Jakob Unterwurzacher
db1824a23a
cryptocore: disentangle algorithm / library implementation name
...
Used in gocryptfs-xray, and will also be used in -info.
2021-09-28 18:09:31 +02:00
Jakob Unterwurzacher
5e67e183c0
README: set v2.2.0 release date
2021-09-25 16:45:36 +02:00
Jakob Unterwurzacher
eceeaaad1f
README: make changelog entries subheadings
...
This allows to anchor-link in to each release.
2021-09-25 16:44:06 +02:00
Jakob Unterwurzacher
53d51acd2b
README: release will be called v2.2.0 instead of v2.2
...
pkg.go.dev really wants that we want to comply with
https://golang.org/doc/modules/version-numbers .
Trying v2.2-beta1 as in
https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2@v2.2-beta1
said "v2.2-beta1 is not a valid semantic version.".
2021-09-15 16:09:26 +02:00
Jakob Unterwurzacher
2d0ba24eca
-speed: print cpu model
...
When somebody posts "gocryptfs -speed" results, they are
most helpful together with the CPU model. Add the cpu model
to the output.
Example:
$ ./gocryptfs -speed
gocryptfs v2.2.0-beta1-5-g52b0444-dirty; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-14 go1.17.1 linux/amd64
cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz; with AES acceleration
AES-GCM-256-OpenSSL 862.79 MB/s
AES-GCM-256-Go 997.71 MB/s (selected in auto mode)
AES-SIV-512-Go 159.58 MB/s
XChaCha20-Poly1305-OpenSSL 729.65 MB/s
XChaCha20-Poly1305-Go 843.97 MB/s (selected in auto mode)
2021-09-14 18:58:22 +02:00
Jakob Unterwurzacher
61e37b2439
stupidgcm: add CpuHasAES()
...
Makes the code clearer, and will be used in the next commit.
2021-09-14 18:58:04 +02:00
Jakob Unterwurzacher
52b0444985
README: update example -speed output
2021-09-14 10:18:24 +02:00
Jakob Unterwurzacher
cdbc48fe29
-speed: drop useless tab at end of line
2021-09-14 10:15:18 +02:00
Jakob Unterwurzacher
d0cba59f6b
README: highlight changes in v2.2, simplify pkg.go.dev link
2021-09-12 18:12:10 +02:00
Jakob Unterwurzacher
2a4380ac25
README: update changelog
2021-09-10 17:19:51 +02:00
Jakob Unterwurzacher
c9b825c58a
inomap: deterministically set root device
...
We used to have "first Translate() wins". This is not deterministic,
as the LOOKUP for the root directory does not seem to reach us, so
the first user LOOKUP would win, which may be on a mountpoint.
2021-09-10 17:17:16 +02:00
Jakob Unterwurzacher
ee56103570
README: update changelog for v2.2-beta1
2021-09-10 12:22:02 +02:00
Jakob Unterwurzacher
a85e39f682
Update README & MANPAGE
2021-09-10 12:17:22 +02:00
Jakob Unterwurzacher
d023cd6c95
cli: drop -forcedecode flag
...
The rewritten openssl backend does not support this flag anymore,
and it was inherently dangerour. Drop it (ignored for compatibility)
2021-09-10 12:14:19 +02:00
Jakob Unterwurzacher
c974116322
test.bash: call out if build-without-openssl.bash failed
...
This can print out compile errors that are hard to understand
if you are not aware that it builds without_openssl.
2021-09-10 12:09:30 +02:00
Jakob Unterwurzacher
c50d67f103
profiling: accept parameters & show actual command lines
2021-09-10 11:51:41 +02:00
Jakob Unterwurzacher
ad21647f25
-speed: show which xchacha implementation is preferred
2021-09-08 20:46:52 +02:00
Jakob Unterwurzacher
2620cad0dc
tests/matrix: test xchacha with and without openssl
2021-09-08 20:34:01 +02:00
Jakob Unterwurzacher
94e8004b6c
Make -openssl also apply to xchacha
...
Now that stupidgcm supports xchacha, make it available
on mount.
