hardcoresushi
/
libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: hardcoresushi:27232cbdb7257be13a12545b71fa32ee193cb11b
Branches Tags
hardcoresushi:libgocryptfs
hardcoresushi:master
...
compare: hardcoresushi:79f9a10e35847e46f8563941345355f15f2dba7c
Branches Tags
hardcoresushi:libgocryptfs
hardcoresushi:master

22 Commits
27232cbdb7 ... 79f9a10e35

Author SHA1 Message Date
Matéo Duparc 79f9a10e35
libgocryptfs: update dependencies 2023-03-15 18:46:31 +01:00
Matéo Duparc f3b722fdff
libgocryptfs: update to gocryptfs v2.3.1 2023-03-15 18:45:18 +01:00
Jakob Unterwurzacher 77a0410e2e README: update changelog for v2.3.1 2023-03-04 13:52:45 +01:00
rfjakob 403f59b1c0
Update README.md 
Package has been removed from Fedora.

https://github.com/rfjakob/gocryptfs/issues/659
 2023-02-25 18:12:10 +01:00
Jakob Unterwurzacher 8f3ec5dcaa fusefrontend: unbreak isConsecutiveWrite streaming write optimization 
Commit 6196a5b5 got the logic inverted, hence we never
set the last position markers.

Fixes https://github.com/rfjakob/gocryptfs/issues/712
 2023-02-21 22:08:41 +01:00
Jakob Unterwurzacher 85297cda97 fusefrontend: doWrite: report readFileID errors as I/O error 
It used to be reported as "function not implemented", accompanied
with this log output:

  go-fuse: can't convert error type: ParseHeader: header is all-zero. Header hexdump: 000000000000000000000000000000000000

Now we report EIO and log this:

  doWrite 1372183: corrupt header: ParseHeader: header is all-zero. Header hexdump: 000000000000000000000000000000000000
 2023-02-21 22:08:41 +01:00
Jakob Unterwurzacher e9a5b8962b contentenc: simplify testRange tables 
Get rid of this eyesore.
 2023-02-21 22:08:41 +01:00
Evgeny 6dc8c26100 MANPAGE: add a note on enabling Trash on macOS 2023-02-01 08:38:33 +01:00
Jakob Unterwurzacher 88bc0aa607 MANPAGE: scryptn: list how much memory is needed 
Calculated acc. to https://words.filippo.io/the-scrypt-parameters/ ,
and add benchmarks to double-check the numbers. They match.
 2023-01-08 22:17:14 +01:00
Gisi0 0b5b864a06 Update MANPAGE.md 
added which package on linux is needed to use fido2 stick
 2023-01-07 10:04:08 +01:00
a1346054 3c1ac3b06b MANPAGE.md: use correct indefinite article a->an 2023-01-01 22:06:29 +01:00
Jakob Unterwurzacher c4b95cf35a github ci: bump actions ; add "stable" and "oldstable" Go versions 2022-12-29 15:28:59 +01:00
Jakob Unterwurzacher b2a5cec4dd main: BuildInfo: fix build with Go 1.17 and older 
On Go 1.17 and older we get this:

  Error: ./version.go:67:24: info.Settings undefined (type *debug.BuildInfo has no field or method Settings)

Fix the build error by shedding some nice-to-have features.
 2022-12-29 15:21:17 +01:00
Jakob Unterwurzacher 856ccaac10 make format 
Run "make format" using
go version go1.19.4 linux/amd64
 2022-12-29 15:00:37 +01:00
Jakob Unterwurzacher 99cdaa0b69 main: refactor BuildInfo code 
Simplify and move it into a new file version.go.
 2022-12-29 14:43:48 +01:00
Daniel Theophanes 439dea1b19 Use existing build information for version if not embedded with build script 
Go1.12 introduced BuildInfo which embeds build information. It does
not embed build date to facilitate reproducable builds by default.
If build information is embedded from build script, use the information
provided by the Go build system.
 2022-12-29 14:42:13 +01:00
Jakob Unterwurzacher ff32e99791 main: doMount: call Setsid before starting logger 
The logger should be in the new background session together
with the gocryptfs process.

