aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Documentation/SECURITY.md4
-rw-r--r--Documentation/file-name-encryption.svg134
2 files changed, 91 insertions, 47 deletions
diff --git a/Documentation/SECURITY.md b/Documentation/SECURITY.md
index e9e1015..003eadb 100644
--- a/Documentation/SECURITY.md
+++ b/Documentation/SECURITY.md
@@ -37,6 +37,8 @@ File Names
Every directory gets a 128-bit directory IV that is stored in each
directory as `gocryptfs.diriv`.
-File names are encrypted using AES-256-CBC with the directory IV.
+File names are encrypted using AES-256-CBC with the directory IV as
+initialization vector. The Base64 encoding limits the usable filename length
+to 176 characters.
![](https://rawgit.com/rfjakob/gocryptfs/master/Documentation/file-name-encryption.svg)
diff --git a/Documentation/file-name-encryption.svg b/Documentation/file-name-encryption.svg
index 19298c5..4093f24 100644
--- a/Documentation/file-name-encryption.svg
+++ b/Documentation/file-name-encryption.svg
@@ -9,9 +9,9 @@
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
- width="158.73833mm"
- height="39.28363mm"
- viewBox="0 0 562.45863 139.19395"
+ width="182.44499mm"
+ height="29.394854mm"
+ viewBox="0 0 646.45862 104.15498"
id="svg2"
version="1.1"
inkscape:version="0.91 r13725"
@@ -19,6 +19,21 @@
<defs
id="defs4">
<marker
+ inkscape:stockid="Arrow1Mend"
+ orient="auto"
+ refY="0"
+ refX="0"
+ id="marker14911"
+ style="overflow:visible"
+ inkscape:isstock="true">
+ <path
+ id="path14913"
+ d="M 0,0 5,-5 -12.5,0 5,5 0,0 Z"
+ style="fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1pt;stroke-opacity:1"
+ transform="matrix(-0.4,0,0,-0.4,-4,0)"
+ inkscape:connector-curvature="0" />
+ </marker>
+ <marker
inkscape:isstock="true"
style="overflow:visible"
id="marker9315"
@@ -135,8 +150,8 @@
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="1.979899"
- inkscape:cx="279.63722"
- inkscape:cy="70.50185"
+ inkscape:cx="299.54034"
+ inkscape:cy="65.144047"
inkscape:document-units="px"
inkscape:current-layer="layer1"
showgrid="true"
@@ -161,7 +176,7 @@
spacingx="3.543307"
spacingy="3.5433069"
originx="-116.36615"
- originy="-688.1612" />
+ originy="-722.62329" />
</sodipodi:namedview>
<metadata
id="metadata7">
@@ -179,45 +194,45 @@
inkscape:label="Layer 1"
inkscape:groupmode="layer"
id="layer1"
- transform="translate(-116.36614,-225.00693)">
+ transform="translate(-116.36614,-225.58383)">
<rect
style="opacity:1;fill:#b0b0b0;fill-opacity:1;stroke:none;stroke-width:1;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
id="rect4273-2"
width="202.06071"
height="70.915802"
- x="469.67743"
+ x="553.67743"
y="251.7364" />
<rect
style="opacity:1;fill:#ffffff;fill-opacity:1;stroke:#000000;stroke-width:1;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
id="rect4267-1"
width="180.79115"
height="21.25984"
- x="481.06256"
+ x="565.06256"
y="260.98331" />
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:90.02054596px;line-height:125%;font-family:Arial;-inkscape-font-specification:'Arial Bold';letter-spacing:67.66544342px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
- x="532.00171"
+ x="615.98376"
y="244.4257"
id="text4155-7"
sodipodi:linespacing="125%"
transform="scale(1.0002283,0.99977176)"><tspan
sodipodi:role="line"
id="tspan4157-2"
- x="532.00171"
+ x="615.98376"
y="244.4257"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:15.00342369px;font-family:sans-serif;-inkscape-font-specification:sans-serif;letter-spacing:0px">Directory X</tspan></text>
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:90.02054596px;line-height:125%;font-family:Arial;-inkscape-font-specification:'Arial Bold';letter-spacing:67.66544342px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
- x="519.39117"
+ x="603.37323"
y="275.30154"
id="text4155-88-3"
sodipodi:linespacing="125%"
- transform="scale(1.0002283,0.99977178)"><tspan
+ transform="scale(1.0002283,0.99977176)"><tspan
sodipodi:role="line"
id="tspan4157-9-7"
- x="519.39117"
+ x="603.37323"
y="275.30154"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:15.00342369px;font-family:sans-serif;-inkscape-font-specification:sans-serif;letter-spacing:0px">gocryptfs.diriv</tspan></text>
<text
@@ -238,30 +253,30 @@
