summaryrefslogtreecommitdiff
path: root/internal
AgeCommit message (Collapse)Author
2022-01-03readpassword: bubble up errors instead of exiting the processJakob Unterwurzacher
This allows cleanups to happen in the caller, like removing the control socket. Fixes https://github.com/rfjakob/gocryptfs/issues/634
2021-12-19nametransform: fix oversight in commentJakob Unterwurzacher
2021-12-19fusefrontend: allow slashes in xattr namesJakob Unterwurzacher
xattr names have fewer restrictions than file names, relax the validation. Fixes https://github.com/rfjakob/gocryptfs/issues/627
2021-12-11tlog: only enable color if both stderr and stdout are a terminalJakob Unterwurzacher
This gocryptfs -init /does/not/exist 2> err.log used to write escape codes into err.log. Stop doing that.
2021-12-11tlog: respect NO_COLORJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/617
2021-12-09darwin: use O_NOFOLLOW for xattr opensJakob Unterwurzacher
Running the tests we have lots of these: Openat: O_NOFOLLOW missing: flags = 0x4 -wpanic turns this warning into a panic: Openat: O_NOFOLLOW missing: flags = 0x4 panic: -wpanic turns this warning into a panic: Openat: O_NOFOLLOW missing: flags = 0x4 goroutine 114 [running]: log.(*Logger).Panic(0x14000118280, {0x14000313ca8, 0x1, 0x1}) log/log.go:224 +0x90 github.com/rfjakob/gocryptfs/v2/internal/tlog.(*toggledLogger).Printf(0x14000076780, {0x1009dc2e8, 0x27}, {0x14000313d18, 0x1, 0x1}) github.com/rfjakob/gocryptfs/v2/internal/tlog/log.go:78 +0x168 github.com/rfjakob/gocryptfs/v2/internal/syscallcompat.Openat(0x9, {0x1009d0747, 0x1}, 0x4, 0x0) github.com/rfjakob/gocryptfs/v2/internal/syscallcompat/sys_common.go:59 +0xf0 github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).getXAttr(0x14000142000, {0x1400001c140, 0x3a}) github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node_xattr_darwin.go:30 +0x8c github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).Getxattr(0x14000142000, {0x100a7eba0, 0x1400000c2e8}, {0x14000016348, 0x14}, {0x14000326000, 0x20, 0x4000}) github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node_xattr.go:65 +0x1ac github.com/hanwen/go-fuse/v2/fs.(*rawBridge).GetXAttr(0x1400008e140, 0x140001901e0, 0x140001133c0, {0x14000016348, 0x14}, {0x14000326000, 0x20, 0x4000}) github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fs/bridge.go:685 +0x114 github.com/hanwen/go-fuse/v2/fuse.doGetXAttr(0x14000144000, 0x14000113200) github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/opcode.go:270 +0x224 github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0x14000144000, 0x14000113200) github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/server.go:499 +0x214 created by github.com/hanwen/go-fuse/v2/fuse.(*Server).loop github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/server.go:470 +0xac https://github.com/rfjakob/gocryptfs/issues/625
2021-11-01docs: names longer than 175 bytes (not 176) are stored in longnamesJakob Unterwurzacher
Quoting fusefrontend_reverse/node_helpers.go : // File names are padded to 16-byte multiples, encrypted and // base64-encoded. We can encode at most 176 bytes to stay below the 255 // bytes limit: // * base64(176 bytes) = 235 bytes // * base64(192 bytes) = 256 bytes (over 255!) // But the PKCS#7 padding is at least one byte. This means we can only use // 175 bytes for the file name. Noticed by @bailey27 at https://github.com/rfjakob/gocryptfs/issues/499#issuecomment-955790427
2021-10-21nametransform: fix math.MaxInt build failure on older GoJakob Unterwurzacher
Failure is: # github.com/rfjakob/gocryptfs/v2/internal/nametransform internal/nametransform/names.go:47:33: undefined: math.MaxInt math.MaxInt was only introduced in Go 1.17. Use MaxInt32 instead, which is good enough, even on amd64. It only has to be larger than any name we might encounter.
