gocryptfs/internal/stupidgcm, branch v2.0

gocryptfs/internal/stupidgcm, branch v2.0 Mirror of gocryptfs source code on Github http://nuetzlich.net/cgit/gocryptfs/atom?h=v2.0 2021-05-26T07:20:22+00:00 stupidgcm: prefer Go stdlib over OpenSSL on Apple M1 2021-05-26T07:20:22+00:00 Jakob Unterwurzacher 2021-05-26T07:20:22+00:00 urn:sha1:1d2ac1e589209be96f8ee5fbba9a18e7e2c5fb04 https://github.com/rfjakob/gocryptfs/issues/556 Prefer Go stdlib aes-gcm on arm64 with aes instructions 2020-04-13T20:34:07+00:00 Jakob Unterwurzacher 2020-04-13T20:34:07+00:00 urn:sha1:8f5c2a613d37d8f58aee5b2405098da5c99aaca2 We used to prefer openssl in this situation, which used to make sense, but now Go gained an optimized assembly implementation for aes-gcm on arm64 with aes instructions: root@q1:~/go/src/github.com/rfjakob/gocryptfs# ./gocryptfs -speed gocryptfs v1.7.1-46-g73436d9; go-fuse v1.0.1-0.20190319092520-161a16484456; 2020-04-13 go1.14.2 linux/arm64 AES-GCM-256-OpenSSL 212.30 MB/s (selected in auto mode) AES-GCM-256-Go 452.30 MB/s AES-SIV-512-Go 100.25 MB/s XChaCha20-Poly1305-Go 137.35 MB/s https://github.com/rfjakob/gocryptfs/issues/452 merge prefer_openssl package into stupidgcm 2020-02-15T16:21:30+00:00 Jakob Unterwurzacher 2020-02-15T16:21:30+00:00 urn:sha1:d5ce340c02601992cc9dab1bd7d3c2d95d81155e Now that I have discovered golang.org/x/sys/cpu and that Go versions below 1.6 are uncommon, there was not much useful code left in prefer_openssl. Merge the remains into stupidgcm. Assorted spelling fixes. 2018-12-27T14:19:55+00:00 Sebastian Lackner 2018-12-27T11:03:00+00:00 urn:sha1:874eaf9734cc10940e08f7b043652449e1e220b5 Mostly detected with the 'codespell' utility, but also includes some manual grammar fixes. stupidgcm: return error on too short input instead of panicing 2018-05-10T21:00:02+00:00 Jakob Unterwurzacher 2018-05-10T20:44:03+00:00 urn:sha1:a276321dea04eaa0cfc80c56e8faca4b8ded0b7a This is what Go GCM does as well. Fix the easy golint warnings 2018-04-08T18:26:25+00:00 Jakob Unterwurzacher 2018-04-08T18:24:29+00:00 urn:sha1:bcc8378a2c07476a43c1fe316b79590177ded3d3 Reported by https://goreportcard.com/report/github.com/rfjakob/gocryptfs stupidgcm: create private copy of the key 2018-02-18T11:35:51+00:00 Jakob Unterwurzacher 2018-02-18T11:33:48+00:00 urn:sha1:72ddbae1e60470943aaae0bfce74ebdc88c07cd2 Relieves the caller from worrying about whether they can overwrite the key. main: try to wipe cryptocore's secret keys on unmount 2018-02-18T10:39:10+00:00 Jakob Unterwurzacher 2018-02-18T10:33:47+00:00 urn:sha1:18f6c6106c66ba1fe6e7b48aaa5dd444ba0f9b09 Raise the bar for recovering keys from memory. https://github.com/rfjakob/gocryptfs/issues/211 stupidgcm: implement key wipe 2018-02-17T14:14:55+00:00 Jakob Unterwurzacher 2018-02-17T14:12:45+00:00 urn:sha1:eeed4b4bef64059e5a52f4ceaa0d3a52b197349a Not bulletproof due to possible GC copies, but still raises to bar for extracting the key. https://github.com/rfjakob/gocryptfs/issues/211 stupidgcm: switch to pointer receivers 2018-02-17T14:02:01+00:00 Jakob Unterwurzacher 2018-02-17T14:02:01+00:00 urn:sha1:7e0fefe970b98be7e455f671dbd0e994abd52110 What the key slice does not get copied around will make it possible to check if the key has been wiped.