Commit Graph

854 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
71b94828ed init: create gocryptfs.diriv after creating gocryptfs.conf
Creating the config file can fail easily, for example if the
password is not entered the same twice. This would leave an
orphaned gocryptfs.diriv behind.
2015-12-06 14:24:45 +01:00
Jakob Unterwurzacher
fc23aba65b performance.txt: link to linux-3.0.tar.gz 2015-12-04 22:45:16 +01:00
Jakob Unterwurzacher
353d29b502 Update manpage with -diriv and -scryptn 2015-12-04 22:41:14 +01:00
Jakob Unterwurzacher
018d047ab2 Show base64 encoding in filename encryption svg 2015-12-04 22:26:50 +01:00
Jakob Unterwurzacher
a6971ade94 svg: add colored annotations
Also, show the IV in the master key decryption process
2015-12-02 09:03:37 +01:00
Jakob Unterwurzacher
026ab56de4 Cut down the text in SECURITY.md, add graphs 2015-12-01 23:06:56 +01:00
Jakob Unterwurzacher
6515c8d42c Add svgs explaining the encryption steps 2015-12-01 22:54:40 +01:00
Jakob Unterwurzacher
2734dc81e5 Make sure MANPAGE-render.bash works when called from outside Documentation 2015-12-01 21:04:58 +01:00
Jakob Unterwurzacher
accf8144ca Move docs to Documentation folder 2015-12-01 18:19:24 +01:00
Jakob Unterwurzacher
cbb18380be Update README and SECURITY documents 2015-11-29 22:36:25 +01:00
Jakob Unterwurzacher
ce42a6f23d Run go fmt 2015-11-29 21:55:20 +01:00
Jakob Unterwurzacher
20b058a333 Add single-element cache for DirIV lookup
Another 3x performance boost for applications that walk the
directory tree.

Excerpt from performance.txt:

VERSION         UNTAR    LS     RM
v0.4               48     1.5    5
v0.5-rc1           56     7     19
v0.5-rc1-1         54     4.1    9
v0.5-rc1-2         45     1.7	 3.4  <---- THIS VERSION
2015-11-29 21:41:38 +01:00
Jakob Unterwurzacher
1d0a442405 OpenDir performance: Read DirIV once and reuse it for all names
Formerly, we called decryptPath for every name.
That resulted in a directory walk that reads in all diriv files
on the way.

Massive improvement for RM and LS (check performance.txt for details)

VERSION         UNTAR   RM   LS
v0.4               48    5    1.5
v0.5-rc1           56   19    7
v0.5-rc1-1         54    9    4.1   <---- THIS VERSION
2015-11-29 20:03:37 +01:00
Jakob Unterwurzacher
6f764b3867 Handle all operations except mounting without forking a child
This saves 170ms for each start (why do we take 170ms to start up?)
and cuts down test time by 2 seconds.
2015-11-29 19:09:12 +01:00
Jakob Unterwurzacher
bb116282b7 Add "-scryptn" option that sets the cost parameter for scrypt
Use that option to speed up the automated tests by 7 seconds.

Before:
	ok  	github.com/rfjakob/gocryptfs/integration_tests	26.667s
After:
	ok  	github.com/rfjakob/gocryptfs/integration_tests	19.534s
2015-11-29 18:53:40 +01:00
Jakob Unterwurzacher
71bfa1f0fb tests: add scrypt benchmark
Times the impact of the parameter "N" to scrypt.

Results on a 2.7GHz Pentium G630:

