gocryptfs
gocryptfs copied to clipboard
Build failure against riscv64
github.com/jacobsa/crypto/cmac
golang.org/x/sys/cpu
# github.com/jacobsa/crypto/cmac
vendor/github.com/jacobsa/crypto/cmac/hash.go:97:3: undefined: xorBlock
See: http://autobuild.buildroot.net/results/caa60874781c4077273884eb37281cc9e02ef9ac/build-end.log
Riscv: https://github.com/jacobsa/crypto/issues/13 Fixed by this PR: https://github.com/jacobsa/crypto/pull/14
https://github.com/skiffos/buildroot/commit/cc0e708c813e200b88855fb7161f8d8b5c8797f3#diff-b031f960e07162c6f96a4bc6e0828d68843d00803909417bc4c4d485858acfcd
That jacobsa/crypto is unmaintained is a problem.
Does https://github.com/google/tink/blob/master/go/daead/subtle/aes_siv.go work on RISC-V ?
Probably. I don't see why not. I can test it soon
Looks like tink won't work as it only supports a single associated data string: https://github.com/google/tink/blob/214697ad4ad090947ffbfe7b5e9a1c7ee46c6058/go/daead/subtle/aes_siv.go#L114 gocryptfs uses two.
For posterity: Speed of tink is a little slower but acceptable
gocryptfs/internal/speed $ go test -bench .
BenchmarkAESSIV-4 64172 18444 ns/op 222.07 MB/s
BenchmarkTinkAESSIV-4 55764 21730 ns/op 188.50 MB/s
diff --git a/internal/speed/speed.go b/internal/speed/speed.go
index aef3ad6..75b21b3 100644
--- a/internal/speed/speed.go
+++ b/internal/speed/speed.go
@@ -14,6 +14,8 @@ import (
"golang.org/x/crypto/chacha20poly1305"
+ "github.com/google/tink/go/daead/subtle"
+
"github.com/rfjakob/gocryptfs/v2/internal/cryptocore"
"github.com/rfjakob/gocryptfs/v2/internal/siv_aead"
"github.com/rfjakob/gocryptfs/v2/internal/stupidgcm"
@@ -97,7 +99,32 @@ func bEncrypt(b *testing.B, c cipher.AEAD) {
// Encrypt and append to nonce
c.Seal(dst, iv, in, authData)
}
+}
+
+func bTinkAESSIV(b *testing.B) {
+ c, err := subtle.NewAESSIV(randBytes(64))
+ if err != nil {
+ panic(err)
+ }
+
+ authData := randBytes(adLen)
+ iv := randBytes(16)
+ in := make([]byte, blockSize)
+ dst := make([]byte, len(in)+len(iv)+16)
+ copy(dst, iv)
+ b.SetBytes(int64(len(in)))
+ b.ResetTimer()
+ for i := 0; i < b.N; i++ {
+ // Reset dst buffer
+ dst = dst[:len(iv)]
+ // Encrypt and append to nonce
+ o, err := c.EncryptDeterministically(in, authData)
+ if err != nil {
+ panic(err)
+ }
+ dst = append(dst, o...)
+ }
}
func bDecrypt(b *testing.B, c cipher.AEAD) {
diff --git a/internal/speed/speed_test.go b/internal/speed/speed_test.go
index 5f3001b..261af4f 100644
--- a/internal/speed/speed_test.go
+++ b/internal/speed/speed_test.go
@@ -82,3 +82,7 @@ func BenchmarkStupidChacha(b *testing.B) {
func BenchmarkStupidChachaDecrypt(b *testing.B) {
bDecrypt(b, stupidgcm.NewChacha20poly1305(randBytes(32)))
}
+
+func BenchmarkTinkAESSIV(b *testing.B) {
+ bTinkAESSIV(b)
+}
Fixed via https://github.com/rfjakob/gocryptfs/commit/7ee4c8e9c3b0fb630b48c5940a7faa220ef5e63a .