summaryrefslogtreecommitdiff
path: root/internal/configfile
AgeCommit message (Collapse)Author
2021-10-21configfile: add LongNameMax supportJakob Unterwurzacher
Feature flag + numeric paramater https://github.com/rfjakob/gocryptfs/issues/499
2021-10-21configfile: replace broken switch/case logic with ifJakob Unterwurzacher
Because switch only matches once, we could have missed invalid cases. Replace the switch statements with a straight if rake.
2021-09-10cli: drop -forcedecode flagJakob Unterwurzacher
The rewritten openssl backend does not support this flag anymore, and it was inherently dangerour. Drop it (ignored for compatibility)
2021-08-30Unbreak hyperlinks broken by go mod v2 conversionJakob Unterwurzacher
Commit 69d88505fd7f4cb0d9e4f1918de296342fe05858 go mod: declare module version v2 translated all instances of "github.com/rfjakob/gocryptfs/" to "github.com/rfjakob/gocryptfs/v2/". Unfortunately, this included hyperlinks. Unbreak the hyperlinks like this: find . -name \*.go | xargs sed -i s%https://github.com/rfjakob/gocryptfs/v2/%https://github.com/rfjakob/gocryptfs/v2/%
2021-08-25-devrandom: make flag a no-opJakob Unterwurzacher
Commit f3c777d5eaa682d878c638192311e52f9c204294 added the `-devrandom` option: commit f3c777d5eaa682d878c638192311e52f9c204294 Author: @slackner Date: Sun Nov 19 13:30:04 2017 +0100 main: Add '-devrandom' commandline option Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy. We now require Go v1.13 and Kernel versions should have also moved on. Make the flag a no-op. https://github.com/rfjakob/gocryptfs/issues/596
2021-08-23cryptocore: add NonceSize to AEADTypeEnumJakob Unterwurzacher
Have the information in one centralized place, and access it from main as needed.
2021-08-23configfile: add Validate() function, support FlagXChaCha20Poly1305Jakob Unterwurzacher
We used to do validation using lists of mandatory feature flags. With the introduction of XChaCha20Poly1305, this became too simplistic, as it uses a different IV length, hence disabling GCMIV128. Add a dedicated function, Validate(), with open-coded validation logic. The validation and creation logic also gets XChaCha20Poly1305 support, and gocryptfs -init -xchacha now writes the flag into gocryptfs.conf.
2021-08-23Add partial XChaCha20-Poly1305 support (mount flag only)Jakob Unterwurzacher
Mount flag only at the moment, not saved to gocryptfs.conf. https://github.com/rfjakob/gocryptfs/issues/452
2021-08-23go mod: declare module version v2Jakob Unterwurzacher
Our git version is v2+ for some time now, but go.mod still declared v1. Hopefully making both match makes https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2 work. All the import paths have been fixed like this: find . -name \*.go | xargs sed -i s%github.com/rfjakob/gocryptfs/%github.com/rfjakob/gocryptfs/v2/%
2021-08-21configfile: pass struct to Create 2/2Jakob Unterwurzacher
Drop Create and rename Create2 to Create.
2021-08-21configfile: pass struct to Create 1/2Jakob Unterwurzacher
The argument list got too long. Part 1: Replace with Create2
2021-08-20-deterministic-names: accept flag on -initJakob Unterwurzacher
And store it in gocryptfs.conf (=remove DirIV feature flag).
