summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-12-08opensslGCM: preallocate buffer space, improves performance by 11%Jakob Unterwurzacher
Results of cryptfs/openssl_benchmark.bash : Before: BenchmarkEnc_OpenSSL_4k_AES256_nonce96-2 50000 31802 ns/op 127.28 MB/s BenchmarkEnc_OpenSSL_4k_AES256_nonce128-2 50000 32110 ns/op 126.06 MB/s After: BenchmarkEnc_OpenSSL_4k_AES256_nonce96-2 50000 28612 ns/op 141.47 MB/s BenchmarkEnc_OpenSSL_4k_AES256_nonce128-2 50000 28613 ns/op 141.47 MB/s
2015-12-08tests: add encryption benchmarks to cryptfsJakob Unterwurzacher
2015-12-06Update READMEv0.5.1Jakob Unterwurzacher
gocryptfs is no longer developed in gocryptfs because of the inconvenience that you cannot mount a FUSE filesystem inside a FUSE mount
2015-12-06tests: add TestRenameJakob Unterwurzacher
2015-12-06fallocate the space needed for the file header beforehandJakob Unterwurzacher
This makes sure writing to a file fails early if the underlying filesystem does not support fallocate. It also prevents partial header write due to ENOSPC.
2015-12-06Fix rename, was broken broken by DirIV introductionJakob Unterwurzacher
As it was, CIPHERDIR was prepended twice, causing every rename to fail with ENOENT.
2015-12-06tests: recreate v0.5 example filesystems with -scryptn=10Jakob Unterwurzacher
Cuts the mount time in half, from 0.788s to 0.321s.
2015-12-06init: create gocryptfs.diriv after creating gocryptfs.confJakob Unterwurzacher
Creating the config file can fail easily, for example if the password is not entered the same twice. This would leave an orphaned gocryptfs.diriv behind.
2015-12-04performance.txt: link to linux-3.0.tar.gzJakob Unterwurzacher
2015-12-04Update manpage with -diriv and -scryptnv0.5Jakob Unterwurzacher
2015-12-04Show base64 encoding in filename encryption svgJakob Unterwurzacher
2015-12-02svg: add colored annotationsJakob Unterwurzacher
Also, show the IV in the master key decryption process
2015-12-01Cut down the text in SECURITY.md, add graphsJakob Unterwurzacher
2015-12-01Add svgs explaining the encryption stepsJakob Unterwurzacher
2015-12-01Make sure MANPAGE-render.bash works when called from outside DocumentationJakob Unterwurzacher
2015-12-01Move docs to Documentation folderJakob Unterwurzacher
2015-11-29Update README and SECURITY documentsJakob Unterwurzacher
2015-11-29Run go fmtJakob Unterwurzacher
2015-11-29Add single-element cache for DirIV lookupJakob Unterwurzacher
Another 3x performance boost for applications that walk the directory tree. Excerpt from performance.txt: VERSION UNTAR LS RM v0.4 48 1.5 5 v0.5-rc1 56 7 19 v0.5-rc1-1 54 4.1 9 v0.5-rc1-2 45 1.7 3.4 <---- THIS VERSION
2015-11-29OpenDir performance: Read DirIV once and reuse it for all namesJakob Unterwurzacher
Formerly, we called decryptPath for every name. That resulted in a directory walk that reads in all diriv files on the way. Massive improvement for RM and LS (check performance.txt for details) VERSION UNTAR RM LS v0.4 48 5 1.5 v0.5-rc1 56 19 7 v0.5-rc1-1 54 9 4.1 <---- THIS VERSION
2015-11-29Handle all operations except mounting without forking a childJakob Unterwurzacher
This saves 170ms for each start (why do we take 170ms to start up?) and cuts down test time by 2 seconds.