width="127.61733"
height="21.259842"
x="303.21915"
- y="293.60205"
+ y="293.23734"
ry="10.629921" />
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:90.02054596px;line-height:125%;font-family:Arial;-inkscape-font-specification:'Arial Bold';letter-spacing:67.66544342px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="316.79153"
- y="309.0708"
+ y="309.39807"
id="text4155-6-5-7-9-1"
sodipodi:linespacing="125%"
- transform="scale(1.0002283,0.99977178)"><tspan
+ transform="scale(1.0002283,0.99977177)"><tspan
sodipodi:role="line"
id="tspan4157-3-0-7-6-8"
x="316.79153"
- y="309.0708"
+ y="309.39807"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:15.00342369px;font-family:sans-serif;-inkscape-font-specification:sans-serif;letter-spacing:0px">AES-256-CBC</tspan></text>
<path
style="opacity:1;fill:none;fill-opacity:1;stroke:#000000;stroke-width:1;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker-end:url(#marker8559)"
- d="m 474.94047,270.16733 -107.49863,0.0896 0,17.75633"
+ d="m 558.97059,270.16733 -169.78791,0.0896 0,17.75633"
id="path8551"
inkscape:connector-curvature="0"
sodipodi:nodetypes="ccc" />
<path
style="opacity:1;fill:none;fill-opacity:1;stroke:#000000;stroke-width:0.99999988;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker-end:url(#marker8949)"
- d="m 257.92054,303.02308 40.39527,0.0845"
+ d="m 257.92054,303.7971 40.39527,0.0845"
id="path8941"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cc" />
@@ -271,23 +286,23 @@
width="127.61729"
height="21.259859"
x="123.95276"
- y="292.47751" />
+ y="293.23734" />
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:90.02054596px;line-height:125%;font-family:Arial;-inkscape-font-specification:'Arial Bold';letter-spacing:67.66544342px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="146.35033"
- y="307.31262"
+ y="309.52994"
id="text4155-88-3-1"
sodipodi:linespacing="125%"
- transform="scale(1.0002283,0.99977178)"><tspan
+ transform="scale(1.0002283,0.99977177)"><tspan
sodipodi:role="line"
id="tspan4157-9-7-3"
x="146.35033"
- y="307.31262"
+ y="309.52994"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:15.00342369px;font-family:sans-serif;-inkscape-font-specification:sans-serif;letter-spacing:0px">&quot;letter.doc&quot;</tspan></text>
<path
- style="opacity:1;fill:none;fill-opacity:1;stroke:#000000;stroke-width:0.99999988;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker-end:url(#marker8949-8)"
- d="m 434.33388,303.67621 40.39527,0.0844"
+ style="opacity:1;fill:none;fill-opacity:1;stroke:#000000;stroke-width:0.99999982;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker-end:url(#marker8949-8)"
+ d="m 435.14323,303.81321 19.07004,0.0844"
id="path8941-5"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cc" />
@@ -296,63 +311,90 @@
id="rect4267-1-0"
width="180.79115"
height="21.25984"
- x="481.17648"
- y="293.90228" />
+ x="565.17651"
+ y="293.23734" />
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:90.02054596px;line-height:125%;font-family:Arial;-inkscape-font-specification:'Arial Bold';letter-spacing:67.66544342px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
- x="489.49826"
- y="308.22809"
+ x="573.47998"
+ y="308.07574"
id="text4155-88-3-0"
sodipodi:linespacing="125%"
- transform="scale(1.0002283,0.99977178)"><tspan
+ transform="scale(1.0002283,0.99977176)"><tspan
sodipodi:role="line"
id="tspan4157-9-7-0"
- x="489.49826"
- y="308.22809"
+ x="573.47998"
+ y="308.07574"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:15.00342369px;font-family:sans-serif;-inkscape-font-specification:sans-serif;letter-spacing:0px">lrpyui0m-ypX4u0PNJ...</tspan></text>
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:90.10359192px;line-height:125%;font-family:Arial;-inkscape-font-specification:'Arial Bold';letter-spacing:67.72786713px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
- x="326.56442"
- y="349.97977"
+ x="304.04675"
+ y="247.91684"
id="text4155-8-2"
sodipodi:linespacing="125%"
transform="scale(0.99921742,1.0007832)"><tspan
sodipodi:role="line"
id="tspan4157-1-2"
- x="326.56442"
- y="349.97977"
+ x="304.04675"
