libgocryptfs: update to gocryptfs v2.3.1
This commit is contained in:
commit
f3b722fdff
@ -6,7 +6,7 @@ import (
|
|||||||
"crypto/cipher"
|
"crypto/cipher"
|
||||||
"log"
|
"log"
|
||||||
|
|
||||||
"github.com/jacobsa/crypto/siv"
|
"github.com/aperturerobotics/jacobsa-crypto/siv"
|
||||||
)
|
)
|
||||||
|
|
||||||
type sivAead struct {
|
type sivAead struct {
|
||||||
@ -63,7 +63,7 @@ func (s *sivAead) Seal(dst, nonce, plaintext, authData []byte) []byte {
|
|||||||
if len(s.key) == 0 {
|
if len(s.key) == 0 {
|
||||||
log.Panic("Key has been wiped?")
|
log.Panic("Key has been wiped?")
|
||||||
}
|
}
|
||||||
// https://github.com/jacobsa/crypto/blob/master/siv/encrypt.go#L48:
|
// https://github.com/aperturerobotics/jacobsa-crypto/blob/master/siv/encrypt.go#L48:
|
||||||
// As per RFC 5297 section 3, you may use this function for nonce-based
|
// As per RFC 5297 section 3, you may use this function for nonce-based
|
||||||
// authenticated encryption by passing a nonce as the last associated
|
// authenticated encryption by passing a nonce as the last associated
|
||||||
// data element.
|
// data element.
|
||||||
|
@ -16,13 +16,13 @@
|
|||||||
// However, OpenSSL has optimized assembly for almost all platforms, which Go
|
// However, OpenSSL has optimized assembly for almost all platforms, which Go
|
||||||
// does not. Example for a 32-bit ARM device (Odroid XU4):
|
// does not. Example for a 32-bit ARM device (Odroid XU4):
|
||||||
//
|
//
|
||||||
// $ gocrypts -speed
|
// $ gocrypts -speed
|
||||||
// gocryptfs v2.1-68-gedf9d4c.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-04 go1.16.7 linux/arm
|
// gocryptfs v2.1-68-gedf9d4c.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-04 go1.16.7 linux/arm
|
||||||
// AES-GCM-256-OpenSSL 56.84 MB/s (selected in auto mode)
|
// AES-GCM-256-OpenSSL 56.84 MB/s (selected in auto mode)
|
||||||
// AES-GCM-256-Go 16.61 MB/s
|
// AES-GCM-256-Go 16.61 MB/s
|
||||||
// AES-SIV-512-Go 16.49 MB/s
|
// AES-SIV-512-Go 16.49 MB/s
|
||||||
// XChaCha20-Poly1305-Go 39.08 MB/s (use via -xchacha flag)
|
// XChaCha20-Poly1305-Go 39.08 MB/s (use via -xchacha flag)
|
||||||
// XChaCha20-Poly1305-OpenSSL 141.82 MB/s
|
// XChaCha20-Poly1305-OpenSSL 141.82 MB/s
|
||||||
//
|
//
|
||||||
// This package is "stupid" in the sense that it only supports a narrow set of
|
// This package is "stupid" in the sense that it only supports a narrow set of
|
||||||
// key- and iv-lengths, and panics if it does not like what you pass it.
|
// key- and iv-lengths, and panics if it does not like what you pass it.
|
||||||
@ -33,7 +33,7 @@
|
|||||||
// Corrupt ciphertexts never cause a panic. Instead, ErrAuth is returned on
|
// Corrupt ciphertexts never cause a panic. Instead, ErrAuth is returned on
|
||||||
// decryption.
|
// decryption.
|
||||||
//
|
//
|
||||||
// XChaCha20-Poly1305
|
// # XChaCha20-Poly1305
|
||||||
//
|
//
|
||||||
// The XChaCha20-Poly1305 implementation is more complicated than the others,
|
// The XChaCha20-Poly1305 implementation is more complicated than the others,
|
||||||
// because OpenSSL does not support XChaCha20-Poly1305 directly. Follow
|
// because OpenSSL does not support XChaCha20-Poly1305 directly. Follow
|
||||||
@ -43,16 +43,16 @@
|
|||||||
// Fortunately, XChaCha20-Poly1305 is just ChaCha20-Poly1305 with some key+iv
|
// Fortunately, XChaCha20-Poly1305 is just ChaCha20-Poly1305 with some key+iv
|
||||||
// mixing using HChaCha20 in front:
|
// mixing using HChaCha20 in front:
|
||||||
//
|
//
|
||||||
// key (32 bytes), iv (24 bytes)
|
// key (32 bytes), iv (24 bytes)
|
||||||
// |
|
// |
|
||||||
// v
|
// v
|
||||||
// HChaCha20 (provided by golang.org/x/crypto/chacha20)
|
// HChaCha20 (provided by golang.org/x/crypto/chacha20)
|
||||||
// |
|
// |
|
||||||
// v
|
// v
|
||||||
// key2 (32 bytes), iv2 (16 bytes)
|
// key2 (32 bytes), iv2 (16 bytes)
|
||||||
// |
|
// |
|
||||||
// v
|
// v
|
||||||
// ChaCha20-Poly1305 (OpenSSL EVP_chacha20_poly1305)
|
// ChaCha20-Poly1305 (OpenSSL EVP_chacha20_poly1305)
|
||||||
//
|
//
|
||||||
// As HChaCha20 is very fast, XChaCha20-Poly1305 gets almost the same throughput
|
// As HChaCha20 is very fast, XChaCha20-Poly1305 gets almost the same throughput
|
||||||
// as ChaCha20-Poly1305 (for 4kiB blocks).
|
// as ChaCha20-Poly1305 (for 4kiB blocks).
|
||||||
|
@ -11,9 +11,9 @@ import (
|
|||||||
//
|
//
|
||||||
// Go GCM is only faster if the CPU either:
|
// Go GCM is only faster if the CPU either:
|
||||||
//
|
//
|
||||||
// 1) Is X86_64 && has AES instructions && Go is v1.6 or higher
|
// 1. Is X86_64 && has AES instructions && Go is v1.6 or higher
|
||||||
// 2) Is ARM64 && has AES instructions && Go is v1.11 or higher
|
// 2. Is ARM64 && has AES instructions && Go is v1.11 or higher
|
||||||
// (commit https://github.com/golang/go/commit/4f1f503373cda7160392be94e3849b0c9b9ebbda)
|
// (commit https://github.com/golang/go/commit/4f1f503373cda7160392be94e3849b0c9b9ebbda)
|
||||||
//
|
//
|
||||||
// See https://github.com/rfjakob/gocryptfs/wiki/CPU-Benchmarks
|
// See https://github.com/rfjakob/gocryptfs/wiki/CPU-Benchmarks
|
||||||
// for benchmarks.
|
// for benchmarks.
|
||||||
|
Loading…
Reference in New Issue
Block a user