Commit Graph

352 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
353d29b502 Update manpage with -diriv and -scryptn 2015-12-04 22:41:14 +01:00
Jakob Unterwurzacher
018d047ab2 Show base64 encoding in filename encryption svg 2015-12-04 22:26:50 +01:00
Jakob Unterwurzacher
a6971ade94 svg: add colored annotations
Also, show the IV in the master key decryption process
2015-12-02 09:03:37 +01:00
Jakob Unterwurzacher
026ab56de4 Cut down the text in SECURITY.md, add graphs 2015-12-01 23:06:56 +01:00
Jakob Unterwurzacher
6515c8d42c Add svgs explaining the encryption steps 2015-12-01 22:54:40 +01:00
Jakob Unterwurzacher
2734dc81e5 Make sure MANPAGE-render.bash works when called from outside Documentation 2015-12-01 21:04:58 +01:00
Jakob Unterwurzacher
accf8144ca Move docs to Documentation folder 2015-12-01 18:19:24 +01:00
Jakob Unterwurzacher
cbb18380be Update README and SECURITY documents 2015-11-29 22:36:25 +01:00
Jakob Unterwurzacher
ce42a6f23d Run go fmt 2015-11-29 21:55:20 +01:00
Jakob Unterwurzacher
20b058a333 Add single-element cache for DirIV lookup
Another 3x performance boost for applications that walk the
directory tree.

Excerpt from performance.txt:

VERSION         UNTAR    LS     RM
v0.4               48     1.5    5
v0.5-rc1           56     7     19
v0.5-rc1-1         54     4.1    9
v0.5-rc1-2         45     1.7	 3.4  <---- THIS VERSION
2015-11-29 21:41:38 +01:00
Jakob Unterwurzacher
1d0a442405 OpenDir performance: Read DirIV once and reuse it for all names
Formerly, we called decryptPath for every name.
That resulted in a directory walk that reads in all diriv files
on the way.

Massive improvement for RM and LS (check performance.txt for details)

VERSION         UNTAR   RM   LS
v0.4               48    5    1.5
v0.5-rc1           56   19    7
v0.5-rc1-1         54    9    4.1   <---- THIS VERSION
2015-11-29 20:03:37 +01:00
Jakob Unterwurzacher
6f764b3867 Handle all operations except mounting without forking a child
This saves 170ms for each start (why do we take 170ms to start up?)
and cuts down test time by 2 seconds.
2015-11-29 19:09:12 +01:00
Jakob Unterwurzacher
bb116282b7 Add "-scryptn" option that sets the cost parameter for scrypt
Use that option to speed up the automated tests by 7 seconds.

Before:
	ok  	github.com/rfjakob/gocryptfs/integration_tests	26.667s
After:
	ok  	github.com/rfjakob/gocryptfs/integration_tests	19.534s
2015-11-29 18:53:40 +01:00
Jakob Unterwurzacher
71bfa1f0fb tests: add scrypt benchmark
Times the impact of the parameter "N" to scrypt.

Results on a 2.7GHz Pentium G630:

gocryptfs/cryptfs$ go test -bench=.
PASS
BenchmarkScrypt10-2	     300	   6021435 ns/op ... 6ms
BenchmarkScrypt11-2	     100	  11861460 ns/op
BenchmarkScrypt12-2	     100	  23420822 ns/op
BenchmarkScrypt13-2	      30	  47666518 ns/op
BenchmarkScrypt14-2	      20	  92561590 ns/op ... 92ms
BenchmarkScrypt15-2	      10	 183971593 ns/op
BenchmarkScrypt16-2	       3	 368506365 ns/op
BenchmarkScrypt17-2	       2	 755502608 ns/op ... 755ms
ok  	github.com/rfjakob/gocryptfs/cryptfs	18.772s
2015-11-29 14:50:02 +01:00
Jakob Unterwurzacher
eb38a36114 tests: add v0.5 example filesystem (with DirIV!) 2015-11-28 20:31:01 +01:00
Jakob Unterwurzacher
8766ab5472 tests: verify that symlinks work 2015-11-28 20:21:06 +01:00
Jakob Unterwurzacher
1fb349e97b diriv: also support old CBC symlink 2015-11-28 18:39:45 +01:00
Jakob Unterwurzacher
01141f8b5e diriv: fix Symlink() and Readlink()
Both were missing adaptions for diriv usage resulting in broken
functionality
2015-11-28 18:39:45 +01:00
Jakob Unterwurzacher
3b2143bafc diriv: fix readdir
It decrypted all file names using the root directory iv
2015-11-28 18:39:45 +01:00
Jakob Unterwurzacher
fe7355f9ee diriv: use "DirIV" flag to discern and support mounting old filesystems 2015-11-28 18:38:06 +01:00
Jakob Unterwurzacher
b3d96b6a20 main: pass args struct instead of having a huge function call 2015-11-27 22:30:38 +01:00
Jakob Unterwurzacher
a04a92cdab Run go fmt 2015-11-27 22:20:01 +01:00
Jakob Unterwurzacher
6acd772cf9 diriv: Define "DirIV" feature flag
(unused so far)
2015-11-27 22:18:36 +01:00
Jakob Unterwurzacher
798e5eb5e7 tests: create all-zero gocryptfs.diriv in resetTmpDir()
Tests were failing because this file was missing
2015-11-27 21:51:40 +01:00
Jakob Unterwurzacher
bdd9249a52 diriv: Move WriteDirIV() to cryptfs; add locking to Mkdir, Rmdir 2015-11-27 21:48:58 +01:00
Jakob Unterwurzacher
decfc1ab79 diriv: Convert filename encryption users to diriv 2015-11-27 00:03:10 +01:00
Jakob Unterwurzacher
fe2fcf6c16 diriv: Transactionally delete gocryptfs.diriv in Rmdir 2015-11-25 22:17:42 +01:00
Jakob Unterwurzacher
b5bf59a31d tests: check Mkdir and Rmdir 2015-11-25 22:08:07 +01:00
Jakob Unterwurzacher
4d466c3412 diriv: Create gocryptfs.diriv in every directory 2015-11-25 20:57:16 +01:00
Jakob Unterwurzacher
d8bf6e7836 Tighten file permissions on gocryptfs.conf
This file should only be readable by the owner and never be written to.
2015-11-25 20:57:16 +01:00
Jakob Unterwurzacher
df46548be6 Print newline after gocryptfs.conf not found error 2015-11-25 20:57:16 +01:00
Jakob Unterwurzacher
dce0564f2a Add drone.io CI config 2015-11-22 21:07:38 +01:00
Jakob Unterwurzacher
8f069eabe4 README: link to use .../tags instead of ../releases
Using github "release" function means that the changelog is buried in the
github webinterface. The changelog is now instead included in README.md.
2015-11-15 16:10:45 +01:00
Jakob Unterwurzacher
2efd25eefe Update README for v0.4
Also, add short comments to the top of main_test.go and
performance_test.go.
2015-11-15 16:06:19 +01:00
Jakob Unterwurzacher
40882c6e49 tests: add example_filesystems, test password and -masterkey mount 2015-11-15 15:05:15 +01:00
Jakob Unterwurzacher
296bdf3af2 CipherSizeToPlainSize: Handle illegal states
A file never gets a cipherSize <= HEADER_LEN in normal operation.
However, this can happen if header write it interrupted or the
underlying filesystem does not support fallocate.

