Merge branch 'release/0.10' into develop

This commit is contained in:
Sebastian Messmer 2019-01-21 23:41:00 -08:00
commit d7f8a22370
8 changed files with 129 additions and 78 deletions

View File

@ -6,10 +6,30 @@ See [https://www.cryfs.org](https://www.cryfs.org).
Install latest release
======================
Linux
------
This only works for Ubuntu 17.04 and later, and Debian Stretch and later.
You can also use CryFS on older versions of these distributions by following the **Building from source** instructions below.
sudo apt install cryfs
OSX
----
CryFS is distributed via Homebrew. Just do
brew cask install osxfuse
brew install cryfs
Windows (experimental)
----------------------
CryFS has experimental Windows support since the 0.10 release series. To install it, do:
1. Install [DokanY](https://github.com/dokan-dev/dokany/releases)
2. Install [Microsoft Visual C++ Redistributable for Visual Studio 2017](https://support.microsoft.com/en-us/help/2977003/the-latest-supported-visual-c-downloads)
3. Install [CryFS](https://www.cryfs.org/#download)
GUI
===
@ -72,12 +92,14 @@ You can pass the following variables to the *cmake* command (using *-Dvariablena
- **-DCRYFS_UPDATE_CHECKS**=off: Build a CryFS that doesn't check online for updates and security vulnerabilities.
Building on Windows (experimental)
---------------
----------------------------------
Build with Visual Studio 2017 and pass in the following flags to CMake:
-DDOKAN_PATH=[dokan library location, e.g. "C:\Program Files\Dokan\DokanLibrary-1.1.0"]
-DBOOST_ROOT=[path to root of boost installation]
-DDOKAN_PATH=[dokan library location, e.g. "C:\Program Files\Dokan\DokanLibrary-1.1.0"]
-DBOOST_ROOT=[path to root of boost installation]
If you set these variables correctly in the `CMakeSettings.json` file, you should be able to open the cryfs source folder with Visual Studio 2017.
Troubleshooting
---------------
@ -141,7 +163,7 @@ There are additional requirements if you want to create packages. They are:
2. Build
$ mkdir cmake && cd cmake
$ cmake .. -DCMAKE_BUILD_TYPE=Release -DBUILD_TESTING=off
$ cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_TESTING=off
$ make package

View File

@ -2,7 +2,7 @@ image:
#- Visual Studio 2013
#- Visual Studio 2015
- Visual Studio 2017
- Visual Studio 2017 Preview
#- Visual Studio 2017 Preview
platform:
- x64

5
vendor/README vendored
View File

@ -5,3 +5,8 @@ spdlog: https://github.com/gabime/spdlog/tree/v0.16.3/include/spdlog
cryptopp: https://github.com/weidai11/cryptopp/tree/CRYPTOPP_8_0_0
- changed: added CMakeLists.txt and cryptopp-config.cmake from https://github.com/noloader/cryptopp-cmake/tree/CRYPTOPP_8_0_0
- changed: commented out line including winapifamily.h in CMakeLists.txt
- cherry-picked commits to get OpenMP for scrypt on Windows:
- https://github.com/weidai11/cryptopp/commit/aa043b38a7930725c31a0cd7016986d1c581c573
- https://github.com/weidai11/cryptopp/commit/672f5c7f3dad8ae12b2d0ce0940ccb7c8e257bf8
- https://github.com/weidai11/cryptopp/commit/7e96a283a3192d29aac5b60e5b4ff19248f00d9a
- https://github.com/weidai11/cryptopp/commit/ca32b63038d5f7b13e2e00809cd9184a1efe8c24

