| Age | Commit message (Collapse) | Author |
|---|
|
Tool-assisted.
|
|
Instead of just looking for AES, also look for PCLMULQDQ,
like crypto/tls does.
Fixes: https://github.com/rfjakob/gocryptfs/issues/822
|
|
Looks like I should have been calling testing.Init()
all along. From https://pkg.go.dev/testing#Init :
> Init is only needed when calling functions such as
> Benchmark without using "go test".
Panic only affected without_openssl builds and looks
like this:
$ ./gocryptfs -speed
gocryptfs v2.4.0-2-g8b1c4b0-dirty without_openssl; go-fuse v2.3.0; 2023-09-15 go1.21.1 linux/amd64
cpu: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz; with AES acceleration
AES-GCM-256-OpenSSL panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x5a5d20]
goroutine 7 [running]:
testing.(*common).decorate(0x40d625?, {0xc00001c150, 0x2a}, 0x830601?)
testing/testing.go:772 +0xa0
[...]
Fixes: https://github.com/rfjakob/gocryptfs/issues/789
Relates-to: https://github.com/golang/go/issues/62666
|
|
BenchmarkGoGCMBlockSize/16-4 5499200 219.7 ns/op 72.83 MB/s
BenchmarkGoGCMBlockSize/32-4 4497284 266.2 ns/op 120.22 MB/s
BenchmarkGoGCMBlockSize/64-4 3296336 363.4 ns/op 176.10 MB/s
BenchmarkGoGCMBlockSize/128-4 4204794 285.5 ns/op 448.36 MB/s
BenchmarkGoGCMBlockSize/256-4 2928472 409.7 ns/op 624.83 MB/s
BenchmarkGoGCMBlockSize/512-4 1825164 658.0 ns/op 778.09 MB/s
BenchmarkGoGCMBlockSize/1024-4 1000000 1151 ns/op 889.98 MB/s
BenchmarkGoGCMBlockSize/2048-4 560275 2135 ns/op 959.47 MB/s
BenchmarkGoGCMBlockSize/4096-4 291906 4099 ns/op 999.28 MB/s
BenchmarkGoGCMBlockSize/8192-4 148916 8033 ns/op 1019.83 MB/s
BenchmarkGoGCMBlockSize/16384-4 75337 15911 ns/op 1029.75 MB/s
BenchmarkGoGCMBlockSize/32768-4 37912 31651 ns/op 1035.30 MB/s
BenchmarkGoGCMBlockSize/65536-4 19000 64287 ns/op 1019.43 MB/s
BenchmarkGoGCMBlockSize/131072-4 9225 127636 ns/op 1026.92 MB/s
BenchmarkGoGCMBlockSize/262144-4 4752 252300 ns/op 1039.02 MB/s
BenchmarkGoGCMBlockSize/524288-4 2377 504612 ns/op 1038.99 MB/s
BenchmarkGoGCMBlockSize/1048576-4 1183 1011637 ns/op 1036.51 MB/s
|
|
Only visible when you run "go test -bench" like this:
$ cd gocryptfs/internal/speed
$ go test -bench .
goos: linux
goarch: amd64
pkg: github.com/rfjakob/gocryptfs/v2/internal/speed
cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
BenchmarkStupidGCM-4 202352 5937 ns/op 689.96 MB/s
BenchmarkStupidGCMDecrypt-4 206023 5782 ns/op 708.38 MB/s
BenchmarkGoGCM-4 291878 4098 ns/op 999.45 MB/s
BenchmarkGoGCMBlockSize/1024-4 1000000 1151 ns/op 889.88 MB/s
BenchmarkGoGCMBlockSize/2048-4 561182 2134 ns/op 959.60 MB/s
BenchmarkGoGCMBlockSize/4096-4 292057 4101 ns/op 998.87 MB/s
BenchmarkGoGCMBlockSize/8192-4 149216 8031 ns/op 1020.09 MB/s
BenchmarkGoGCMBlockSize/16384-4 75361 15917 ns/op 1029.34 MB/s
BenchmarkGoGCMBlockSize/32768-4 37916 31649 ns/op 1035.35 MB/s
BenchmarkGoGCMBlockSize/65536-4 19005 63117 ns/op 1038.33 MB/s
BenchmarkGoGCMBlockSize/131072-4 9498 126166 ns/op 1038.89 MB/s
BenchmarkGoGCMBlockSize/262144-4 4755 252149 ns/op 1039.64 MB/s
BenchmarkGoGCMBlockSize/524288-4 2377 504108 ns/op 1040.03 MB/s
BenchmarkGoGCMBlockSize/1048576-4 1188 1008675 ns/op 1039.56 MB/s
BenchmarkGoGCMDecrypt-4 294664 4059 ns/op 1009.02 MB/s
BenchmarkAESSIV-4 46498 25432 ns/op 161.05 MB/s
BenchmarkAESSIVDecrypt-4 46908 25509 ns/op 160.57 MB/s
BenchmarkXchacha-4 244473 4894 ns/op 836.97 MB/s
BenchmarkXchachaDecrypt-4 249710 4798 ns/op 853.75 MB/s
BenchmarkStupidXchacha-4 166988 7101 ns/op 576.79 MB/s
BenchmarkStupidXchachaDecrypt-4 163093 7240 ns/op 565.72 MB/s
BenchmarkStupidChacha-4 184172 6527 ns/op 627.58 MB/s
BenchmarkStupidChachaDecrypt-4 179796 6659 ns/op 615.11 MB/s
PASS
ok github.com/rfjakob/gocryptfs/v2/internal/speed 30.068s
|
|
Run "make format" using
go version go1.19.4 linux/amd64
|
|
Replace dependency jacobsa/crypto with a fork with support for riscv64.
