gocryptfs/internal/stupidgcm, branch v1.7-rc1

gocryptfs/internal/stupidgcm, branch v1.7-rc1 Mirror of gocryptfs source code on Github http://nuetzlich.net/cgit/gocryptfs/atom?h=v1.7-rc1 2018-12-27T14:19:55+00:00 Assorted spelling fixes. 2018-12-27T14:19:55+00:00 Sebastian Lackner 2018-12-27T11:03:00+00:00 urn:sha1:874eaf9734cc10940e08f7b043652449e1e220b5 Mostly detected with the 'codespell' utility, but also includes some manual grammar fixes. stupidgcm: return error on too short input instead of panicing 2018-05-10T21:00:02+00:00 Jakob Unterwurzacher 2018-05-10T20:44:03+00:00 urn:sha1:a276321dea04eaa0cfc80c56e8faca4b8ded0b7a This is what Go GCM does as well. Fix the easy golint warnings 2018-04-08T18:26:25+00:00 Jakob Unterwurzacher 2018-04-08T18:24:29+00:00 urn:sha1:bcc8378a2c07476a43c1fe316b79590177ded3d3 Reported by https://goreportcard.com/report/github.com/rfjakob/gocryptfs stupidgcm: create private copy of the key 2018-02-18T11:35:51+00:00 Jakob Unterwurzacher 2018-02-18T11:33:48+00:00 urn:sha1:72ddbae1e60470943aaae0bfce74ebdc88c07cd2 Relieves the caller from worrying about whether they can overwrite the key. main: try to wipe cryptocore's secret keys on unmount 2018-02-18T10:39:10+00:00 Jakob Unterwurzacher 2018-02-18T10:33:47+00:00 urn:sha1:18f6c6106c66ba1fe6e7b48aaa5dd444ba0f9b09 Raise the bar for recovering keys from memory. https://github.com/rfjakob/gocryptfs/issues/211 stupidgcm: implement key wipe 2018-02-17T14:14:55+00:00 Jakob Unterwurzacher 2018-02-17T14:12:45+00:00 urn:sha1:eeed4b4bef64059e5a52f4ceaa0d3a52b197349a Not bulletproof due to possible GC copies, but still raises to bar for extracting the key. https://github.com/rfjakob/gocryptfs/issues/211 stupidgcm: switch to pointer receivers 2018-02-17T14:02:01+00:00 Jakob Unterwurzacher 2018-02-17T14:02:01+00:00 urn:sha1:7e0fefe970b98be7e455f671dbd0e994abd52110 What the key slice does not get copied around will make it possible to check if the key has been wiped. macos: make testing without openssl work properly 2017-07-14T21:22:15+00:00 Jakob Unterwurzacher 2017-07-14T21:22:15+00:00 urn:sha1:ccf1a84e417e9f7d83f31c61c44cf3851703b1e4 On MacOS, building and testing without openssl is much easier. The tests should skip tests that fail because of missing openssl instead of aborting. Fixes https://github.com/rfjakob/gocryptfs/issues/123 stupidgcm: fix openssl 1.1 build failure 2017-07-14T18:44:07+00:00 Jakob Unterwurzacher 2017-07-14T18:43:12+00:00 urn:sha1:61e964457d27cbe7cbedaa7bf81d1e78f685960b Fixed by including the correct header. Should work on older openssl versions as well. Error was: locking.go:21: undefined reference to `CRYPTO_set_locking_callback' stupidgcm: add test for in-place Open 2017-07-01T07:56:05+00:00 Jakob Unterwurzacher 2017-07-01T07:55:14+00:00 urn:sha1:9f4bd765762237e1d0e95c5194fe9768f1281c8c Adds a test for the optimization introduced in: stupidgcm: Open: if "dst" is big enough, use it as the output buffer