aboutsummaryrefslogtreecommitdiff
path: root/cryptfs
AgeCommit message (Collapse)Author
2015-11-25Tighten file permissions on gocryptfs.confJakob Unterwurzacher
This file should only be readable by the owner and never be written to.
2015-11-15CipherSizeToPlainSize: Handle illegal statesJakob Unterwurzacher
A file never gets a cipherSize <= HEADER_LEN in normal operation. However, this can happen if header write it interrupted or the underlying filesystem does not support fallocate. Noticed while trying to store a CIPHERDIR in another gocryptfs mount (gocryptfs does not support fallocate)
2015-11-15Add "-extpass" cli option and associated testsJakob Unterwurzacher
2015-11-14Run go fmt and go vetJakob Unterwurzacher
2015-11-09Add "-q" (quiet) flagJakob Unterwurzacher
2015-11-03Centralize path filter decision in CryptFS.IsFiltered()Jakob Unterwurzacher
2015-11-03tests: add config file and feature flags testsJakob Unterwurzacher
2015-11-03config: Introduce ext4-style feature flagsJakob Unterwurzacher
// List of feature flags this filesystem has enabled. // If gocryptfs encounters a feature flag it does not support, it will refuse // mounting. This mechanism is analogous to the ext4 feature flags that are // stored in the superblock. FeatureFlags []string
2015-11-03Fix tests broken by PlaintextNames additionJakob Unterwurzacher
2015-11-03Update USAGE.txtJakob Unterwurzacher
Also run go fmt
2015-11-03Implement PlainTextNames modeJakob Unterwurzacher
Also, forbid access to "gocryptfs.conf" in the root dir.
2015-11-02Bump on-disk version to 2Jakob Unterwurzacher
2015-11-02Add "--plaintextnames" optionJakob Unterwurzacher
Also, gather all the command line arguments into an anonymous struct "args".
2015-11-01Refactor ciphertext <-> plaintext offset translation functionsJakob Unterwurzacher
Move all the intelligence into the new file address_translation.go. That the calculations were spread out too much became apparent when adding the file header. This should make the code much easier to modify in the future.
2015-11-01Add file header (on-disk-format change)Jakob Unterwurzacher
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ] Quoting SECURITY.md: * Every file has a header that contains a 16-byte random *file id* * Each block uses the file id and its block number as GCM *authentication data* * This means the position of the blocks is protected as well. The blocks can not be reordered or copied between different files without causing an decryption error.
2015-11-01Activate block number authenticationJakob Unterwurzacher
2015-10-11main: check directories for existence earlyJakob Unterwurzacher
This prevents that the user enters the password only to get an error later.
2015-10-07Run go fmtJakob Unterwurzacher
2015-10-07Add test.bashv0.1Jakob Unterwurzacher
...also adapt the cryptfs tests for 256 bit long keys
2015-10-07Implement "gocryptfs --passwd" (pasword changing)Jakob Unterwurzacher
2015-10-06Use block number as authentication dataJakob Unterwurzacher
2015-10-06Switch to AES-256Jakob Unterwurzacher
AES-256 seems to be becoming the industry standard. While AES-128 is good enough for tens of years to come, let's follow suit and be extra safe.
2015-10-06Implement proper daemonizationJakob Unterwurzacher
The shell wrapper sends gocryptfs into the background and waits for SIGUSR1
2015-10-04openssl AEAD wrapper: handle authenticated dataJakob Unterwurzacher
2015-10-04Switch nonce generation to purely randomJakob Unterwurzacher
The old implementation of counting up from a random starting point had the problem that is allowed an attacker to find out the write order of the blocks.
2015-10-04Run go fmtJakob Unterwurzacher
2015-10-04intraBlock: Rename Offset to SkipJakob Unterwurzacher
"Offset" is unclear whether it is an offset from the start of file or start of block. "Skip" seems much better.
2015-10-04Add BlockNoPlainOff() and BlockNoCipherOff() + testJakob Unterwurzacher
Also, fix key, it is now []byte, not [16]byte
2015-10-04Fix xfstests generic/030 failureJakob Unterwurzacher
The actual fix is oldSize := f.cfs.PlainSize(uint64(fi.Size())) the rest is logging improvements
2015-10-03debug: log inode number instead of encrypted filenameJakob Unterwurzacher
Makes the log output smaller and more readable.