Noticed while trying to store a CIPHERDIR in another gocryptfs mount
(gocryptfs does not support fallocate)
2015-11-15 14:15:21 +01:00
Jakob Unterwurzacher
09499be6e9 Move "Debug output enabled" after forkChild() to remove duplicate output 2015-11-15 13:56:01 +01:00
Jakob Unterwurzacher
7a2ab0b233 tests: add tests for "-config" option 2015-11-15 13:48:30 +01:00
Jakob Unterwurzacher
d95fc2333a Add "-extpass" cli option and associated tests 2015-11-15 13:42:04 +01:00
Jakob Unterwurzacher
066c2c90eb MANPAGE: add "-config" flag
Also, "-plaintextnames" can be used with -zerokey.
Fix the incorrect description.
2015-11-14 21:31:39 +01:00
Jakob Unterwurzacher
58592330dc Refactor cli argument handling
Also, add the "-config" option for storing gocryptfs.conf
outside of CIPHERDIR.
2015-11-14 21:25:10 +01:00
Jakob Unterwurzacher
6736212b29 README: add beta badge and update text
Also, improve the help text.
2015-11-14 19:15:51 +01:00
Jakob Unterwurzacher
d69e0df668 README: add beta badge 2015-11-14 18:32:03 +01:00
Jakob Unterwurzacher
b06c1ebfc4 Revert "Travis CI: build using build.bash"
Build fails, see https://github.com/hanwen/go-fuse/pull/72 for details

This reverts commit 4637098b20.
2015-11-14 18:27:06 +01:00
Jakob Unterwurzacher
4637098b20 Travis CI: build using build.bash 2015-11-14 17:25:04 +01:00
Jakob Unterwurzacher
61aacb5c1b Run go fmt and go vet 2015-11-14 17:16:17 +01:00
Jakob Unterwurzacher
f9c21e91aa tests: Add file create benchmarks for different sizes
Example output on my machine:

~/src/github.com/rfjakob/gocryptfs$ ./benchmark.bash
gocryptfs v0.3.1-25-g2e33888-dirty; on-disk format 2
PASS
BenchmarkStreamWrite-2	     100	  12189867 ns/op	  86.02 MB/s
BenchmarkStreamRead-2 	     200	   9113262 ns/op	 115.06 MB/s
BenchmarkCreate0B-2   	   10000	    100249 ns/op
BenchmarkCreate1B-2   	   10000	    177680 ns/op	   0.01 MB/s
BenchmarkCreate100B-2 	    3000	    431586 ns/op	   0.23 MB/s
BenchmarkCreate4kB-2  	    3000	    455204 ns/op	   9.00 MB/s
BenchmarkCreate10kB-2 	    3000	    594044 ns/op	  17.24 MB/s
ok  	github.com/rfjakob/gocryptfs/integration_tests	15.176s
2015-11-14 16:49:59 +01:00
Jakob Unterwurzacher
2e3388800d tests: replace linux kernel untar test with synthetic small file creation 2015-11-12 21:18:18 +01:00
Jakob Unterwurzacher
3664320fe5 tests: move integration tests to separate directory
Also, use new "-defaultonly" flag for benchmarks
(only tests with openssl=true plaintextnames=false)
2015-11-12 21:02:44 +01:00
Jakob Unterwurzacher
ad41cdae11 README: Add link to MANPAGE 2015-11-11 09:21:32 +01:00