Issue: https://github.com/rfjakob/gocryptfs/issues/666
Upstream PR: https://github.com/jacobsa/crypto/issues/13
Unaddressed on jacobsa/crypto:
https://github.com/jacobsa/crypto/pull/14#issuecomment-1182744229
Signed-off-by: Christian Stewart <christian@paral.in>
|
|
Used in gocryptfs-xray, and will also be used in -info.
|
|
When somebody posts "gocryptfs -speed" results, they are
most helpful together with the CPU model. Add the cpu model
to the output.
Example:
$ ./gocryptfs -speed
gocryptfs v2.2.0-beta1-5-g52b0444-dirty; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-14 go1.17.1 linux/amd64
cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz; with AES acceleration
AES-GCM-256-OpenSSL 862.79 MB/s
AES-GCM-256-Go 997.71 MB/s (selected in auto mode)
AES-SIV-512-Go 159.58 MB/s
XChaCha20-Poly1305-OpenSSL 729.65 MB/s
XChaCha20-Poly1305-Go 843.97 MB/s (selected in auto mode)
|
|
|
|
The rewritten openssl backend does not support this flag anymore,
and it was inherently dangerour. Drop it (ignored for compatibility)
|
|
|
|
Add PreferOpenSSLXchacha20poly1305,
rename PreferOpenSSL -> PreferOpenSSLAES256GCM.
|
|
New() -> NewAES256GCM()
Also add missing NewChacha20poly1305
constructor in without_openssl.go.
|
|
gocryptfs/internal/speed$ go test -bench .
goos: linux
goarch: amd64
pkg: github.com/rfjakob/gocryptfs/v2/internal/speed
cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
BenchmarkStupidGCM-4 249396 4722 ns/op 867.50 MB/s
BenchmarkStupidGCMDecrypt-4 257872 4616 ns/op 887.35 MB/s
BenchmarkGoGCM-4 290952 4097 ns/op 999.83 MB/s
BenchmarkGoGCMDecrypt-4 294106 4060 ns/op 1008.84 MB/s
BenchmarkAESSIV-4 46520 25532 ns/op 160.42 MB/s
BenchmarkAESSIVDecrypt-4 46974 25478 ns/op 160.76 MB/s
BenchmarkXchacha-4 244108 4881 ns/op 839.14 MB/s
BenchmarkXchachaDecrypt-4 249658 4786 ns/op 855.86 MB/s
BenchmarkStupidXchacha-4 205339 5768 ns/op 710.11 MB/s
BenchmarkStupidXchachaDecrypt-4 204577 5836 ns/op 701.84 MB/s
BenchmarkStupidChacha-4 227510 5224 ns/op 784.06 MB/s
BenchmarkStupidChachaDecrypt-4 222787 5359 ns/op 764.34 MB/s
PASS
ok github.com/rfjakob/gocryptfs/v2/internal/speed 15.328s
|
|
gocryptfs/internal/speed$ go test -bench .
