Commit Graph

1974 Commits

Author SHA1 Message Date
Matéo Duparc e6e4c201db
Fix typo in README 2022-06-26 13:57:44 +02:00
Matéo Duparc 7afeb9f3a4
Adapt to the new API 2022-06-23 17:01:11 +02:00
Matéo Duparc 9e98192442
Fix race condition when registering files 2022-04-22 12:07:12 +02:00
Matéo Duparc 985d852343
Thread safety 2022-04-20 21:30:46 +02:00
Matéo Duparc b2ddf58e89
Return an error if the volume is already closed 2022-04-19 21:00:30 +02:00
Matéo Duparc 71eb2bdf7c
Update FUSE related stuff according to gocryptfs fusefrontend 2022-04-19 19:49:09 +02:00
Matéo Duparc 89966b1aae
Allow the password hash to be returned when creating a volume 2022-03-01 10:57:57 +01:00
Matéo Duparc 1da2407a61
Better build script 2022-01-20 10:19:20 +01:00
Matéo Duparc b232bb7826
Deep copy path when registering file handle 2021-12-20 13:49:42 +01:00
Matéo Duparc d6e75be376
Use renameat instead of renameat2 2021-12-18 14:52:00 +01:00
Matéo Duparc f86a1aa6a8
libgocryptfs: update to gocryptfs v2.2.1 2021-12-18 14:33:17 +01:00
Matéo Duparc 1973153602
Switch to v2 module 2021-10-24 10:48:44 +02:00
Jakob Unterwurzacher 4ba0ced3c7 README: update changelog for v2.2.1 2021-10-20 15:16:31 +02:00
Jakob Unterwurzacher b0bddc5ed0 github actions: fix allow_other failure
Jobs currently fail like this:

/usr/bin/fusermount: option allow_other only allowed if 'user_allow_other' is set in /etc/fuse.conf
fs.Mount failed: fusermount exited with code 256
--- FAIL: TestForceOwner (0.05s)
    main_test.go:438: mount failed: exit status 19
FAIL
FAIL	github.com/rfjakob/gocryptfs/v2/tests/defaults	1.584s
2021-10-15 22:01:52 +02:00
Charles Duffy 8ec872e330 fusefrontend: honor ForceOwner for LOOKUP and CREATE operations 2021-10-15 17:35:12 +02:00
Jakob Unterwurzacher 3b881b0174 tests: add TestForceOwner
https://github.com/rfjakob/gocryptfs/issues/609
https://github.com/rfjakob/gocryptfs/pull/610
2021-10-15 17:35:12 +02:00
Matéo Duparc bd5d53f50e
libgocryptfs: update to gocryptfs v2.2.0 2021-10-12 16:54:56 +02:00
Jakob Unterwurzacher 75cace0568 cryptocore: simplify declarations
Reported by codacity:

internal/cryptocore/cryptocore.go
Minor icon MINOR
Code Style
should omit type AEADTypeEnum from declaration of var BackendAESSIV; it will be inferred from the right-hand side
var BackendAESSIV AEADTypeEnum = AEADTypeEnum{"AES-SIV-512", "Go", siv_aead.NonceSize}
Minor icon MINOR
Code Style
should omit type AEADTypeEnum from declaration of var BackendXChaCha20Poly1305; it will be inferred from the right-hand side
var BackendXChaCha20Poly1305 AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305", "Go", chacha20poly1305.NonceSizeX}
Minor icon MINOR
Code Style
should omit type AEADTypeEnum from declaration of var BackendXChaCha20Poly1305OpenSSL; it will be inferred from the right-hand side
var BackendXChaCha20Poly1305OpenSSL AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305", "OpenSSL", chacha20poly1305.NonceSizeX}
Found 2 possible new issues
internal/cryptocore/cryptocore.go
Minor icon MINOR
Code Style
should omit type AEADTypeEnum from declaration of var BackendOpenSSL; it will be inferred from the right-hand side
var BackendOpenSSL AEADTypeEnum = AEADTypeEnum{"AES-GCM-256", "OpenSSL", 16}
Minor icon MINOR
Code Style
should omit type AEADTypeEnum from declaration of var BackendGoGCM; it will be inferred from the right-hand side
var BackendGoGCM AEADTypeEnum = AEADTypeEnum{"AES-GCM-256", "Go", 16}
2021-09-28 18:35:37 +02:00
Jakob Unterwurzacher 5406284b9b build.bash: also try BSD date syntax for converting SOURCE_DATE_EPOCH
GNU date syntax does not work on macos.

