diff options
Diffstat (limited to 'internal')
-rw-r--r-- | internal/prefer_openssl/prefer.go | 2 | ||||
-rw-r--r-- | internal/prefer_openssl/prefer_go1.5.go | 7 | ||||
-rw-r--r-- | internal/prefer_openssl/prefer_go1.6.go | 7 | ||||
-rw-r--r-- | internal/stupidgcm/locking.go | 2 | ||||
-rw-r--r-- | internal/stupidgcm/stupidgcm.go | 5 | ||||
-rw-r--r-- | internal/stupidgcm/without_openssl.go | 48 |
6 files changed, 70 insertions, 1 deletions
diff --git a/internal/prefer_openssl/prefer.go b/internal/prefer_openssl/prefer.go index 0afe7d5..e06f0d5 100644 --- a/internal/prefer_openssl/prefer.go +++ b/internal/prefer_openssl/prefer.go @@ -11,7 +11,7 @@ import ( ) // filePreferOpenSSL tells us if OpenSSL is faster than Go GCM on this machine. -// Go GCM is fastern when the CPU has AES instructions and Go is v1.6 or higher. +// Go GCM is faster when the CPU has AES instructions and Go is v1.6 or higher. // // See https://github.com/rfjakob/gocryptfs/issues/23#issuecomment-218286502 // for benchmarks. diff --git a/internal/prefer_openssl/prefer_go1.5.go b/internal/prefer_openssl/prefer_go1.5.go index 51a07ab..7095314 100644 --- a/internal/prefer_openssl/prefer_go1.5.go +++ b/internal/prefer_openssl/prefer_go1.5.go @@ -3,7 +3,14 @@ package prefer_openssl +import ( + "github.com/rfjakob/gocryptfs/internal/stupidgcm" +) + func PreferOpenSSL() bool { + if stupidgcm.BuiltWithoutOpenssl { + return false + } // OpenSSL is always faster than Go GCM on old Go versions or on anything // other than amd64 return true diff --git a/internal/prefer_openssl/prefer_go1.6.go b/internal/prefer_openssl/prefer_go1.6.go index 898db0c..a5a67fb 100644 --- a/internal/prefer_openssl/prefer_go1.6.go +++ b/internal/prefer_openssl/prefer_go1.6.go @@ -3,6 +3,10 @@ package prefer_openssl +import ( + "github.com/rfjakob/gocryptfs/internal/stupidgcm" +) + // PreferOpenSSL tells us if OpenSSL is faster than Go GCM on this machine. // Go GCM is faster when the CPU has AES instructions and Go is v1.6 or higher // on amd64. @@ -10,5 +14,8 @@ package prefer_openssl // See https://github.com/rfjakob/gocryptfs/issues/23#issuecomment-218286502 // for benchmarks. func PreferOpenSSL() bool { + if stupidgcm.BuiltWithoutOpenssl { + return false + } return filePreferOpenSSL("/proc/cpuinfo") } diff --git a/internal/stupidgcm/locking.go b/internal/stupidgcm/locking.go index 88f0900..952d669 100644 --- a/internal/stupidgcm/locking.go +++ b/internal/stupidgcm/locking.go @@ -1,3 +1,5 @@ +// +build !without_openssl + package stupidgcm // In general, OpenSSL is only threadsafe if you provide a locking function diff --git a/internal/stupidgcm/stupidgcm.go b/internal/stupidgcm/stupidgcm.go index 0f4e25d..db9e6ef 100644 --- a/internal/stupidgcm/stupidgcm.go +++ b/internal/stupidgcm/stupidgcm.go @@ -1,3 +1,5 @@ +// +build !without_openssl + // Package stupidgcm is a thin wrapper for OpenSSL's GCM encryption and // decryption functions. It only support 32-byte keys and 16-bit IVs. package stupidgcm @@ -13,6 +15,9 @@ import ( ) const ( + // Has openssl been disabled at compile-time? + BuiltWithoutOpenssl = false + keyLen = 32 ivLen = 16 tagLen = 16 diff --git a/internal/stupidgcm/without_openssl.go b/internal/stupidgcm/without_openssl.go new file mode 100644 index 0000000..0b3cf90 --- /dev/null +++ b/internal/stupidgcm/without_openssl.go @@ -0,0 +1,48 @@ +// +build without_openssl + +package stupidgcm + +import ( + "os" + + "github.com/rfjakob/gocryptfs/internal/tlog" +) + +type stupidGCM struct{} + +const ( + // Has openssl been disabled at compile-time? + BuiltWithoutOpenssl = true +) + +func errExit() { + tlog.Fatal.Println("gocryptfs has been compiled without openssl support but you are still trying to use openssl") + os.Exit(2) +} + +func New(_ []byte) stupidGCM { + errExit() + // This panic is never reached, but having it here stops the Go compiler + // from complaining about the missing return code. + panic("") +} + +func (g stupidGCM) NonceSize() int { + errExit() + panic("") +} + +func (g stupidGCM) Overhead() int { + errExit() + panic("") +} + +func (g stupidGCM) Seal(_, _, _, _ []byte) []byte { + errExit() + panic("") +} + +func (g stupidGCM) Open(_, _, _, _ []byte) ([]byte, error) { + errExit() + panic("") +} |