summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-09-07stupidgcm: unexport stupidGCM structJakob Unterwurzacher
No need to have it exported.
2021-09-07stupidgcm: allow zero-length input dataJakob Unterwurzacher
We used to panic in this case because it is useless. But Go stdlib supports it, so we should as well.
2021-09-07stupidgcm: fix build with CGO_ENABLED=1 without_opensslJakob Unterwurzacher
We missed some "// +build" lines
2021-09-07stupidgcm: NewChacha20poly1305: avoid slice appendJakob Unterwurzacher
I noticed that growslice() shows up in the cpuprofile. Avoiding slice append for the private jey copy gives a 0.6% speedup: gocryptfs/internal/speed$ benchstat old new name old time/op new time/op delta StupidXchacha-4 5.68µs ± 0% 5.65µs ± 0% -0.63% (p=0.008 n=5+5) name old speed new speed delta StupidXchacha-4 721MB/s ± 0% 725MB/s ± 0% +0.63% (p=0.008 n=5+5)
2021-09-07stupidgcm: add testConcurrencyJakob Unterwurzacher
Verifies that we don't corrupt data when called concurrently.
2021-09-07stupidgcm: cache C.EVP_chacha20_poly1305()Jakob Unterwurzacher
2% performance improvement, almost for free. gocryptfs/internal/speed$ benchstat old new name old time/op new time/op delta StupidXchacha-4 5.82µs ± 0% 5.68µs ± 0% -2.37% (p=0.008 n=5+5) name old speed new speed delta StupidXchacha-4 704MB/s ± 0% 721MB/s ± 0% +2.43% (p=0.008 n=5+5)
2021-09-07stupidgcm: add BenchmarkCCallJakob Unterwurzacher
gocryptfs/internal/stupidgcm$ go test -bench . goos: linux goarch: amd64 pkg: github.com/rfjakob/gocryptfs/v2/internal/stupidgcm cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz BenchmarkCCall-4 15864030 78.60 ns/op PASS ok github.com/rfjakob/gocryptfs/v2/internal/stupidgcm 1.898s
2021-09-07speed: add BenchmarkStupidChachaJakob Unterwurzacher
gocryptfs/internal/speed$ go test -bench . goos: linux goarch: amd64 pkg: github.com/rfjakob/gocryptfs/v2/internal/speed cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz BenchmarkStupidGCM-4 249396 4722 ns/op 867.50 MB/s BenchmarkStupidGCMDecrypt-4 257872 4616 ns/op 887.35 MB/s BenchmarkGoGCM-4 290952 4097 ns/op 999.83 MB/s BenchmarkGoGCMDecrypt-4 294106 4060 ns/op 1008.84 MB/s BenchmarkAESSIV-4 46520 25532 ns/op 160.42 MB/s BenchmarkAESSIVDecrypt-4 46974 25478 ns/op 160.76 MB/s BenchmarkXchacha-4 244108 4881 ns/op 839.14 MB/s BenchmarkXchachaDecrypt-4 249658 4786 ns/op 855.86 MB/s BenchmarkStupidXchacha-4 205339 5768 ns/op 710.11 MB/s BenchmarkStupidXchachaDecrypt-4 204577 5836 ns/op 701.84 MB/s BenchmarkStupidChacha-4 227510 5224 ns/op 784.06 MB/s BenchmarkStupidChachaDecrypt-4 222787 5359 ns/op 764.34 MB/s PASS ok github.com/rfjakob/gocryptfs/v2/internal/speed 15.328s
2021-09-07stupidgcm: replace naked panicsJakob Unterwurzacher
2021-09-07stupidgcm: fix without_openssl buildJakob Unterwurzacher
$ ./build-without-openssl.bash internal/speed/speed.go:152:14: undefined: stupidgcm.NewXchacha20poly1305
2021-09-07test.bash: only check go files for naked panicJakob Unterwurzacher
This found a lot of panics in the new file openssl_aead.c.
