libcryfs/src/cryfs/config/CryConfigLoader.cpp

#include "CryConfigLoader.h"
#include "CryConfigFile.h"
#include <boost/filesystem.hpp>
#include <cpp-utils/random/Random.h>
#include <cpp-utils/logging/logging.h>
#include <boost/algorithm/string/predicate.hpp>
#include <gitversion/gitversion.h>
#include <gitversion/VersionCompare.h>
#include "../localstate/LocalStateDir.h"
#include "../localstate/LocalStateMetadata.h"
#include "../CryfsException.h"

namespace bf = boost::filesystem;
using cpputils::Console;
using cpputils::RandomGenerator;
using cpputils::SCryptSettings;
using boost::optional;
using boost::none;
using std::shared_ptr;
using std::string;
using std::function;
using std::shared_ptr;
using gitversion::VersionCompare;
using namespace cpputils::logging;

namespace cryfs {

CryConfigLoader::CryConfigLoader(shared_ptr<Console> console, RandomGenerator &keyGenerator, LocalStateDir localStateDir, const SCryptSettings &scryptSettings, function<string()> askPasswordForExistingFilesystem, function<string()> askPasswordForNewFilesystem, const optional<string> &cipherFromCommandLine, const boost::optional<uint32_t> &blocksizeBytesFromCommandLine, const boost::optional<bool> &missingBlockIsIntegrityViolationFromCommandLine)
    : _console(console), _creator(std::move(console), keyGenerator, localStateDir), _scryptSettings(scryptSettings),
      _askPasswordForExistingFilesystem(askPasswordForExistingFilesystem), _askPasswordForNewFilesystem(askPasswordForNewFilesystem),
      _cipherFromCommandLine(cipherFromCommandLine), _blocksizeBytesFromCommandLine(blocksizeBytesFromCommandLine),
      _missingBlockIsIntegrityViolationFromCommandLine(missingBlockIsIntegrityViolationFromCommandLine),
      _localStateDir(std::move(localStateDir)) {
}

optional<CryConfigLoader::ConfigLoadResult> CryConfigLoader::_loadConfig(bf::path filename, bool allowFilesystemUpgrade, bool allowReplacedFilesystem) {
  string password = _askPasswordForExistingFilesystem();
  std::cout << "Loading config file (this can take some time)..." << std::flush;
  auto config = CryConfigFile::load(std::move(filename), password);
  if (config == none) {
    return none;
  }
  std::cout << "done" << std::endl;
#ifndef CRYFS_NO_COMPATIBILITY
  //Since 0.9.7 and 0.9.8 set their own version to cryfs.version instead of the filesystem format version (which is 0.9.6), overwrite it
  if (config->config()->Version() == "0.9.7" || config->config()->Version() == "0.9.8") {
    config->config()->SetVersion("0.9.6");
  }
#endif
  _checkVersion(*config->config(), allowFilesystemUpgrade);
#ifndef CRYFS_NO_COMPATIBILITY
  //Since 0.9.3-alpha set the config value cryfs.blocksizeBytes wrongly to 32768 (but didn't use the value), we have to fix this here.
  if (config->config()->Version() != "0+unknown" && VersionCompare::isOlderThan(config->config()->Version(), "0.9.3-rc1")) {
    config->config()->SetBlocksizeBytes(32832);
  }
#endif
  if (config->config()->Version() != CryConfig::FilesystemFormatVersion) {
    config->config()->SetVersion(CryConfig::FilesystemFormatVersion);
    config->save();
  }
  if (config->config()->LastOpenedWithVersion() != gitversion::VersionString()) {
    config->config()->SetLastOpenedWithVersion(gitversion::VersionString());
    config->save();
  }
  _checkCipher(*config->config());
  auto localState = LocalStateMetadata::loadOrGenerate(_localStateDir.forFilesystemId(config->config()->FilesystemId()), cpputils::Data::FromString(config->config()->EncryptionKey()), allowReplacedFilesystem);
  uint32_t myClientId = localState.myClientId();
  _checkMissingBlocksAreIntegrityViolations(&*config, myClientId);
  return ConfigLoadResult {std::move(*config), myClientId};
}