View File

@ -9,76 +9,72 @@ target_compile_definitions(cryptopp PUBLIC $<$<CONFIG:Debug>:CRYPTOPP_DEBUG>) #
add_compile_options($<$<CONFIG:Debug>:-DCRYPTOPP_DEBUG>) # add to stuff built in subdirectories (like the actual library)
if(NOT DISABLE_OPENMP)
if (MSVC)
message(WARNING "MSVC does not support the OpenMP 4.0 standard used by Crypto++. Disabling OpenMP. This can cause degraded performance.")
else()
find_package(OpenMP)
find_package(OpenMP)
if (OPENMP_FOUND OR OPENMP_CXX_FOUND)
message(STATUS "Found libomp without any special flags")
endif()
# If OpenMP wasn't found, try if we can find it in the default Macports location
if((NOT OPENMP_FOUND) AND (NOT OPENMP_CXX_FOUND) AND EXISTS "/opt/local/lib/libomp/libomp.dylib") # older cmake uses OPENMP_FOUND, newer cmake also sets OPENMP_CXX_FOUND, homebrew installations seem only to get the latter set.
set(OpenMP_CXX_FLAGS "-Xpreprocessor -fopenmp -I/opt/local/include/libomp/")
set(OpenMP_CXX_LIB_NAMES omp)
set(OpenMP_omp_LIBRARY /opt/local/lib/libomp/libomp.dylib)
find_package(OpenMP)
if (OPENMP_FOUND OR OPENMP_CXX_FOUND)
message(STATUS "Found libomp in macports default location.")
else()
message(FATAL_ERROR "Didn't find libomp. Tried macports default location but also didn't find it.")
endif()
endif()
# If OpenMP wasn't found, try if we can find it in the default Homebrew location
if((NOT OPENMP_FOUND) AND (NOT OPENMP_CXX_FOUND) AND EXISTS "/usr/local/opt/libomp/lib/libomp.dylib")
set(OpenMP_CXX_FLAGS "-Xpreprocessor -fopenmp -I/usr/local/opt/libomp/include")
set(OpenMP_CXX_LIB_NAMES omp)
set(OpenMP_omp_LIBRARY /usr/local/opt/libomp/lib/libomp.dylib)
find_package(OpenMP)
if (OPENMP_FOUND OR OPENMP_CXX_FOUND)
message(STATUS "Found libomp in homebrew default location.")
else()
message(FATAL_ERROR "Didn't find libomp. Tried homebrew default location but also didn't find it.")
endif()
endif()
set(Additional_OpenMP_Libraries_Workaround "")
# Workaround because older cmake on apple doesn't support FindOpenMP
if((NOT OPENMP_FOUND) AND (NOT OPENMP_CXX_FOUND))
if((APPLE AND ((CMAKE_CXX_COMPILER_ID STREQUAL "AppleClang") OR (CMAKE_CXX_COMPILER_ID STREQUAL "Clang")))
AND ((CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL "7.0") AND (CMAKE_VERSION VERSION_LESS "3.12.0")))
message(STATUS "Applying workaround for OSX OpenMP with old cmake that doesn't have FindOpenMP")
set(OpenMP_CXX_FLAGS "-Xclang -fopenmp")
set(Additional_OpenMP_Libraries_Workaround "-lomp")
else()
message(FATAL_ERROR "Did not find OpenMP. Build with -DDISABLE_OPENMP=ON if you want to allow this and are willing to take the performance hit.")
endif()
endif()
if(NOT TARGET OpenMP::OpenMP_CXX)
# We're on cmake < 3.9, handle behavior of the old FindOpenMP implementation
message(STATUS "Applying workaround for old CMake that doesn't define FindOpenMP using targets")
add_library(OpenMP_TARGET INTERFACE)
add_library(OpenMP::OpenMP_CXX ALIAS OpenMP_TARGET)
target_compile_options(OpenMP_TARGET INTERFACE ${OpenMP_CXX_FLAGS}) # add to all targets depending on this
find_package(Threads REQUIRED)
target_link_libraries(OpenMP_TARGET INTERFACE Threads::Threads)
target_link_libraries(OpenMP_TARGET INTERFACE ${OpenMP_CXX_FLAGS} ${Additional_OpenMP_Libraries_Workaround})
endif()
target_link_libraries(cryptopp PUBLIC ${OpenMP_CXX_FLAGS}) # Workaround for Ubuntu 18.04 that otherwise doesn't set -fopenmp for linking
target_link_libraries(cryptopp PUBLIC OpenMP::OpenMP_CXX)
