Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-11-01 | Bake version string into binary, add "--version" switch | Jakob Unterwurzacher | |
Example: ./gocryptfs -version gocryptfs v0.2-20-gabcef9e-dirty; on-disk format 1 Note that you MUST compile using "./build.bash" for this to work. | |||
2015-11-01 | Automatically lazy-unmount when we get SIGINT or SIGTERM | Jakob Unterwurzacher | |
This hides the dangling "Transport endpoint is not connected" mountpoint for everyone but processes that have file open inside the mountpoint. | |||
2015-11-01 | Remove code detected by "deadcode" | Jakob Unterwurzacher | |
go get github.com/remyoudompheng/go-misc/deadcode | |||
2015-11-01 | README: Describe storage overhead | Jakob Unterwurzacher | |
2015-11-01 | Refactor ciphertext <-> plaintext offset translation functions | Jakob Unterwurzacher | |
Move all the intelligence into the new file address_translation.go. That the calculations were spread out too much became apparent when adding the file header. This should make the code much easier to modify in the future. | |||
2015-11-01 | Fix missing printf arguments discovered by "go vet" | Jakob Unterwurzacher | |
2015-11-01 | Add file header (on-disk-format change) | Jakob Unterwurzacher | |
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ] Quoting SECURITY.md: * Every file has a header that contains a 16-byte random *file id* * Each block uses the file id and its block number as GCM *authentication data* * This means the position of the blocks is protected as well. The blocks can not be reordered or copied between different files without causing an decryption error. | |||
2015-11-01 | tests: run unit tests before integration tests | Jakob Unterwurzacher | |
2015-11-01 | tests: introduce verifySize() for detailed error messages | Jakob Unterwurzacher | |
2015-11-01 | tests: additionally verify the file size by reading the whole file | Jakob Unterwurzacher | |
2015-11-01 | tests: verify file size in testWriteN | Jakob Unterwurzacher | |
2015-11-01 | tests: Use /tmp/gocryptfs_main_test temporary directory | Jakob Unterwurzacher | |
Using "/tmp" meant that running the test would delete everything there. | |||
2015-11-01 | TestRmwRace: abort testing on write failures | Jakob Unterwurzacher | |
Continuing the test will just generate useless noise | |||
2015-11-01 | Activate block number authentication | Jakob Unterwurzacher | |
2015-11-01 | Add rmw race test | Jakob Unterwurzacher | |
2015-10-11 | README: Add travis badge | rfjakob | |
2015-10-11 | Add travis config file | Jakob Unterwurzacher | |
2015-10-11 | Fix link in XFSTESTS.md | rfjakob | |
2015-10-11 | Add MIT LICENSE | Jakob Unterwurzacher | |
2015-10-11 | Update README | Jakob Unterwurzacher | |
2015-10-11 | Run gofmtv0.2 | Jakob Unterwurzacher | |
2015-10-11 | Fix helper scripts for new top-level path | Jakob Unterwurzacher | |
2015-10-11 | main: check directories for existence early | Jakob Unterwurzacher | |
This prevents that the user enters the password only to get an error later. | |||
2015-10-11 | Drop shell wrapper | Jakob Unterwurzacher | |
2015-10-11 | Add native daemonization | Jakob Unterwurzacher | |
2015-10-11 | Rename sendSig to sendUsr1 | Jakob Unterwurzacher | |
This matches waitForUsr1 in daemonize() | |||
2015-10-11 | Move main files to top level dir | Jakob Unterwurzacher | |
This is in preparation of getting rid of the shell wrapper | |||
2015-10-10 | README: Remove dots notice | Jakob Unterwurzacher | |
2015-10-08 | Shell wrapper: Also search the binary in $GOPATH/bin | Jakob Unterwurzacher | |
2015-10-07 | README: Mention that only Linux is tested | Jakob Unterwurzacher | |
2015-10-07 | Update README | Jakob Unterwurzacher | |
2015-10-07 | Run go fmt | Jakob Unterwurzacher | |
2015-10-07 | Add package.bash | Jakob Unterwurzacher | |
2015-10-07 | Add test.bashv0.1 | Jakob Unterwurzacher | |
...also adapt the cryptfs tests for 256 bit long keys | |||
2015-10-07 | Adapt openssl benchmark for 256 bit long keys | Jakob Unterwurzacher | |
2015-10-07 | Better usage text | Jakob Unterwurzacher | |
2015-10-07 | Move gocryptfs wrapper into the same folder as the binary | Jakob Unterwurzacher | |
2015-10-07 | Implement "gocryptfs --passwd" (pasword changing) | Jakob Unterwurzacher | |
2015-10-06 | Reword help text | Jakob Unterwurzacher | |
2015-10-06 | Split off SECURITY.md | Jakob Unterwurzacher | |
2015-10-06 | Update README.md | Jakob Unterwurzacher | |
2015-10-06 | Use block number as authentication data | Jakob Unterwurzacher | |
2015-10-06 | Add "--masterkey=" parameter for recovery purposes | Jakob Unterwurzacher | |
2015-10-06 | Switch to AES-256 | Jakob Unterwurzacher | |
AES-256 seems to be becoming the industry standard. While AES-128 is good enough for tens of years to come, let's follow suit and be extra safe. | |||
2015-10-06 | Add "--openssl=false" command line option | Jakob Unterwurzacher | |
Also make main_test try both variants | |||
2015-10-06 | Rewrite README.md (in progress) | Jakob Unterwurzacher | |
2015-10-06 | Implement proper daemonization | Jakob Unterwurzacher | |
The shell wrapper sends gocryptfs into the background and waits for SIGUSR1 | |||
2015-10-05 | Move main binary to gocryptfs_main | Jakob Unterwurzacher | |
That way the wrapper shell script can be named just "gocryptfs" | |||
2015-10-04 | openssl AEAD wrapper: handle authenticated data | Jakob Unterwurzacher | |
2015-10-04 | Switch nonce generation to purely random | Jakob Unterwurzacher | |
The old implementation of counting up from a random starting point had the problem that is allowed an attacker to find out the write order of the blocks. |