2021-10-21cli: add -longnamemaxJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/499
2021-10-21configfile: add LongNameMax supportJakob Unterwurzacher
Feature flag + numeric paramater https://github.com/rfjakob/gocryptfs/issues/499
2021-10-21nametransform: add longNameMax parameterJakob Unterwurzacher
Determines when to start hashing long names instead of hardcoded 255. Will be used to alleviate "name too long" issues some users see on cloud storage. https://github.com/rfjakob/gocryptfs/issues/499
2021-10-21configfile: replace broken switch/case logic with ifJakob Unterwurzacher
Because switch only matches once, we could have missed invalid cases. Replace the switch statements with a straight if rake.
2021-10-15fusefrontend: honor ForceOwner for LOOKUP and CREATE operationsCharles Duffy
2021-09-28cryptocore: simplify declarationsJakob Unterwurzacher
Reported by codacity: internal/cryptocore/cryptocore.go Minor icon MINOR Code Style should omit type AEADTypeEnum from declaration of var BackendAESSIV; it will be inferred from the right-hand side var BackendAESSIV AEADTypeEnum = AEADTypeEnum{"AES-SIV-512", "Go", siv_aead.NonceSize} Minor icon MINOR Code Style should omit type AEADTypeEnum from declaration of var BackendXChaCha20Poly1305; it will be inferred from the right-hand side var BackendXChaCha20Poly1305 AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305", "Go", chacha20poly1305.NonceSizeX} Minor icon MINOR Code Style should omit type AEADTypeEnum from declaration of var BackendXChaCha20Poly1305OpenSSL; it will be inferred from the right-hand side var BackendXChaCha20Poly1305OpenSSL AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305", "OpenSSL", chacha20poly1305.NonceSizeX} Found 2 possible new issues internal/cryptocore/cryptocore.go Minor icon MINOR Code Style should omit type AEADTypeEnum from declaration of var BackendOpenSSL; it will be inferred from the right-hand side var BackendOpenSSL AEADTypeEnum = AEADTypeEnum{"AES-GCM-256", "OpenSSL", 16} Minor icon MINOR Code Style should omit type AEADTypeEnum from declaration of var BackendGoGCM; it will be inferred from the right-hand side var BackendGoGCM AEADTypeEnum = AEADTypeEnum{"AES-GCM-256", "Go", 16}
2021-09-28cryptocore: disentangle algorithm / library implementation nameJakob Unterwurzacher
Used in gocryptfs-xray, and will also be used in -info.
2021-09-14-speed: print cpu modelJakob Unterwurzacher
When somebody posts "gocryptfs -speed" results, they are most helpful together with the CPU model. Add the cpu model to the output. Example: $ ./gocryptfs -speed gocryptfs v2.2.0-beta1-5-g52b0444-dirty; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-14 go1.17.1 linux/amd64 cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz; with AES acceleration AES-GCM-256-OpenSSL 862.79 MB/s AES-GCM-256-Go 997.71 MB/s (selected in auto mode) AES-SIV-512-Go 159.58 MB/s XChaCha20-Poly1305-OpenSSL 729.65 MB/s XChaCha20-Poly1305-Go 843.97 MB/s (selected in auto mode)
2021-09-14stupidgcm: add CpuHasAES()Jakob Unterwurzacher
Makes the code clearer, and will be used in the next commit.
2021-09-14-speed: drop useless tab at end of lineJakob Unterwurzacher
2021-09-10inomap: deterministically set root deviceJakob Unterwurzacher
We used to have "first Translate() wins". This is not deterministic, as the LOOKUP for the root directory does not seem to reach us, so the first user LOOKUP would win, which may be on a mountpoint.