Before:
	$ xfce4-terminal -x gocryptfs a b
	$ ps xao pid,ppid,pgid,sid,comm,args
	    PID    PPID    PGID     SID COMMAND         COMMAND
	 192272    1371  192272  192272 gocryptfs       /ssd2/jakob.donotbackup/go/bin/gocryptfs -fg -notifypid=192265 a b
	 192292  192272  192265  192265 logge <defunct> [logger] <defunct>

After:
	$ xfce4-terminal -x gocryptfs a b
	$ ps xao pid,ppid,pgid,sid,comm,args
	    PID    PPID    PGID     SID COMMAND         COMMAND
	 211714    1371  211714  211714 gocryptfs       /ssd2/jakob.donotbackup/go/bin/gocryptfs -fg -notifypid=211708 a b
	 211776  211714  211714  211714 logger          logger -t gocryptfs-211714-logger

Fixes https://github.com/rfjakob/gocryptfs/issues/660
 2022-12-29 13:57:03 +01:00
Christian Stewart 7ee4c8e9c3 go.mod: fix jacobsa/crypto build on riscv64 
Replace dependency jacobsa/crypto with a fork with support for riscv64.

Issue: https://github.com/rfjakob/gocryptfs/issues/666

Upstream PR: https://github.com/jacobsa/crypto/issues/13

Unaddressed on jacobsa/crypto:

https://github.com/jacobsa/crypto/pull/14#issuecomment-1182744229

Signed-off-by: Christian Stewart <christian@paral.in>
 2022-12-21 18:38:11 +01:00
Val 0ec7ffbfe9 Upgrade go-fuse 
Ran `go get -u github.com/hanwen/go-fuse/v2@master` to get this diff

As pointed out in https://github.com/rfjakob/gocryptfs/issues/595#issuecomment-1222271612, go-fuse was updated with a patch to allow `-reverse` mode on macOS!
 2022-11-27 10:18:11 +01:00
Jakob Unterwurzacher f8bd172289 Update changelog for v2.3.0 2022-10-21 22:06:25 +02:00
Jakob Unterwurzacher a55b3cc15a tests/matrix: fix data race in TestConcurrentReadWrite 
Fixes https://github.com/golang/go/issues/54715

Output was:

$ go test ./tests/matrix -run TestConcurrentReadWrite -race
test_helpers: warning: testParentDir "/tmp/gocryptfs-test-parent-1026" does not reside on ext4, we will miss failures caused by ino reuse
PASS
PASS
==================
WARNING: DATA RACE
Write at 0x00c00038a0e0 by goroutine 63:
  runtime.racewriterange()
      <autogenerated>:1 +0x29
  internal/poll.(*FD).Pread()
      /usr/local/go/src/internal/poll/fd_unix.go:193 +0x169
  os.(*File).pread()
      /usr/local/go/src/os/file_posix.go:40 +0x335
  os.(*File).ReadAt()
      /usr/local/go/src/os/file.go:136 +0x2de
  github.com/rfjakob/gocryptfs/v2/tests/matrix.TestConcurrentReadWrite.func1()
      /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/matrix/concurrency_test.go:40 +0x14b

Previous write at 0x00c00038a0e0 by goroutine 61:
  runtime.racewriterange()
      <autogenerated>:1 +0x29
  internal/poll.(*FD).Pread()
      /usr/local/go/src/internal/poll/fd_unix.go:193 +0x169
  os.(*File).pread()
      /usr/local/go/src/os/file_posix.go:40 +0x335
  os.(*File).ReadAt()
      /usr/local/go/src/os/file.go:136 +0x2de
  github.com/rfjakob/gocryptfs/v2/tests/matrix.TestConcurrentReadWrite.func1()
      /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/matrix/concurrency_test.go:40 +0x14b

Goroutine 63 (running) created at:
  github.com/rfjakob/gocryptfs/v2/tests/matrix.TestConcurrentReadWrite()
      /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/matrix/concurrency_test.go:34 +0x31d
  testing.tRunner()
      /usr/local/go/src/testing/testing.go:1446 +0x216
  testing.(*T).Run.func1()
      /usr/local/go/src/testing/testing.go:1493 +0x47

Goroutine 61 (running) created at:
  github.com/rfjakob/gocryptfs/v2/tests/matrix.TestConcurrentReadWrite()
      /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/matrix/concurrency_test.go:34 +0x31d
  testing.tRunner()
      /usr/local/go/src/testing/testing.go:1446 +0x216
  testing.(*T).Run.func1()
      /usr/local/go/src/testing/testing.go:1493 +0x47
==================
--- FAIL: TestConcurrentReadWrite (0.03s)
    testing.go:1319: race detected during execution of test
FAIL
TestMain: matrix[2] = matrix.testcaseMatrix{plaintextnames:false, openssl:"false", aessiv:false, raw64:false, extraArgs:[]string(nil)} failed
FAIL	github.com/rfjakob/gocryptfs/v2/tests/matrix	0.170s
FAIL
 2022-08-28 20:31:27 +02:00
Jakob Unterwurzacher 59165f0f53 github ci: add new stable Go versions 2022-08-28 12:10:25 +02:00
5 changed files with 27 additions and 38 deletions
Show Stats Expand all files Collapse all files

