gocryptfs/internal/stupidgcm, branch v0.10-rc2

stupidgcm: set dummy locking callback.

2016-05-04T22:09:08+00:00

In general, OpenSSL is only threadsafe if you provide a locking function through CRYPTO_set_locking_callback. However, the GCM operations that stupidgcm uses never call that function. To guard against that ever changing, set a dummy locking callback that crashes the app.

stupidgcm: skip tests on Go 1.4 and older

2016-05-04T22:09:08+00:00

Quoting from the patch: We compare against Go's built-in GCM implementation. Since stupidgcm only supports 128-bit IVs and Go only supports that from 1.5 onward, we cannot run these tests on older Go versions.

Revert "stupidgcm: print openssl error stack before panicing"

2016-05-04T22:09:08+00:00

This did not help in debugging the openssl <= 1.0.1c issue at all and makes the code more complex. Keep it simple.

stupidgcm: reorder calls to support openssl <= 1.0.1c

2016-05-04T22:08:25+00:00

This fixes the test failures on Travis CI. Quoting from https://github.com/openssl/openssl/commit/07a4ff79d23e45f1a45da717b7c1f41a5e1c7c0c /* Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier * required the tag before any AAD or ciphertext */

stupidgcm: print openssl error stack before panicing

2016-05-04T18:50:13+00:00

stupidgcm: fix copy-paste error in panic message

2016-05-04T18:15:11+00:00

Also, print the openssl version in Travis CI

stupidgcm: add our own thin wrapper around openssl gcm

2016-05-04T17:56:07+00:00

...complete with tests and benchmark. This will allow us to get rid of the dependency to spacemonkeygo/openssl that causes problems on Arch Linux ( https://github.com/rfjakob/gocryptfs/issues/21 )