2021-09-10cli: drop -forcedecode flagJakob Unterwurzacher
The rewritten openssl backend does not support this flag anymore, and it was inherently dangerour. Drop it (ignored for compatibility)
2021-09-08-speed: show which xchacha implementation is preferredJakob Unterwurzacher
2021-09-08Make -openssl also apply to xchachaJakob Unterwurzacher
Now that stupidgcm supports xchacha, make it available on mount.
2021-09-08stupidgcm: add PreferOpenSSL{AES256GCM,Xchacha20poly1305}Jakob Unterwurzacher
Add PreferOpenSSLXchacha20poly1305, rename PreferOpenSSL -> PreferOpenSSLAES256GCM.
2021-09-07stupidgcm: normalize constructor namingJakob Unterwurzacher
New() -> NewAES256GCM() Also add missing NewChacha20poly1305 constructor in without_openssl.go.
2021-09-07stupidgcm: revamp package documentationJakob Unterwurzacher
Maybe interesting for people following https://github.com/rfjakob/gocryptfs/issues/452
2021-09-07stupidgcm: unexport stupidGCM structJakob Unterwurzacher
No need to have it exported.
2021-09-07stupidgcm: allow zero-length input dataJakob Unterwurzacher
We used to panic in this case because it is useless. But Go stdlib supports it, so we should as well.
2021-09-07stupidgcm: fix build with CGO_ENABLED=1 without_opensslJakob Unterwurzacher
We missed some "// +build" lines
2021-09-07stupidgcm: NewChacha20poly1305: avoid slice appendJakob Unterwurzacher
I noticed that growslice() shows up in the cpuprofile. Avoiding slice append for the private jey copy gives a 0.6% speedup: gocryptfs/internal/speed$ benchstat old new name old time/op new time/op delta StupidXchacha-4 5.68µs ± 0% 5.65µs ± 0% -0.63% (p=0.008 n=5+5) name old speed new speed delta StupidXchacha-4 721MB/s ± 0% 725MB/s ± 0% +0.63% (p=0.008 n=5+5)
2021-09-07stupidgcm: add testConcurrencyJakob Unterwurzacher
Verifies that we don't corrupt data when called concurrently.
2021-09-07stupidgcm: cache C.EVP_chacha20_poly1305()Jakob Unterwurzacher
2% performance improvement, almost for free. gocryptfs/internal/speed$ benchstat old new name old time/op new time/op delta StupidXchacha-4 5.82µs ± 0% 5.68µs ± 0% -2.37% (p=0.008 n=5+5) name old speed new speed delta StupidXchacha-4 704MB/s ± 0% 721MB/s ± 0% +2.43% (p=0.008 n=5+5)
2021-09-07stupidgcm: add BenchmarkCCallJakob Unterwurzacher
gocryptfs/internal/stupidgcm$ go test -bench . goos: linux goarch: amd64 pkg: github.com/rfjakob/gocryptfs/v2/internal/stupidgcm cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz BenchmarkCCall-4 15864030 78.60 ns/op PASS ok github.com/rfjakob/gocryptfs/v2/internal/stupidgcm 1.898s
2021-09-07speed: add BenchmarkStupidChachaJakob Unterwurzacher