9
go.mod
View File

@ -3,15 +3,8 @@ module libgocryptfs/v2
go 1.19
require (
github.com/jacobsa/crypto v0.0.0-20190317225127-9f44e2d11115
github.com/aperturerobotics/jacobsa-crypto v1.0.1
github.com/rfjakob/eme v1.1.2
golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90
golang.org/x/sys v0.0.0-20220915200043-7b5979e65e41
)
require (
github.com/jacobsa/oglematchers v0.0.0-20150720000706-141901ea67cd // indirect
github.com/jacobsa/oglemock v0.0.0-20150831005832-e94d794d06ff // indirect
github.com/jacobsa/ogletest v0.0.0-20170503003838-80d50a735a11 // indirect
github.com/jacobsa/reqtrace v0.0.0-20150505043853-245c9e0234cb // indirect
)

10
go.sum
View File

@ -1,17 +1,13 @@
github.com/jacobsa/crypto v0.0.0-20190317225127-9f44e2d11115 h1:YuDUUFNM21CAbyPOpOP8BicaTD/0klJEKt5p8yuw+uY=
github.com/jacobsa/crypto v0.0.0-20190317225127-9f44e2d11115/go.mod h1:LadVJg0XuawGk+8L1rYnIED8451UyNxEMdTWCEt5kmU=
github.com/aperturerobotics/jacobsa-crypto v1.0.1 h1:BsIgQFvT0uveYFe+0hc7SwSsCNNIPmxFjm9oi0qGdGM=
github.com/aperturerobotics/jacobsa-crypto v1.0.1/go.mod h1:oR/7BV4/0QbjutdWNOQ2N0PxGPT9qFVDi4gw0UepxDA=
github.com/jacobsa/oglematchers v0.0.0-20150720000706-141901ea67cd h1:9GCSedGjMcLZCrusBZuo4tyKLpKUPenUUqi34AkuFmA=
github.com/jacobsa/oglematchers v0.0.0-20150720000706-141901ea67cd/go.mod h1:TlmyIZDpGmwRoTWiakdr+HA1Tukze6C6XbRVidYq02M=
github.com/jacobsa/oglemock v0.0.0-20150831005832-e94d794d06ff h1:2xRHTvkpJ5zJmglXLRqHiZQNjUoOkhUyhTAhEQvPAWw=
github.com/jacobsa/oglemock v0.0.0-20150831005832-e94d794d06ff/go.mod h1:gJWba/XXGl0UoOmBQKRWCJdHrr3nE0T65t6ioaj3mLI=
github.com/jacobsa/ogletest v0.0.0-20170503003838-80d50a735a11 h1:BMb8s3ENQLt5ulwVIHVDWFHp8eIXmbfSExkvdn9qMXI=
github.com/jacobsa/ogletest v0.0.0-20170503003838-80d50a735a11/go.mod h1:+DBdDyfoO2McrOyDemRBq0q9CMEByef7sYl7JH5Q3BI=
github.com/jacobsa/reqtrace v0.0.0-20150505043853-245c9e0234cb h1:uSWBjJdMf47kQlXMwWEfmc864bA1wAC+Kl3ApryuG9Y=
github.com/jacobsa/reqtrace v0.0.0-20150505043853-245c9e0234cb/go.mod h1:ivcmUvxXWjb27NsPEaiYK7AidlZXS7oQ5PowUS9z3I4=
github.com/rfjakob/eme v1.1.2 h1:SxziR8msSOElPayZNFfQw4Tjx/Sbaeeh3eRvrHVMUs4=
github.com/rfjakob/eme v1.1.2/go.mod h1:cVvpasglm/G3ngEfcfT/Wt0GwhkuO32pf/poW6Nyk1k=
golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 h1:Y/gsMcFOcR+6S6f3YeMKl5g+dZMEWqcz5Czj/GWYbkM=
golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 h1:CIJ76btIcR3eFI5EgSo6k1qKw9KJexJuRLI9G7Hp5wE=
golang.org/x/net v0.0.0-20220708220712-1185a9018129 h1:vucSRfWwTsoXro7P+3Cjlr6flUMtzCwzlvkxEQtHHB0=
golang.org/x/sys v0.0.0-20220915200043-7b5979e65e41 h1:ohgcoMbSofXygzo6AD2I1kz3BFmW1QArPYTtwEM3UXc=
golang.org/x/sys v0.0.0-20220915200043-7b5979e65e41/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=