2021-09-08 20:32:16 +02:00
Jakob Unterwurzacher
1a58667293
stupidgcm: add PreferOpenSSL{AES256GCM,Xchacha20poly1305}
...
Add PreferOpenSSLXchacha20poly1305,
rename PreferOpenSSL -> PreferOpenSSLAES256GCM.
2021-09-08 19:48:13 +02:00
Jakob Unterwurzacher
85c2beccaf
stupidgcm: normalize constructor naming
...
New() -> NewAES256GCM()
Also add missing NewChacha20poly1305
constructor in without_openssl.go.
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher
f47e287c20
stupidgcm: revamp package documentation
...
Maybe interesting for people following
https://github.com/rfjakob/gocryptfs/issues/452
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher
d598536709
stupidgcm: unexport stupidGCM struct
...
No need to have it exported.
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher
3a80db953d
stupidgcm: allow zero-length input data
...
We used to panic in this case because it is useless.
But Go stdlib supports it, so we should as well.
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher
738d5a2b3a
stupidgcm: fix build with CGO_ENABLED=1 without_openssl
...
We missed some "// +build" lines
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher
d9510d0c0b
stupidgcm: NewChacha20poly1305: avoid slice append
...
I noticed that growslice() shows up in the cpuprofile.
Avoiding slice append for the private jey copy gives a 0.6% speedup:
gocryptfs/internal/speed$ benchstat old new
name old time/op new time/op delta
StupidXchacha-4 5.68µs ± 0% 5.65µs ± 0% -0.63% (p=0.008 n=5+5)
name old speed new speed delta
StupidXchacha-4 721MB/s ± 0% 725MB/s ± 0% +0.63% (p=0.008 n=5+5)
2021-09-07 18:14:58 +02:00
Jakob Unterwurzacher
39b1070506
stupidgcm: add testConcurrency
...
Verifies that we don't corrupt data when called concurrently.
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
f89b14ee3d
stupidgcm: cache C.EVP_chacha20_poly1305()
...
2% performance improvement, almost for free.
gocryptfs/internal/speed$ benchstat old new
name old time/op new time/op delta
StupidXchacha-4 5.82µs ± 0% 5.68µs ± 0% -2.37% (p=0.008 n=5+5)
name old speed new speed delta
StupidXchacha-4 704MB/s ± 0% 721MB/s ± 0% +2.43% (p=0.008 n=5+5)
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
6a0206897c
stupidgcm: add BenchmarkCCall
...
gocryptfs/internal/stupidgcm$ go test -bench .
goos: linux
goarch: amd64
pkg: github.com/rfjakob/gocryptfs/v2/internal/stupidgcm
cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
BenchmarkCCall-4 15864030 78.60 ns/op
PASS
ok github.com/rfjakob/gocryptfs/v2/internal/stupidgcm 1.898s
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
a2eaa5e3d1
speed: add BenchmarkStupidChacha
...
gocryptfs/internal/speed$ go test -bench .
goos: linux
goarch: amd64
pkg: github.com/rfjakob/gocryptfs/v2/internal/speed
cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
BenchmarkStupidGCM-4 249396 4722 ns/op 867.50 MB/s
BenchmarkStupidGCMDecrypt-4 257872 4616 ns/op 887.35 MB/s
BenchmarkGoGCM-4 290952 4097 ns/op 999.83 MB/s
BenchmarkGoGCMDecrypt-4 294106 4060 ns/op 1008.84 MB/s
BenchmarkAESSIV-4 46520 25532 ns/op 160.42 MB/s
BenchmarkAESSIVDecrypt-4 46974 25478 ns/op 160.76 MB/s
BenchmarkXchacha-4 244108 4881 ns/op 839.14 MB/s
BenchmarkXchachaDecrypt-4 249658 4786 ns/op 855.86 MB/s
BenchmarkStupidXchacha-4 205339 5768 ns/op 710.11 MB/s
BenchmarkStupidXchachaDecrypt-4 204577 5836 ns/op 701.84 MB/s
BenchmarkStupidChacha-4 227510 5224 ns/op 784.06 MB/s
BenchmarkStupidChachaDecrypt-4 222787 5359 ns/op 764.34 MB/s
PASS
ok github.com/rfjakob/gocryptfs/v2/internal/speed 15.328s
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
b8c56ccffc
stupidgcm: replace naked panics
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
8f820c429d
stupidgcm: fix without_openssl build
...
