charm icon indicating copy to clipboard operation
charm copied to clipboard

Published 20 hours ago • verified publisher icon charmbracelet

Unmaintained dependency github.com/jacobsa/crypto

Open piggynl opened this issue 2 years ago • 6 comments

Hi developers,

Dependency github.com/jacobsa/crypto is no longer maintained. The latest commit was 3 years ago, and the author isn't responding to new issues and PRs. It fails to build in riscv64 environment now. Do you have any plan to replace this dependency with a well-maintained alternative? Also, I can maintain a fork of it to make it build in riscv64 and accept new changes, so that Charm can use it.

piggynl avatar May 16 '22 12:05 piggynl

Hi @piggynl

Why does it fail to build for riscv64? Do you know any well-maintained alternatives?

EDIT: I think this is a good alternative subtle

aymanbagabas avatar May 24 '22 20:05 aymanbagabas

Why does it fail to build for riscv64?

Because it misses an implementation of function xorBlock for RISC-V, as jacobsa/crypto#13 mentioned. (~~Although the code is not used by charm~~ EDIT: it is actually used) jacobsa/crypto#14 adds the implementation.

I think this is a good alternative subtle

I'll take a closer look. :smile_cat:

piggynl avatar May 25 '22 08:05 piggynl

Hi @aymanbagabas,

Currently, charm uses a 32-byte key (cr.keys[0].Key[:32]) and no additional associated data (AD, the last argument nil)...

https://github.com/charmbracelet/charm/blob/dab882a1940f748f9172a063e9baec28877d0367/crypt/crypt.go#L106

...while github.com/google/tink/go/daead/subtle you mentioned only supports 64-byte keys ...

https://github.com/google/tink/blob/9f30c97cb84b10bbba6978bc9c12c86478024050/go/daead/subtle/aes_siv.go#L63-L64

...and only implemented deterministic authenticated encryption with SIV (the number of components in AD vector is 1).

https://github.com/google/tink/blob/9f30c97cb84b10bbba6978bc9c12c86478024050/go/daead/subtle/aes_siv.go#L114

https://github.com/google/tink/blob/9f30c97cb84b10bbba6978bc9c12c86478024050/go/daead/subtle/aes_siv.go#L131

It appears Google thinks a 32-byte key cannot provide enough security...

...A consequence of this attack is that 128-bit MAC keys give unsufficient security.

https://pkg.go.dev/github.com/google/tink/go/daead/subtle#AESSIV

...so they probably won't consider add support to meet our use. As a result, this package is not we're looking for.

What we're looking for is package implemented AEAD_AES_SIV_CMAC_256 in RFC 5297. There are a few in this GitHub search result, but most of them haven't been updated in years. The last update on github.com/ChandraNarreddy/siv was 5 months ago, but I have no idea how reliable it is too. Do you have any idea?

piggynl avatar May 27 '22 13:05 piggynl

I'll use

go mod edit -replace github.com/jacobsa/crypto=github.com/piggynl/jacobsa-crypto@xorblock-generic

(replace github.com/jacobsa/crypto with jacobsa/crypto#14) to make charm build on linux/riscv64 on my side :smile_cat:

piggynl avatar Jun 02 '22 10:06 piggynl

Ran into this earlier trying to get gocryptfs to build on risc, thanks for looking into it and saving me the hassle @piggynl

paralin avatar Jun 25 '22 21:06 paralin

@piggynl I'm wondering if it might be good to fork this & maintain it as a different import path if the author doesn't merge.

paralin avatar Jun 25 '22 21:06 paralin