# also add these flags to the third party Crypto++ build setup that is built in a subdirectory
message(STATUS "OpenMP flags: ${OpenMP_CXX_FLAGS}")
string(REPLACE " " ";" REPLACED_FLAGS ${OpenMP_CXX_FLAGS})
add_compile_options(${REPLACED_FLAGS})
if (OPENMP_FOUND OR OPENMP_CXX_FOUND)
message(STATUS "Found libomp without any special flags")
endif()
# If OpenMP wasn't found, try if we can find it in the default Macports location
if((NOT OPENMP_FOUND) AND (NOT OPENMP_CXX_FOUND) AND EXISTS "/opt/local/lib/libomp/libomp.dylib") # older cmake uses OPENMP_FOUND, newer cmake also sets OPENMP_CXX_FOUND, homebrew installations seem only to get the latter set.
set(OpenMP_CXX_FLAGS "-Xpreprocessor -fopenmp -I/opt/local/include/libomp/")
set(OpenMP_CXX_LIB_NAMES omp)
set(OpenMP_omp_LIBRARY /opt/local/lib/libomp/libomp.dylib)
find_package(OpenMP)
if (OPENMP_FOUND OR OPENMP_CXX_FOUND)
message(STATUS "Found libomp in macports default location.")
else()
message(FATAL_ERROR "Didn't find libomp. Tried macports default location but also didn't find it.")
endif()
endif()
# If OpenMP wasn't found, try if we can find it in the default Homebrew location
if((NOT OPENMP_FOUND) AND (NOT OPENMP_CXX_FOUND) AND EXISTS "/usr/local/opt/libomp/lib/libomp.dylib")
set(OpenMP_CXX_FLAGS "-Xpreprocessor -fopenmp -I/usr/local/opt/libomp/include")
set(OpenMP_CXX_LIB_NAMES omp)
set(OpenMP_omp_LIBRARY /usr/local/opt/libomp/lib/libomp.dylib)
find_package(OpenMP)
if (OPENMP_FOUND OR OPENMP_CXX_FOUND)
message(STATUS "Found libomp in homebrew default location.")
else()
message(FATAL_ERROR "Didn't find libomp. Tried homebrew default location but also didn't find it.")
endif()
endif()
set(Additional_OpenMP_Libraries_Workaround "")
# Workaround because older cmake on apple doesn't support FindOpenMP
if((NOT OPENMP_FOUND) AND (NOT OPENMP_CXX_FOUND))
if((APPLE AND ((CMAKE_CXX_COMPILER_ID STREQUAL "AppleClang") OR (CMAKE_CXX_COMPILER_ID STREQUAL "Clang")))
AND ((CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL "7.0") AND (CMAKE_VERSION VERSION_LESS "3.12.0")))
message(STATUS "Applying workaround for OSX OpenMP with old cmake that doesn't have FindOpenMP")
set(OpenMP_CXX_FLAGS "-Xclang -fopenmp")
set(Additional_OpenMP_Libraries_Workaround "-lomp")
else()
message(FATAL_ERROR "Did not find OpenMP. Build with -DDISABLE_OPENMP=ON if you want to allow this and are willing to take the performance hit.")
endif()
endif()
if(NOT TARGET OpenMP::OpenMP_CXX)
# We're on cmake < 3.9, handle behavior of the old FindOpenMP implementation
message(STATUS "Applying workaround for old CMake that doesn't define FindOpenMP using targets")
add_library(OpenMP_TARGET INTERFACE)
add_library(OpenMP::OpenMP_CXX ALIAS OpenMP_TARGET)
target_compile_options(OpenMP_TARGET INTERFACE ${OpenMP_CXX_FLAGS}) # add to all targets depending on this
find_package(Threads REQUIRED)
target_link_libraries(OpenMP_TARGET INTERFACE Threads::Threads)
target_link_libraries(OpenMP_TARGET INTERFACE ${OpenMP_CXX_FLAGS} ${Additional_OpenMP_Libraries_Workaround})
endif()
target_link_libraries(cryptopp PUBLIC ${OpenMP_CXX_FLAGS}) # Workaround for Ubuntu 18.04 that otherwise doesn't set -fopenmp for linking
target_link_libraries(cryptopp PUBLIC OpenMP::OpenMP_CXX)
# also add these flags to the third party Crypto++ build setup that is built in a subdirectory
message(STATUS "OpenMP flags: ${OpenMP_CXX_FLAGS}")
string(REPLACE " " ";" REPLACED_FLAGS ${OpenMP_CXX_FLAGS})
add_compile_options(${REPLACED_FLAGS})
else()
message(WARNING "OpenMP is disabled. This can cause degraded performance.")
endif()

