gocryptfs - Mirror of gocryptfs source code on Github

Age	Commit message (Collapse)	Author
5 days	Do what @rfjakob asked me to do	Frank Denis

5 days	Add optional support for AEGIS encryption	Frank Denis
	AEGIS is a new family of authenticated encryption algorithms that offers stronger security, higher usage limits, and better performance than AES-GCM. This pull request adds support for a new `-aegis` command-line flag, allowing AEGIS-128X2 to be used as an alternative to AES-GCM on CPUs with AES acceleration. It also introduces the ability to use ciphers with different key sizes. More information on AEGIS is available here: - https://cfrg.github.io/draft-irtf-cfrg-aegis-aead/draft-irtf-cfrg-aegis-aead.html - https://github.com/cfrg/draft-irtf-cfrg-aegis-aead gocryptfs -speed speed on Apple M1: AES-GCM-256-OpenSSL 3718.79 MB/s AES-GCM-256-Go 5083.43 MB/s (selected in auto mode) AES-SIV-512-Go 625.20 MB/s XChaCha20-Poly1305-OpenSSL 1358.63 MB/s (selected in auto mode) XChaCha20-Poly1305-Go 832.11 MB/s Aegis128X2-Go 11818.73 MB/s gocryptfs -speed speed on AMD Zen 4: AES-GCM-256-OpenSSL 5215.86 MB/s AES-GCM-256-Go 6918.01 MB/s (selected in auto mode) AES-SIV-512-Go 449.61 MB/s XChaCha20-Poly1305-OpenSSL 2643.48 MB/s XChaCha20-Poly1305-Go 3727.46 MB/s (selected in auto mode) Aegis128X2-Go 28109.92 MB/s
2021-08-23	configfile: add Validate() function, support FlagXChaCha20Poly1305	Jakob Unterwurzacher
	We used to do validation using lists of mandatory feature flags. With the introduction of XChaCha20Poly1305, this became too simplistic, as it uses a different IV length, hence disabling GCMIV128. Add a dedicated function, Validate(), with open-coded validation logic. The validation and creation logic also gets XChaCha20Poly1305 support, and gocryptfs -init -xchacha now writes the flag into gocryptfs.conf.
2021-08-23	go mod: declare module version v2	Jakob Unterwurzacher
	Our git version is v2+ for some time now, but go.mod still declared v1. Hopefully making both match makes https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2 work. All the import paths have been fixed like this: find . -name \*.go \| xargs sed -i s%github.com/rfjakob/gocryptfs/%github.com/rfjakob/gocryptfs/v2/%
2018-12-28	configfile: Fix a copy&paste error in validateParams method.	Sebastian Lackner

2018-02-18	readpassword: convert from string to []byte	Jakob Unterwurzacher
	This will allows us to overwrite the password with zeros once we are done with it. https://github.com/rfjakob/gocryptfs/issues/211
2017-05-07	exitcodes: pull all exit code definitions into the package	Jakob Unterwurzacher
	This commit defines all exit codes in one place in the exitcodes package. Also, it adds a test to verify the exit code on incorrect password, which is what SiriKali cares about the most. Fixes https://github.com/rfjakob/gocryptfs/issues/77 .
2017-05-07	Fix typos found by Misspell	Jakob Unterwurzacher
	Misspell Finds commonly misspelled English words gocryptfs/internal/configfile/scrypt.go Line 41: warning: "paramter" is a misspelling of "parameter" (misspell) gocryptfs/internal/ctlsock/ctlsock_serve.go Line 1: warning: "implementes" is a misspelling of "implements" (misspell) gocryptfs/tests/test_helpers/helpers.go Line 27: warning: "compatability" is a misspelling of "compatibility" (misspell)
2017-03-25	configfile: always validate all scrypt parameters	Jakob Unterwurzacher
	This makes sure we cannot get weak parameters passed through a rougue gocryptfs.conf.
2017-02-25	configfile: rename "kdf.go" -> "scrypt.go"	Jakob Unterwurzacher
	This really only handles scrypt and no other key-derivation functions. Renaming the files prevents confusion once we introduce HKDF. renamed: internal/configfile/kdf.go -> internal/configfile/scrypt.go renamed: internal/configfile/kdf_test.go -> internal/configfile/scrypt_test.go