void CryConfigLoader::_checkVersion(const CryConfig &config, bool allowFilesystemUpgrade) {
  if (gitversion::VersionCompare::isOlderThan(CryConfig::FilesystemFormatVersion, config.Version())) {
    if (!_console->askYesNo("This filesystem is for CryFS " + config.Version() + " or later and should not be opened with older versions. It is strongly recommended to update your CryFS version. However, if you have backed up your base directory and know what you're doing, you can continue trying to load it. Do you want to continue?", false)) {
      throw CryfsException("This filesystem is for CryFS " + config.Version() + " or later. Please update your CryFS version.", ErrorCode::TooNewFilesystemFormat);
    }
  }
  if (!allowFilesystemUpgrade && gitversion::VersionCompare::isOlderThan(config.Version(), CryConfig::FilesystemFormatVersion)) {
    if (!_console->askYesNo("This filesystem is for CryFS " + config.Version() + " (or a later version with the same storage format). You're running a CryFS version using storage format " + CryConfig::FilesystemFormatVersion + ". It can be migrated, but afterwards couldn't be opened anymore with older versions. Do you want to migrate it?", false)) {
      throw CryfsException("This filesystem is for CryFS " + config.Version() + " (or a later version with the same storage format). It has to be migrated.", ErrorCode::TooOldFilesystemFormat);
    }
  }
}

void CryConfigLoader::_checkCipher(const CryConfig &config) const {
  if (_cipherFromCommandLine != none && config.Cipher() != *_cipherFromCommandLine) {
    throw CryfsException(string() + "Filesystem uses " + config.Cipher() + " cipher and not " + *_cipherFromCommandLine + " as specified.", ErrorCode::WrongCipher);
  }
}

void CryConfigLoader::_checkMissingBlocksAreIntegrityViolations(CryConfigFile *configFile, uint32_t myClientId) {
  if (_missingBlockIsIntegrityViolationFromCommandLine == optional<bool>(true) && configFile->config()->ExclusiveClientId() == none) {
    throw CryfsException("You specified on the command line to treat missing blocks as integrity violations, but the file system is not setup to do that.", ErrorCode::FilesystemHasDifferentIntegritySetup);
  }
  if (_missingBlockIsIntegrityViolationFromCommandLine == optional<bool>(false) && configFile->config()->ExclusiveClientId() != none) {
    throw CryfsException("You specified on the command line to not treat missing blocks as integrity violations, but the file system is setup to do that.", ErrorCode::FilesystemHasDifferentIntegritySetup);
  }

  // If the file system is set up to treat missing blocks as integrity violations, but we're accessing from a different client, ask whether they want to disable the feature.
  auto exclusiveClientId = configFile->config()->ExclusiveClientId();
  if (exclusiveClientId != none && *exclusiveClientId != myClientId) {
    if (!_console->askYesNo("\nThis filesystem is setup to treat missing blocks as integrity violations and therefore only works in single-client mode. You are trying to access it from a different client.\nDo you want to disable this integrity feature and stop treating missing blocks as integrity violations?\nChoosing yes will not affect the confidentiality of your data, but in future you might not notice if an attacker deletes one of your files.", false)) {
      throw CryfsException("File system is in single-client mode and can only be used from the client that created it.", ErrorCode::SingleClientFileSystem);
    }
    configFile->config()->SetExclusiveClientId(none);
    configFile->save();
  }
}

optional<CryConfigLoader::ConfigLoadResult> CryConfigLoader::loadOrCreate(bf::path filename, bool allowFilesystemUpgrade, bool allowReplacedFilesystem) {
  if (bf::exists(filename)) {
    return _loadConfig(std::move(filename), allowFilesystemUpgrade, allowReplacedFilesystem);
  } else {
    return _createConfig(std::move(filename), allowReplacedFilesystem);
  }
}

CryConfigLoader::ConfigLoadResult CryConfigLoader::_createConfig(bf::path filename, bool allowReplacedFilesystem) {
  auto config = _creator.create(_cipherFromCommandLine, _blocksizeBytesFromCommandLine, _missingBlockIsIntegrityViolationFromCommandLine, allowReplacedFilesystem);
  //TODO Ask confirmation if using insecure password (<8 characters)
  string password = _askPasswordForNewFilesystem();
  std::cout << "Creating config file (this can take some time)..." << std::flush;
  auto result = CryConfigFile::create(std::move(filename), std::move(config.config), password, _scryptSettings);
  std::cout << "done" << std::endl;
  return ConfigLoadResult {std::move(result), config.myClientId};
}