$ ./build-without-openssl.bash
internal/speed/speed.go:152:14: undefined: stupidgcm.NewXchacha20poly1305
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
c9728247ed
test.bash: only check go files for naked panic
...
This found a lot of panics in the new file openssl_aead.c.
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
e2ec048a09
stupidgcm: introduce stupidAEADCommon and use for both chacha & gcm
...
Nice deduplication and brings the GCM decrypt speed up to par.
internal/speed$ benchstat old new
name old time/op new time/op delta
StupidGCM-4 4.71µs ± 0% 4.66µs ± 0% -0.99% (p=0.008 n=5+5)
StupidGCMDecrypt-4 5.77µs ± 1% 4.51µs ± 0% -21.80% (p=0.008 n=5+5)
name old speed new speed delta
StupidGCM-4 870MB/s ± 0% 879MB/s ± 0% +1.01% (p=0.008 n=5+5)
StupidGCMDecrypt-4 710MB/s ± 1% 908MB/s ± 0% +27.87% (p=0.008 n=5+5)
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
bf572aef88
stupidgcm: stupidChacha20poly1305.Open: batch C calls in aead_open
...
Gets the decryption speed to the same level as the
encryption speed.
internal/speed$ benchstat old.txt new.txt
name old time/op new time/op delta
StupidXchacha-4 732MB/s ± 0% 740MB/s ± 0% ~ (p=1.000 n=1+1)
StupidXchachaDecrypt-4 602MB/s ± 0% 741MB/s ± 0% ~ (p=1.000 n=1+1)
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
3e27acb989
speed: add decryption benchmarks
...
gocryptfs/internal/speed$ go test -bench .
goos: linux
goarch: amd64
pkg: github.com/rfjakob/gocryptfs/v2/internal/speed
cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
BenchmarkStupidGCM-4 263742 4523 ns/op 905.61 MB/s
BenchmarkStupidGCMDecrypt-4 204858 5779 ns/op 708.76 MB/s
BenchmarkGoGCM-4 291259 4095 ns/op 1000.25 MB/s
BenchmarkGoGCMDecrypt-4 293886 4061 ns/op 1008.53 MB/s
BenchmarkAESSIV-4 46537 25538 ns/op 160.39 MB/s
BenchmarkAESSIVDecrypt-4 46770 25627 ns/op 159.83 MB/s
BenchmarkXchacha-4 243619 4893 ns/op 837.03 MB/s
BenchmarkXchachaDecrypt-4 248857 4793 ns/op 854.51 MB/s
BenchmarkStupidXchacha-4 213717 5558 ns/op 736.99 MB/s
BenchmarkStupidXchachaDecrypt-4 176635 6782 ns/op 603.96 MB/s
PASS
ok github.com/rfjakob/gocryptfs/v2/internal/speed 12.871s
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
5046962634
speed: add bEncrypt helper, reuse dst buffer
...
The bEncrypt helper massively deduplicates the code,
and reusing the dst buffer gives higher performance,
and that's what gocryptfs does in normal operation via
sync.Pool.
$ benchstat old.txt new.txt
name old time/op new time/op delta
StupidGCM-4 6.24µs ± 1% 4.65µs ± 0% -25.47% (p=0.008 n=5+5)
GoGCM-4 4.90µs ± 0% 4.10µs ± 0% -16.44% (p=0.008 n=5+5)
AESSIV-4 26.4µs ± 0% 25.6µs ± 0% -2.90% (p=0.008 n=5+5)
Xchacha-4 5.76µs ± 0% 4.91µs ± 0% -14.79% (p=0.008 n=5+5)
StupidXchacha-4 7.24µs ± 1% 5.48µs ± 0% -24.33% (p=0.008 n=5+5)
name old speed new speed delta
StupidGCM-4 656MB/s ± 1% 880MB/s ± 0% +34.15% (p=0.008 n=5+5)
GoGCM-4 835MB/s ± 0% 1000MB/s ± 0% +19.68% (p=0.008 n=5+5)
AESSIV-4 155MB/s ± 0% 160MB/s ± 0% +2.99% (p=0.008 n=5+5)
Xchacha-4 711MB/s ± 0% 834MB/s ± 0% +17.35% (p=0.008 n=5+5)
StupidXchacha-4 565MB/s ± 1% 747MB/s ± 0% +32.15% (p=0.008 n=5+5)
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
d9e89cd021
stupidgcm: use aead_seal for gcm as well
...
