| Age | Commit message (Collapse) | Author |
|---|
|
$ ./gocryptfs -speed
gocryptfs v2.1-56-gdb1466f-dirty.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-02 go1.17 linux/amd64
AES-GCM-256-OpenSSL 529.53 MB/s
AES-GCM-256-Go 833.85 MB/s (selected in auto mode)
AES-SIV-512-Go 155.27 MB/s
XChaCha20-Poly1305-Go 715.33 MB/s (use via -xchacha flag)
XChaCha20-Poly1305-OpenSSL 468.94 MB/s
https://github.com/rfjakob/gocryptfs/issues/452
|
|
Implementation copied from
https://github.com/golang/crypto/blob/32db794688a5a24a23a43f2a984cecd5b3d8da58/chacha20poly1305/xchacha20poly1305.go
|
|
|
|
Follow what golang.org/x/crypto/chacha20poly1305 does
for easier integration in the next commit.
|
|
After looking at the cover profile, this was the only untested
code except panic cases.
|
|
Deduplicate the cipher setup that was identical
for all tests for each cipher.
|
|
Pull the code shared between chacha and gcm into
generic functions.
|
|
"stupidChacha20poly1305".
XChaCha will build upon this.
|
|
We leaked a file descriptor for each empty file we encountered.
|
|
|
|
|
|
|
|
|
|
Commit b83ca9c921019fc3b790dabb6198bb77ef2f9a34
inadveredly added a leftover debug Printf.
Delete it.
|
|
Commit
69d88505fd7f4cb0d9e4f1918de296342fe05858 go mod: declare module version v2
translated all instances of "github.com/rfjakob/gocryptfs/" to
"github.com/rfjakob/gocryptfs/v2/".
Unfortunately, this included hyperlinks.
Unbreak the hyperlinks like this:
find . -name \*.go | xargs sed -i s%https://github.com/rfjakob/gocryptfs/v2/%https://github.com/rfjakob/gocryptfs/v2/%
|
|
More content, less whitespace.
|
|
|
|
Let the kernel do the work for us.
See https://github.com/hanwen/go-fuse/commit/15a8bb029a4e1a51e10043c370970596b1fbb737
for more info.
|
|
Will be replaced by go-fuse's new SyncRead flag.
More info: https://github.com/hanwen/go-fuse/issues/395
SyncRead commit: https://github.com/hanwen/go-fuse/commit/15a8bb029a4e1a51e10043c370970596b1fbb737
|
|
Upgraded using
go get -u github.com/hanwen/go-fuse/v2@master
to get https://github.com/hanwen/go-fuse/commit/61df81086038f52fbf3e25ff97373336c83cd3ae
Fixes https://github.com/rfjakob/gocryptfs/issues/597
|
|
Different nonce size.
|
|
fuse-xfstests should be installed to /opt now to make
the terminal output independent of the user name
(as done in https://github.com/rfjakob/fuse-xfstests/wiki/results_2021-06-02 )
|
|
Commit f3c777d5eaa682d878c638192311e52f9c204294 added the `-devrandom` option:
commit f3c777d5eaa682d878c638192311e52f9c204294
Author: @slackner
Date: Sun Nov 19 13:30:04 2017 +0100
main: Add '-devrandom' commandline option
Allows to use /dev/random for generating the master key instead of the
default Go implementation. When the kernel random generator has been
properly initialized both are considered equally secure, however:
* Versions of Go prior to 1.9 just fall back to /dev/urandom if the
getrandom() syscall would be blocking (Go Bug #19274)
* Kernel versions prior to 3.17 do not support getrandom(), and there
is no check if the random generator has been properly initialized
before reading from /dev/urandom
This is especially useful for embedded hardware with low-entroy. Please
note that generation of the master key might block indefinitely if the
kernel cannot harvest enough entropy.
We now require Go v1.13 and Kernel versions should have also moved on.
Make the flag a no-op.
https://github.com/rfjakob/gocryptfs/issues/596
|
|
We want /dev/fd/N support:
https://github.com/hanwen/go-fuse/commit/74a933d6e856048cbff1a437bf3dbf79162e77de
"fuse: support special /dev/fd/N mountpoint"
Fixes https://github.com/rfjakob/gocryptfs/issues/590
|
|
https://github.com/rfjakob/gocryptfs/issues/452
|
|
|
|
|
|
Combines both new flags.
|
|
|
|
|
|
Also use the new cryptocore algo names.
|
|
Looks like these are part of an abandoned plan.
|
|
|
|
Have the information in one centralized place,
and access it from main as needed.
|
|
|
|
|
|
We used to do validation using lists of mandatory feature flags.
With the introduction of XChaCha20Poly1305, this became too
simplistic, as it uses a different IV length, hence disabling
GCMIV128.
Add a dedicated function, Validate(), with open-coded validation
logic.
The validation and creation logic also gets XChaCha20Poly1305
support, and gocryptfs -init -xchacha now writes the flag into
gocryptfs.conf.
|
|
Mount flag only at the moment, not saved to gocryptfs.conf.
https://github.com/rfjakob/gocryptfs/issues/452
|
|
As the filename did not end in _test.go, TestZerokey
was not actually run. Fix that.
renamed: tests/cli/zerokey.go -> tests/cli/zerokey_test.go
|
|
Our git version is v2+ for some time now, but go.mod
still declared v1. Hopefully making both match makes
https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2 work.
All the import paths have been fixed like this:
find . -name \*.go | xargs sed -i s%github.com/rfjakob/gocryptfs/%github.com/rfjakob/gocryptfs/v2/%
|
|
This makes the comment visible to godoc.
|
|
Drop Create and rename Create2 to Create.
|
|
The argument list got too long.
Part 1: Replace with Create2
|
|
The IVLen var seems be a net loss in clarity. Drop it.
Also add comments and normalize error messages.
|
|
Fixes https://github.com/rfjakob/gocryptfs/issues/151
Fixes https://github.com/rfjakob/gocryptfs/issues/402
Fixes https://github.com/rfjakob/gocryptfs/pull/592
Partial-fix https://github.com/rfjakob/gocryptfs/issues/108
|
|
|
|
It was in INIT OPTIONS by mistake.
|
|
And store it in gocryptfs.conf (=remove DirIV feature flag).
|
|
-deterministc-names uses all-zero dirivs but does not write
them to disk anymore.
|
|
|