2015-10-03Implement file hole passtroughJakob Unterwurzacher
Fixes xfstests generic/010 Note that file holes are not authenticated,
2015-09-30Implement Truncate() + TestJakob Unterwurzacher
2015-09-30DecryptBlocks: Don't shadow err variableJakob Unterwurzacher
2015-09-16Fix symlink size reportingJakob Unterwurzacher
2015-09-16symlink encryption: pass ".." and "." through unchangedJakob Unterwurzacher
This fixes relative symlinks: $ tar xf linux-4.2.tar.gz tar: linux-4.2/tools/testing/selftests/powerpc/vphn/vphn.h: Cannot utime: No such file or directory tar: linux-4.2/tools/testing/selftests/powerpc/vphn/vphn.c: Cannot utime: No such file or directory tar: linux-4.2/tools/testing/selftests/powerpc/stringloops/memcmp_64.S: Cannot utime: No such file or directory tar: linux-4.2/tools/testing/selftests/powerpc/primitives/word-at-a-time.h: Cannot utime: No such file or directory tar: linux-4.2/tools/testing/selftests/powerpc/primitives/asm/asm-compat.h: Cannot utime: No such file or directory tar: linux-4.2/tools/testing/selftests/powerpc/copyloops/memcpy_power7.S: Cannot utime: No such file or directory tar: linux-4.2/tools/testing/selftests/powerpc/copyloops/memcpy_64.S: Cannot utime: No such file or directory tar: linux-4.2/tools/testing/selftests/powerpc/copyloops/copyuser_power7.S: Cannot utime: No such file or directory tar: linux-4.2/tools/testing/selftests/powerpc/copyloops/copyuser_64.S: Cannot utime: No such file or directory tar: linux-4.2/arch/powerpc/boot/dts/include/dt-bindings: Cannot utime: No such file or directory tar: linux-4.2/arch/mips/boot/dts/include/dt-bindings: Cannot utime: No such file or directory tar: linux-4.2/arch/metag/boot/dts/include/dt-bindings: Cannot utime: No such file or directory tar: linux-4.2/arch/arm64/boot/dts/include/dt-bindings: Cannot utime: No such file or directory tar: linux-4.2/arch/arm/boot/dts/include/dt-bindings: Cannot utime: No such file or directory tar: Exiting with failure status due to previous errors
2015-09-14Use MarshalIndent for JSON generationJakob Unterwurzacher
2015-09-13Encrypt key with scrypt-hashed passwordJakob Unterwurzacher
2015-09-13Implement json config storage (not yet encrypted)Jakob Unterwurzacher
2015-09-09Fix File.GettAttr() size reportingJakob Unterwurzacher
The too-large reported value broke mmap (applications saw appended zero bytes) Also * Add locking for all fd operations * Add "--debug" command line switch
2015-09-08Explain both frontends in readmeJakob Unterwurzacher
Also, re-enable openssl and disable debug messages so testing gocryptfs is less painful
2015-09-08Fix panic on absolute symlinkJakob Unterwurzacher
2015-09-08tests: add TestCiphertextRangeJakob Unterwurzacher
2015-09-08More debug logging, improve main_test.go (do not use all-zero content)Jakob Unterwurzacher
2015-09-08Add pathfs frontend, part IIJakob Unterwurzacher
Fix issues in read and write paths. Now passes selftest.
2015-09-08Add pathfs frontend (uses go-fuse instead of bazil-fuse), part IJakob Unterwurzacher
Currently fails main_test.go, will be fixed in part II
2015-09-07Add tests for name encryption and byte range splittingJakob Unterwurzacher
2015-09-06Add OpenSSL support for file content encryption/decryptionJakob Unterwurzacher
This brings streaming read performance from 30MB/s to 81MB/s (similar improvement for writes)
2015-09-06Bundle up blocks for bigger reads from the backing filesystemJakob Unterwurzacher
2015-09-05Use Debug object instead of fmtJakob Unterwurzacher
2015-09-05Cleanup and rename filesJakob Unterwurzacher