Fixes https://github.com/rfjakob/gocryptfs/issues/570
2021-09-28 18:17:58 +02:00
Jakob Unterwurzacher e8e3598284 -init: suggest xchacha if we don't have AES accel
Example on Raspberry Pi 4:

$ ./gocryptfs/gocryptfs -init $(mktemp -d)
Notice: Your CPU does not have AES acceleration. Consider using -xchacha for better performance.
Choose a password for protecting your files.
Password:

https://github.com/rfjakob/gocryptfs/issues/607
2021-09-28 18:09:31 +02:00
Jakob Unterwurzacher c8996d2664 -info: add contentEncryption
Example:

$ ./gocryptfs -info ./tests/example_filesystems/v2.2-xchacha/
Creator:           gocryptfs v2.1-27-gabaa129-dirty.xchacha
FeatureFlags:      HKDF XChaCha20Poly1305 DirIV EMENames LongNames Raw64
EncryptedKey:      64B
ScryptObject:      Salt=32B N=1024 R=8 P=1 KeyLen=32
contentEncryption: XChaCha20-Poly1305
2021-09-28 18:09:31 +02:00
Jakob Unterwurzacher db1824a23a cryptocore: disentangle algorithm / library implementation name
Used in gocryptfs-xray, and will also be used in -info.
2021-09-28 18:09:31 +02:00
Jakob Unterwurzacher 5e67e183c0 README: set v2.2.0 release date 2021-09-25 16:45:36 +02:00
Jakob Unterwurzacher eceeaaad1f README: make changelog entries subheadings
This allows to anchor-link in to each release.
2021-09-25 16:44:06 +02:00
Jakob Unterwurzacher 53d51acd2b README: release will be called v2.2.0 instead of v2.2
pkg.go.dev really wants that we want to comply with
https://golang.org/doc/modules/version-numbers .

Trying v2.2-beta1 as in

    https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2@v2.2-beta1

said "v2.2-beta1 is not a valid semantic version.".
2021-09-15 16:09:26 +02:00
Jakob Unterwurzacher 2d0ba24eca -speed: print cpu model
When somebody posts "gocryptfs -speed" results, they are
most helpful together with the CPU model. Add the cpu model
to the output.

Example:

