Jakob Unterwurzacher
fc23aba65b
performance.txt: link to linux-3.0.tar.gz
2015-12-04 22:45:16 +01:00
Jakob Unterwurzacher
353d29b502
Update manpage with -diriv and -scryptn
2015-12-04 22:41:14 +01:00
Jakob Unterwurzacher
018d047ab2
Show base64 encoding in filename encryption svg
2015-12-04 22:26:50 +01:00
Jakob Unterwurzacher
a6971ade94
svg: add colored annotations
...
Also, show the IV in the master key decryption process
2015-12-02 09:03:37 +01:00
Jakob Unterwurzacher
026ab56de4
Cut down the text in SECURITY.md, add graphs
2015-12-01 23:06:56 +01:00
Jakob Unterwurzacher
6515c8d42c
Add svgs explaining the encryption steps
2015-12-01 22:54:40 +01:00
Jakob Unterwurzacher
2734dc81e5
Make sure MANPAGE-render.bash works when called from outside Documentation
2015-12-01 21:04:58 +01:00
Jakob Unterwurzacher
accf8144ca
Move docs to Documentation folder
2015-12-01 18:19:24 +01:00
Jakob Unterwurzacher
cbb18380be
Update README and SECURITY documents
2015-11-29 22:36:25 +01:00
Jakob Unterwurzacher
ce42a6f23d
Run go fmt
2015-11-29 21:55:20 +01:00
Jakob Unterwurzacher
20b058a333
Add single-element cache for DirIV lookup
...
Another 3x performance boost for applications that walk the
directory tree.
Excerpt from performance.txt:
VERSION UNTAR LS RM
v0.4 48 1.5 5
v0.5-rc1 56 7 19
v0.5-rc1-1 54 4.1 9
v0.5-rc1-2 45 1.7 3.4 <---- THIS VERSION
2015-11-29 21:41:38 +01:00
Jakob Unterwurzacher
1d0a442405
OpenDir performance: Read DirIV once and reuse it for all names
...
Formerly, we called decryptPath for every name.
That resulted in a directory walk that reads in all diriv files
on the way.
Massive improvement for RM and LS (check performance.txt for details)
VERSION UNTAR RM LS
v0.4 48 5 1.5
v0.5-rc1 56 19 7
v0.5-rc1-1 54 9 4.1 <---- THIS VERSION
2015-11-29 20:03:37 +01:00
Jakob Unterwurzacher
6f764b3867
Handle all operations except mounting without forking a child
...
This saves 170ms for each start (why do we take 170ms to start up?)
and cuts down test time by 2 seconds.
2015-11-29 19:09:12 +01:00
Jakob Unterwurzacher
bb116282b7
Add "-scryptn" option that sets the cost parameter for scrypt
...
Use that option to speed up the automated tests by 7 seconds.
Before:
ok github.com/rfjakob/gocryptfs/integration_tests 26.667s
After:
ok github.com/rfjakob/gocryptfs/integration_tests 19.534s
2015-11-29 18:53:40 +01:00
Jakob Unterwurzacher
71bfa1f0fb
tests: add scrypt benchmark
...
Times the impact of the parameter "N" to scrypt.
Results on a 2.7GHz Pentium G630:
gocryptfs/cryptfs$ go test -bench=.
PASS
BenchmarkScrypt10-2 300 6021435 ns/op ... 6ms
BenchmarkScrypt11-2 100 11861460 ns/op
BenchmarkScrypt12-2 100 23420822 ns/op
BenchmarkScrypt13-2 30 47666518 ns/op
BenchmarkScrypt14-2 20 92561590 ns/op ... 92ms
BenchmarkScrypt15-2 10 183971593 ns/op
BenchmarkScrypt16-2 3 368506365 ns/op
BenchmarkScrypt17-2 2 755502608 ns/op ... 755ms
ok github.com/rfjakob/gocryptfs/cryptfs 18.772s
2015-11-29 14:50:02 +01:00
Jakob Unterwurzacher
eb38a36114
tests: add v0.5 example filesystem (with DirIV!)
2015-11-28 20:31:01 +01:00
Jakob Unterwurzacher
8766ab5472
tests: verify that symlinks work
2015-11-28 20:21:06 +01:00
Jakob Unterwurzacher
1fb349e97b
diriv: also support old CBC symlink
2015-11-28 18:39:45 +01:00
Jakob Unterwurzacher
01141f8b5e
diriv: fix Symlink() and Readlink()
...
Both were missing adaptions for diriv usage resulting in broken
functionality
2015-11-28 18:39:45 +01:00
Jakob Unterwurzacher
3b2143bafc
diriv: fix readdir
...
It decrypted all file names using the root directory iv
2015-11-28 18:39:45 +01:00
Jakob Unterwurzacher
fe7355f9ee
diriv: use "DirIV" flag to discern and support mounting old filesystems
2015-11-28 18:38:06 +01:00
Jakob Unterwurzacher
b3d96b6a20
main: pass args struct instead of having a huge function call
2015-11-27 22:30:38 +01:00
Jakob Unterwurzacher
a04a92cdab
Run go fmt
2015-11-27 22:20:01 +01:00
Jakob Unterwurzacher
6acd772cf9
diriv: Define "DirIV" feature flag
...
(unused so far)
2015-11-27 22:18:36 +01:00
Jakob Unterwurzacher
798e5eb5e7
tests: create all-zero gocryptfs.diriv in resetTmpDir()
...