2015-11-29Add "-scryptn" option that sets the cost parameter for scryptv0.5-rc1Jakob Unterwurzacher
Use that option to speed up the automated tests by 7 seconds. Before: ok github.com/rfjakob/gocryptfs/integration_tests 26.667s After: ok github.com/rfjakob/gocryptfs/integration_tests 19.534s
2015-11-29tests: add scrypt benchmarkJakob Unterwurzacher
Times the impact of the parameter "N" to scrypt. Results on a 2.7GHz Pentium G630: gocryptfs/cryptfs$ go test -bench=. PASS BenchmarkScrypt10-2 300 6021435 ns/op ... 6ms BenchmarkScrypt11-2 100 11861460 ns/op BenchmarkScrypt12-2 100 23420822 ns/op BenchmarkScrypt13-2 30 47666518 ns/op BenchmarkScrypt14-2 20 92561590 ns/op ... 92ms BenchmarkScrypt15-2 10 183971593 ns/op BenchmarkScrypt16-2 3 368506365 ns/op BenchmarkScrypt17-2 2 755502608 ns/op ... 755ms ok github.com/rfjakob/gocryptfs/cryptfs 18.772s
2015-11-28tests: add v0.5 example filesystem (with DirIV!)Jakob Unterwurzacher
2015-11-28tests: verify that symlinks workJakob Unterwurzacher
2015-11-28diriv: also support old CBC symlinkJakob Unterwurzacher
2015-11-28diriv: fix Symlink() and Readlink()Jakob Unterwurzacher
Both were missing adaptions for diriv usage resulting in broken functionality
2015-11-28diriv: fix readdirJakob Unterwurzacher
It decrypted all file names using the root directory iv
2015-11-28diriv: use "DirIV" flag to discern and support mounting old filesystemsJakob Unterwurzacher
2015-11-27main: pass args struct instead of having a huge function callJakob Unterwurzacher
2015-11-27Run go fmtJakob Unterwurzacher
2015-11-27diriv: Define "DirIV" feature flagJakob Unterwurzacher
(unused so far)
2015-11-27tests: create all-zero gocryptfs.diriv in resetTmpDir()Jakob Unterwurzacher
Tests were failing because this file was missing
2015-11-27diriv: Move WriteDirIV() to cryptfs; add locking to Mkdir, RmdirJakob Unterwurzacher
2015-11-27diriv: Convert filename encryption users to dirivJakob Unterwurzacher
2015-11-25diriv: Transactionally delete gocryptfs.diriv in RmdirJakob Unterwurzacher
2015-11-25tests: check Mkdir and RmdirJakob Unterwurzacher
2015-11-25diriv: Create gocryptfs.diriv in every directoryJakob Unterwurzacher
2015-11-25Tighten file permissions on gocryptfs.confJakob Unterwurzacher
This file should only be readable by the owner and never be written to.
2015-11-25Print newline after gocryptfs.conf not found errorJakob Unterwurzacher
2015-11-22Add drone.io CI configJakob Unterwurzacher
2015-11-15README: link to use .../tags instead of ../releasesv0.4Jakob Unterwurzacher
Using github "release" function means that the changelog is buried in the github webinterface. The changelog is now instead included in README.md.
2015-11-15Update README for v0.4Jakob Unterwurzacher
Also, add short comments to the top of main_test.go and performance_test.go.
2015-11-15tests: add example_filesystems, test password and -masterkey mountJakob Unterwurzacher
2015-11-15CipherSizeToPlainSize: Handle illegal statesJakob Unterwurzacher
A file never gets a cipherSize <= HEADER_LEN in normal operation. However, this can happen if header write it interrupted or the underlying filesystem does not support fallocate. Noticed while trying to store a CIPHERDIR in another gocryptfs mount (gocryptfs does not support fallocate)
2015-11-15Move "Debug output enabled" after forkChild() to remove duplicate outputJakob Unterwurzacher
2015-11-15tests: add tests for "-config" optionJakob Unterwurzacher
2015-11-15Add "-extpass" cli option and associated testsJakob Unterwurzacher
2015-11-14MANPAGE: add "-config" flagJakob Unterwurzacher
Also, "-plaintextnames" can be used with -zerokey. Fix the incorrect description.
2015-11-14Refactor cli argument handlingJakob Unterwurzacher
Also, add the "-config" option for storing gocryptfs.conf outside of CIPHERDIR.