Commit Graph

12 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
3e367b29b0 config: Introduce ext4-style feature flags
// List of feature flags this filesystem has enabled.
// If gocryptfs encounters a feature flag it does not support, it will refuse
// mounting. This mechanism is analogous to the ext4 feature flags that are
// stored in the superblock.
FeatureFlags []string
2015-11-03 21:05:47 +01:00
Jakob Unterwurzacher
de56fe9e35 Implement PlainTextNames mode
Also, forbid access to "gocryptfs.conf" in the root dir.
2015-11-03 00:00:13 +01:00
Jakob Unterwurzacher
0ec17c3939 Add "--plaintextnames" option
Also, gather all the command line arguments into an anonymous struct
"args".
2015-11-02 23:09:51 +01:00
Jakob Unterwurzacher
902babdf22 Refactor ciphertext <-> plaintext offset translation functions
Move all the intelligence into the new file address_translation.go.
That the calculations were spread out too much became apparent when adding
the file header. This should make the code much easier to modify in the
future.
2015-11-01 12:11:36 +01:00
Jakob Unterwurzacher
76311b60f2 Add file header (on-disk-format change)
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]

Quoting SECURITY.md:

* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
 * This means the position of the blocks is protected as well. The blocks
   can not be reordered or copied between different files without
   causing an decryption error.
2015-11-01 01:38:27 +01:00
Jakob Unterwurzacher
d1d444435c main: check directories for existence early
This prevents that the user enters the password only to get an error
later.
2015-10-11 18:33:28 +02:00
Jakob Unterwurzacher
65ba0739d5 Implement "gocryptfs --passwd" (pasword changing) 2015-10-07 21:26:17 +02:00
Jakob Unterwurzacher
a3d286069f Use block number as authentication data 2015-10-06 22:27:37 +02:00
Jakob Unterwurzacher
89fef80d32 Run go fmt 2015-10-04 14:49:47 +02:00
Jakob Unterwurzacher
fdc0fef6ee Use MarshalIndent for JSON generation 2015-09-14 00:45:41 +02:00
Jakob Unterwurzacher
6f9e90c414 Encrypt key with scrypt-hashed password 2015-09-13 22:09:38 +02:00
Jakob Unterwurzacher
4acaeb668e Implement json config storage (not yet encrypted) 2015-09-13 17:55:07 +02:00