aboutsummaryrefslogtreecommitdiff
path: root/cryptfs
AgeCommit message (Collapse)Author
2015-12-19Increase GCM IV size from 96 to 128 bitsJakob Unterwurzacher
This pushes back the birthday bound for collisions to make it virtually irrelevant.
2015-12-13go fmtJakob Unterwurzacher
...and minimal comment changes.
2015-12-11Rmdir: handle creating and removing unreadable directoriesJakob Unterwurzacher
This patch also splits off Mkdir and Rmdir into its own file. Fixes issue #8, thanks to @diseq for the bug report.
2015-12-10Wrap NewGCMWithNonceSize() to enable compilation on Go 1.4Jakob Unterwurzacher
2015-12-10Simplify CreateConfFile: do not allow specification of EMENamesJakob Unterwurzacher
2015-12-08Add EME filename encryption & enable it by defaultJakob Unterwurzacher
2015-12-08opensslGCM: preallocate buffer space, improves performance by 11%Jakob Unterwurzacher
Results of cryptfs/openssl_benchmark.bash : Before: BenchmarkEnc_OpenSSL_4k_AES256_nonce96-2 50000 31802 ns/op 127.28 MB/s BenchmarkEnc_OpenSSL_4k_AES256_nonce128-2 50000 32110 ns/op 126.06 MB/s After: BenchmarkEnc_OpenSSL_4k_AES256_nonce96-2 50000 28612 ns/op 141.47 MB/s BenchmarkEnc_OpenSSL_4k_AES256_nonce128-2 50000 28613 ns/op 141.47 MB/s
2015-12-08tests: add encryption benchmarks to cryptfsJakob Unterwurzacher
2015-12-06fallocate the space needed for the file header beforehandJakob Unterwurzacher
This makes sure writing to a file fails early if the underlying filesystem does not support fallocate. It also prevents partial header write due to ENOSPC.
2015-12-06init: create gocryptfs.diriv after creating gocryptfs.confJakob Unterwurzacher
Creating the config file can fail easily, for example if the password is not entered the same twice. This would leave an orphaned gocryptfs.diriv behind.
2015-11-29Run go fmtJakob Unterwurzacher
2015-11-29Add single-element cache for DirIV lookupJakob Unterwurzacher
Another 3x performance boost for applications that walk the directory tree. Excerpt from performance.txt: VERSION UNTAR LS RM v0.4 48 1.5 5 v0.5-rc1 56 7 19 v0.5-rc1-1 54 4.1 9 v0.5-rc1-2 45 1.7 3.4 <---- THIS VERSION
2015-11-29OpenDir performance: Read DirIV once and reuse it for all namesJakob Unterwurzacher
Formerly, we called decryptPath for every name. That resulted in a directory walk that reads in all diriv files on the way. Massive improvement for RM and LS (check performance.txt for details) VERSION UNTAR RM LS v0.4 48 5 1.5 v0.5-rc1 56 19 7 v0.5-rc1-1 54 9 4.1 <---- THIS VERSION
2015-11-29Add "-scryptn" option that sets the cost parameter for scryptv0.5-rc1Jakob Unterwurzacher
Use that option to speed up the automated tests by 7 seconds. Before: ok github.com/rfjakob/gocryptfs/integration_tests 26.667s After: ok github.com/rfjakob/gocryptfs/integration_tests 19.534s
2015-11-29tests: add scrypt benchmarkJakob Unterwurzacher
Times the impact of the parameter "N" to scrypt. Results on a 2.7GHz Pentium G630: gocryptfs/cryptfs$ go test -bench=. PASS BenchmarkScrypt10-2 300 6021435 ns/op ... 6ms BenchmarkScrypt11-2 100 11861460 ns/op BenchmarkScrypt12-2 100 23420822 ns/op BenchmarkScrypt13-2 30 47666518 ns/op BenchmarkScrypt14-2 20 92561590 ns/op ... 92ms BenchmarkScrypt15-2 10 183971593 ns/op BenchmarkScrypt16-2 3 368506365 ns/op BenchmarkScrypt17-2 2 755502608 ns/op ... 755ms ok github.com/rfjakob/gocryptfs/cryptfs 18.772s
2015-11-28diriv: fix readdirJakob Unterwurzacher
It decrypted all file names using the root directory iv
2015-11-28diriv: use "DirIV" flag to discern and support mounting old filesystemsJakob Unterwurzacher
2015-11-27Run go fmtJakob Unterwurzacher
2015-11-27diriv: Define "DirIV" feature flagJakob Unterwurzacher
(unused so far)
2015-11-27diriv: Move WriteDirIV() to cryptfs; add locking to Mkdir, RmdirJakob Unterwurzacher
2015-11-27diriv: Convert filename encryption users to dirivJakob Unterwurzacher
2015-11-25diriv: Create gocryptfs.diriv in every directoryJakob Unterwurzacher
2015-11-25Tighten file permissions on gocryptfs.confJakob Unterwurzacher
This file should only be readable by the owner and never be written to.
