summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-10-08tests: add v1.1-aessiv example filesystemJakob Unterwurzacher
Also move the example content into "content".
2016-10-08reverse: merge config translation check into isTranslatedConfigJakob Unterwurzacher
Also get rid of useless isFiltered function.
2016-10-08reverse: make gocryptfs.conf mapping plaintextnames-awareJakob Unterwurzacher
Only in plaintextnames-mode AND with the config file at the default location it will be mapped into the mountpoint. Also adds a test for that.
2016-10-08tests: pass "-nosyslog"Jakob Unterwurzacher
We want to see panics and warnings on the console
2016-10-08tests: invert ResetTmpDir argumentJakob Unterwurzacher
As reverse also does not want a diriv file, the "plaintextNames" argument became a misnomer.
2016-10-08tests: matrix: have the testcase struct as a global variableJakob Unterwurzacher
Future tests will need more info about the running test case.
2016-10-08tests: matrix: convert to table-based styleJakob Unterwurzacher
And add AES-SIV
2016-10-08main: error out when the mount shadows the cipherdirJakob Unterwurzacher
For example, we cannot mount "/home/user/.cipher" at "/home/user" because the mount will hide ".cipher" also for us. Doing it anyway used to cause a nasty hang.
2016-10-08main: split doMount into its own fileJakob Unterwurzacher
Ongoing effort to reduce the size of main().
2016-10-08main: check if the config file can opened before prompting for passwordJakob Unterwurzacher
This was frustrating: $ gocryptfs a b Password: Decrypting master key open a/gocryptfs.conf: permission denied
2016-10-07MANPAGE: note that "-f" implies "-nosyslog"Jakob Unterwurzacher
Also explain why AES-SIV exists.
2016-10-07main: daemonize more thoroughlyJakob Unterwurzacher
As described at http://software.clapper.org/daemonize/ , a daemon should chdir to / and close its FDs.
2016-10-07nametransform: better error code on invalid diriv lengthJakob Unterwurzacher
go-fuse translates errors unknown to it into "function not implemented", which is wrong in this case.
2016-10-07main: clarify nosyslog code pathJakob Unterwurzacher
Split the block up and add a comment why notifypid is important.
2016-10-06main: add "-nonempty" optionJakob Unterwurzacher
2016-10-05reverse: initialize the longname cache only when reverse mode is usedJakob Unterwurzacher
Gets rid of the idling longnameCacheCleaner thread in "normal" mode.
2016-10-04A few more lint fixesJakob Unterwurzacher
2016-10-04lint fixesValient Gough
2016-10-04tests: skip "go tool vet" if the command is not availableJakob Unterwurzacher
"vet" is not availably by default on Go 1.4.
2016-10-04tests: drop Go 1.3.3 from Travis testingJakob Unterwurzacher
Does not support testing.M, which means we cannot run the test suite, which means we cannot claim to support it at all.
2016-10-04tests: skip tests with -openssl=false on Go 1.4 and lowerJakob Unterwurzacher
Go versions 1.4 and lower lack NewGCMWithNonceSize(), which causes a panic in the test.
2016-10-04tests: enable FUSE tests on Travis CIJakob Unterwurzacher
2016-10-04tests: symlink to "/" instead of "/etc/motd"Jakob Unterwurzacher
This file does not exist on all systems, causing spurious test failures. See #40, #43
2016-10-04tests: fallocate: skip some disk usage checks on btrfsJakob Unterwurzacher
The expected allocated sizes are verified for tmpfs and ext4. btrfs gives different results, but that's not an error. Also, simplify test_helpers.Du and several code paths. Fixes #43.
2016-10-04fusefrontend_reverse cast Stat_t.Dev to uint64 (#44)Romain
The [Stat_t.Dev](https://golang.org/pkg/syscall/#Stat_t) docs say `Dev` is a `unit64`, but on [macOS amd64](https://golang.org/src/syscall/ztypes_darwin_amd64.go) it's an `int32`.
2016-10-04maxlen.bash: result was 1 too highJakob Unterwurzacher
Additionally, output 0 instead of 7 on permission errors.
