diff options
Diffstat (limited to 'internal/cryptocore')
-rw-r--r-- | internal/cryptocore/cryptocore.go | 2 | ||||
-rw-r--r-- | internal/cryptocore/cryptocore_go1.4_test.go | 20 | ||||
-rw-r--r-- | internal/cryptocore/cryptocore_go1.5_test.go | 16 | ||||
-rw-r--r-- | internal/cryptocore/cryptocore_test.go | 5 | ||||
-rw-r--r-- | internal/cryptocore/gcm_go1.4.go | 29 | ||||
-rw-r--r-- | internal/cryptocore/gcm_go1.5.go | 21 |
6 files changed, 5 insertions, 88 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go index fea0c94..735c409 100644 --- a/internal/cryptocore/cryptocore.go +++ b/internal/cryptocore/cryptocore.go @@ -74,7 +74,7 @@ func New(key []byte, aeadType AEADTypeEnum, IVBitLen int) *CryptoCore { } aeadCipher = stupidgcm.New(key) case BackendGoGCM: - aeadCipher, err = goGCMWrapper(blockCipher, IVLen) + aeadCipher, err = cipher.NewGCMWithNonceSize(blockCipher, IVLen) case BackendAESSIV: if IVLen != 16 { // SIV supports any nonce size, but we only use 16. diff --git a/internal/cryptocore/cryptocore_go1.4_test.go b/internal/cryptocore/cryptocore_go1.4_test.go deleted file mode 100644 index 14e1e03..0000000 --- a/internal/cryptocore/cryptocore_go1.4_test.go +++ /dev/null @@ -1,20 +0,0 @@ -// +build !go1.5 -// = go 1.4 or lower - -package cryptocore - -import ( - "testing" -) - -// Native Go crypto with 128-bit IVs is only supported on Go 1.5 and up, -// this should panic. -func TestCryptoCoreNewGo14(t *testing.T) { - defer func() { - if r := recover(); r == nil { - t.Errorf("The code did not panic") - } - }() - key := make([]byte, 32) - New(key, BackendGoGCM, 128) -} diff --git a/internal/cryptocore/cryptocore_go1.5_test.go b/internal/cryptocore/cryptocore_go1.5_test.go deleted file mode 100644 index f9d38e9..0000000 --- a/internal/cryptocore/cryptocore_go1.5_test.go +++ /dev/null @@ -1,16 +0,0 @@ -// +build go1.5 -// = go 1.5 or higher - -package cryptocore - -import ( - "testing" -) - -func TestCryptoCoreNewGo15(t *testing.T) { - key := make([]byte, 32) - c := New(key, BackendGoGCM, 128) - if c.IVLen != 16 { - t.Fail() - } -} diff --git a/internal/cryptocore/cryptocore_test.go b/internal/cryptocore/cryptocore_test.go index c54eac9..252c311 100644 --- a/internal/cryptocore/cryptocore_test.go +++ b/internal/cryptocore/cryptocore_test.go @@ -16,7 +16,10 @@ func TestCryptoCoreNew(t *testing.T) { if c.IVLen != 12 { t.Fail() } - // "New(key, BackendGoGCM, 128)" is tested for Go 1.4 and 1.5+ separately + c = New(key, BackendGoGCM, 128) + if c.IVLen != 16 { + t.Fail() + } } // "New" should panic on any key not 32 bytes long diff --git a/internal/cryptocore/gcm_go1.4.go b/internal/cryptocore/gcm_go1.4.go deleted file mode 100644 index c1aa488..0000000 --- a/internal/cryptocore/gcm_go1.4.go +++ /dev/null @@ -1,29 +0,0 @@ -// +build !go1.5 -// = go 1.4 or lower - -package cryptocore - -import ( - "crypto/cipher" - "fmt" - - "github.com/rfjakob/gocryptfs/internal/tlog" -) - -const ( - // HaveModernGoGCM indicates if Go GCM supports 128-bit nonces - HaveModernGoGCM = false -) - -// goGCMWrapper - This wrapper makes sure gocryptfs can be compiled on Go -// versions 1.4 and lower that lack NewGCMWithNonceSize(). -// 128 bit GCM IVs will not work when using built-in Go crypto, obviously, when -// compiled on 1.4. -func goGCMWrapper(bc cipher.Block, nonceSize int) (cipher.AEAD, error) { - if nonceSize != 12 { - tlog.Warn.Printf("128 bit GCM IVs are not supported by Go 1.4 and lower.") - tlog.Warn.Printf("Please use openssl crypto or recompile using a newer Go runtime.") - return nil, fmt.Errorf("128 bit GCM IVs are not supported by Go 1.4 and lower") - } - return cipher.NewGCM(bc) -} diff --git a/internal/cryptocore/gcm_go1.5.go b/internal/cryptocore/gcm_go1.5.go deleted file mode 100644 index 3c38357..0000000 --- a/internal/cryptocore/gcm_go1.5.go +++ /dev/null @@ -1,21 +0,0 @@ -// +build go1.5 -// = go 1.5 or higher - -package cryptocore - -import ( - "crypto/cipher" -) - -const ( - // HaveModernGoGCM indicates if Go GCM supports 128-bit nonces - HaveModernGoGCM = true -) - -// goGCMWrapper - This wrapper makes sure gocryptfs can be compiled on Go -// versions 1.4 and lower that lack NewGCMWithNonceSize(). -// 128 bit GCM IVs will not work when using built-in Go crypto, obviously, when -// compiled on 1.4. -func goGCMWrapper(bc cipher.Block, nonceSize int) (cipher.AEAD, error) { - return cipher.NewGCMWithNonceSize(bc, nonceSize) -} |