$ benchstat old.txt new.txt
name old time/op new time/op delta
StupidGCM-4 7.87µs ± 1% 6.64µs ± 2% -15.65% (p=0.000 n=10+10)
name old speed new speed delta
StupidGCM-4 520MB/s ± 1% 617MB/s ± 2% +18.56% (p=0.000 n=10+10)
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
69d626b26f
stupidgcm: replace chacha20poly1305_seal with generic aead_seal
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
a3f5a8492a
stupidgcm: batch C calls in chacha20poly1305_seal
...
Go has a high overhead for each C call, so batch
all openssl operations in the new C function chacha20poly1305_seal.
Benchmark results:
internal/speed$ go test -bench BenchmarkStupidXchacha -count 10 > old.txt
internal/speed$ go test -bench BenchmarkStupidXchacha -count 10 > new.txt
internal/speed$ benchstat old.txt new.txt
name old time/op new time/op delta
StupidXchacha-4 8.79µs ± 1% 7.25µs ± 1% -17.54% (p=0.000 n=10+10)
name old speed new speed delta
StupidXchacha-4 466MB/s ± 1% 565MB/s ± 1% +21.27% (p=0.000 n=10+10)
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
9e1dd73e55
-speed: add XChaCha20-Poly1305-OpenSSL
...
$ ./gocryptfs -speed
gocryptfs v2.1-56-gdb1466f-dirty.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-02 go1.17 linux/amd64
AES-GCM-256-OpenSSL 529.53 MB/s
AES-GCM-256-Go 833.85 MB/s (selected in auto mode)
AES-SIV-512-Go 155.27 MB/s
XChaCha20-Poly1305-Go 715.33 MB/s (use via -xchacha flag)
XChaCha20-Poly1305-OpenSSL 468.94 MB/s
https://github.com/rfjakob/gocryptfs/issues/452
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
4017e4b22c
stupidgcm: add stupidXchacha20poly1305
...
Implementation copied from
32db794688/chacha20poly1305/xchacha20poly1305.go
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
591a56e7ae
stupidgcm: stupidChacha20poly1305: normalize panic messages
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher
5df7ee815d
stupidgcm: stupidChacha20poly1305: use byte array for key
...
Follow what golang.org/x/crypto/chacha20poly1305 does
for easier integration in the next commit.
2021-09-07 18:13:54 +02:00
Jakob Unterwurzacher
3ba74ac4fc
stupidgcm: add testWipe test
...
After looking at the cover profile, this was the only untested
code except panic cases.
2021-09-02 10:17:01 +02:00
Jakob Unterwurzacher
961b8ca438
stupidgcm: deduplicate tests 2/2
...
Deduplicate the cipher setup that was identical
for all tests for each cipher.
2021-09-02 10:04:38 +02:00
Jakob Unterwurzacher
676a4ceb87
stupidgcm: deduplicate tests 1/2
...
Pull the code shared between chacha and gcm into
generic functions.
2021-09-02 09:57:20 +02:00
Jakob Unterwurzacher
c9b090770a
stupidgcm: add chacha20poly1305 via openssl
...
"stupidChacha20poly1305".
XChaCha will build upon this.
2021-09-02 09:30:28 +02:00
Jakob Unterwurzacher
cbf282861b
tests/matrix: don't leak fds in TestConcurrentReadCreate
...
We leaked a file descriptor for each empty file we encountered.
2021-09-01 10:28:33 +02:00
a1346054
7c2255be90
*: trim trailing whitespace
2021-09-01 10:22:01 +02:00