}
Refactored creation of new config files - this happens in a CryConfigLoader now 2015-06-16 18:20:31 +02:00			`#include "CryConfigLoader.h"`
Refactor config file handling 2015-10-19 02:46:47 +02:00			`#include "CryConfigFile.h"`
Refactored creation of new config files - this happens in a CryConfigLoader now 2015-06-16 18:20:31 +02:00			`#include <boost/filesystem.hpp>`
Merge all git repositories into one 2016-02-11 16:39:42 +01:00			`#include <cpp-utils/random/Random.h>`
			`#include <cpp-utils/logging/logging.h>`
Adding the file access times makes CryFS 0.9 incompatible with earlier versions. This commit adds a warning telling the user when they try to mount an old file system. 2016-02-09 10:55:28 +01:00			`#include <boost/algorithm/string/predicate.hpp>`
Switch to new git version number recognition 2016-03-02 13:53:37 +01:00			`#include <gitversion/gitversion.h>`
Since 0.9.3-alpha set the config value cryfs.blocksizeBytes wrongly to 32768 (but didn't use the value), we have to add a workaround. 2016-03-26 16:53:08 +01:00			`#include <gitversion/VersionCompare.h>`
MyClientId is generated outside of CryDevice to give the CryConfigCreator access to it. 2016-06-27 01:53:10 +02:00			`#include "../localstate/LocalStateDir.h"`
Use local state file instead of myClientId file 2017-09-23 21:17:05 +02:00			`#include "../localstate/LocalStateMetadata.h"`
When CryFS fails to load a file system, the process stops with a helpful error code, which can be used by GUI tools to show detailed messages. 2018-02-02 01:08:01 +01:00			`#include "../CryfsException.h"`
Refactored creation of new config files - this happens in a CryConfigLoader now 2015-06-16 18:20:31 +02:00
			`namespace bf = boost::filesystem;`
Refactor directory structure 2015-09-12 20:16:13 +02:00			`using cpputils::Console;`
Config file is AES256_GCM encrypted, the config file key is generated with scrypt 2015-10-24 19:35:37 +02:00			`using cpputils::RandomGenerator;`
Make test cases faster by using SCrypt::TestSettings 2015-11-04 05:27:00 +01:00			`using cpputils::SCryptSettings;`
More use of unique_ref instead of unique_ptr 2015-06-18 13:45:08 +02:00			`using boost::optional;`
			`using boost::none;`
Refactor CryConfigCreator (factor out CryConfigConsole). This is preparation for adding a 'use default config' question. 2016-01-17 14:57:40 +01:00			`using std::shared_ptr;`
CryConfigLoader asks for cipher to use when creating a new config 2015-07-01 14:33:18 +02:00			`using std::string;`
Config file is AES256_GCM encrypted, the config file key is generated with scrypt 2015-10-24 19:35:37 +02:00			`using std::function;`
Make test cases faster by using SCrypt::TestSettings 2015-11-04 05:27:00 +01:00			`using std::shared_ptr;`
Since 0.9.3-alpha set the config value cryfs.blocksizeBytes wrongly to 32768 (but didn't use the value), we have to add a workaround. 2016-03-26 16:53:08 +01:00			`using gitversion::VersionCompare;`
Refactor CryConfigEncryptor: Store instance instead of static 2015-10-26 16:36:57 +01:00			`using namespace cpputils::logging;`
Refactored creation of new config files - this happens in a CryConfigLoader now 2015-06-16 18:20:31 +02:00
			`namespace cryfs {`

