| Age | Commit message (Collapse) | Author |
|---|
|
(unused so far)
|
|
|
|
|
|
|
|
This file should only be readable by the owner and never be written to.
|
|
A file never gets a cipherSize <= HEADER_LEN in normal operation.
However, this can happen if header write it interrupted or the
underlying filesystem does not support fallocate.
Noticed while trying to store a CIPHERDIR in another gocryptfs mount
(gocryptfs does not support fallocate)
|
|
|
|
|
|
|
|
|
|
|
|
// List of feature flags this filesystem has enabled.
// If gocryptfs encounters a feature flag it does not support, it will refuse
// mounting. This mechanism is analogous to the ext4 feature flags that are
// stored in the superblock.
FeatureFlags []string
|
|
|
|
Also run go fmt
|
|
Also, forbid access to "gocryptfs.conf" in the root dir.
|
|
|
|
Also, gather all the command line arguments into an anonymous struct
"args".
|
|
Move all the intelligence into the new file address_translation.go.
That the calculations were spread out too much became apparent when adding
the file header. This should make the code much easier to modify in the
future.
|
|
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]
Quoting SECURITY.md:
* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
* This means the position of the blocks is protected as well. The blocks
can not be reordered or copied between different files without
causing an decryption error.
|
|
|
|
This prevents that the user enters the password only to get an error
later.
|
|
|
|
...also adapt the cryptfs tests for 256 bit long keys
|
|
|
|
|
|
AES-256 seems to be becoming the industry standard. While AES-128 is
good enough for tens of years to come, let's follow suit and be extra
safe.
|
|
The shell wrapper sends gocryptfs into the background and waits for SIGUSR1
|
|
|
|
The old implementation of counting up from a random starting
point had the problem that is allowed an attacker to find out
the write order of the blocks.
|
|
|
|
"Offset" is unclear whether it is an offset from the start of file
or start of block. "Skip" seems much better.
|
|
Also, fix key, it is now []byte, not [16]byte
|
|
The actual fix is
oldSize := f.cfs.PlainSize(uint64(fi.Size()))
the rest is logging improvements
|
|
Makes the log output smaller and more readable.
|
|
Fixes xfstests generic/010
Note that file holes are not authenticated,
|
|
|
|
|
|
|
|
This fixes relative symlinks:
$ tar xf linux-4.2.tar.gz
tar: linux-4.2/tools/testing/selftests/powerpc/vphn/vphn.h: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/vphn/vphn.c: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/stringloops/memcmp_64.S: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/primitives/word-at-a-time.h: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/primitives/asm/asm-compat.h: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/copyloops/memcpy_power7.S: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/copyloops/memcpy_64.S: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/copyloops/copyuser_power7.S: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/copyloops/copyuser_64.S: Cannot utime: No such file or directory
tar: linux-4.2/arch/powerpc/boot/dts/include/dt-bindings: Cannot utime: No such file or directory
tar: linux-4.2/arch/mips/boot/dts/include/dt-bindings: Cannot utime: No such file or directory
tar: linux-4.2/arch/metag/boot/dts/include/dt-bindings: Cannot utime: No such file or directory
tar: linux-4.2/arch/arm64/boot/dts/include/dt-bindings: Cannot utime: No such file or directory
tar: linux-4.2/arch/arm/boot/dts/include/dt-bindings: Cannot utime: No such file or directory
tar: Exiting with failure status due to previous errors
|
|
|
|
|
|
|
|
The too-large reported value broke mmap
(applications saw appended zero bytes)
Also
* Add locking for all fd operations
* Add "--debug" command line switch
|
|
Also, re-enable openssl and disable debug messages so testing
gocryptfs is less painful
|
|
|
|
|
|
|
|
Fix issues in read and write paths.
Now passes selftest.
|
|
Currently fails main_test.go, will be fixed in part II
|
|
|