Tests were failing because this file was missing
2015-11-27 21:51:40 +01:00
Jakob Unterwurzacher
bdd9249a52
diriv: Move WriteDirIV() to cryptfs; add locking to Mkdir, Rmdir
2015-11-27 21:48:58 +01:00
Jakob Unterwurzacher
decfc1ab79
diriv: Convert filename encryption users to diriv
2015-11-27 00:03:10 +01:00
Jakob Unterwurzacher
fe2fcf6c16
diriv: Transactionally delete gocryptfs.diriv in Rmdir
2015-11-25 22:17:42 +01:00
Jakob Unterwurzacher
b5bf59a31d
tests: check Mkdir and Rmdir
2015-11-25 22:08:07 +01:00
Jakob Unterwurzacher
4d466c3412
diriv: Create gocryptfs.diriv in every directory
2015-11-25 20:57:16 +01:00
Jakob Unterwurzacher
d8bf6e7836
Tighten file permissions on gocryptfs.conf
...
This file should only be readable by the owner and never be written to.
2015-11-25 20:57:16 +01:00
Jakob Unterwurzacher
df46548be6
Print newline after gocryptfs.conf not found error
2015-11-25 20:57:16 +01:00
Jakob Unterwurzacher
dce0564f2a
Add drone.io CI config
2015-11-22 21:07:38 +01:00
Jakob Unterwurzacher
8f069eabe4
README: link to use .../tags instead of ../releases
...
Using github "release" function means that the changelog is buried in the
github webinterface. The changelog is now instead included in README.md.
2015-11-15 16:10:45 +01:00
Jakob Unterwurzacher
2efd25eefe
Update README for v0.4
...
Also, add short comments to the top of main_test.go and
performance_test.go.
2015-11-15 16:06:19 +01:00
Jakob Unterwurzacher
40882c6e49
tests: add example_filesystems, test password and -masterkey mount
2015-11-15 15:05:15 +01:00
Jakob Unterwurzacher
296bdf3af2
CipherSizeToPlainSize: Handle illegal states
...
A file never gets a cipherSize <= HEADER_LEN in normal operation.
However, this can happen if header write it interrupted or the
underlying filesystem does not support fallocate.
Noticed while trying to store a CIPHERDIR in another gocryptfs mount
(gocryptfs does not support fallocate)
2015-11-15 14:15:21 +01:00
Jakob Unterwurzacher
09499be6e9
Move "Debug output enabled" after forkChild() to remove duplicate output
2015-11-15 13:56:01 +01:00
Jakob Unterwurzacher
7a2ab0b233
tests: add tests for "-config" option
2015-11-15 13:48:30 +01:00
Jakob Unterwurzacher
d95fc2333a
Add "-extpass" cli option and associated tests
2015-11-15 13:42:04 +01:00
Jakob Unterwurzacher
066c2c90eb
MANPAGE: add "-config" flag
...
Also, "-plaintextnames" can be used with -zerokey.
Fix the incorrect description.
2015-11-14 21:31:39 +01:00
Jakob Unterwurzacher
58592330dc
Refactor cli argument handling
...
Also, add the "-config" option for storing gocryptfs.conf
outside of CIPHERDIR.
2015-11-14 21:25:10 +01:00
Jakob Unterwurzacher
6736212b29
README: add beta badge and update text
...
Also, improve the help text.
2015-11-14 19:15:51 +01:00
Jakob Unterwurzacher
d69e0df668
README: add beta badge
2015-11-14 18:32:03 +01:00
Jakob Unterwurzacher
b06c1ebfc4
Revert "Travis CI: build using build.bash"
...
Build fails, see https://github.com/hanwen/go-fuse/pull/72 for details
This reverts commit 4637098b20ea82ff5a7ac1d75ea683d17e00e199.
2015-11-14 18:27:06 +01:00
Jakob Unterwurzacher
4637098b20
Travis CI: build using build.bash
2015-11-14 17:25:04 +01:00
Jakob Unterwurzacher
61aacb5c1b
Run go fmt and go vet
2015-11-14 17:16:17 +01:00
Jakob Unterwurzacher
f9c21e91aa
tests: Add file create benchmarks for different sizes
...
Example output on my machine:
~/src/github.com/rfjakob/gocryptfs$ ./benchmark.bash
gocryptfs v0.3.1-25-g2e33888-dirty; on-disk format 2
PASS
BenchmarkStreamWrite-2 100 12189867 ns/op 86.02 MB/s
BenchmarkStreamRead-2 200 9113262 ns/op 115.06 MB/s
BenchmarkCreate0B-2 10000 100249 ns/op
BenchmarkCreate1B-2 10000 177680 ns/op 0.01 MB/s
BenchmarkCreate100B-2 3000 431586 ns/op 0.23 MB/s
BenchmarkCreate4kB-2 3000 455204 ns/op 9.00 MB/s
BenchmarkCreate10kB-2 3000 594044 ns/op 17.24 MB/s
ok github.com/rfjakob/gocryptfs/integration_tests 15.176s
2015-11-14 16:49:59 +01:00
Jakob Unterwurzacher
2e3388800d
tests: replace linux kernel untar test with synthetic small file creation
2015-11-12 21:18:18 +01:00
Jakob Unterwurzacher
3664320fe5
tests: move integration tests to separate directory
...
Also, use new "-defaultonly" flag for benchmarks
(only tests with openssl=true plaintextnames=false)
2015-11-12 21:02:44 +01:00