2021-06-20fido2: hide "FIDO2" in gocryptfs.conf if not usedJakob Unterwurzacher
Result of: $ gocryptfs -init foo $ cat foo/gocryptfs.conf Before: { "Creator": "gocryptfs v2.0.1", "EncryptedKey": "FodEdNHD/cCwv1n5BuyAkbIOnJ/O5gfdCh3YssUCJ2DUr0A8DrQ5NH2SLhREeWRL3V8EMiPO2Ncr5IVwE4SSxQ==", "ScryptObject": { "Salt": "brGaw9Jg1kbPuSXFiwoxqK2oXFTgbniSgpiB+cu+67Y=", "N": 65536, "R": 8, "P": 1, "KeyLen": 32 }, "Version": 2, "FeatureFlags": [ "GCMIV128", "HKDF", "DirIV", "EMENames", "LongNames", "Raw64" ], "FIDO2": { "CredentialID": null, "HMACSalt": null } } After: { "Creator": "gocryptfs v2.0.1-5-gf9718eb-dirty.DerDonut-badnamecontent", "EncryptedKey": "oFMj1lS1ZsM/vEfanNMeCTPw3PZr5VWeL7ap8Jd8YQm6evy2BAhtQ/pd6RzDx84wlCz9TpxqHRihuwSEMnOWWg==", "ScryptObject": { "Salt": "JZ/5mhy4a8EAQ/wDF1POIEe4/Ss38cfJgXgj26DuA4M=", "N": 65536, "R": 8, "P": 1, "KeyLen": 32 }, "Version": 2, "FeatureFlags": [ "GCMIV128", "HKDF", "DirIV", "EMENames", "LongNames", "Raw64" ] }
2020-09-12Add support for FIDO2 tokensPavol Rusnak
2019-12-28remove Trezor supportPavol Rusnak
2019-04-08configfile: fall back to sync() if fsync() failsJakob Unterwurzacher
This can happen on network drives: FRITZ.NAS mounted on MacOS returns "operation not supported": https://github.com/rfjakob/gocryptfs/issues/390
2018-12-28configfile: Fix a copy&paste error in validateParams method.Sebastian Lackner
2018-12-27configfile: Explicitly wipe scrypt derived key after decrypting/encrypting ↵Sebastian Lackner
master key. Further raises the bar for recovering keys from memory.
2018-09-08configfile: add LoadAndDecrypt wrapperJakob Unterwurzacher
Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258
2018-09-08configfile: split off masterkey decryptionJakob Unterwurzacher
Preparation for fixing https://github.com/rfjakob/gocryptfs/issues/258
2018-09-08configfile: return specific error on empty inputJakob Unterwurzacher
Report the actual problem instead of a generic "unexpected end of JSON input". https://github.com/rfjakob/gocryptfs/issues/258
2018-07-23configfile: drop superflous PrintfJakob Unterwurzacher
Before: $ gocryptfs -fsck . LoadConfFile: ReadFile: &os.PathError{Op:"open", Path:"/var/tmp/check-gocryptfs/scratchdev/gocryptfs.conf", Err:0xd} Cannot open config file: open /var/tmp/check-gocryptfs/scratchdev/gocryptfs.conf: permission denied After: $ gocryptfs -fsck . Cannot open config file: open /var/tmp/check-gocryptfs/scratchdev/gocryptfs.conf: permission denied
2018-07-01Only print masterkey once on -initJakob Unterwurzacher
It is no longer printed at all when mounting a filesystem, printing on -init can be disabled with -q. https://github.com/rfjakob/gocryptfs/issues/76
2018-07-01trezor: add TrezorPayloadJakob Unterwurzacher
TrezorPayload stores 32 random bytes used for unlocking the master key using a Trezor security module. The randomness makes sure that a unique unlock value is used for each gocryptfs filesystem.
2018-07-01configfile: reduce function name stutterJakob Unterwurzacher
configfile.LoadConfFile() -> configfile.Load() configfile.CreateConfFile() -> configfile.Create()
2018-07-01trezor: add skeleton for Trezor supportJakob Unterwurzacher
readpassword.Trezor() is not implemented yet and returns a hardcoded dummy key.
2018-06-24configfile: use tlog.ColorYellow instead of hardcoded color codeJakob Unterwurzacher
2018-04-02fsck: test against example_filesystemsJakob Unterwurzacher
2018-02-18readpassword: convert from string to []byteJakob Unterwurzacher
This will allows us to overwrite the password with zeros once we are done with it. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18configfile: overwrite and let keys run out of scopeJakob Unterwurzacher
As soon as we don't need them anymore, overwrite keys with zeros and make sure they run out of scope so we don't create a risk of inadvertedly using all-zero keys for encryption. https://github.com/rfjakob/gocryptfs/issues/211
2017-11-21main: Add '-devrandom' commandline optionSebastian Lackner
Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy.
