summaryrefslogtreecommitdiff
path: root/cryptfs
diff options
context:
space:
mode:
Diffstat (limited to 'cryptfs')
-rw-r--r--cryptfs/gcm_go14.go21
-rw-r--r--cryptfs/gcm_go15.go15
-rw-r--r--cryptfs/openssl_test.go3
3 files changed, 37 insertions, 2 deletions
diff --git a/cryptfs/gcm_go14.go b/cryptfs/gcm_go14.go
new file mode 100644
index 0000000..4629df3
--- /dev/null
+++ b/cryptfs/gcm_go14.go
@@ -0,0 +1,21 @@
+// +build !go1.5
+
+package cryptfs
+
+import (
+ "fmt"
+ "crypto/cipher"
+)
+
+// goGCMWrapper - This wrapper makes sure gocryptfs can be compiled on Go
+// versions 1.4 and lower that lack NewGCMWithNonceSize().
+// 128 bit GCM IVs will not work when using built-in Go crypto, obviously, when
+// compiled on 1.4.
+func goGCMWrapper(bc cipher.Block, nonceSize int) (cipher.AEAD, error){
+ if nonceSize != 12 {
+ Warn.Printf("128 bit GCM IVs are not supported by Go 1.4 and lower.\n")
+ Warn.Printf("Please use openssl crypto or recompile using a newer Go runtime.\n")
+ return nil, fmt.Errorf("128 bit GCM IVs are not supported by Go 1.4 and lower")
+ }
+ return cipher.NewGCM(bc)
+}
diff --git a/cryptfs/gcm_go15.go b/cryptfs/gcm_go15.go
new file mode 100644
index 0000000..7696437
--- /dev/null
+++ b/cryptfs/gcm_go15.go
@@ -0,0 +1,15 @@
+// +build go1.5
+
+package cryptfs
+
+import (
+ "crypto/cipher"
+)
+
+// goGCMWrapper - This wrapper makes sure gocryptfs can be compiled on Go
+// versions 1.4 and lower that lack NewGCMWithNonceSize().
+// 128 bit GCM IVs will not work when using built-in Go crypto, obviously, when
+// compiled on 1.4.
+func goGCMWrapper(bc cipher.Block, nonceSize int) (cipher.AEAD, error){
+ return cipher.NewGCMWithNonceSize(bc, nonceSize)
+}
diff --git a/cryptfs/openssl_test.go b/cryptfs/openssl_test.go
index 85a97d9..aecee94 100644
--- a/cryptfs/openssl_test.go
+++ b/cryptfs/openssl_test.go
@@ -10,7 +10,6 @@ package cryptfs
import (
"crypto/aes"
- "crypto/cipher"
"testing"
)
@@ -20,7 +19,7 @@ func benchmarkGoEnc(b *testing.B, plaintext []byte, key []byte, nonce []byte) (c
if err != nil {
b.Fatal(err)
}
- aesgcm, err := cipher.NewGCMWithNonceSize(aes, len(nonce))
+ aesgcm, err := goGCMWrapper(aes, len(nonce))
if err != nil {
b.Fatal(err)
}