Add environment variable to specify local storage directory 2018-04-22 07:04:21 +02:00			`CryConfigLoader::CryConfigLoader(shared_ptr<Console> console, RandomGenerator &keyGenerator, LocalStateDir localStateDir, const SCryptSettings &scryptSettings, function<string()> askPasswordForExistingFilesystem, function<string()> askPasswordForNewFilesystem, const optional<string> &cipherFromCommandLine, const boost::optional<uint32_t> &blocksizeBytesFromCommandLine, const boost::optional<bool> &missingBlockIsIntegrityViolationFromCommandLine)`
			`: _console(console), _creator(std::move(console), keyGenerator, localStateDir), _scryptSettings(scryptSettings),`
When creating a new filesystem, ask password twice (second time for confirmation) 2015-11-19 10:08:09 +01:00			`_askPasswordForExistingFilesystem(askPasswordForExistingFilesystem), _askPasswordForNewFilesystem(askPasswordForNewFilesystem),`
When creating a file system, the user can choose whether to choose missing blocks as integrity violations. 2016-06-27 08:24:32 +02:00			`_cipherFromCommandLine(cipherFromCommandLine), _blocksizeBytesFromCommandLine(blocksizeBytesFromCommandLine),`
Add environment variable to specify local storage directory 2018-04-22 07:04:21 +02:00			`_missingBlockIsIntegrityViolationFromCommandLine(missingBlockIsIntegrityViolationFromCommandLine),`
			`_localStateDir(std::move(localStateDir)) {`
Config file is AES256_GCM encrypted, the config file key is generated with scrypt 2015-10-24 19:35:37 +02:00			`}`
Test cases don't need user interaction anymore 2015-07-26 13:09:55 +02:00
Add --allow-replaced-filesystem option to disable filesystem id checks 2018-02-03 17:33:59 +01:00			`optional<CryConfigLoader::ConfigLoadResult> CryConfigLoader::_loadConfig(bf::path filename, bool allowFilesystemUpgrade, bool allowReplacedFilesystem) {`
When creating a new filesystem, ask password twice (second time for confirmation) 2015-11-19 10:08:09 +01:00			`string password = _askPasswordForExistingFilesystem();`
Increase scrypt KDF effort for generating the config file key from the password 2016-02-16 20:35:51 +01:00			`std::cout << "Loading config file (this can take some time)..." << std::flush;`
Optimize std::move use 2017-10-01 10:04:29 +02:00			`auto config = CryConfigFile::load(std::move(filename), password);`
Config file is AES256_GCM encrypted, the config file key is generated with scrypt 2015-10-24 19:35:37 +02:00			`if (config == none) {`
Refactor CryConfigEncryptor: Store instance instead of static 2015-10-26 16:36:57 +01:00			`return none;`
Refactored creation of new config files - this happens in a CryConfigLoader now 2015-06-16 18:20:31 +02:00			`}`
When creating a new filesystem, ask password twice (second time for confirmation) 2015-11-19 10:08:09 +01:00			`std::cout << "done" << std::endl;`
Only migrate file system if storage format changed 2018-02-03 18:08:03 +01:00			`#ifndef CRYFS_NO_COMPATIBILITY`
			`//Since 0.9.7 and 0.9.8 set their own version to cryfs.version instead of the filesystem format version (which is 0.9.6), overwrite it`
			`if (config->config()->Version() == "0.9.7" \|\| config->config()->Version() == "0.9.8") {`
			`config->config()->SetVersion("0.9.6");`
			`}`
			`#endif`
Add --allow-filesystem-upgrade option which will upgrade old file systems without asking the user. This will be especially helpful for GUI tools. 2018-02-01 11:04:59 +01:00			`_checkVersion(*config->config(), allowFilesystemUpgrade);`
Since 0.9.3-alpha set the config value cryfs.blocksizeBytes wrongly to 32768 (but didn't use the value), we have to add a workaround. 2016-03-26 16:53:08 +01:00			`#ifndef CRYFS_NO_COMPATIBILITY`
			`//Since 0.9.3-alpha set the config value cryfs.blocksizeBytes wrongly to 32768 (but didn't use the value), we have to fix this here.`
			`if (config->config()->Version() != "0+unknown" && VersionCompare::isOlderThan(config->config()->Version(), "0.9.3-rc1")) {`
			`config->config()->SetBlocksizeBytes(32832);`
			`}`
			`#endif`
Only migrate file system if storage format changed 2018-02-03 18:08:03 +01:00			`if (config->config()->Version() != CryConfig::FilesystemFormatVersion) {`
			`config->config()->SetVersion(CryConfig::FilesystemFormatVersion);`
			`config->save();`
			`}`
			`if (config->config()->LastOpenedWithVersion() != gitversion::VersionString()) {`
			`config->config()->SetLastOpenedWithVersion(gitversion::VersionString());`
- The version field in the config file is updated when the file system is opened with a newer CryFS version (i.e. it is migrated to the newer version). - We introduced a CreatedWithVersion field instead which gets the semantics the version field had before (i.e. which version of CryFS was the file system originally created with) - Move VersionCompare to gitversion package 2016-03-26 17:09:07 +01:00			`config->save();`
			`}`
Adding the file access times makes CryFS 0.9 incompatible with earlier versions. This commit adds a warning telling the user when they try to mount an old file system. 2016-02-09 10:55:28 +01:00			`_checkCipher(*config->config());`
Add environment variable to specify local storage directory 2018-04-22 07:04:21 +02:00			`auto localState = LocalStateMetadata::loadOrGenerate(_localStateDir.forFilesystemId(config->config()->FilesystemId()), cpputils::Data::FromString(config->config()->EncryptionKey()), allowReplacedFilesystem);`
Use local state file instead of myClientId file 2017-09-23 21:17:05 +02:00			`uint32_t myClientId = localState.myClientId();`
When creating a file system, the user can choose whether to choose missing blocks as integrity violations. 2016-06-27 08:24:32 +02:00			`_checkMissingBlocksAreIntegrityViolations(&*config, myClientId);`
MyClientId is generated outside of CryDevice to give the CryConfigCreator access to it. 2016-06-27 01:53:10 +02:00			`return ConfigLoadResult {std::move(*config), myClientId};`
Config file is AES256_GCM encrypted, the config file key is generated with scrypt 2015-10-24 19:35:37 +02:00			`}`