+ y="247.91684"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:15.01726532px;font-family:sans-serif;-inkscape-font-specification:sans-serif;letter-spacing:0px">Master key</tspan></text>
<rect
style="opacity:1;fill:none;fill-opacity:1;stroke:#000000;stroke-width:1;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
id="rect4271-4"
width="106.3383"
height="21.300985"
- x="313.80774"
- y="335.31329" />
+ x="291.30774"
+ y="233.17044" />
<path
- style="opacity:1;fill:none;fill-opacity:1;stroke:#000000;stroke-width:1;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker-end:url(#marker9315)"
- d="m 368.50393,333.07083 0,-14.17323"
+ style="opacity:1;fill:none;fill-opacity:1;stroke:#000000;stroke-width:0.99999994;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker-end:url(#marker9315)"
+ d="m 340.82535,258.96369 0,29.21511"
id="path4825"
inkscape:connector-curvature="0" />
<path
inkscape:connector-curvature="0"
- d="m 357.72187,318.88698 c -2.19348,0 -3.97122,1.77773 -3.97122,3.97121 0,0.30404 0.0341,0.59878 0.0993,0.88266 l -6.07006,6.06851 0,0.9928 0.9928,0.9928 1.98561,0 0.99281,-0.9928 0,-0.9928 0.9928,0 0,-0.9928 0.9928,0 0,-0.9928 1.9856,0 1.09829,-1.09829 c 0.29008,0.0666 0.59102,0.10233 0.90128,0.10233 2.19347,0 3.9712,-1.77773 3.9712,-3.9712 0,-2.19348 -1.77928,-3.96967 -3.9712,-3.96967 z m -3.98518,6.95116 -4.96401,4.96402 0,-0.9928 4.96401,-4.96402 0,0.9928 z m 4.96401,-2.9784 c -0.54759,0 -0.9928,-0.44521 -0.9928,-0.9928 0,-0.54759 0.44521,-0.9928 0.9928,-0.9928 0.5476,0 0.99281,0.44521 0.99281,0.9928 0,0.54759 -0.44521,0.9928 -0.99281,0.9928 z"
+ d="m 332.00759,267.10127 c -2.19348,0 -3.97122,1.77773 -3.97122,3.97121 0,0.30404 0.0341,0.59878 0.0993,0.88266 l -6.07006,6.06851 0,0.9928 0.9928,0.9928 1.98561,0 0.99281,-0.9928 0,-0.9928 0.9928,0 0,-0.9928 0.9928,0 0,-0.9928 1.9856,0 1.09829,-1.09829 c 0.29008,0.0666 0.59102,0.10233 0.90128,0.10233 2.19347,0 3.9712,-1.77773 3.9712,-3.9712 0,-2.19348 -1.77928,-3.96967 -3.9712,-3.96967 z m -3.98518,6.95116 -4.96401,4.96402 0,-0.9928 4.96401,-4.96402 0,0.9928 z m 4.96401,-2.9784 c -0.54759,0 -0.9928,-0.44521 -0.9928,-0.9928 0,-0.54759 0.44521,-0.9928 0.9928,-0.9928 0.5476,0 0.99281,0.44521 0.99281,0.9928 0,0.54759 -0.44521,0.9928 -0.99281,0.9928 z"
id="path7910"
style="fill:#ffcc00;fill-opacity:1;stroke:none;stroke-opacity:1" />
<text
xml:space="preserve"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:90.01774597px;line-height:125%;font-family:Arial;-inkscape-font-specification:'Arial Bold';letter-spacing:67.66333771px;word-spacing:0px;fill:#aa00d4;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
- x="347.14761"
- y="283.80792"
+ x="462.66055"
+ y="266.66168"
id="text4155-88-3-5-0"
sodipodi:linespacing="125%"
transform="scale(1.0001971,0.99980293)"><tspan
sodipodi:role="line"
id="tspan4157-9-7-3-8"
- x="347.14761"
- y="283.80792"
+ x="462.66055"
+ y="266.66168"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:15.00295734px;font-family:sans-serif;-inkscape-font-specification:sans-serif;letter-spacing:0px;fill:#aa00d4">IV</tspan></text>
+ <rect
+ style="opacity:1;fill:none;fill-opacity:1;stroke:#000000;stroke-width:1;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1"
+ id="rect3336-9-4-2-0-1-0"
+ width="74.836861"
+ height="21.259842"
+ x="459.0206"
+ y="293.23734"
+ ry="10.629921" />
+ <text
+ xml:space="preserve"
+ style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:90.02054596px;line-height:125%;font-family:Arial;-inkscape-font-specification:'Arial Bold';letter-spacing:67.66544342px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+ x="468.30588"
+ y="309.39807"
+ id="text4155-6-5-7-9-1-8"
+ sodipodi:linespacing="125%"
+ transform="scale(1.0002283,0.99977176)"><tspan
+ sodipodi:role="line"
+ id="tspan4157-3-0-7-6-8-2"
+ x="468.30588"
+ y="309.39807"
+ style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:15.00342369px;font-family:sans-serif;-inkscape-font-specification:sans-serif;letter-spacing:0px">Base64</tspan></text>
+ <path
+ style="opacity:1;fill:none;fill-opacity:1;stroke:#000000;stroke-width:0.99999982;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker-end:url(#marker14911)"
+ d="m 537.89913,303.81321 19.07004,0.0844"
+ id="path8941-5-6"
+ inkscape:connector-curvature="0"
+ sodipodi:nodetypes="cc" />
</g>
</svg>