Commit Graph

65 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
71bfa1f0fb tests: add scrypt benchmark
Times the impact of the parameter "N" to scrypt.

Results on a 2.7GHz Pentium G630:

gocryptfs/cryptfs$ go test -bench=.
PASS
BenchmarkScrypt10-2	     300	   6021435 ns/op ... 6ms
BenchmarkScrypt11-2	     100	  11861460 ns/op
BenchmarkScrypt12-2	     100	  23420822 ns/op
BenchmarkScrypt13-2	      30	  47666518 ns/op
BenchmarkScrypt14-2	      20	  92561590 ns/op ... 92ms
BenchmarkScrypt15-2	      10	 183971593 ns/op
BenchmarkScrypt16-2	       3	 368506365 ns/op
BenchmarkScrypt17-2	       2	 755502608 ns/op ... 755ms
ok  	github.com/rfjakob/gocryptfs/cryptfs	18.772s
2015-11-29 14:50:02 +01:00
Jakob Unterwurzacher
3b2143bafc diriv: fix readdir
It decrypted all file names using the root directory iv
2015-11-28 18:39:45 +01:00
Jakob Unterwurzacher
fe7355f9ee diriv: use "DirIV" flag to discern and support mounting old filesystems 2015-11-28 18:38:06 +01:00
Jakob Unterwurzacher
a04a92cdab Run go fmt 2015-11-27 22:20:01 +01:00
Jakob Unterwurzacher
6acd772cf9 diriv: Define "DirIV" feature flag
(unused so far)
2015-11-27 22:18:36 +01:00
Jakob Unterwurzacher
bdd9249a52 diriv: Move WriteDirIV() to cryptfs; add locking to Mkdir, Rmdir 2015-11-27 21:48:58 +01:00
Jakob Unterwurzacher
decfc1ab79 diriv: Convert filename encryption users to diriv 2015-11-27 00:03:10 +01:00
Jakob Unterwurzacher
4d466c3412 diriv: Create gocryptfs.diriv in every directory 2015-11-25 20:57:16 +01:00
Jakob Unterwurzacher
d8bf6e7836 Tighten file permissions on gocryptfs.conf
This file should only be readable by the owner and never be written to.
2015-11-25 20:57:16 +01:00
Jakob Unterwurzacher
296bdf3af2 CipherSizeToPlainSize: Handle illegal states
A file never gets a cipherSize <= HEADER_LEN in normal operation.
However, this can happen if header write it interrupted or the
underlying filesystem does not support fallocate.

Noticed while trying to store a CIPHERDIR in another gocryptfs mount
(gocryptfs does not support fallocate)
2015-11-15 14:15:21 +01:00
Jakob Unterwurzacher
d95fc2333a Add "-extpass" cli option and associated tests 2015-11-15 13:42:04 +01:00
Jakob Unterwurzacher
61aacb5c1b Run go fmt and go vet 2015-11-14 17:16:17 +01:00
Jakob Unterwurzacher
99dfc84992 Add "-q" (quiet) flag 2015-11-09 22:33:42 +01:00
Jakob Unterwurzacher
050005fd7b Centralize path filter decision in CryptFS.IsFiltered() 2015-11-03 22:25:29 +01:00
Jakob Unterwurzacher
988e0a047c tests: add config file and feature flags tests 2015-11-03 21:09:58 +01:00
Jakob Unterwurzacher
3e367b29b0 config: Introduce ext4-style feature flags
// List of feature flags this filesystem has enabled.
// If gocryptfs encounters a feature flag it does not support, it will refuse
// mounting. This mechanism is analogous to the ext4 feature flags that are
// stored in the superblock.
FeatureFlags []string
2015-11-03 21:05:47 +01:00
Jakob Unterwurzacher
28b3af12d1 Fix tests broken by PlaintextNames addition 2015-11-03 18:19:19 +01:00
Jakob Unterwurzacher
1ec0fa388d Update USAGE.txt
Also run go fmt
2015-11-03 00:06:04 +01:00
Jakob Unterwurzacher
de56fe9e35 Implement PlainTextNames mode
Also, forbid access to "gocryptfs.conf" in the root dir.
2015-11-03 00:00:13 +01:00
Jakob Unterwurzacher
66db3ad086 Bump on-disk version to 2 2015-11-02 23:10:11 +01:00
Jakob Unterwurzacher
0ec17c3939 Add "--plaintextnames" option
Also, gather all the command line arguments into an anonymous struct
"args".
2015-11-02 23:09:51 +01:00
Jakob Unterwurzacher
902babdf22 Refactor ciphertext <-> plaintext offset translation functions
Move all the intelligence into the new file address_translation.go.
That the calculations were spread out too much became apparent when adding
the file header. This should make the code much easier to modify in the
future.
2015-11-01 12:11:36 +01:00
Jakob Unterwurzacher
76311b60f2 Add file header (on-disk-format change)
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]

Quoting SECURITY.md:

* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
 * This means the position of the blocks is protected as well. The blocks
   can not be reordered or copied between different files without
   causing an decryption error.
2015-11-01 01:38:27 +01:00
Jakob Unterwurzacher
eac1f54213 Activate block number authentication 2015-11-01 01:36:19 +01:00
Jakob Unterwurzacher
d1d444435c main: check directories for existence early
This prevents that the user enters the password only to get an error
later.
2015-10-11 18:33:28 +02:00
Jakob Unterwurzacher
ed1df49af5 Run go fmt 2015-10-07 22:59:36 +02:00
Jakob Unterwurzacher
440abcbac6 Add test.bash
...also adapt the cryptfs tests for 256 bit long keys
2015-10-07 22:09:34 +02:00
Jakob Unterwurzacher
65ba0739d5 Implement "gocryptfs --passwd" (pasword changing) 2015-10-07 21:26:17 +02:00
Jakob Unterwurzacher
a3d286069f Use block number as authentication data 2015-10-06 22:27:37 +02:00
Jakob Unterwurzacher
5c6df49067 Switch to AES-256
AES-256 seems to be becoming the industry standard. While AES-128 is
good enough for tens of years to come, let's follow suit and be extra
safe.
2015-10-06 20:51:35 +02:00
Jakob Unterwurzacher
022a6968ae Implement proper daemonization
The shell wrapper sends gocryptfs into the background and waits for SIGUSR1
2015-10-06 00:31:18 +02:00
Jakob Unterwurzacher
53ecebc71e openssl AEAD wrapper: handle authenticated data 2015-10-04 23:58:22 +02:00
Jakob Unterwurzacher
e6b7353f4e Switch nonce generation to purely random
The old implementation of counting up from a random starting
point had the problem that is allowed an attacker to find out
the write order of the blocks.
2015-10-04 21:36:16 +02:00
Jakob Unterwurzacher
89fef80d32 Run go fmt 2015-10-04 14:49:47 +02:00
Jakob Unterwurzacher
c859f0b2dc intraBlock: Rename Offset to Skip
"Offset" is unclear whether it is an offset from the start of file
or start of block. "Skip" seems much better.
2015-10-04 14:24:43 +02:00
Jakob Unterwurzacher
5229b8f5f5 Add BlockNoPlainOff() and BlockNoCipherOff() + test
Also, fix key, it is now []byte, not [16]byte
2015-10-04 11:03:40 +02:00
Jakob Unterwurzacher
40448db909 Fix xfstests generic/030 failure
The actual fix is

	oldSize := f.cfs.PlainSize(uint64(fi.Size()))

the rest is logging improvements
2015-10-04 00:26:20 +02:00
Jakob Unterwurzacher
79870ab096 debug: log inode number instead of encrypted filename
Makes the log output smaller and more readable.
2015-10-03 19:16:34 +02:00
Jakob Unterwurzacher
38bf8a2fcf Implement file hole passtrough
Fixes xfstests generic/010

Note that file holes are not authenticated,
2015-10-03 13:34:33 +02:00
Jakob Unterwurzacher
b835f83fd5 Implement Truncate() + Test 2015-09-30 22:36:53 +02:00
Jakob Unterwurzacher
061831edf2 DecryptBlocks: Don't shadow err variable 2015-09-30 20:31:41 +02:00
Jakob Unterwurzacher
0af3cfcac0 Fix symlink size reporting 2015-09-16 19:32:37 +02:00
Jakob Unterwurzacher
3a2610a141 symlink encryption: pass ".." and "." through unchanged
This fixes relative symlinks:

$ tar xf linux-4.2.tar.gz
tar: linux-4.2/tools/testing/selftests/powerpc/vphn/vphn.h: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/vphn/vphn.c: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/stringloops/memcmp_64.S: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/primitives/word-at-a-time.h: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/primitives/asm/asm-compat.h: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/copyloops/memcpy_power7.S: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/copyloops/memcpy_64.S: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/copyloops/copyuser_power7.S: Cannot utime: No such file or directory
tar: linux-4.2/tools/testing/selftests/powerpc/copyloops/copyuser_64.S: Cannot utime: No such file or directory
tar: linux-4.2/arch/powerpc/boot/dts/include/dt-bindings: Cannot utime: No such file or directory
tar: linux-4.2/arch/mips/boot/dts/include/dt-bindings: Cannot utime: No such file or directory
tar: linux-4.2/arch/metag/boot/dts/include/dt-bindings: Cannot utime: No such file or directory
tar: linux-4.2/arch/arm64/boot/dts/include/dt-bindings: Cannot utime: No such file or directory
tar: linux-4.2/arch/arm/boot/dts/include/dt-bindings: Cannot utime: No such file or directory
tar: Exiting with failure status due to previous errors
2015-09-16 18:43:07 +02:00
Jakob Unterwurzacher
fdc0fef6ee Use MarshalIndent for JSON generation 2015-09-14 00:45:41 +02:00
Jakob Unterwurzacher
6f9e90c414 Encrypt key with scrypt-hashed password 2015-09-13 22:09:38 +02:00
Jakob Unterwurzacher
4acaeb668e Implement json config storage (not yet encrypted) 2015-09-13 17:55:07 +02:00
Jakob Unterwurzacher
e7ba3c61f1 Fix File.GettAttr() size reporting
The too-large reported value broke mmap
(applications saw appended zero bytes)

Also
* Add locking for all fd operations
* Add "--debug" command line switch
2015-09-09 19:32:59 +02:00
Jakob Unterwurzacher
80935a0e1b Explain both frontends in readme
Also, re-enable openssl and disable debug messages so testing
gocryptfs is less painful
2015-09-08 23:09:28 +02:00
Jakob Unterwurzacher
bfdbbbf8b4 Fix panic on absolute symlink 2015-09-08 22:53:06 +02:00
Jakob Unterwurzacher
28cdff5889 tests: add TestCiphertextRange 2015-09-08 22:36:38 +02:00