gocryptfs/internal/speed$ go test -bench . goos: linux goarch: amd64 pkg: github.com/rfjakob/gocryptfs/v2/internal/speed cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz BenchmarkStupidGCM-4 249396 4722 ns/op 867.50 MB/s BenchmarkStupidGCMDecrypt-4 257872 4616 ns/op 887.35 MB/s BenchmarkGoGCM-4 290952 4097 ns/op 999.83 MB/s BenchmarkGoGCMDecrypt-4 294106 4060 ns/op 1008.84 MB/s BenchmarkAESSIV-4 46520 25532 ns/op 160.42 MB/s BenchmarkAESSIVDecrypt-4 46974 25478 ns/op 160.76 MB/s BenchmarkXchacha-4 244108 4881 ns/op 839.14 MB/s BenchmarkXchachaDecrypt-4 249658 4786 ns/op 855.86 MB/s BenchmarkStupidXchacha-4 205339 5768 ns/op 710.11 MB/s BenchmarkStupidXchachaDecrypt-4 204577 5836 ns/op 701.84 MB/s BenchmarkStupidChacha-4 227510 5224 ns/op 784.06 MB/s BenchmarkStupidChachaDecrypt-4 222787 5359 ns/op 764.34 MB/s PASS ok github.com/rfjakob/gocryptfs/v2/internal/speed 15.328s
2021-09-07stupidgcm: replace naked panicsJakob Unterwurzacher
2021-09-07stupidgcm: fix without_openssl buildJakob Unterwurzacher
$ ./build-without-openssl.bash internal/speed/speed.go:152:14: undefined: stupidgcm.NewXchacha20poly1305
2021-09-07stupidgcm: introduce stupidAEADCommon and use for both chacha & gcmJakob Unterwurzacher
Nice deduplication and brings the GCM decrypt speed up to par. internal/speed$ benchstat old new name old time/op new time/op delta StupidGCM-4 4.71µs ± 0% 4.66µs ± 0% -0.99% (p=0.008 n=5+5) StupidGCMDecrypt-4 5.77µs ± 1% 4.51µs ± 0% -21.80% (p=0.008 n=5+5) name old speed new speed delta StupidGCM-4 870MB/s ± 0% 879MB/s ± 0% +1.01% (p=0.008 n=5+5) StupidGCMDecrypt-4 710MB/s ± 1% 908MB/s ± 0% +27.87% (p=0.008 n=5+5)
2021-09-07stupidgcm: stupidChacha20poly1305.Open: batch C calls in aead_openJakob Unterwurzacher
Gets the decryption speed to the same level as the encryption speed. internal/speed$ benchstat old.txt new.txt name old time/op new time/op delta StupidXchacha-4 732MB/s ± 0% 740MB/s ± 0% ~ (p=1.000 n=1+1) StupidXchachaDecrypt-4 602MB/s ± 0% 741MB/s ± 0% ~ (p=1.000 n=1+1)
2021-09-07speed: add decryption benchmarksJakob Unterwurzacher
gocryptfs/internal/speed$ go test -bench . goos: linux goarch: amd64 pkg: github.com/rfjakob/gocryptfs/v2/internal/speed cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz BenchmarkStupidGCM-4 263742 4523 ns/op 905.61 MB/s BenchmarkStupidGCMDecrypt-4 204858 5779 ns/op 708.76 MB/s BenchmarkGoGCM-4 291259 4095 ns/op 1000.25 MB/s BenchmarkGoGCMDecrypt-4 293886 4061 ns/op 1008.53 MB/s BenchmarkAESSIV-4 46537 25538 ns/op 160.39 MB/s BenchmarkAESSIVDecrypt-4 46770 25627 ns/op 159.83 MB/s BenchmarkXchacha-4 243619 4893 ns/op 837.03 MB/s BenchmarkXchachaDecrypt-4 248857 4793 ns/op 854.51 MB/s BenchmarkStupidXchacha-4 213717 5558 ns/op 736.99 MB/s BenchmarkStupidXchachaDecrypt-4 176635 6782 ns/op 603.96 MB/s PASS ok github.com/rfjakob/gocryptfs/v2/internal/speed 12.871s
2021-09-07speed: add bEncrypt helper, reuse dst bufferJakob Unterwurzacher
