Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-11-01 | Add file header (on-disk-format change) | Jakob Unterwurzacher | |
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ] Quoting SECURITY.md: * Every file has a header that contains a 16-byte random *file id* * Each block uses the file id and its block number as GCM *authentication data* * This means the position of the blocks is protected as well. The blocks can not be reordered or copied between different files without causing an decryption error. | |||
2015-10-06 | Use block number as authentication data | Jakob Unterwurzacher | |
2015-10-06 | Switch to AES-256 | Jakob Unterwurzacher | |
AES-256 seems to be becoming the industry standard. While AES-128 is good enough for tens of years to come, let's follow suit and be extra safe. | |||
2015-10-06 | Implement proper daemonization | Jakob Unterwurzacher | |
The shell wrapper sends gocryptfs into the background and waits for SIGUSR1 | |||
2015-10-04 | Run go fmt | Jakob Unterwurzacher | |
2015-10-03 | debug: log inode number instead of encrypted filename | Jakob Unterwurzacher | |
Makes the log output smaller and more readable. | |||
2015-10-03 | Implement file hole passtrough | Jakob Unterwurzacher | |
Fixes xfstests generic/010 Note that file holes are not authenticated, | |||
2015-09-13 | Encrypt key with scrypt-hashed password | Jakob Unterwurzacher | |
2015-09-13 | Implement json config storage (not yet encrypted) | Jakob Unterwurzacher | |
2015-09-06 | Add OpenSSL support for file content encryption/decryption | Jakob Unterwurzacher | |
This brings streaming read performance from 30MB/s to 81MB/s (similar improvement for writes) | |||
2015-09-05 | Cleanup and rename files | Jakob Unterwurzacher | |
2015-09-05 | Fix size reporting | Jakob Unterwurzacher | |
2015-09-05 | Fix write path | Jakob Unterwurzacher | |
2015-09-05 | Wrap cluefs part I | Jakob Unterwurzacher | |