gocryptfs/cryptfs$ go test -bench=.
PASS
BenchmarkScrypt10-2	     300	   6021435 ns/op ... 6ms
BenchmarkScrypt11-2	     100	  11861460 ns/op
BenchmarkScrypt12-2	     100	  23420822 ns/op
BenchmarkScrypt13-2	      30	  47666518 ns/op
BenchmarkScrypt14-2	      20	  92561590 ns/op ... 92ms
BenchmarkScrypt15-2	      10	 183971593 ns/op
BenchmarkScrypt16-2	       3	 368506365 ns/op
BenchmarkScrypt17-2	       2	 755502608 ns/op ... 755ms
ok  	github.com/rfjakob/gocryptfs/cryptfs	18.772s
2015-11-29 14:50:02 +01:00
Jakob Unterwurzacher
eb38a36114 tests: add v0.5 example filesystem (with DirIV!) 2015-11-28 20:31:01 +01:00
Jakob Unterwurzacher
8766ab5472 tests: verify that symlinks work 2015-11-28 20:21:06 +01:00
Jakob Unterwurzacher
1fb349e97b diriv: also support old CBC symlink 2015-11-28 18:39:45 +01:00
Jakob Unterwurzacher
01141f8b5e diriv: fix Symlink() and Readlink()
Both were missing adaptions for diriv usage resulting in broken
functionality
2015-11-28 18:39:45 +01:00
Jakob Unterwurzacher
3b2143bafc diriv: fix readdir
It decrypted all file names using the root directory iv
2015-11-28 18:39:45 +01:00
Jakob Unterwurzacher
fe7355f9ee diriv: use "DirIV" flag to discern and support mounting old filesystems 2015-11-28 18:38:06 +01:00
Jakob Unterwurzacher
b3d96b6a20 main: pass args struct instead of having a huge function call 2015-11-27 22:30:38 +01:00
Jakob Unterwurzacher
a04a92cdab Run go fmt 2015-11-27 22:20:01 +01:00
Jakob Unterwurzacher
6acd772cf9 diriv: Define "DirIV" feature flag
(unused so far)
2015-11-27 22:18:36 +01:00
Jakob Unterwurzacher
798e5eb5e7 tests: create all-zero gocryptfs.diriv in resetTmpDir()
Tests were failing because this file was missing
2015-11-27 21:51:40 +01:00
Jakob Unterwurzacher
bdd9249a52 diriv: Move WriteDirIV() to cryptfs; add locking to Mkdir, Rmdir 2015-11-27 21:48:58 +01:00
Jakob Unterwurzacher
decfc1ab79 diriv: Convert filename encryption users to diriv 2015-11-27 00:03:10 +01:00
Jakob Unterwurzacher
fe2fcf6c16 diriv: Transactionally delete gocryptfs.diriv in Rmdir 2015-11-25 22:17:42 +01:00
Jakob Unterwurzacher
b5bf59a31d tests: check Mkdir and Rmdir 2015-11-25 22:08:07 +01:00
Jakob Unterwurzacher
4d466c3412 diriv: Create gocryptfs.diriv in every directory 2015-11-25 20:57:16 +01:00
Jakob Unterwurzacher
d8bf6e7836 Tighten file permissions on gocryptfs.conf
This file should only be readable by the owner and never be written to.
2015-11-25 20:57:16 +01:00
Jakob Unterwurzacher
df46548be6 Print newline after gocryptfs.conf not found error 2015-11-25 20:57:16 +01:00
Jakob Unterwurzacher
dce0564f2a Add drone.io CI config 2015-11-22 21:07:38 +01:00
Jakob Unterwurzacher
8f069eabe4 README: link to use .../tags instead of ../releases
Using github "release" function means that the changelog is buried in the
github webinterface. The changelog is now instead included in README.md.
2015-11-15 16:10:45 +01:00
Jakob Unterwurzacher
2efd25eefe Update README for v0.4
Also, add short comments to the top of main_test.go and
performance_test.go.
2015-11-15 16:06:19 +01:00
Jakob Unterwurzacher
40882c6e49 tests: add example_filesystems, test password and -masterkey mount 2015-11-15 15:05:15 +01:00
Jakob Unterwurzacher
296bdf3af2 CipherSizeToPlainSize: Handle illegal states
A file never gets a cipherSize <= HEADER_LEN in normal operation.
However, this can happen if header write it interrupted or the
underlying filesystem does not support fallocate.

Noticed while trying to store a CIPHERDIR in another gocryptfs mount
(gocryptfs does not support fallocate)
2015-11-15 14:15:21 +01:00
Jakob Unterwurzacher
09499be6e9 Move "Debug output enabled" after forkChild() to remove duplicate output 2015-11-15 13:56:01 +01:00
Jakob Unterwurzacher
7a2ab0b233 tests: add tests for "-config" option 2015-11-15 13:48:30 +01:00
Jakob Unterwurzacher
d95fc2333a Add "-extpass" cli option and associated tests 2015-11-15 13:42:04 +01:00
Jakob Unterwurzacher
066c2c90eb MANPAGE: add "-config" flag
Also, "-plaintextnames" can be used with -zerokey.
Fix the incorrect description.
2015-11-14 21:31:39 +01:00
Jakob Unterwurzacher
58592330dc Refactor cli argument handling
Also, add the "-config" option for storing gocryptfs.conf
outside of CIPHERDIR.
2015-11-14 21:25:10 +01:00
Jakob Unterwurzacher
6736212b29 README: add beta badge and update text
Also, improve the help text.
2015-11-14 19:15:51 +01:00
Jakob Unterwurzacher
d69e0df668 README: add beta badge 2015-11-14 18:32:03 +01:00
Jakob Unterwurzacher
b06c1ebfc4 Revert "Travis CI: build using build.bash"
Build fails, see https://github.com/hanwen/go-fuse/pull/72 for details

This reverts commit 4637098b20.
2015-11-14 18:27:06 +01:00
Jakob Unterwurzacher
4637098b20 Travis CI: build using build.bash 2015-11-14 17:25:04 +01:00
Jakob Unterwurzacher
61aacb5c1b Run go fmt and go vet 2015-11-14 17:16:17 +01:00
Jakob Unterwurzacher
f9c21e91aa tests: Add file create benchmarks for different sizes
Example output on my machine:

~/src/github.com/rfjakob/gocryptfs$ ./benchmark.bash
gocryptfs v0.3.1-25-g2e33888-dirty; on-disk format 2
PASS
BenchmarkStreamWrite-2	     100	  12189867 ns/op	  86.02 MB/s
BenchmarkStreamRead-2 	     200	   9113262 ns/op	 115.06 MB/s
BenchmarkCreate0B-2   	   10000	    100249 ns/op
BenchmarkCreate1B-2   	   10000	    177680 ns/op	   0.01 MB/s
BenchmarkCreate100B-2 	    3000	    431586 ns/op	   0.23 MB/s
BenchmarkCreate4kB-2  	    3000	    455204 ns/op	   9.00 MB/s
BenchmarkCreate10kB-2 	    3000	    594044 ns/op	  17.24 MB/s
ok  	github.com/rfjakob/gocryptfs/integration_tests	15.176s
2015-11-14 16:49:59 +01:00
Jakob Unterwurzacher
2e3388800d tests: replace linux kernel untar test with synthetic small file creation 2015-11-12 21:18:18 +01:00