goos: linux
goarch: amd64
pkg: github.com/rfjakob/gocryptfs/v2/internal/speed
cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
BenchmarkStupidGCM-4 263742 4523 ns/op 905.61 MB/s
BenchmarkStupidGCMDecrypt-4 204858 5779 ns/op 708.76 MB/s
BenchmarkGoGCM-4 291259 4095 ns/op 1000.25 MB/s
BenchmarkGoGCMDecrypt-4 293886 4061 ns/op 1008.53 MB/s
BenchmarkAESSIV-4 46537 25538 ns/op 160.39 MB/s
BenchmarkAESSIVDecrypt-4 46770 25627 ns/op 159.83 MB/s
BenchmarkXchacha-4 243619 4893 ns/op 837.03 MB/s
BenchmarkXchachaDecrypt-4 248857 4793 ns/op 854.51 MB/s
BenchmarkStupidXchacha-4 213717 5558 ns/op 736.99 MB/s
BenchmarkStupidXchachaDecrypt-4 176635 6782 ns/op 603.96 MB/s
PASS
ok github.com/rfjakob/gocryptfs/v2/internal/speed 12.871s
|
|
The bEncrypt helper massively deduplicates the code,
and reusing the dst buffer gives higher performance,
and that's what gocryptfs does in normal operation via
sync.Pool.
$ benchstat old.txt new.txt
name old time/op new time/op delta
StupidGCM-4 6.24µs ± 1% 4.65µs ± 0% -25.47% (p=0.008 n=5+5)
GoGCM-4 4.90µs ± 0% 4.10µs ± 0% -16.44% (p=0.008 n=5+5)
AESSIV-4 26.4µs ± 0% 25.6µs ± 0% -2.90% (p=0.008 n=5+5)
Xchacha-4 5.76µs ± 0% 4.91µs ± 0% -14.79% (p=0.008 n=5+5)
StupidXchacha-4 7.24µs ± 1% 5.48µs ± 0% -24.33% (p=0.008 n=5+5)
name old speed new speed delta
StupidGCM-4 656MB/s ± 1% 880MB/s ± 0% +34.15% (p=0.008 n=5+5)
GoGCM-4 835MB/s ± 0% 1000MB/s ± 0% +19.68% (p=0.008 n=5+5)
AESSIV-4 155MB/s ± 0% 160MB/s ± 0% +2.99% (p=0.008 n=5+5)
Xchacha-4 711MB/s ± 0% 834MB/s ± 0% +17.35% (p=0.008 n=5+5)
StupidXchacha-4 565MB/s ± 1% 747MB/s ± 0% +32.15% (p=0.008 n=5+5)
|
|
$ ./gocryptfs -speed
gocryptfs v2.1-56-gdb1466f-dirty.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-02 go1.17 linux/amd64
AES-GCM-256-OpenSSL 529.53 MB/s
AES-GCM-256-Go 833.85 MB/s (selected in auto mode)
AES-SIV-512-Go 155.27 MB/s
XChaCha20-Poly1305-Go 715.33 MB/s (use via -xchacha flag)
XChaCha20-Poly1305-OpenSSL 468.94 MB/s
https://github.com/rfjakob/gocryptfs/issues/452
|
|
|
|
|
|
Our git version is v2+ for some time now, but go.mod
still declared v1. Hopefully making both match makes
https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2 work.
All the import paths have been fixed like this:
find . -name \*.go | xargs sed -i s%github.com/rfjakob/gocryptfs/%github.com/rfjakob/gocryptfs/v2/%
|
|
This is unclear to users, as seen on
https://github.com/rfjakob/gocryptfs/issues/452#issuecomment-828836651
|
|
https://github.com/rfjakob/gocryptfs/issues/452
|
|
|
|
Now that I have discovered golang.org/x/sys/cpu and that Go
versions below 1.6 are uncommon, there was not much useful
code left in prefer_openssl.
Merge the remains into stupidgcm.
|
|
|
|
Force decode of encrypted files even if the integrity check fails, instead of
failing with an IO error. Warning messages are still printed to syslog if corrupted
files are encountered.
It can be useful to recover files from disks with bad sectors or other corrupted
media.
Closes https://github.com/rfjakob/gocryptfs/pull/102 .
|
|
Yields a nice reduction in code size.
|
|
|
|
Old Go versions miss cipher.NewGCMWithNonceSize, which causes:
internal/speed/speed.go:95: undefined: cipher.NewGCMWithNonceSize
|
|
A crypto benchmark mode like "openssl speed".
Example run:
$ ./gocryptfs -speed
AES-GCM-256-OpenSSL 180.89 MB/s (selected in auto mode)
AES-GCM-256-Go 48.19 MB/s
AES-SIV-512-Go 37.40 MB/s
|