Add --allow-filesystem-upgrade option which will upgrade old file systems without asking the user. This will be especially helpful for GUI tools. 2018-02-01 11:04:59 +01:00			`void CryConfigLoader::_checkVersion(const CryConfig &config, bool allowFilesystemUpgrade) {`
Only migrate file system if storage format changed 2018-02-03 18:08:03 +01:00			`if (gitversion::VersionCompare::isOlderThan(CryConfig::FilesystemFormatVersion, config.Version())) {`
			`if (!_console->askYesNo("This filesystem is for CryFS " + config.Version() + " or later and should not be opened with older versions. It is strongly recommended to update your CryFS version. However, if you have backed up your base directory and know what you're doing, you can continue trying to load it. Do you want to continue?", false)) {`
			`throw CryfsException("This filesystem is for CryFS " + config.Version() + " or later. Please update your CryFS version.", ErrorCode::TooNewFilesystemFormat);`
Allow loading file systems from future cryfs versions if user specifically asks for it 2016-06-07 00:31:09 +02:00			`}`
Ask before migrating an old CryFS file system to a new version. 2016-05-04 05:34:30 +02:00			`}`
Only migrate file system if storage format changed 2018-02-03 18:08:03 +01:00			`if (!allowFilesystemUpgrade && gitversion::VersionCompare::isOlderThan(config.Version(), CryConfig::FilesystemFormatVersion)) {`
			`if (!_console->askYesNo("This filesystem is for CryFS " + config.Version() + " (or a later version with the same storage format). You're running a CryFS version using storage format " + CryConfig::FilesystemFormatVersion + ". It can be migrated, but afterwards couldn't be opened anymore with older versions. Do you want to migrate it?", false)) {`
			`throw CryfsException("This filesystem is for CryFS " + config.Version() + " (or a later version with the same storage format). It has to be migrated.", ErrorCode::TooOldFilesystemFormat);`
Ask before migrating an old CryFS file system to a new version. 2016-05-04 05:34:30 +02:00			`}`
Prevent opening file systems that were created with newer versions of CryFS 2016-04-29 21:46:14 +02:00			`}`
Adding the file access times makes CryFS 0.9 incompatible with earlier versions. This commit adds a warning telling the user when they try to mount an old file system. 2016-02-09 10:55:28 +01:00			`}`

			`void CryConfigLoader::_checkCipher(const CryConfig &config) const {`
			`if (_cipherFromCommandLine != none && config.Cipher() != *_cipherFromCommandLine) {`
When CryFS fails to load a file system, the process stops with a helpful error code, which can be used by GUI tools to show detailed messages. 2018-02-02 01:08:01 +01:00			`throw CryfsException(string() + "Filesystem uses " + config.Cipher() + " cipher and not " + *_cipherFromCommandLine + " as specified.", ErrorCode::WrongCipher);`
Adding the file access times makes CryFS 0.9 incompatible with earlier versions. This commit adds a warning telling the user when they try to mount an old file system. 2016-02-09 10:55:28 +01:00			`}`
			`}`

When creating a file system, the user can choose whether to choose missing blocks as integrity violations. 2016-06-27 08:24:32 +02:00			`void CryConfigLoader::_checkMissingBlocksAreIntegrityViolations(CryConfigFile *configFile, uint32_t myClientId) {`
			`if (_missingBlockIsIntegrityViolationFromCommandLine == optional<bool>(true) && configFile->config()->ExclusiveClientId() == none) {`
Exit codes for integrity errors 2018-02-02 03:09:28 +01:00			`throw CryfsException("You specified on the command line to treat missing blocks as integrity violations, but the file system is not setup to do that.", ErrorCode::FilesystemHasDifferentIntegritySetup);`
When creating a file system, the user can choose whether to choose missing blocks as integrity violations. 2016-06-27 08:24:32 +02:00			`}`
			`if (_missingBlockIsIntegrityViolationFromCommandLine == optional<bool>(false) && configFile->config()->ExclusiveClientId() != none) {`
Exit codes for integrity errors 2018-02-02 03:09:28 +01:00			`throw CryfsException("You specified on the command line to not treat missing blocks as integrity violations, but the file system is setup to do that.", ErrorCode::FilesystemHasDifferentIntegritySetup);`
When creating a file system, the user can choose whether to choose missing blocks as integrity violations. 2016-06-27 08:24:32 +02:00			`}`

