Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-11-01 | Add file header (on-disk-format change) | Jakob Unterwurzacher | |
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ] Quoting SECURITY.md: * Every file has a header that contains a 16-byte random *file id* * Each block uses the file id and its block number as GCM *authentication data* * This means the position of the blocks is protected as well. The blocks can not be reordered or copied between different files without causing an decryption error. | |||
2015-11-01 | Activate block number authentication | Jakob Unterwurzacher | |
2015-10-07 | Run go fmt | Jakob Unterwurzacher | |
2015-10-06 | Use block number as authentication data | Jakob Unterwurzacher | |
2015-10-04 | Run go fmt | Jakob Unterwurzacher | |
2015-10-04 | intraBlock: Rename Offset to Skip | Jakob Unterwurzacher | |
"Offset" is unclear whether it is an offset from the start of file or start of block. "Skip" seems much better. | |||
2015-10-04 | Add BlockNoPlainOff() and BlockNoCipherOff() + test | Jakob Unterwurzacher | |
Also, fix key, it is now []byte, not [16]byte | |||
2015-10-04 | Fix xfstests generic/030 failure | Jakob Unterwurzacher | |
The actual fix is oldSize := f.cfs.PlainSize(uint64(fi.Size())) the rest is logging improvements | |||
2015-10-03 | debug: log inode number instead of encrypted filename | Jakob Unterwurzacher | |
Makes the log output smaller and more readable. | |||
2015-10-03 | Implement file hole passtrough | Jakob Unterwurzacher | |
Fixes xfstests generic/010 Note that file holes are not authenticated, | |||
2015-09-30 | Implement Truncate() + Test | Jakob Unterwurzacher | |
2015-09-30 | DecryptBlocks: Don't shadow err variable | Jakob Unterwurzacher | |
2015-09-16 | Fix symlink size reporting | Jakob Unterwurzacher | |
2015-09-08 | tests: add TestCiphertextRange | Jakob Unterwurzacher | |
2015-09-08 | Add pathfs frontend (uses go-fuse instead of bazil-fuse), part I | Jakob Unterwurzacher | |
Currently fails main_test.go, will be fixed in part II | |||
2015-09-06 | Add OpenSSL support for file content encryption/decryption | Jakob Unterwurzacher | |
This brings streaming read performance from 30MB/s to 81MB/s (similar improvement for writes) | |||
2015-09-06 | Bundle up blocks for bigger reads from the backing filesystem | Jakob Unterwurzacher | |
2015-09-05 | Use Debug object instead of fmt | Jakob Unterwurzacher | |
2015-09-05 | Cleanup and rename files | Jakob Unterwurzacher | |