hardcoresushi/libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity
530 Commits 2 Branches 0 Tags 6 MiB
3c2c3453ad
Commit Graph

530 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jakob Unterwurzacher
e7c25b482e Update test.bash to call build.bash 
This makes sure the version number is baked into the binary that is
built
 2015-11-01 15:22:53 +01:00
Jakob Unterwurzacher
c272e3042f Fix daemonization regression 
Commit af923d2d16 broke daemonization.
Revert the change but get rid of the warning message when running
in the foreground.
 2015-11-01 15:21:34 +01:00
Jakob Unterwurzacher
2394d644e8 Update package.bash to call build.bash 
This makes sure the version number is baked in
 2015-11-01 15:06:30 +01:00
Jakob Unterwurzacher
f761a9b98a README: Note used on-disk formats 2015-11-01 14:07:42 +01:00
Jakob Unterwurzacher
3f490d4d86 Bake version string into binary, add "--version" switch 
Example:

	./gocryptfs -version
	gocryptfs v0.2-20-gabcef9e-dirty; on-disk format 1

Note that you MUST compile using "./build.bash" for this to work.
 2015-11-01 14:04:29 +01:00
Jakob Unterwurzacher
af923d2d16 Automatically lazy-unmount when we get SIGINT or SIGTERM 
This hides the dangling "Transport endpoint is not connected"
mountpoint for everyone but processes that have file open inside
the mountpoint.
 2015-11-01 13:28:58 +01:00
Jakob Unterwurzacher
e31d319c39 Remove code detected by "deadcode" 
go get github.com/remyoudompheng/go-misc/deadcode
 2015-11-01 12:32:10 +01:00
Jakob Unterwurzacher
0a4aa4b427 README: Describe storage overhead 2015-11-01 12:14:59 +01:00
Jakob Unterwurzacher
902babdf22 Refactor ciphertext <-> plaintext offset translation functions 
Move all the intelligence into the new file address_translation.go.
That the calculations were spread out too much became apparent when adding
the file header. This should make the code much easier to modify in the
future.
 2015-11-01 12:11:36 +01:00
Jakob Unterwurzacher
14276c9632 Fix missing printf arguments discovered by "go vet" 2015-11-01 11:56:33 +01:00
Jakob Unterwurzacher
76311b60f2 Add file header (on-disk-format change) 
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]

Quoting SECURITY.md:

* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
 * This means the position of the blocks is protected as well. The blocks
   can not be reordered or copied between different files without
   causing an decryption error.
 2015-11-01 01:38:27 +01:00
Jakob Unterwurzacher
73fa8efdb2 tests: run unit tests before integration tests 2015-11-01 01:36:20 +01:00
Jakob Unterwurzacher
3e013e0d91 tests: introduce verifySize() for detailed error messages 2015-11-01 01:36:20 +01:00
Jakob Unterwurzacher
3f8b22d6ac tests: additionally verify the file size by reading the whole file 2015-11-01 01:36:19 +01:00
Jakob Unterwurzacher
b3ea1498cf tests: verify file size in testWriteN 2015-11-01 01:36:19 +01:00
Jakob Unterwurzacher
8b7c986bdf tests: Use /tmp/gocryptfs_main_test temporary directory 
Using "/tmp" meant that running the test would delete everything
there.
 2015-11-01 01:36:19 +01:00
Jakob Unterwurzacher
3e36851273 TestRmwRace: abort testing on write failures 
Continuing the test will just generate useless noise
 2015-11-01 01:36:19 +01:00
Jakob Unterwurzacher
eac1f54213 Activate block number authentication 2015-11-01 01:36:19 +01:00
Jakob Unterwurzacher
a5b907b42f Add rmw race test 2015-11-01 01:36:19 +01:00
rfjakob
f87ea8672a README: Add travis badge 2015-10-11 23:57:51 +02:00
Jakob Unterwurzacher
6a25fa6ef9 Add travis config file 2015-10-11 23:55:47 +02:00
rfjakob
9221560359 Fix link in XFSTESTS.md 2015-10-11 23:18:02 +02:00
Jakob Unterwurzacher
253bd33fde Add MIT LICENSE 2015-10-11 23:15:03 +02:00
Jakob Unterwurzacher
6341a26ac8 Update README 2015-10-11 19:45:03 +02:00
Jakob Unterwurzacher
242fcd0736 Run gofmt 2015-10-11 18:51:56 +02:00
Jakob Unterwurzacher
b00fc379c4 Fix helper scripts for new top-level path 2015-10-11 18:40:27 +02:00
Jakob Unterwurzacher
d1d444435c main: check directories for existence early 
This prevents that the user enters the password only to get an error
later.
 2015-10-11 18:33:28 +02:00
Jakob Unterwurzacher
a863a6569c Drop shell wrapper 2015-10-11 18:03:24 +02:00
Jakob Unterwurzacher
14115b061b Add native daemonization 2015-10-11 18:02:48 +02:00
Jakob Unterwurzacher
39183bea00 Rename sendSig to sendUsr1 
This matches waitForUsr1 in daemonize()
 2015-10-11 18:01:47 +02:00
Jakob Unterwurzacher
5dc7e44aa2 Move main files to top level dir 
This is in preparation of getting rid of the shell wrapper
 2015-10-11 17:14:18 +02:00
Jakob Unterwurzacher
6825d0e740 README: Remove dots notice 2015-10-10 18:34:09 +02:00
Jakob Unterwurzacher
a3e66ca154 Shell wrapper: Also search the binary in $GOPATH/bin 2015-10-08 00:02:55 +02:00
Jakob Unterwurzacher
7ac9d6af58 README: Mention that only Linux is tested 2015-10-07 23:50:19 +02:00
Jakob Unterwurzacher
d9b4f96598 Update README 2015-10-07 23:31:28 +02:00
Jakob Unterwurzacher
ed1df49af5 Run go fmt 2015-10-07 22:59:36 +02:00
Jakob Unterwurzacher
c4a66bc30d Add package.bash 2015-10-07 22:14:00 +02:00
Jakob Unterwurzacher
440abcbac6 Add test.bash 
...also adapt the cryptfs tests for 256 bit long keys
 2015-10-07 22:09:34 +02:00
Jakob Unterwurzacher
2f970e1aa6 Adapt openssl benchmark for 256 bit long keys 2015-10-07 22:05:32 +02:00
Jakob Unterwurzacher
878f64a5d7 Better usage text 2015-10-07 21:59:54 +02:00
Jakob Unterwurzacher
bef73c63b3 Move gocryptfs wrapper into the same folder as the binary 2015-10-07 21:49:38 +02:00
Jakob Unterwurzacher
65ba0739d5 Implement "gocryptfs --passwd" (pasword changing) 2015-10-07 21:26:17 +02:00
Jakob Unterwurzacher
03502861ce Reword help text 2015-10-06 23:28:20 +02:00
Jakob Unterwurzacher
31e14936be Split off SECURITY.md 2015-10-06 23:20:21 +02:00
Jakob Unterwurzacher
8ec16c165d Update README.md 2015-10-06 23:08:04 +02:00
Jakob Unterwurzacher
a3d286069f Use block number as authentication data 2015-10-06 22:27:37 +02:00
Jakob Unterwurzacher
45ea8aa546 Add "--masterkey=" parameter for recovery purposes 2015-10-06 21:16:39 +02:00
Jakob Unterwurzacher
5c6df49067 Switch to AES-256 
AES-256 seems to be becoming the industry standard. While AES-128 is
good enough for tens of years to come, let's follow suit and be extra
safe.
 2015-10-06 20:51:35 +02:00
Jakob Unterwurzacher
39ea272e23 Add "--openssl=false" command line option 
Also make main_test try both variants
 2015-10-06 20:24:52 +02:00
Jakob Unterwurzacher
c2bd208bbe Rewrite README.md (in progress) 2015-10-06 00:35:29 +02:00