4
internal/siv_aead/siv_aead.go
View File

@ -6,7 +6,7 @@ import (
"crypto/cipher"
"log"
"github.com/jacobsa/crypto/siv"
"github.com/aperturerobotics/jacobsa-crypto/siv"
)
type sivAead struct {
@ -63,7 +63,7 @@ func (s *sivAead) Seal(dst, nonce, plaintext, authData []byte) []byte {
if len(s.key) == 0 {
log.Panic("Key has been wiped?")
}
// https://github.com/jacobsa/crypto/blob/master/siv/encrypt.go#L48:
// https://github.com/aperturerobotics/jacobsa-crypto/blob/master/siv/encrypt.go#L48:
// As per RFC 5297 section 3, you may use this function for nonce-based
// authenticated encryption by passing a nonce as the last associated
// data element.

36
internal/stupidgcm/doc.go
View File

@ -16,13 +16,13 @@
// However, OpenSSL has optimized assembly for almost all platforms, which Go
// does not. Example for a 32-bit ARM device (Odroid XU4):
//
// $ gocrypts -speed
// gocryptfs v2.1-68-gedf9d4c.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-04 go1.16.7 linux/arm
// AES-GCM-256-OpenSSL 56.84 MB/s (selected in auto mode)
// AES-GCM-256-Go 16.61 MB/s
// AES-SIV-512-Go 16.49 MB/s
// XChaCha20-Poly1305-Go 39.08 MB/s (use via -xchacha flag)
// XChaCha20-Poly1305-OpenSSL 141.82 MB/s
// $ gocrypts -speed
// gocryptfs v2.1-68-gedf9d4c.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-04 go1.16.7 linux/arm
// AES-GCM-256-OpenSSL 56.84 MB/s (selected in auto mode)
// AES-GCM-256-Go 16.61 MB/s
// AES-SIV-512-Go 16.49 MB/s
// XChaCha20-Poly1305-Go 39.08 MB/s (use via -xchacha flag)
// XChaCha20-Poly1305-OpenSSL 141.82 MB/s
//
// This package is "stupid" in the sense that it only supports a narrow set of
// key- and iv-lengths, and panics if it does not like what you pass it.
@ -33,7 +33,7 @@
// Corrupt ciphertexts never cause a panic. Instead, ErrAuth is returned on
// decryption.
//
// XChaCha20-Poly1305
// # XChaCha20-Poly1305
//
// The XChaCha20-Poly1305 implementation is more complicated than the others,
// because OpenSSL does not support XChaCha20-Poly1305 directly. Follow
@ -43,16 +43,16 @@
// Fortunately, XChaCha20-Poly1305 is just ChaCha20-Poly1305 with some key+iv
// mixing using HChaCha20 in front:
//
// key (32 bytes), iv (24 bytes)
// |
// v
// HChaCha20 (provided by golang.org/x/crypto/chacha20)
// |
// v
// key2 (32 bytes), iv2 (16 bytes)
// |
// v
// ChaCha20-Poly1305 (OpenSSL EVP_chacha20_poly1305)
// key (32 bytes), iv (24 bytes)
// |
// v
// HChaCha20 (provided by golang.org/x/crypto/chacha20)
// |
// v
// key2 (32 bytes), iv2 (16 bytes)
// |
// v
// ChaCha20-Poly1305 (OpenSSL EVP_chacha20_poly1305)
//
// As HChaCha20 is very fast, XChaCha20-Poly1305 gets almost the same throughput
// as ChaCha20-Poly1305 (for 4kiB blocks).

6
internal/stupidgcm/prefer.go
View File

@ -11,9 +11,9 @@ import (
//
// Go GCM is only faster if the CPU either:
//
// 1) Is X86_64 && has AES instructions && Go is v1.6 or higher
// 2) Is ARM64 && has AES instructions && Go is v1.11 or higher
// (commit https://github.com/golang/go/commit/4f1f503373cda7160392be94e3849b0c9b9ebbda)
// 1. Is X86_64 && has AES instructions && Go is v1.6 or higher
// 2. Is ARM64 && has AES instructions && Go is v1.11 or higher
// (commit https://github.com/golang/go/commit/4f1f503373cda7160392be94e3849b0c9b9ebbda)
//
// See https://github.com/rfjakob/gocryptfs/wiki/CPU-Benchmarks
// for benchmarks.