2021-09-07stupidgcm: introduce stupidAEADCommon and use for both chacha & gcmJakob Unterwurzacher
Nice deduplication and brings the GCM decrypt speed up to par. internal/speed$ benchstat old new name old time/op new time/op delta StupidGCM-4 4.71µs ± 0% 4.66µs ± 0% -0.99% (p=0.008 n=5+5) StupidGCMDecrypt-4 5.77µs ± 1% 4.51µs ± 0% -21.80% (p=0.008 n=5+5) name old speed new speed delta StupidGCM-4 870MB/s ± 0% 879MB/s ± 0% +1.01% (p=0.008 n=5+5) StupidGCMDecrypt-4 710MB/s ± 1% 908MB/s ± 0% +27.87% (p=0.008 n=5+5)
2021-09-07stupidgcm: stupidChacha20poly1305.Open: batch C calls in aead_openJakob Unterwurzacher
Gets the decryption speed to the same level as the encryption speed. internal/speed$ benchstat old.txt new.txt name old time/op new time/op delta StupidXchacha-4 732MB/s ± 0% 740MB/s ± 0% ~ (p=1.000 n=1+1) StupidXchachaDecrypt-4 602MB/s ± 0% 741MB/s ± 0% ~ (p=1.000 n=1+1)
2021-09-07speed: add decryption benchmarksJakob Unterwurzacher
gocryptfs/internal/speed$ go test -bench . goos: linux goarch: amd64 pkg: github.com/rfjakob/gocryptfs/v2/internal/speed cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz BenchmarkStupidGCM-4 263742 4523 ns/op 905.61 MB/s BenchmarkStupidGCMDecrypt-4 204858 5779 ns/op 708.76 MB/s BenchmarkGoGCM-4 291259 4095 ns/op 1000.25 MB/s BenchmarkGoGCMDecrypt-4 293886 4061 ns/op 1008.53 MB/s BenchmarkAESSIV-4 46537 25538 ns/op 160.39 MB/s BenchmarkAESSIVDecrypt-4 46770 25627 ns/op 159.83 MB/s BenchmarkXchacha-4 243619 4893 ns/op 837.03 MB/s BenchmarkXchachaDecrypt-4 248857 4793 ns/op 854.51 MB/s BenchmarkStupidXchacha-4 213717 5558 ns/op 736.99 MB/s BenchmarkStupidXchachaDecrypt-4 176635 6782 ns/op 603.96 MB/s PASS ok github.com/rfjakob/gocryptfs/v2/internal/speed 12.871s
2021-09-07speed: add bEncrypt helper, reuse dst bufferJakob Unterwurzacher
The bEncrypt helper massively deduplicates the code, and reusing the dst buffer gives higher performance, and that's what gocryptfs does in normal operation via sync.Pool. $ benchstat old.txt new.txt name old time/op new time/op delta StupidGCM-4 6.24µs ± 1% 4.65µs ± 0% -25.47% (p=0.008 n=5+5) GoGCM-4 4.90µs ± 0% 4.10µs ± 0% -16.44% (p=0.008 n=5+5) AESSIV-4 26.4µs ± 0% 25.6µs ± 0% -2.90% (p=0.008 n=5+5) Xchacha-4 5.76µs ± 0% 4.91µs ± 0% -14.79% (p=0.008 n=5+5) StupidXchacha-4 7.24µs ± 1% 5.48µs ± 0% -24.33% (p=0.008 n=5+5) name old speed new speed delta StupidGCM-4 656MB/s ± 1% 880MB/s ± 0% +34.15% (p=0.008 n=5+5) GoGCM-4 835MB/s ± 0% 1000MB/s ± 0% +19.68% (p=0.008 n=5+5) AESSIV-4 155MB/s ± 0% 160MB/s ± 0% +2.99% (p=0.008 n=5+5) Xchacha-4 711MB/s ± 0% 834MB/s ± 0% +17.35% (p=0.008 n=5+5) StupidXchacha-4 565MB/s ± 1% 747MB/s ± 0% +32.15% (p=0.008 n=5+5)
2021-09-07stupidgcm: use aead_seal for gcm as wellJakob Unterwurzacher
