aboutsummaryrefslogtreecommitdiff
path: root/internal/stupidgcm
AgeCommit message (Collapse)Author
2018-02-18stupidgcm: create private copy of the keyJakob Unterwurzacher
Relieves the caller from worrying about whether they can overwrite the key.
2018-02-18main: try to wipe cryptocore's secret keys on unmountJakob Unterwurzacher
Raise the bar for recovering keys from memory. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-17stupidgcm: implement key wipeJakob Unterwurzacher
Not bulletproof due to possible GC copies, but still raises to bar for extracting the key. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-17stupidgcm: switch to pointer receiversJakob Unterwurzacher
What the key slice does not get copied around will make it possible to check if the key has been wiped.
2017-07-14macos: make testing without openssl work properlyJakob Unterwurzacher
On MacOS, building and testing without openssl is much easier. The tests should skip tests that fail because of missing openssl instead of aborting. Fixes https://github.com/rfjakob/gocryptfs/issues/123
2017-07-14stupidgcm: fix openssl 1.1 build failureJakob Unterwurzacher
Fixed by including the correct header. Should work on older openssl versions as well. Error was: locking.go:21: undefined reference to `CRYPTO_set_locking_callback'
2017-07-01stupidgcm: add test for in-place OpenJakob Unterwurzacher
Adds a test for the optimization introduced in: stupidgcm: Open: if "dst" is big enough, use it as the output buffer
2017-06-30stupidgcm: Open: if "dst" is big enough, use it as the output bufferJakob Unterwurzacher
This means we won't need any allocation for the plaintext.
2017-06-29stupidgcm: use "dst" as the output buffer it is big enoughJakob Unterwurzacher
This saves an allocation of the ciphertext block.
2017-05-07exitcodes: pull all exit code definitions into the packageJakob Unterwurzacher
This commit defines all exit codes in one place in the exitcodes package. Also, it adds a test to verify the exit code on incorrect password, which is what SiriKali cares about the most. Fixes https://github.com/rfjakob/gocryptfs/issues/77 .
2017-04-24forcedecode: tighten checksJakob Unterwurzacher
...and fix a few golint issues and print a scary warning message on mount. Also, force the fs to ro,noexec.
2017-04-23Add -forcedecodedanim7
Force decode of encrypted files even if the integrity check fails, instead of failing with an IO error. Warning messages are still printed to syslog if corrupted files are encountered. It can be useful to recover files from disks with bad sectors or other corrupted media. Closes https://github.com/rfjakob/gocryptfs/pull/102 .
2017-03-05Drop Go 1.4 compatability code everywhereJakob Unterwurzacher
Yields a nice reduction in code size.
2017-02-24stupidgcm: drop only external dependecyJakob Unterwurzacher
This makes it easier to use the package in external projects. See https://github.com/rfjakob/gocryptfs/issues/79
2017-02-24speed: add benchmark.bash helperJakob Unterwurzacher
2017-02-22Implement "gocryptfs -speed"Jakob Unterwurzacher
A crypto benchmark mode like "openssl speed". Example run: $ ./gocryptfs -speed AES-GCM-256-OpenSSL 180.89 MB/s (selected in auto mode) AES-GCM-256-Go 48.19 MB/s AES-SIV-512-Go 37.40 MB/s
2016-12-10stupidgcm: Fix without_openssl build failureJakob Unterwurzacher
Also, always call build-without-openssl.bash from test.bash. Failure was: internal/stupidgcm/without_openssl.go:29: missing return at end of function
2016-12-10Replace all calls to naked panic() with log.Panic()Jakob Unterwurzacher
We want all panics to show up in the syslog.
2016-10-04A few more lint fixesJakob Unterwurzacher
2016-10-04lint fixesValient Gough
2016-10-04without_openssl: support compiling completely without opensslJakob Unterwurzacher
Build helper script: build-without-openssl.bash
2016-09-26reverse: switch from GCM-SIV to AES-SIVv1.1-beta1Jakob Unterwurzacher
GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-25stupidgcm: add GCM-SIV benchmarkJakob Unterwurzacher
On a CPU without AES-NI: $ go test -bench . Benchmark4kEncStupidGCM-2 50000 24155 ns/op 169.57 MB/s Benchmark4kEncGoGCM-2 20000 93965 ns/op 43.59 MB/s Benchmark4kEncGCMSIV-2 500 2576193 ns/op 1.59 MB/s
2016-09-25Implement changes proposed by gosimple.Jakob Unterwurzacher
Also delete the unused "dirIVNameStruct", found by deadcode.
2016-07-04stupidgcm: use __builtin_trap()Jakob Unterwurzacher
[...]/stupidgcm/locking.go:16:2: warning: indirection of non-volatile null pointer will be deleted, not trap [-Wnull-dereference] [...]/stupidgcm/locking.go:16:2: note: consider using __builtin_trap() or qualifying pointer with 'volatile' https://github.com/rfjakob/gocryptfs/issues/15
2016-05-22stupidgcm: add benchmark.bash wrapperJakob Unterwurzacher
Add a simple bash wrapper to make it easier to run the GCM benchmarks.
2016-05-05stupidgcm: set dummy locking callback.v0.10-rc2Jakob Unterwurzacher
In general, OpenSSL is only threadsafe if you provide a locking function through CRYPTO_set_locking_callback. However, the GCM operations that stupidgcm uses never call that function. To guard against that ever changing, set a dummy locking callback that crashes the app.
2016-05-05stupidgcm: skip tests on Go 1.4 and olderJakob Unterwurzacher
Quoting from the patch: We compare against Go's built-in GCM implementation. Since stupidgcm only supports 128-bit IVs and Go only supports that from 1.5 onward, we cannot run these tests on older Go versions.
2016-05-05Revert "stupidgcm: print openssl error stack before panicing"Jakob Unterwurzacher
This did not help in debugging the openssl <= 1.0.1c issue at all and makes the code more complex. Keep it simple.
2016-05-05stupidgcm: reorder calls to support openssl <= 1.0.1cJakob Unterwurzacher
This fixes the test failures on Travis CI. Quoting from https://github.com/openssl/openssl/commit/07a4ff79d23e45f1a45da717b7c1f41a5e1c7c0c /* Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier * required the tag before any AAD or ciphertext */
2016-05-04stupidgcm: print openssl error stack before panicingJakob Unterwurzacher
2016-05-04stupidgcm: fix copy-paste error in panic messageJakob Unterwurzacher
Also, print the openssl version in Travis CI
2016-05-04stupidgcm: add our own thin wrapper around openssl gcmJakob Unterwurzacher
...complete with tests and benchmark. This will allow us to get rid of the dependency to spacemonkeygo/openssl that causes problems on Arch Linux ( https://github.com/rfjakob/gocryptfs/issues/21 )