Age | Commit message (Collapse) | Author |
|
(unused so far)
|
|
This file should only be readable by the owner and never be written to.
|
|
|
|
// List of feature flags this filesystem has enabled.
// If gocryptfs encounters a feature flag it does not support, it will refuse
// mounting. This mechanism is analogous to the ext4 feature flags that are
// stored in the superblock.
FeatureFlags []string
|
|
Also, forbid access to "gocryptfs.conf" in the root dir.
|
|
Also, gather all the command line arguments into an anonymous struct
"args".
|
|
Move all the intelligence into the new file address_translation.go.
That the calculations were spread out too much became apparent when adding
the file header. This should make the code much easier to modify in the
future.
|
|
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]
Quoting SECURITY.md:
* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
* This means the position of the blocks is protected as well. The blocks
can not be reordered or copied between different files without
causing an decryption error.
|
|
This prevents that the user enters the password only to get an error
later.
|
|
|
|
|
|
|
|
|
|
|
|
|