$ benchstat old.txt new.txt name old time/op new time/op delta StupidGCM-4 7.87µs ± 1% 6.64µs ± 2% -15.65% (p=0.000 n=10+10) name old speed new speed delta StupidGCM-4 520MB/s ± 1% 617MB/s ± 2% +18.56% (p=0.000 n=10+10)
2021-09-07stupidgcm: replace chacha20poly1305_seal with generic aead_sealJakob Unterwurzacher
2021-09-07stupidgcm: batch C calls in chacha20poly1305_sealJakob Unterwurzacher
Go has a high overhead for each C call, so batch all openssl operations in the new C function chacha20poly1305_seal. Benchmark results: internal/speed$ go test -bench BenchmarkStupidXchacha -count 10 > old.txt internal/speed$ go test -bench BenchmarkStupidXchacha -count 10 > new.txt internal/speed$ benchstat old.txt new.txt name old time/op new time/op delta StupidXchacha-4 8.79µs ± 1% 7.25µs ± 1% -17.54% (p=0.000 n=10+10) name old speed new speed delta StupidXchacha-4 466MB/s ± 1% 565MB/s ± 1% +21.27% (p=0.000 n=10+10)
2021-09-07-speed: add XChaCha20-Poly1305-OpenSSLJakob Unterwurzacher
$ ./gocryptfs -speed gocryptfs v2.1-56-gdb1466f-dirty.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-02 go1.17 linux/amd64 AES-GCM-256-OpenSSL 529.53 MB/s AES-GCM-256-Go 833.85 MB/s (selected in auto mode) AES-SIV-512-Go 155.27 MB/s XChaCha20-Poly1305-Go 715.33 MB/s (use via -xchacha flag) XChaCha20-Poly1305-OpenSSL 468.94 MB/s https://github.com/rfjakob/gocryptfs/issues/452
2021-09-07stupidgcm: add stupidXchacha20poly1305Jakob Unterwurzacher
Implementation copied from https://github.com/golang/crypto/blob/32db794688a5a24a23a43f2a984cecd5b3d8da58/chacha20poly1305/xchacha20poly1305.go
2021-09-07stupidgcm: stupidChacha20poly1305: normalize panic messagesJakob Unterwurzacher
2021-09-07stupidgcm: stupidChacha20poly1305: use byte array for keyJakob Unterwurzacher
Follow what golang.org/x/crypto/chacha20poly1305 does for easier integration in the next commit.
2021-09-02stupidgcm: add testWipe testJakob Unterwurzacher
After looking at the cover profile, this was the only untested code except panic cases.
2021-09-02stupidgcm: deduplicate tests 2/2Jakob Unterwurzacher
Deduplicate the cipher setup that was identical for all tests for each cipher.
2021-09-02stupidgcm: deduplicate tests 1/2Jakob Unterwurzacher
Pull the code shared between chacha and gcm into generic functions.
2021-09-02stupidgcm: add chacha20poly1305 via opensslJakob Unterwurzacher
"stupidChacha20poly1305". XChaCha will build upon this.
2021-09-01tests/matrix: don't leak fds in TestConcurrentReadCreateJakob Unterwurzacher
We leaked a file descriptor for each empty file we encountered.
2021-09-01*: trim trailing whitespacea1346054
2021-09-01*: fix spellinga1346054
2021-09-01shell scripts: fix shellcheck warningsa1346054
2021-08-30README: explain where -xchacha makes senseJakob Unterwurzacher
2021-08-30fusefrontend: remove leftover PrintfJakob Unterwurzacher
Commit b83ca9c921019fc3b790dabb6198bb77ef2f9a34 inadveredly added a leftover debug Printf. Delete it.