2015-11-15CipherSizeToPlainSize: Handle illegal statesJakob Unterwurzacher
A file never gets a cipherSize <= HEADER_LEN in normal operation. However, this can happen if header write it interrupted or the underlying filesystem does not support fallocate. Noticed while trying to store a CIPHERDIR in another gocryptfs mount (gocryptfs does not support fallocate)
2015-11-15Add "-extpass" cli option and associated testsJakob Unterwurzacher
2015-11-14Run go fmt and go vetJakob Unterwurzacher
2015-11-09Add "-q" (quiet) flagJakob Unterwurzacher
2015-11-03Centralize path filter decision in CryptFS.IsFiltered()Jakob Unterwurzacher
2015-11-03tests: add config file and feature flags testsJakob Unterwurzacher
2015-11-03config: Introduce ext4-style feature flagsJakob Unterwurzacher
// List of feature flags this filesystem has enabled. // If gocryptfs encounters a feature flag it does not support, it will refuse // mounting. This mechanism is analogous to the ext4 feature flags that are // stored in the superblock. FeatureFlags []string
2015-11-03Fix tests broken by PlaintextNames additionJakob Unterwurzacher
2015-11-03Update USAGE.txtJakob Unterwurzacher
Also run go fmt
2015-11-03Implement PlainTextNames modeJakob Unterwurzacher
Also, forbid access to "gocryptfs.conf" in the root dir.
2015-11-02Bump on-disk version to 2Jakob Unterwurzacher
2015-11-02Add "--plaintextnames" optionJakob Unterwurzacher
Also, gather all the command line arguments into an anonymous struct "args".
2015-11-01Refactor ciphertext <-> plaintext offset translation functionsJakob Unterwurzacher
Move all the intelligence into the new file address_translation.go. That the calculations were spread out too much became apparent when adding the file header. This should make the code much easier to modify in the future.
2015-11-01Add file header (on-disk-format change)Jakob Unterwurzacher
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ] Quoting SECURITY.md: * Every file has a header that contains a 16-byte random *file id* * Each block uses the file id and its block number as GCM *authentication data* * This means the position of the blocks is protected as well. The blocks can not be reordered or copied between different files without causing an decryption error.
2015-11-01Activate block number authenticationJakob Unterwurzacher
2015-10-11main: check directories for existence earlyJakob Unterwurzacher
This prevents that the user enters the password only to get an error later.
2015-10-07Run go fmtJakob Unterwurzacher
2015-10-07Add test.bashv0.1Jakob Unterwurzacher
...also adapt the cryptfs tests for 256 bit long keys
2015-10-07Implement "gocryptfs --passwd" (pasword changing)Jakob Unterwurzacher
2015-10-06Use block number as authentication dataJakob Unterwurzacher
2015-10-06Switch to AES-256Jakob Unterwurzacher
AES-256 seems to be becoming the industry standard. While AES-128 is good enough for tens of years to come, let's follow suit and be extra safe.
2015-10-06Implement proper daemonizationJakob Unterwurzacher
The shell wrapper sends gocryptfs into the background and waits for SIGUSR1
2015-10-04openssl AEAD wrapper: handle authenticated dataJakob Unterwurzacher
2015-10-04Switch nonce generation to purely randomJakob Unterwurzacher
The old implementation of counting up from a random starting point had the problem that is allowed an attacker to find out the write order of the blocks.
2015-10-04Run go fmtJakob Unterwurzacher
2015-10-04intraBlock: Rename Offset to SkipJakob Unterwurzacher
"Offset" is unclear whether it is an offset from the start of file or start of block. "Skip" seems much better.
2015-10-04Add BlockNoPlainOff() and BlockNoCipherOff() + testJakob Unterwurzacher
Also, fix key, it is now []byte, not [16]byte