aboutsummaryrefslogtreecommitdiff
path: root/internal/cryptocore/cryptocore.go
AgeCommit message (Collapse)Author
2017-03-05full stack: implement HKDF supportJakob Unterwurzacher
...but keep it disabled by default for new filesystems. We are still missing an example filesystem and CLI arguments to explicitely enable and disable it.
2017-03-05configfile: switch to 128-bit IVs for master key encryptionJakob Unterwurzacher
There is no security reason for doing this, but it will allow to consolidate the code once we drop compatibility with gocryptfs v1.2 (and earlier) filesystems.
2017-03-05Drop Go 1.4 compatability code everywhereJakob Unterwurzacher
Yields a nice reduction in code size.
2017-03-05cryptocore: rename "BackendTypeEnum" -> "AEADTypeEnum"Jakob Unterwurzacher
There are two independent backends, one for name encryption, the other one, AEAD, for file content. "BackendTypeEnum" only applies to AEAD (file content), so make that clear in the name.
2017-03-05cryptocore: use eme v1.1 interfaceJakob Unterwurzacher
Version 1.1 of the EME package (github.com/rfjakob/eme) added a more convenient interface. Use it. Note that you have to upgrade your EME package (go get -u)!
2016-12-10Replace all calls to naked panic() with log.Panic()Jakob Unterwurzacher
We want all panics to show up in the syslog.
2016-10-09reverse: add panics against API abuseJakob Unterwurzacher
These should help prevent later programming errors.
2016-10-04lint fixesValient Gough
2016-10-04cryptocore: rename "gcm" variable to generic "aeadCipher"Jakob Unterwurzacher
As we now also support AES-SIV the old name is no longer correct.
2016-10-04cryptocore: derive 512-bit key for AES-SIVJakob Unterwurzacher
AES-SIV uses 1/2 of the key for authentication, 1/2 for encryption, so we need a 64-byte key for AES-256. Derive it from the master key by hashing it with SHA-512.
2016-09-26reverse: switch from GCM-SIV to AES-SIVv1.1-beta1Jakob Unterwurzacher
GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-25contentenc: add GCM-SIV supportJakob Unterwurzacher
Also add ReverseDummyNonce nonce generation.
2016-09-25cryptocore: add support for GCM-SIVJakob Unterwurzacher
2016-07-31cryptocore: comment why 96-bit IVs are still supportedJakob Unterwurzacher
2016-07-06Add godoc comments to all internal packagesJakob Unterwurzacher
2016-05-04stupidgcm: completely replace spacemonkeygo/opensslJakob Unterwurzacher
2016-05-04cryptocore: add API testsJakob Unterwurzacher