aboutsummaryrefslogtreecommitdiff
path: root/cryptfs/config_file.go
AgeCommit message (Collapse)Author
2015-12-10Simplify CreateConfFile: do not allow specification of EMENamesJakob Unterwurzacher
2015-12-08Add EME filename encryption & enable it by defaultJakob Unterwurzacher
2015-11-29Add "-scryptn" option that sets the cost parameter for scryptv0.5-rc1Jakob Unterwurzacher
Use that option to speed up the automated tests by 7 seconds. Before: ok github.com/rfjakob/gocryptfs/integration_tests 26.667s After: ok github.com/rfjakob/gocryptfs/integration_tests 19.534s
2015-11-28diriv: use "DirIV" flag to discern and support mounting old filesystemsJakob Unterwurzacher
2015-11-27diriv: Define "DirIV" feature flagJakob Unterwurzacher
(unused so far)
2015-11-25Tighten file permissions on gocryptfs.confJakob Unterwurzacher
This file should only be readable by the owner and never be written to.
2015-11-14Run go fmt and go vetJakob Unterwurzacher
2015-11-03config: Introduce ext4-style feature flagsJakob Unterwurzacher
// List of feature flags this filesystem has enabled. // If gocryptfs encounters a feature flag it does not support, it will refuse // mounting. This mechanism is analogous to the ext4 feature flags that are // stored in the superblock. FeatureFlags []string
2015-11-03Implement PlainTextNames modeJakob Unterwurzacher
Also, forbid access to "gocryptfs.conf" in the root dir.
2015-11-02Add "--plaintextnames" optionJakob Unterwurzacher
Also, gather all the command line arguments into an anonymous struct "args".
2015-11-01Refactor ciphertext <-> plaintext offset translation functionsJakob Unterwurzacher
Move all the intelligence into the new file address_translation.go. That the calculations were spread out too much became apparent when adding the file header. This should make the code much easier to modify in the future.
2015-11-01Add file header (on-disk-format change)Jakob Unterwurzacher
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ] Quoting SECURITY.md: * Every file has a header that contains a 16-byte random *file id* * Each block uses the file id and its block number as GCM *authentication data* * This means the position of the blocks is protected as well. The blocks can not be reordered or copied between different files without causing an decryption error.
2015-10-11main: check directories for existence earlyJakob Unterwurzacher
This prevents that the user enters the password only to get an error later.
2015-10-07Implement "gocryptfs --passwd" (pasword changing)Jakob Unterwurzacher
2015-10-06Use block number as authentication dataJakob Unterwurzacher
2015-10-04Run go fmtJakob Unterwurzacher
2015-09-14Use MarshalIndent for JSON generationJakob Unterwurzacher
2015-09-13Encrypt key with scrypt-hashed passwordJakob Unterwurzacher
2015-09-13Implement json config storage (not yet encrypted)Jakob Unterwurzacher