Age | Commit message (Collapse) | Author |
|
Not bulletproof due to possible GC copies, but
still raises to bar for extracting the key.
https://github.com/rfjakob/gocryptfs/issues/211
|
|
What the key slice does not get copied around
will make it possible to check if the key has been wiped.
|
|
This means we won't need any allocation for the plaintext.
|
|
This saves an allocation of the ciphertext block.
|
|
...and fix a few golint issues and print a scary warning message on mount.
Also, force the fs to ro,noexec.
|
|
Force decode of encrypted files even if the integrity check fails, instead of
failing with an IO error. Warning messages are still printed to syslog if corrupted
files are encountered.
It can be useful to recover files from disks with bad sectors or other corrupted
media.
Closes https://github.com/rfjakob/gocryptfs/pull/102 .
|
|
We want all panics to show up in the syslog.
|
|
|
|
|
|
Build helper script: build-without-openssl.bash
|
|
This did not help in debugging the openssl <= 1.0.1c issue at all
and makes the code more complex. Keep it simple.
|
|
This fixes the test failures on Travis CI.
Quoting from https://github.com/openssl/openssl/commit/07a4ff79d23e45f1a45da717b7c1f41a5e1c7c0c
/* Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier
* required the tag before any AAD or ciphertext */
|
|
|
|
Also, print the openssl version in Travis CI
|
|
...complete with tests and benchmark.
This will allow us to get rid of the dependency to spacemonkeygo/openssl
that causes problems on Arch Linux
( https://github.com/rfjakob/gocryptfs/issues/21 )
|