View File

@ -139,6 +139,7 @@ LDLIBS =
# CXXFLAGS = $(CXXFLAGS) /DDEBUG /D_DEBUG /Oi /Oy- /Od /MTd
# Release build. Add /OPT:REF to linker
CXXFLAGS = $(CXXFLAGS) /DNDEBUG /D_NDEBUG /Oi /Oy /O2 /MT
# Linker flags.
LDFLAGS = $(LDFLAGS) /OPT:REF
# Attempt to detect when <sdkddkver.h> and <winapifamily.h> are available

View File

@ -90,9 +90,14 @@ void Salsa20_Core(word32* data, unsigned int rounds)
x[15] ^= rotlConstant<18>(x[14]+x[13]);
}
#ifdef _MSC_VER
for (size_t i = 0; i < 16; ++i)
data[i] += x[i];
#else
#pragma omp simd
for (size_t i = 0; i < 16; ++i)
data[i] += x[i];
#endif
}
std::string Salsa20_Policy::AlgorithmProvider() const

View File

@ -14,6 +14,8 @@
#include "sha.h"
#include <sstream>
#include <limits>
#ifdef _OPENMP
# include <omp.h>
#endif
@ -53,9 +55,14 @@ static inline void BlockCopy(byte* dest, byte* src, size_t len)
static inline void BlockXOR(byte* dest, byte* src, size_t len)
{
#ifdef _MSC_VER
for (size_t i = 0; i < len; ++i)
dest[i] ^= src[i];
#else
#pragma omp simd
for (size_t i = 0; i < len; ++i)
dest[i] ^= src[i];
#endif
}
static inline void PBKDF2_SHA256(byte* buf, size_t dkLen,
@ -171,6 +178,16 @@ void Scrypt::ValidateParameters(size_t derivedLen, word64 cost, word64 blockSize
}
}
// https://github.com/weidai11/cryptopp/issues/787
CRYPTOPP_ASSERT(parallelization <= std::numeric_limits<int>::max());
if (parallelization > static_cast<word64>(std::numeric_limits<int>::max()))
{
std::ostringstream oss;
oss << " parallelization " << parallelization << " is larger than ";
oss << std::numeric_limits<int>::max();
throw InvalidArgument("Scrypt: " + oss.str());
}
CRYPTOPP_ASSERT(IsPowerOf2(cost));
if (IsPowerOf2(cost) == false)
throw InvalidArgument("Scrypt: cost must be a power of 2");
@ -245,10 +262,13 @@ size_t Scrypt::DeriveKey(byte*derived, size_t derivedLen, const byte*secret, siz
// 1: (B_0 ... B_{p-1}) <-- PBKDF2(P, S, 1, p * MFLen)
PBKDF2_SHA256(B, B.size(), secret, secretLen, salt, saltLen, 1);
// Visual Studio and OpenMP 2.0 fixup. We must use int, not size_t.
int maxParallel=0;
if (!SafeConvert(parallel, maxParallel))
maxParallel = std::numeric_limits<int>::max();
#ifdef _OPENMP
int threads = STDMIN(omp_get_max_threads(),
static_cast<int>(STDMIN(static_cast<size_t>(parallel),
static_cast<size_t>(std::numeric_limits<int>::max()))));
int threads = STDMIN(omp_get_max_threads(), maxParallel);
#endif
// http://stackoverflow.com/q/49604260/608639
@ -260,7 +280,7 @@ size_t Scrypt::DeriveKey(byte*derived, size_t derivedLen, const byte*secret, siz
// 2: for i = 0 to p - 1 do
#pragma omp for
for (size_t i = 0; i < static_cast<size_t>(parallel); ++i)
for (int i = 0; i < maxParallel; ++i)
{
// 3: B_i <-- MF(B_i, N)
const ptrdiff_t offset = static_cast<ptrdiff_t>(blockSize*i*128);

View File

@ -76,7 +76,9 @@ public:
/// \details The parameter <tt>blockSize</tt> ("r" in the documents) specifies the block
/// size.
/// \details The <tt>parallelization</tt> parameter ("p" in the documents) is a positive
/// integer less than or equal to <tt>((2^32-1) * 32) / (128 * r)</tt>.
/// integer less than or equal to <tt>((2^32-1) * 32) / (128 * r)</tt>. Due to Microsoft
/// and its OpenMP 2.0 implementation <tt>parallelization</tt> is limited to
/// <tt>std::numeric_limits<int>::max()</tt>.
/// \details Scrypt always returns 1 because it only performs 1 iteration. Other
/// derivation functions, like PBKDF's, will return more interesting values.
/// \details The Crypto++ implementation of Scrypt is limited by C++ datatypes. For