Age | Commit message (Collapse) | Author |
|
This makes sure we cannot get weak parameters passed through a
rougue gocryptfs.conf.
|
|
|
|
Also adds a test to verify that they are set in new config
files.
|
|
internal/configfile/config_test.go:67: c declared and not used
|
|
This test fails because Raw64 has been disabled for now.
|
|
Raw64 is supported (but was disabled by default) since gocryptfs
v1.2. However, the implementation was buggy because it forgot
about long names and symlinks.
Disable it for now by default and enable it later, together
with HKDF.
|
|
...but keep it disabled by default for new filesystems.
We are still missing an example filesystem and CLI arguments
to explicitely enable and disable it.
|
|
This will be re-enabled once it is implemented.
|
|
As we have dropped Go 1.4 compatibility already, and will add
a new feature flag for gocryptfs v1.3 anyway, this is a good
time to enable Raw64 as well.
|
|
There is no security reason for doing this, but it will allow
to consolidate the code once we drop compatibility with gocryptfs v1.2
(and earlier) filesystems.
|
|
|
|
|
|
This really only handles scrypt and no other key-derivation functions.
Renaming the files prevents confusion once we introduce HKDF.
renamed: internal/configfile/kdf.go -> internal/configfile/scrypt.go
renamed: internal/configfile/kdf_test.go -> internal/configfile/scrypt_test.go
|
|
|
|
Otherwise the next try to mount ends in
"ctlsock: listen unix ctl.sock: bind: address already in use"
|
|
Through base64.RawURLEncoding.
New command-line parameter "-raw64".
|
|
For convenience for the user, add a newline at the end.
Reported as #51 .
|
|
Requested at https://github.com/rfjakob/gocryptfs/issues/28
|
|
|
|
Also pull all the deterministic nonce code into fusefrontend_reverse
to greatly simplify the normal code path.
|
|
GCM-SIV is not yet finalized, and the reference implemenation is
painfully slow at about 2 MB/s. Switch to AES-SIV.
|
|
Also delete the unused "dirIVNameStruct", found by deadcode.
|
|
This will be used for strong symlink encryption in reverse mode.
|
|
|
|
Also add ReverseDummyNonce nonce generation.
|
|
|
|
|
|
|
|
|
|
This is part of the phase-out of very old filesystems.
See https://github.com/rfjakob/gocryptfs/wiki/Compatibility for
more info.
|
|
Recreate the files so they carry all feature flags.
Also, create them with "-scryptn 10" to speed up the tests.
|
|
tlog is used heavily everywhere and deserves a shorter name.
Renamed using sed magic, without any manual rework:
find * -type f -exec sed -i 's/toggledlog/tlog/g' {} +
|
|
The plan is to drop support for the oldest filesystem versions
in gocryptfs v1.0. For now, we only warn the user.
|
|
Several fatal errors were just printed to stdout, which
meant they were invisible when running the test suite.
Fix this by introducing toggledlog.Fatal and convert as
follows:
Fatal errors -> toggledlog.Fatal
Warnings -> toggledlog.Warn
Password prompts -> fmt.Fprintf
|
|
It may not have been a "Wrong password" after all.
Also, push down disabling the warning so LoadConfFile() can
warn about things that matter.
|
|
This should make things saner and more extensible. It prepares
the infrastructure for "required feature flags" that will be used
to deprecate old gocryptfs version.
|
|
This field is added for the convenience of users and
may help them to identify which gocryptfs version
they need to mount a filesystem.
The same information is essentially contained in FeatureFlags,
but this is more difficult to decode for humans.
It is completely ignored programmatically (also by older gocryptfs
versions).
|
|
Go 1.4 and older do not support 128-bit IVs which caused
the tests to panic.
|
|
Todo: Rename, Unlink, Rmdir, Mknod, Mkdir
|
|
|
|
|
|
"git status" for reference:
deleted: cryptfs/cryptfs.go
deleted: cryptfs/names_core.go
modified: integration_tests/cli_test.go
modified: integration_tests/helpers.go
renamed: cryptfs/config_file.go -> internal/configfile/config_file.go
renamed: cryptfs/config_test.go -> internal/configfile/config_test.go
renamed: cryptfs/config_test/.gitignore -> internal/configfile/config_test/.gitignore
renamed: cryptfs/config_test/PlaintextNames.conf -> internal/configfile/config_test/PlaintextNames.conf
renamed: cryptfs/config_test/StrangeFeature.conf -> internal/configfile/config_test/StrangeFeature.conf
renamed: cryptfs/config_test/v1.conf -> internal/configfile/config_test/v1.conf
renamed: cryptfs/config_test/v2.conf -> internal/configfile/config_test/v2.conf
renamed: cryptfs/kdf.go -> internal/configfile/kdf.go
renamed: cryptfs/kdf_test.go -> internal/configfile/kdf_test.go
renamed: cryptfs/cryptfs_content.go -> internal/contentenc/content.go
new file: internal/contentenc/content_api.go
renamed: cryptfs/content_test.go -> internal/contentenc/content_test.go
renamed: cryptfs/file_header.go -> internal/contentenc/file_header.go
renamed: cryptfs/intrablock.go -> internal/contentenc/intrablock.go
renamed: cryptfs/address_translation.go -> internal/contentenc/offsets.go
new file: internal/cryptocore/crypto_api.go
renamed: cryptfs/gcm_go1.4.go -> internal/cryptocore/gcm_go1.4.go
renamed: cryptfs/gcm_go1.5.go -> internal/cryptocore/gcm_go1.5.go
renamed: cryptfs/nonce.go -> internal/cryptocore/nonce.go
renamed: cryptfs/openssl_aead.go -> internal/cryptocore/openssl_aead.go
renamed: cryptfs/openssl_benchmark.bash -> internal/cryptocore/openssl_benchmark.bash
renamed: cryptfs/openssl_test.go -> internal/cryptocore/openssl_test.go
new file: internal/nametransform/name_api.go
new file: internal/nametransform/names_core.go
renamed: cryptfs/names_diriv.go -> internal/nametransform/names_diriv.go
renamed: cryptfs/names_noiv.go -> internal/nametransform/names_noiv.go
renamed: cryptfs/names_test.go -> internal/nametransform/names_test.go
new file: internal/nametransform/pad16.go
renamed: cryptfs/log.go -> internal/toggledlog/log.go
renamed: cryptfs/log_go1.4.go -> internal/toggledlog/log_go1.4.go
renamed: cryptfs/log_go1.5.go -> internal/toggledlog/log_go1.5.go
modified: main.go
modified: masterkey.go
modified: pathfs_frontend/file.go
modified: pathfs_frontend/file_holes.go
modified: pathfs_frontend/fs.go
modified: pathfs_frontend/fs_dir.go
modified: pathfs_frontend/names.go
modified: test.bash
|