libgocryptfs: update to gocryptfs v2.3.1

This commit is contained in:
Matéo Duparc 2023-03-15 18:45:18 +01:00
commit f3b722fdff
Signed by: hardcoresushi
GPG Key ID: AFE384344A45E13A
3 changed files with 23 additions and 23 deletions

View File

@ -6,7 +6,7 @@ import (
"crypto/cipher" "crypto/cipher"
"log" "log"
"github.com/jacobsa/crypto/siv" "github.com/aperturerobotics/jacobsa-crypto/siv"
) )
type sivAead struct { type sivAead struct {
@ -63,7 +63,7 @@ func (s *sivAead) Seal(dst, nonce, plaintext, authData []byte) []byte {
if len(s.key) == 0 { if len(s.key) == 0 {
log.Panic("Key has been wiped?") log.Panic("Key has been wiped?")
} }
// https://github.com/jacobsa/crypto/blob/master/siv/encrypt.go#L48: // https://github.com/aperturerobotics/jacobsa-crypto/blob/master/siv/encrypt.go#L48:
// As per RFC 5297 section 3, you may use this function for nonce-based // As per RFC 5297 section 3, you may use this function for nonce-based
// authenticated encryption by passing a nonce as the last associated // authenticated encryption by passing a nonce as the last associated
// data element. // data element.

View File

@ -16,13 +16,13 @@
// However, OpenSSL has optimized assembly for almost all platforms, which Go // However, OpenSSL has optimized assembly for almost all platforms, which Go
// does not. Example for a 32-bit ARM device (Odroid XU4): // does not. Example for a 32-bit ARM device (Odroid XU4):
// //
// $ gocrypts -speed // $ gocrypts -speed
// gocryptfs v2.1-68-gedf9d4c.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-04 go1.16.7 linux/arm // gocryptfs v2.1-68-gedf9d4c.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-04 go1.16.7 linux/arm
// AES-GCM-256-OpenSSL 56.84 MB/s (selected in auto mode) // AES-GCM-256-OpenSSL 56.84 MB/s (selected in auto mode)
// AES-GCM-256-Go 16.61 MB/s // AES-GCM-256-Go 16.61 MB/s
// AES-SIV-512-Go 16.49 MB/s // AES-SIV-512-Go 16.49 MB/s
// XChaCha20-Poly1305-Go 39.08 MB/s (use via -xchacha flag) // XChaCha20-Poly1305-Go 39.08 MB/s (use via -xchacha flag)
// XChaCha20-Poly1305-OpenSSL 141.82 MB/s // XChaCha20-Poly1305-OpenSSL 141.82 MB/s
// //
// This package is "stupid" in the sense that it only supports a narrow set of // This package is "stupid" in the sense that it only supports a narrow set of
// key- and iv-lengths, and panics if it does not like what you pass it. // key- and iv-lengths, and panics if it does not like what you pass it.
@ -33,7 +33,7 @@
// Corrupt ciphertexts never cause a panic. Instead, ErrAuth is returned on // Corrupt ciphertexts never cause a panic. Instead, ErrAuth is returned on
// decryption. // decryption.
// //
// XChaCha20-Poly1305 // # XChaCha20-Poly1305
// //
// The XChaCha20-Poly1305 implementation is more complicated than the others, // The XChaCha20-Poly1305 implementation is more complicated than the others,
// because OpenSSL does not support XChaCha20-Poly1305 directly. Follow // because OpenSSL does not support XChaCha20-Poly1305 directly. Follow
@ -43,16 +43,16 @@
// Fortunately, XChaCha20-Poly1305 is just ChaCha20-Poly1305 with some key+iv // Fortunately, XChaCha20-Poly1305 is just ChaCha20-Poly1305 with some key+iv
// mixing using HChaCha20 in front: // mixing using HChaCha20 in front:
// //
// key (32 bytes), iv (24 bytes) // key (32 bytes), iv (24 bytes)
// | // |
// v // v
// HChaCha20 (provided by golang.org/x/crypto/chacha20) // HChaCha20 (provided by golang.org/x/crypto/chacha20)
// | // |
// v // v
// key2 (32 bytes), iv2 (16 bytes) // key2 (32 bytes), iv2 (16 bytes)
// | // |
// v // v
// ChaCha20-Poly1305 (OpenSSL EVP_chacha20_poly1305) // ChaCha20-Poly1305 (OpenSSL EVP_chacha20_poly1305)
// //
// As HChaCha20 is very fast, XChaCha20-Poly1305 gets almost the same throughput // As HChaCha20 is very fast, XChaCha20-Poly1305 gets almost the same throughput
// as ChaCha20-Poly1305 (for 4kiB blocks). // as ChaCha20-Poly1305 (for 4kiB blocks).

View File

@ -11,9 +11,9 @@ import (
// //
// Go GCM is only faster if the CPU either: // Go GCM is only faster if the CPU either:
// //
// 1) Is X86_64 && has AES instructions && Go is v1.6 or higher // 1. Is X86_64 && has AES instructions && Go is v1.6 or higher
// 2) Is ARM64 && has AES instructions && Go is v1.11 or higher // 2. Is ARM64 && has AES instructions && Go is v1.11 or higher
// (commit https://github.com/golang/go/commit/4f1f503373cda7160392be94e3849b0c9b9ebbda) // (commit https://github.com/golang/go/commit/4f1f503373cda7160392be94e3849b0c9b9ebbda)
// //
// See https://github.com/rfjakob/gocryptfs/wiki/CPU-Benchmarks // See https://github.com/rfjakob/gocryptfs/wiki/CPU-Benchmarks
// for benchmarks. // for benchmarks.