYXRh2gDQByfRqTSTSlAic/cXPGs0IsqVb+
+Zi/U16d6T+dUBtRHFjaFCJqtY+CPWiv2BD35cZop4TImLdGYcGvOAVOzdGKL7n8dTVnI0G
+jnapbvt8NBYRhXV9G3hFMTLjncJoHLQwHSXkVoG/UjBWHf9pcyhfSdWAyePkWrfk0K+O97
+/MGvYdUDeMju89c7SZKOD4PVZ+gG9ILpmI0SvCciptAX2ZrNqeJ3AkqoVzThT7VsNwbpHF
+j7MgZ5hWAqLA+PkEZ39jnchWWm2dxJMkjUmeAGjoiappdGVyYXRpb25zzgABhqCkc2FsdN
+oAIHxtfNeGPOnhza/lXT492RZEVFmm2hewR0MwDhI6DQAopGhhc2jaACAtXRPR5mDd71wp
+xNWoIlr9AAAAAAAAAAAAAAAAAAAAAA==""".strip()
 
     keyfile2_cdata = unhexlify(re.sub('\W', '', """
-        004078370be366ac3ad9d147992be8ebee000000000000000000000000000000000000000000000000
-        b94bfb5d0a63b0c47cf74e2d0585aa
+        039295060014da0020c772252fb7a88e06be0e1e371168fb5b00000000000000000000000000000000
+        a80000000000000000af86399e604aa35fed0fae7bc02b39ae
         """))
-    keyfile2_id = unhexlify('45f309b4ef353c467d16a19039b87e5400000000000000000000000000000000')
+    keyfile2_id = unhexlify('b1927b00c683abe7b40ec4cc3d8c8f2f00000000000000000000000000000000')
 
     def setUp(self):
         self.tmppath = tempfile.mkdtemp()