2017-05-14exitcodes: specific codes for failure to read or write gocryptfs.confJakob Unterwurzacher
New codes: * OpenConf = 23 * WriteConf = 24
2017-05-07exitcodes: pull all exit code definitions into the packageJakob Unterwurzacher
This commit defines all exit codes in one place in the exitcodes package. Also, it adds a test to verify the exit code on incorrect password, which is what SiriKali cares about the most. Fixes https://github.com/rfjakob/gocryptfs/issues/77 .
2017-05-07Fix typos found by MisspellJakob Unterwurzacher
Misspell Finds commonly misspelled English words gocryptfs/internal/configfile/scrypt.go Line 41: warning: "paramter" is a misspelling of "parameter" (misspell) gocryptfs/internal/ctlsock/ctlsock_serve.go Line 1: warning: "implementes" is a misspelling of "implements" (misspell) gocryptfs/tests/test_helpers/helpers.go Line 27: warning: "compatability" is a misspelling of "compatibility" (misspell)
2017-04-23Add -forcedecodedanim7
Force decode of encrypted files even if the integrity check fails, instead of failing with an IO error. Warning messages are still printed to syslog if corrupted files are encountered. It can be useful to recover files from disks with bad sectors or other corrupted media. Closes https://github.com/rfjakob/gocryptfs/pull/102 .
2017-03-25configfile: always validate all scrypt parametersJakob Unterwurzacher
This makes sure we cannot get weak parameters passed through a rougue gocryptfs.conf.
2017-03-07configfile: HKDF feature flag should also be set for "-plaintextnames"Jakob Unterwurzacher
2017-03-07configfile: enable HKDF and Raw64 feature flags by defaultJakob Unterwurzacher
Also adds a test to verify that they are set in new config files.
2017-03-05tests: configfile: fix spurious test failure IIJakob Unterwurzacher
internal/configfile/config_test.go:67: c declared and not used
2017-03-05tests: configfile: fix spurious test failureJakob Unterwurzacher
This test fails because Raw64 has been disabled for now.
2017-03-05configfile: disable Raw64 for nowJakob Unterwurzacher
Raw64 is supported (but was disabled by default) since gocryptfs v1.2. However, the implementation was buggy because it forgot about long names and symlinks. Disable it for now by default and enable it later, together with HKDF.
2017-03-05full stack: implement HKDF supportJakob Unterwurzacher
...but keep it disabled by default for new filesystems. We are still missing an example filesystem and CLI arguments to explicitely enable and disable it.
2017-03-05configfile: reject the "HKDF" flag for nowJakob Unterwurzacher
This will be re-enabled once it is implemented.
2017-03-05configfile: switch on Raw64 by defaultJakob Unterwurzacher
As we have dropped Go 1.4 compatibility already, and will add a new feature flag for gocryptfs v1.3 anyway, this is a good time to enable Raw64 as well.
2017-03-05configfile: switch to 128-bit IVs for master key encryptionJakob Unterwurzacher
There is no security reason for doing this, but it will allow to consolidate the code once we drop compatibility with gocryptfs v1.2 (and earlier) filesystems.
2017-03-05configfile: define HKDF flagJakob Unterwurzacher
2017-02-26exitcodes: define code 12 for "password incorrect"Jakob Unterwurzacher
2017-02-25configfile: rename "kdf.go" -> "scrypt.go"Jakob Unterwurzacher
This really only handles scrypt and no other key-derivation functions. Renaming the files prevents confusion once we introduce HKDF. renamed: internal/configfile/kdf.go -> internal/configfile/scrypt.go renamed: internal/configfile/kdf_test.go -> internal/configfile/scrypt_test.go
2017-02-16tests: configfile: add missing newlines in verbose outputJakob Unterwurzacher
2017-01-26main: make sure the ctlsock file is deleted on incorrect passwordJakob Unterwurzacher
Otherwise the next try to mount ends in "ctlsock: listen unix ctl.sock: bind: address already in use"