2016-10-04without_openssl: support compiling completely without opensslJakob Unterwurzacher
Build helper script: build-without-openssl.bash
2016-10-04cryptocore: rename "gcm" variable to generic "aeadCipher"Jakob Unterwurzacher
As we now also support AES-SIV the old name is no longer correct.
2016-10-04cryptocore: derive 512-bit key for AES-SIVJakob Unterwurzacher
AES-SIV uses 1/2 of the key for authentication, 1/2 for encryption, so we need a 64-byte key for AES-256. Derive it from the master key by hashing it with SHA-512.
2016-10-03siv_aead: Overhead is always 16Jakob Unterwurzacher
Add a test for that. Also test operations using a 64-byte key.
2016-09-29xray: print block offsetsJakob Unterwurzacher
2016-09-29reverse: use per-purpose nonce generationJakob Unterwurzacher
Also pull all the deterministic nonce code into fusefrontend_reverse to greatly simplify the normal code path.
2016-09-28reverse: move newDirIVFile into virtualfile.goJakob Unterwurzacher
After all, is's a virtual file.
2016-09-28main: get rid of duplicate "extpass" messageJakob Unterwurzacher
$ gocryptfs -init -extpass "echo test" a Using password provided via -extpass. <<< DUPLICATE Reading password from extpass program The gocryptfs filesystem has been created successfully. You can now mount it using: gocryptfs a MOUNTPOINT
2016-09-26README: storage overhead is 32 bytesJakob Unterwurzacher
As stated in file-format.md.
2016-09-26reverse: switch from GCM-SIV to AES-SIVv1.1-beta1Jakob Unterwurzacher
GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-26siv_aead: add AES-SIV AEAD wrapperJakob Unterwurzacher
2016-09-25stupidgcm: add GCM-SIV benchmarkJakob Unterwurzacher
On a CPU without AES-NI: $ go test -bench . Benchmark4kEncStupidGCM-2 50000 24155 ns/op 169.57 MB/s Benchmark4kEncGoGCM-2 20000 93965 ns/op 43.59 MB/s Benchmark4kEncGCMSIV-2 500 2576193 ns/op 1.59 MB/s
2016-09-25tests: add reverse linux tarball testJakob Unterwurzacher
2016-09-25nametransform: downgrade invalid length warningJakob Unterwurzacher
This happens all the time in reverse mode when somebody stats an encrypted symlink target.
2016-09-25Implement changes proposed by gosimple.Jakob Unterwurzacher
Also delete the unused "dirIVNameStruct", found by deadcode.
2016-09-25tests: enable all go vet checksJakob Unterwurzacher
...and fix reported errors: internal/fusefrontend_reverse/rfile.go:40: github.com/rfjakob/gocryptfs/internal/contentenc.FileHeader composite literal uses unkeyed fields internal/fusefrontend_reverse/rfs.go:249: github.com/hanwen/go-fuse/fuse.DirEntry composite literal uses unkeyed fields internal/fusefrontend_reverse/rfs.go:264: github.com/hanwen/go-fuse/fuse.DirEntry composite literal uses unkeyed fields
2016-09-25nametransform: delete unused function DecryptPathDirIVJakob Unterwurzacher
2016-09-25contentenc: rename constant "IVBitLen" to "DefaultIVBits" and clarify commentJakob Unterwurzacher
128-bit IVs are NOT used everywhere.
2016-09-25reverse: add symlink encryption and Readlink supportJakob Unterwurzacher
2016-09-25contentenc: add "ExternalNonce" modeJakob Unterwurzacher
This will be used for strong symlink encryption in reverse mode.
2016-09-25fusefrontend: handle Readlink directlyJakob Unterwurzacher
Calling into go-fuse's loopbackFileSystem does not add any value here.
2016-09-25reverse: more thorough longname stat testJakob Unterwurzacher
Now also verifies the returned file size.
2016-09-25reverse: add gcmsiv flag and associated testsJakob Unterwurzacher
2016-09-25tests: smarter error handling in ResetTmpDirJakob Unterwurzacher
Look at the error code from os.Remove and decide about the right thing to do. Gets rid of spurious fusermount error messages.
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-02 15:52:47 +0000