			`// If the file system is set up to treat missing blocks as integrity violations, but we're accessing from a different client, ask whether they want to disable the feature.`
			`auto exclusiveClientId = configFile->config()->ExclusiveClientId();`
			`if (exclusiveClientId != none && *exclusiveClientId != myClientId) {`
Merge from develop 2016-09-24 20:43:54 +02:00			`if (!_console->askYesNo("\nThis filesystem is setup to treat missing blocks as integrity violations and therefore only works in single-client mode. You are trying to access it from a different client.\nDo you want to disable this integrity feature and stop treating missing blocks as integrity violations?\nChoosing yes will not affect the confidentiality of your data, but in future you might not notice if an attacker deletes one of your files.", false)) {`
Exit codes for integrity errors 2018-02-02 03:09:28 +01:00			`throw CryfsException("File system is in single-client mode and can only be used from the client that created it.", ErrorCode::SingleClientFileSystem);`
When creating a file system, the user can choose whether to choose missing blocks as integrity violations. 2016-06-27 08:24:32 +02:00			`}`
			`configFile->config()->SetExclusiveClientId(none);`
			`configFile->save();`
			`}`
			`}`

Add --allow-replaced-filesystem option to disable filesystem id checks 2018-02-03 17:33:59 +01:00			`optional<CryConfigLoader::ConfigLoadResult> CryConfigLoader::loadOrCreate(bf::path filename, bool allowFilesystemUpgrade, bool allowReplacedFilesystem) {`
Make test cases faster by using SCrypt::TestSettings 2015-11-04 05:27:00 +01:00			`if (bf::exists(filename)) {`
Add --allow-replaced-filesystem option to disable filesystem id checks 2018-02-03 17:33:59 +01:00			`return _loadConfig(std::move(filename), allowFilesystemUpgrade, allowReplacedFilesystem);`
Make test cases faster by using SCrypt::TestSettings 2015-11-04 05:27:00 +01:00			`} else {`
Add --allow-replaced-filesystem option to disable filesystem id checks 2018-02-03 17:33:59 +01:00			`return _createConfig(std::move(filename), allowReplacedFilesystem);`
Make test cases faster by using SCrypt::TestSettings 2015-11-04 05:27:00 +01:00			`}`
			`}`

Add --allow-replaced-filesystem option to disable filesystem id checks 2018-02-03 17:33:59 +01:00			`CryConfigLoader::ConfigLoadResult CryConfigLoader::_createConfig(bf::path filename, bool allowReplacedFilesystem) {`
			`auto config = _creator.create(_cipherFromCommandLine, _blocksizeBytesFromCommandLine, _missingBlockIsIntegrityViolationFromCommandLine, allowReplacedFilesystem);`
Make test cases faster by using SCrypt::TestSettings 2015-11-04 05:27:00 +01:00			`//TODO Ask confirmation if using insecure password (<8 characters)`
When creating a new filesystem, ask password twice (second time for confirmation) 2015-11-19 10:08:09 +01:00			`string password = _askPasswordForNewFilesystem();`
Increase scrypt KDF effort for generating the config file key from the password 2016-02-16 20:35:51 +01:00			`std::cout << "Creating config file (this can take some time)..." << std::flush;`
Optimize std::move use 2017-10-01 10:04:29 +02:00			`auto result = CryConfigFile::create(std::move(filename), std::move(config.config), password, _scryptSettings);`
When creating a new filesystem, ask password twice (second time for confirmation) 2015-11-19 10:08:09 +01:00			`std::cout << "done" << std::endl;`
MyClientId is generated outside of CryDevice to give the CryConfigCreator access to it. 2016-06-27 01:53:10 +02:00			`return ConfigLoadResult {std::move(result), config.myClientId};`
Make test cases faster by using SCrypt::TestSettings 2015-11-04 05:27:00 +01:00			`}`


Refactored creation of new config files - this happens in a CryConfigLoader now 2015-06-16 18:20:31 +02:00			`}`