gocryptfs/internal/cryptocore, branch v1.7Mirror of gocryptfs source code on Githubhttp://nuetzlich.net/cgit/gocryptfs/atom?h=v1.72018-02-28T08:02:18+00:00tlog: stop embedding log.Logger to prevent mistakes2018-02-28T08:02:18+00:00Jakob Unterwurzacher2018-02-28T08:02:18+00:00urn:sha1:b96e3ee2717531e842c492c3a6799d1d0c3e51cb
A few places have called tlog.Warn.Print, which directly
calls into log.Logger due to embedding, losing all features
of tlog.
Stop embedding log.Logger to make sure the internal functions
cannot be called accidentially and fix (several!) instances
that did.
cryptocore: make AEADTypeEnum values explicit2018-02-18T15:20:38+00:00Jakob Unterwurzacher2018-02-18T15:20:38+00:00urn:sha1:5ad9bda206e476fea866907e2f0545257f74e1f0
We now print the number in a debug message, so define
the numeric values explicitely instead of using iota.
This way you don't have to understand how iota works
to find out what the number means. Lack of understanding
of how iota works is also the reason why the numbers
start at 3 (to keep the current behavoir).
cryptocore: zero derived keys2018-02-18T15:07:09+00:00Jakob Unterwurzacher2018-02-18T15:07:09+00:00urn:sha1:6c6947126d38f8988bcbf59db088c9cddc55b9ab
Zero the HKDF-derived keys when we don't need them
anymore, and let the variable run of of scope.
https://github.com/rfjakob/gocryptfs/issues/211
cryptocore, main: add two comments2018-02-18T11:41:11+00:00Jakob Unterwurzacher2018-02-18T11:41:11+00:00urn:sha1:bd78b44389189a57816f9d5be3e4c5fb3c73700f
While reading the code, I had to think about what it
does, so add a comment that explains it.
stupidgcm: create private copy of the key2018-02-18T11:35:51+00:00Jakob Unterwurzacher2018-02-18T11:33:48+00:00urn:sha1:72ddbae1e60470943aaae0bfce74ebdc88c07cd2
Relieves the caller from worrying about whether they
can overwrite the key.
main: try to wipe cryptocore's secret keys on unmount2018-02-18T10:39:10+00:00Jakob Unterwurzacher2018-02-18T10:33:47+00:00urn:sha1:18f6c6106c66ba1fe6e7b48aaa5dd444ba0f9b09
Raise the bar for recovering keys from memory.
https://github.com/rfjakob/gocryptfs/issues/211
Fix misspellings reported by goreportcard.com2017-08-21T19:06:05+00:00Jakob Unterwurzacher2017-08-21T19:06:05+00:00urn:sha1:ed046aa35978c835d79f9cb3ee359349ee9145c5
https://goreportcard.com/report/github.com/rfjakob/gocryptfs#misspell
cryptocore: add urandom + randprefetch benchmarks2017-08-16T16:33:00+00:00Jakob Unterwurzacher2017-08-16T16:33:00+00:00urn:sha1:312ea32bb70abb93be315d0b7c442d5c4ae571d9
The benchmark that supported the decision for 512-byte
prefetching previously lived outside the repo.
Let's add it where it belongs so it cannot get lost.
main: purge masterkey from memory as soon as possible2017-08-11T17:02:26+00:00Jakob Unterwurzacher2017-08-11T16:42:30+00:00urn:sha1:0c520845f3623eff28f0277a52e3ccffd928f5c2
Remove the "Masterkey" field from fusefrontend.Args because it
should not be stored longer than neccessary. Instead pass the
masterkey as a separate argument to the filesystem initializers.
Then overwrite it with zeros immediately so we don't have
to wait for garbage collection.
Note that the crypto implementation still stores at least a
masterkey-derived value, so this change makes it harder, but not
impossible, to extract the encryption keys from memory.
Suggested at https://github.com/rfjakob/gocryptfs/issues/137
macos: make testing without openssl work properly2017-07-14T21:22:15+00:00Jakob Unterwurzacher2017-07-14T21:22:15+00:00urn:sha1:ccf1a84e417e9f7d83f31c61c44cf3851703b1e4
On MacOS, building and testing without openssl is much easier.
The tests should skip tests that fail because of missing openssl
instead of aborting.
Fixes https://github.com/rfjakob/gocryptfs/issues/123