hardcoresushi/libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

README: add beta badge and update text

Browse Source 
Also, improve the help text.
This commit is contained in:
Jakob Unterwurzacher 2015-11-14 19:10:52 +01:00
parent d69e0df668
commit 6736212b29
2 changed files with 48 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
README.md
View File

@ -13,14 +13,30 @@ For details on the security of gocryptfs see the
Current Status Current Status
-------------- --------------
* Feature-complete and working
* Passes the fuse-xfstests "generic" tests with one exception, results: [XFSTESTS.md](XFSTESTS.md) Beta. You are advised to keep a backup of your data outside of gocryptfs, in
* A lot of work has gone into this. The testing has found bugs in gocryptfs addition to storing the *master key* in a safe place (the master key is printed
when mounting).
That said, I am dogfooding on gocryptfs for some time now. In fact, all gocryptfs
development happens inside a mounted gocryptfs filesystem, with no issues so far.
Only Linux is supported at the moment. Help wanted for a Mac OS X port.
Testing
-------
gocryptfs comes with is own test suite, run it using `./test.bash`.
In addition, i have ported `xfstests` to FUSE, the result is the
[fuse-xfstests](https://github.com/rfjakob/fuse-xfstests) project. gocryptfs
passes the "generic" tests with one exception, results: [XFSTESTS.md](XFSTESTS.md)
A lot of work has gone into this. The testing has found bugs in gocryptfs
as well as in go-fuse. as well as in go-fuse.
* The one exception is generic/035. This is a limitation in go-fuse,
check out https://github.com/hanwen/go-fuse/issues/55 for details. The one exception is generic/035, see [go-fuse issue 55](https://github.com/hanwen/go-fuse/issues/55)
* However, gocryptfs needs more real-world testing - please report any issues via github. for details. While this is a POSIX violation, I do not see any real-world impact.
* Only Linux operation has been tested. Help wanted for Mac OS X verification.
Install Install
------- -------
@ -44,7 +60,9 @@ Quickstart:
-rw-rw-r--. 1 user user 233 7. Okt 23:23 gocryptfs.conf -rw-rw-r--. 1 user user 233 7. Okt 23:23 gocryptfs.conf
$ fusermount -u plain $ fusermount -u plain
See [MANPAGE.md](MANPAGE.md) for a description of available options. See [MANPAGE.md](MANPAGE.md) for a description of available options. If you already
have gocryptfs installed, run `./MANPAGE-render.bash` to bring up the rendered manpage in
the pager (requires pandoc).
Storage Overhead Storage Overhead
---------------- ----------------
@ -56,27 +74,33 @@ Storage Overhead
Performance Performance
----------- -----------
* uses openssl through [spacemonkeygo/openssl](https://github.com/spacemonkeygo/openssl) gocryptfs uses openssl through
for a 3x speedup compared to `crypto/cipher` (see [go-vs-openssl.md](openssl_benchmark/go-vs-openssl.md) for details [spacemonkeygo/openssl](https://github.com/spacemonkeygo/openssl)
for a 3x speedup compared to Go's builtin AES-GCM implementation (see
[go-vs-openssl.md](openssl_benchmark/go-vs-openssl.md) for details).
Run `./benchmark.bash` to run the test suite and the streaming read/write Run `./benchmark.bash` to run the benchmarks.
benchmark. The benchmark is run twice, first with native Go crypto and
second using openssl.
The output should look like this: The output should look like this:
$ ./benchmark.bash ./benchmark.bash
[...] gocryptfs v0.3.1-30-gd69e0df-dirty; on-disk format 2
BenchmarkStreamWrite 100 11816665 ns/op 88.74 MB/s PASS
BenchmarkStreamRead 200 7848155 ns/op 133.61 MB/s BenchmarkStreamWrite-2 100 12246070 ns/op 85.63 MB/s
ok github.com/rfjakob/gocryptfs 9.407s BenchmarkStreamRead-2 200 9125990 ns/op 114.90 MB/s
BenchmarkCreate0B-2 10000 101284 ns/op
BenchmarkCreate1B-2 10000 178356 ns/op 0.01 MB/s
BenchmarkCreate100B-2 5000 361014 ns/op 0.28 MB/s
BenchmarkCreate4kB-2 5000 375035 ns/op 10.92 MB/s
BenchmarkCreate10kB-2 3000 491071 ns/op 20.85 MB/s
ok github.com/rfjakob/gocryptfs/integration_tests 17.216s
Changelog Changelog
--------- ---------
v0.4 (in progress) v0.4 (in progress)
* Add `--plaintextnames` command line option * Add `-plaintextnames` command line option
* Can only be used in conjunction with `--init` and disables filename encryption * Can only be used in conjunction with `-init` and disables filename encryption
(added on user request) (added on user request)
* Add `FeatureFlags` config file paramter * Add `FeatureFlags` config file paramter
* This is a config format change, hence the on-disk format is incremented * This is a config format change, hence the on-disk format is incremented

4
main.go
View File

@ -58,7 +58,8 @@ func initDir(dirArg string, plaintextNames bool) {
} }
func usageText() { func usageText() {
fmt.Fprintf(os.Stderr, "Usage: %s [OPTIONS] CIPHERDIR MOUNTPOINT\n", PROGRAM_NAME) fmt.Fprintf(os.Stderr, "Usage: %s -init [OPTIONS] CIPHERDIR\n", PROGRAM_NAME)
fmt.Fprintf(os.Stderr, " %s [OPTIONS] CIPHERDIR MOUNTPOINT\n", PROGRAM_NAME)
fmt.Fprintf(os.Stderr, "\nOptions:\n") fmt.Fprintf(os.Stderr, "\nOptions:\n")
flagSet.PrintDefaults() flagSet.PrintDefaults()
} }
@ -95,6 +96,7 @@ func main() {
flagSet.IntVar(&args.notifypid, "notifypid", 0, "Send USR1 to the specified process after "+ flagSet.IntVar(&args.notifypid, "notifypid", 0, "Send USR1 to the specified process after "+
"successful mount - used internally for daemonization") "successful mount - used internally for daemonization")
flagSet.Parse(os.Args[1:]) flagSet.Parse(os.Args[1:])
if args.version { if args.version {
fmt.Printf("%s %s; on-disk format %d\n", PROGRAM_NAME, GitVersion, cryptfs.HEADER_CURRENT_VERSION) fmt.Printf("%s %s; on-disk format %d\n", PROGRAM_NAME, GitVersion, cryptfs.HEADER_CURRENT_VERSION)
os.Exit(0) os.Exit(0)