diff --git a/caddytls/config.go b/caddytls/config.go index d3468e34..f008d1ea 100644 --- a/caddytls/config.go +++ b/caddytls/config.go @@ -23,7 +23,7 @@ import ( "net/url" "strings" - "github.com/codahale/aesnicheck" + "github.com/klauspost/cpuid" "github.com/mholt/caddy" "github.com/xenolf/lego/acme" ) @@ -505,7 +505,7 @@ var defaultCiphersNonAESNI = []uint16{ // // See https://github.com/mholt/caddy/issues/1674 func getPreferredDefaultCiphers() []uint16 { - if aesnicheck.HasAESNI() { + if cpuid.CPU.AesNi() { return defaultCiphers } diff --git a/caddytls/config_test.go b/caddytls/config_test.go index 0294e031..c69f2d55 100644 --- a/caddytls/config_test.go +++ b/caddytls/config_test.go @@ -21,7 +21,7 @@ import ( "reflect" "testing" - "github.com/codahale/aesnicheck" + "github.com/klauspost/cpuid" ) func TestConvertTLSConfigProtocolVersions(t *testing.T) { @@ -98,7 +98,7 @@ func TestConvertTLSConfigCipherSuites(t *testing.T) { func TestGetPreferredDefaultCiphers(t *testing.T) { expectedCiphers := defaultCiphers - if !aesnicheck.HasAESNI() { + if !cpuid.CPU.AesNi() { expectedCiphers = defaultCiphersNonAESNI } diff --git a/vendor/github.com/codahale/aesnicheck/LICENSE b/vendor/github.com/codahale/aesnicheck/LICENSE deleted file mode 100644 index f9835c24..00000000 --- a/vendor/github.com/codahale/aesnicheck/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) 2014 Coda Hale - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/vendor/github.com/codahale/aesnicheck/asm_amd64.s b/vendor/github.com/codahale/aesnicheck/asm_amd64.s deleted file mode 100644 index d7ee7ee3..00000000 --- a/vendor/github.com/codahale/aesnicheck/asm_amd64.s +++ /dev/null @@ -1,9 +0,0 @@ -// func HasAESNI() bool -TEXT ·HasAESNI(SB),$0 - XORQ AX, AX - INCL AX - CPUID - SHRQ $25, CX - ANDQ $1, CX - MOVB CX, ret+0(FP) - RET diff --git a/vendor/github.com/codahale/aesnicheck/check_asm.go b/vendor/github.com/codahale/aesnicheck/check_asm.go deleted file mode 100644 index 7b4d332c..00000000 --- a/vendor/github.com/codahale/aesnicheck/check_asm.go +++ /dev/null @@ -1,6 +0,0 @@ -// +build amd64 - -package aesnicheck - -// HasAESNI returns whether AES-NI is supported by the CPU. -func HasAESNI() bool diff --git a/vendor/github.com/codahale/aesnicheck/check_generic.go b/vendor/github.com/codahale/aesnicheck/check_generic.go deleted file mode 100644 index b8081603..00000000 --- a/vendor/github.com/codahale/aesnicheck/check_generic.go +++ /dev/null @@ -1,8 +0,0 @@ -// +build !amd64 - -package aesnicheck - -// HasAESNI returns whether AES-NI is supported by the CPU. -func HasAESNI() bool { - return false -} diff --git a/vendor/github.com/codahale/aesnicheck/cmd/aesnicheck/aesnicheck.go b/vendor/github.com/codahale/aesnicheck/cmd/aesnicheck/aesnicheck.go deleted file mode 100644 index ecfe1ce8..00000000 --- a/vendor/github.com/codahale/aesnicheck/cmd/aesnicheck/aesnicheck.go +++ /dev/null @@ -1,22 +0,0 @@ -// Command aesnicheck queries the CPU for AES-NI support. If AES-NI is supported, -// aesnicheck will print "supported" and exit with a status of 0. If AES-NI is -// not supported, aesnicheck will print "unsupported" and exit with a status of -// -1. -package main - -import ( - "fmt" - "os" - - "github.com/codahale/aesnicheck" -) - -func main() { - if aesnicheck.HasAESNI() { - fmt.Println("supported") - os.Exit(0) - } else { - fmt.Println("unsupported") - os.Exit(-1) - } -} diff --git a/vendor/github.com/codahale/aesnicheck/docs.go b/vendor/github.com/codahale/aesnicheck/docs.go deleted file mode 100644 index 54fa03e6..00000000 --- a/vendor/github.com/codahale/aesnicheck/docs.go +++ /dev/null @@ -1,9 +0,0 @@ -// Package aesnicheck provides a simple check to see if crypto/aes is using -// AES-NI instructions or if the AES transform is being done in software. AES-NI -// is constant-time, which makes it impervious to cache-level timing attacks. For -// security-conscious deployments on public cloud infrastructure (Amazon EC2, -// Google Compute Engine, Microsoft Azure, etc.) this may be critical. -// -// See http://eprint.iacr.org/2014/248 for details on cross-VM timing attacks on -// AES keys. -package aesnicheck diff --git a/vendor/manifest b/vendor/manifest index b8d13653..a2475e60 100644 --- a/vendor/manifest +++ b/vendor/manifest @@ -34,14 +34,6 @@ "branch": "master", "notests": true }, - { - "importpath": "github.com/codahale/aesnicheck", - "repository": "https://github.com/codahale/aesnicheck", - "vcs": "git", - "revision": "349fcc471aaccc29cd074e1275f1a494323826cd", - "branch": "master", - "notests": true - }, { "importpath": "github.com/dustin/go-humanize", "repository": "https://github.com/dustin/go-humanize",