$ ./gocryptfs -speed
gocryptfs v2.2.0-beta1-5-g52b0444-dirty; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-14 go1.17.1 linux/amd64
cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz; with AES acceleration
AES-GCM-256-OpenSSL       	 862.79 MB/s
AES-GCM-256-Go            	 997.71 MB/s	(selected in auto mode)
AES-SIV-512-Go            	 159.58 MB/s
XChaCha20-Poly1305-OpenSSL	 729.65 MB/s
XChaCha20-Poly1305-Go     	 843.97 MB/s	(selected in auto mode)
2021-09-14 18:58:22 +02:00
Jakob Unterwurzacher 61e37b2439 stupidgcm: add CpuHasAES()
Makes the code clearer, and will be used in the next commit.
2021-09-14 18:58:04 +02:00
Jakob Unterwurzacher 52b0444985 README: update example -speed output 2021-09-14 10:18:24 +02:00
Jakob Unterwurzacher cdbc48fe29 -speed: drop useless tab at end of line 2021-09-14 10:15:18 +02:00
Jakob Unterwurzacher d0cba59f6b README: highlight changes in v2.2, simplify pkg.go.dev link 2021-09-12 18:12:10 +02:00
Jakob Unterwurzacher 2a4380ac25 README: update changelog 2021-09-10 17:19:51 +02:00
Jakob Unterwurzacher c9b825c58a inomap: deterministically set root device
We used to have "first Translate() wins". This is not deterministic,
as the LOOKUP for the root directory does not seem to reach us, so
the first user LOOKUP would win, which may be on a mountpoint.
2021-09-10 17:17:16 +02:00
Jakob Unterwurzacher ee56103570 README: update changelog for v2.2-beta1 2021-09-10 12:22:02 +02:00
Jakob Unterwurzacher a85e39f682 Update README & MANPAGE 2021-09-10 12:17:22 +02:00
Jakob Unterwurzacher d023cd6c95 cli: drop -forcedecode flag
The rewritten openssl backend does not support this flag anymore,
and it was inherently dangerour. Drop it (ignored for compatibility)
2021-09-10 12:14:19 +02:00
Jakob Unterwurzacher c974116322 test.bash: call out if build-without-openssl.bash failed
This can print out compile errors that are hard to understand
if you are not aware that it builds without_openssl.
2021-09-10 12:09:30 +02:00
Jakob Unterwurzacher c50d67f103 profiling: accept parameters & show actual command lines 2021-09-10 11:51:41 +02:00
Jakob Unterwurzacher ad21647f25 -speed: show which xchacha implementation is preferred 2021-09-08 20:46:52 +02:00
Jakob Unterwurzacher 2620cad0dc tests/matrix: test xchacha with and without openssl 2021-09-08 20:34:01 +02:00
Jakob Unterwurzacher 94e8004b6c Make -openssl also apply to xchacha
Now that stupidgcm supports xchacha, make it available
on mount.
2021-09-08 20:32:16 +02:00
Jakob Unterwurzacher 1a58667293 stupidgcm: add PreferOpenSSL{AES256GCM,Xchacha20poly1305}
Add PreferOpenSSLXchacha20poly1305,
rename PreferOpenSSL -> PreferOpenSSLAES256GCM.
2021-09-08 19:48:13 +02:00
Jakob Unterwurzacher 85c2beccaf stupidgcm: normalize constructor naming
New() -> NewAES256GCM()

Also add missing NewChacha20poly1305
constructor in without_openssl.go.
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher f47e287c20 stupidgcm: revamp package documentation
Maybe interesting for people following
https://github.com/rfjakob/gocryptfs/issues/452
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher d598536709 stupidgcm: unexport stupidGCM struct
No need to have it exported.
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher 3a80db953d stupidgcm: allow zero-length input data
We used to panic in this case because it is useless.
But Go stdlib supports it, so we should as well.
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher 738d5a2b3a stupidgcm: fix build with CGO_ENABLED=1 without_openssl
We missed some "// +build" lines
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher d9510d0c0b stupidgcm: NewChacha20poly1305: avoid slice append
I noticed that growslice() shows up in the cpuprofile.
Avoiding slice append for the private jey copy gives a 0.6% speedup:

gocryptfs/internal/speed$ benchstat old new
name             old time/op   new time/op   delta
StupidXchacha-4   5.68µs ± 0%   5.65µs ± 0%  -0.63%  (p=0.008 n=5+5)

name             old speed     new speed     delta
StupidXchacha-4  721MB/s ± 0%  725MB/s ± 0%  +0.63%  (p=0.008 n=5+5)
2021-09-07 18:14:58 +02:00
Jakob Unterwurzacher 39b1070506 stupidgcm: add testConcurrency
Verifies that we don't corrupt data when called concurrently.
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher f89b14ee3d stupidgcm: cache C.EVP_chacha20_poly1305()
2% performance improvement, almost for free.

gocryptfs/internal/speed$ benchstat old new
name             old time/op   new time/op   delta
StupidXchacha-4   5.82µs ± 0%   5.68µs ± 0%  -2.37%  (p=0.008 n=5+5)

name             old speed     new speed     delta
StupidXchacha-4  704MB/s ± 0%  721MB/s ± 0%  +2.43%  (p=0.008 n=5+5)
2021-09-07 18:14:05 +02:00
Jakob Unterwurzacher 6a0206897c stupidgcm: add BenchmarkCCall
gocryptfs/internal/stupidgcm$ go test -bench .
goos: linux
goarch: amd64
pkg: github.com/rfjakob/gocryptfs/v2/internal/stupidgcm
cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
BenchmarkCCall-4   	15864030	        78.60 ns/op
PASS
ok  	github.com/rfjakob/gocryptfs/v2/internal/stupidgcm	1.898s
2021-09-07 18:14:05 +02:00