The bEncrypt helper massively deduplicates the code, and reusing the dst buffer gives higher performance, and that's what gocryptfs does in normal operation via sync.Pool. $ benchstat old.txt new.txt name old time/op new time/op delta StupidGCM-4 6.24µs ± 1% 4.65µs ± 0% -25.47% (p=0.008 n=5+5) GoGCM-4 4.90µs ± 0% 4.10µs ± 0% -16.44% (p=0.008 n=5+5) AESSIV-4 26.4µs ± 0% 25.6µs ± 0% -2.90% (p=0.008 n=5+5) Xchacha-4 5.76µs ± 0% 4.91µs ± 0% -14.79% (p=0.008 n=5+5) StupidXchacha-4 7.24µs ± 1% 5.48µs ± 0% -24.33% (p=0.008 n=5+5) name old speed new speed delta StupidGCM-4 656MB/s ± 1% 880MB/s ± 0% +34.15% (p=0.008 n=5+5) GoGCM-4 835MB/s ± 0% 1000MB/s ± 0% +19.68% (p=0.008 n=5+5) AESSIV-4 155MB/s ± 0% 160MB/s ± 0% +2.99% (p=0.008 n=5+5) Xchacha-4 711MB/s ± 0% 834MB/s ± 0% +17.35% (p=0.008 n=5+5) StupidXchacha-4 565MB/s ± 1% 747MB/s ± 0% +32.15% (p=0.008 n=5+5)
2021-09-07stupidgcm: use aead_seal for gcm as wellJakob Unterwurzacher
$ benchstat old.txt new.txt name old time/op new time/op delta StupidGCM-4 7.87µs ± 1% 6.64µs ± 2% -15.65% (p=0.000 n=10+10) name old speed new speed delta StupidGCM-4 520MB/s ± 1% 617MB/s ± 2% +18.56% (p=0.000 n=10+10)
2021-09-07stupidgcm: replace chacha20poly1305_seal with generic aead_sealJakob Unterwurzacher
2021-09-07stupidgcm: batch C calls in chacha20poly1305_sealJakob Unterwurzacher
Go has a high overhead for each C call, so batch all openssl operations in the new C function chacha20poly1305_seal. Benchmark results: internal/speed$ go test -bench BenchmarkStupidXchacha -count 10 > old.txt internal/speed$ go test -bench BenchmarkStupidXchacha -count 10 > new.txt internal/speed$ benchstat old.txt new.txt name old time/op new time/op delta StupidXchacha-4 8.79µs ± 1% 7.25µs ± 1% -17.54% (p=0.000 n=10+10) name old speed new speed delta StupidXchacha-4 466MB/s ± 1% 565MB/s ± 1% +21.27% (p=0.000 n=10+10)
2021-09-07-speed: add XChaCha20-Poly1305-OpenSSLJakob Unterwurzacher
$ ./gocryptfs -speed gocryptfs v2.1-56-gdb1466f-dirty.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-02 go1.17 linux/amd64 AES-GCM-256-OpenSSL 529.53 MB/s AES-GCM-256-Go 833.85 MB/s (selected in auto mode) AES-SIV-512-Go 155.27 MB/s XChaCha20-Poly1305-Go 715.33 MB/s (use via -xchacha flag) XChaCha20-Poly1305-OpenSSL 468.94 MB/s https://github.com/rfjakob/gocryptfs/issues/452
2021-09-07stupidgcm: add stupidXchacha20poly1305Jakob Unterwurzacher
Implementation copied from https://github.com/golang/crypto/blob/32db794688a5a24a23a43f2a984cecd5b3d8da58/chacha20poly1305/xchacha20poly1305.go
2021-09-07stupidgcm: stupidChacha20poly1305: normalize panic messagesJakob Unterwurzacher
2021-09-07stupidgcm: stupidChacha20poly1305: use byte array for keyJakob Unterwurzacher
Follow what golang.org/x/crypto/chacha20poly1305 does for easier integration in the next commit.
2021-09-02stupidgcm: add testWipe testJakob Unterwurzacher
After looking at the cover profile, this was the only untested code except panic cases.
2021-09-02stupidgcm: deduplicate tests 2/2Jakob Unterwurzacher
Deduplicate the cipher setup that was identical for all tests for each cipher.
2021-09-02stupidgcm: deduplicate tests 1/2Jakob Unterwurzacher
Pull the code shared between chacha and gcm into generic functions.
2021-09-02stupidgcm: add chacha20poly1305 via opensslJakob Unterwurzacher
"stupidChacha20poly1305". XChaCha will build upon this.