Age | Commit message (Collapse) | Author |
|
This pushes back the birthday bound for collisions to make it virtually
irrelevant.
|
|
...and minimal comment changes.
|
|
|
|
Another 3x performance boost for applications that walk the
directory tree.
Excerpt from performance.txt:
VERSION UNTAR LS RM
v0.4 48 1.5 5
v0.5-rc1 56 7 19
v0.5-rc1-1 54 4.1 9
v0.5-rc1-2 45 1.7 3.4 <---- THIS VERSION
|
|
|
|
Also run go fmt
|
|
Also, forbid access to "gocryptfs.conf" in the root dir.
|
|
Move all the intelligence into the new file address_translation.go.
That the calculations were spread out too much became apparent when adding
the file header. This should make the code much easier to modify in the
future.
|
|
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]
Quoting SECURITY.md:
* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
* This means the position of the blocks is protected as well. The blocks
can not be reordered or copied between different files without
causing an decryption error.
|
|
|
|
AES-256 seems to be becoming the industry standard. While AES-128 is
good enough for tens of years to come, let's follow suit and be extra
safe.
|
|
The shell wrapper sends gocryptfs into the background and waits for SIGUSR1
|
|
|
|
Makes the log output smaller and more readable.
|
|
Fixes xfstests generic/010
Note that file holes are not authenticated,
|
|
|
|
|
|
This brings streaming read performance from 30MB/s to 81MB/s
(similar improvement for writes)
|
|
|
|
|
|
|
|
|