2021-08-30Unbreak hyperlinks broken by go mod v2 conversionJakob Unterwurzacher
Commit 69d88505fd7f4cb0d9e4f1918de296342fe05858 go mod: declare module version v2 translated all instances of "github.com/rfjakob/gocryptfs/" to "github.com/rfjakob/gocryptfs/v2/". Unfortunately, this included hyperlinks. Unbreak the hyperlinks like this: find . -name \*.go | xargs sed -i s%https://github.com/rfjakob/gocryptfs/v2/%https://github.com/rfjakob/gocryptfs/v2/%
2021-08-30README: compress Installation sectionJakob Unterwurzacher
More content, less whitespace.
2021-08-30README: update changelogJakob Unterwurzacher
2021-08-30Reimplement -serialize_reads flag using new SyncRead mount flagJakob Unterwurzacher
Let the kernel do the work for us. See https://github.com/hanwen/go-fuse/commit/15a8bb029a4e1a51e10043c370970596b1fbb737 for more info.
2021-08-30Remove serialize_reads packageJakob Unterwurzacher
Will be replaced by go-fuse's new SyncRead flag. More info: https://github.com/hanwen/go-fuse/issues/395 SyncRead commit: https://github.com/hanwen/go-fuse/commit/15a8bb029a4e1a51e10043c370970596b1fbb737
2021-08-29go mod: upgrade go-fuse to fix darwin build failureJakob Unterwurzacher
Upgraded using go get -u github.com/hanwen/go-fuse/v2@master to get https://github.com/hanwen/go-fuse/commit/61df81086038f52fbf3e25ff97373336c83cd3ae Fixes https://github.com/rfjakob/gocryptfs/issues/597
2021-08-26doc: file-format.md: describe XChaCha20-Poly1305Jakob Unterwurzacher
Different nonce size.
2021-08-26fsstress-gocryptfs: fuse-xfstests now lives in /optJakob Unterwurzacher
fuse-xfstests should be installed to /opt now to make the terminal output independent of the user name (as done in https://github.com/rfjakob/fuse-xfstests/wiki/results_2021-06-02 )
2021-08-25-devrandom: make flag a no-opJakob Unterwurzacher
Commit f3c777d5eaa682d878c638192311e52f9c204294 added the `-devrandom` option: commit f3c777d5eaa682d878c638192311e52f9c204294 Author: @slackner Date: Sun Nov 19 13:30:04 2017 +0100 main: Add '-devrandom' commandline option Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy. We now require Go v1.13 and Kernel versions should have also moved on. Make the flag a no-op. https://github.com/rfjakob/gocryptfs/issues/596
2021-08-25go mod: update go-fuseJakob Unterwurzacher
We want /dev/fd/N support: https://github.com/hanwen/go-fuse/commit/74a933d6e856048cbff1a437bf3dbf79162e77de "fuse: support special /dev/fd/N mountpoint" Fixes https://github.com/rfjakob/gocryptfs/issues/590
2021-08-24README: add -xchacha to changelogJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/452
2021-08-24MANPAGE: add -xchachaJakob Unterwurzacher
2021-08-24-speed: note that -xchacha is selectableJakob Unterwurzacher
2021-08-24tests/example_filesystems: add v2.2-xchacha-deterministic-namesJakob Unterwurzacher
Combines both new flags.
2021-08-24tests/example_filesystems: add deterministic-names and xchachaJakob Unterwurzacher
2021-08-24benchmark.bash: add -xchacha supportJakob Unterwurzacher
2021-08-23xray: add xchacha supportJakob Unterwurzacher
Also use the new cryptocore algo names.
2021-08-23contentenc: remove unused NonceMode constantsJakob Unterwurzacher
Looks like these are part of an abandoned plan.