3ea60a553e
README: mention signed tags
2015-12-20 21:15:49 +01:00
5d25c6e7e9
Link to official website; move security document
2015-12-20 18:25:10 +01:00
57b32a0b8b
Make build.bash work when called from outside the gocryptfs directory
2015-12-20 17:44:11 +01:00
38f7dc1a17
Make build.bash version bake-in compatible with Go 1.3 and 1.4
2015-12-20 17:30:10 +01:00
65d1f888c8
travis: also build using build.bash
2015-12-20 17:15:29 +01:00
c703823521
travis: also build on Go 1.3.3
2015-12-20 17:06:54 +01:00
3bbaa1208f
Add logo, update README for v0.7
2015-12-20 15:42:52 +01:00
04abad5e84
Update performance data for v0.7
2015-12-20 15:39:40 +01:00
ad00ba38e5
Colorize output
2015-12-19 15:46:19 +01:00
8c7e31329d
Use NewGCMWithNonceSize only through goGCMWrapper to support Go 1.4
2015-12-19 15:19:31 +01:00
1caa925868
Increase GCM IV size from 96 to 128 bits
...
This pushes back the birthday bound for collisions to make it virtually
irrelevant.
2015-12-19 15:02:29 +01:00
88826dc51d
diriv: handle directory rename over directory
...
If an empty directory is overwritten we will always get
ENOTEMPTY as the "empty" directory will still contain gocryptfs.diriv.
Handle that case by removing the target directory and trying again.
Fixes issue #10
2015-12-19 13:21:15 +01:00
00a712b4d1
go fmt
...
...and minimal comment changes.
2015-12-13 20:24:13 +01:00
8518d6d7bd
Handle EINTR returned by Fallocate
...
Fallocate can return EINTR (interrupted system call) and does so
quite often when cpu profiling is enabled.
2015-12-13 17:17:01 +01:00
b02ad12814
tests: overwrite directory with another directory
...
Testcase for issue #10 (currently failing)
2015-12-11 23:27:38 +01:00
7758bdc61d
tests: add "gocryptfs -init -plaintextnames" cli testcase
2015-12-11 22:21:00 +01:00
e99e841713
Rmdir: handle creating and removing unreadable directories
...
This patch also splits off Mkdir and Rmdir into its own file.
Fixes issue #8 , thanks to @diseq for the bug report.
2015-12-11 20:02:12 +01:00
78cd97c5e9
Wrap NewGCMWithNonceSize() to enable compilation on Go 1.4
2015-12-10 20:55:09 +01:00
61ee2271c4
tests: test read-write directory operations on all example filesystems
2015-12-10 20:02:18 +01:00
29336ba614
tests: add v0.6-plaintextnames example filesystem
2015-12-10 19:50:45 +01:00
b4b9072cc2
Simplify CreateConfFile: do not allow specification of EMENames
2015-12-10 19:38:02 +01:00
ccf6d00728
Add missing PlaintextNames checks in OpenDir, Mkdir, Rmdir, initDir
...
Plaintextnames support has bitrotted during the DirIV additions,
this needs test cases. Will be added in a future patch.
Fixes issue #9 .
2015-12-10 01:12:05 +01:00
14deea6c20
travis ci: do not build on go 1.4.3
...
Go 1.4.3 seems to be missing cipher.NewGCMWithNonceSize. Error:
cryptfs/openssl_test.go:23: undefined: cipher.NewGCMWithNonceSize
2015-12-08 17:16:23 +01:00
ce4a9f9ed6
README: fix typo
2015-12-08 16:44:39 +01:00
9419e7ae85
Update README + docs for v0.6 release
2015-12-08 16:41:45 +01:00
e3f35d38b5
tests: add v0.6 example filesystem with EME
2015-12-08 16:17:19 +01:00
c6dacd6f91
Add EME filename encryption & enable it by default
2015-12-08 16:17:04 +01:00
ff8c81f95b
go fmt
2015-12-08 13:51:06 +01:00
f4ae0304af
opensslGCM: preallocate buffer space, improves performance by 11%
...
Results of cryptfs/openssl_benchmark.bash :
Before:
BenchmarkEnc_OpenSSL_4k_AES256_nonce96-2 50000 31802 ns/op 127.28 MB/s
BenchmarkEnc_OpenSSL_4k_AES256_nonce128-2 50000 32110 ns/op 126.06 MB/s
After:
BenchmarkEnc_OpenSSL_4k_AES256_nonce96-2 50000 28612 ns/op 141.47 MB/s
BenchmarkEnc_OpenSSL_4k_AES256_nonce128-2 50000 28613 ns/op 141.47 MB/s
2015-12-08 13:22:57 +01:00
c6a6641b58
tests: add encryption benchmarks to cryptfs
2015-12-08 13:19:19 +01:00
21abf57abb
Update README
...
gocryptfs is no longer developed in gocryptfs because of the inconvenience
that you cannot mount a FUSE filesystem inside a FUSE mount
2015-12-06 15:13:06 +01:00
7375d86ada
tests: add TestRename
2015-12-06 15:10:23 +01:00
56888d83dd
fallocate the space needed for the file header beforehand
...
This makes sure writing to a file fails early if the underlying
filesystem does not support fallocate. It also prevents partial header
write due to ENOSPC.
2015-12-06 15:05:52 +01:00
edc289fb75
Fix rename, was broken broken by DirIV introduction
...
As it was, CIPHERDIR was prepended twice, causing every rename
to fail with ENOENT.
2015-12-06 15:00:54 +01:00
37c67393e6
tests: recreate v0.5 example filesystems with -scryptn=10
...
Cuts the mount time in half, from 0.788s to 0.321s.
2015-12-06 14:41:51 +01:00
71b94828ed
init: create gocryptfs.diriv after creating gocryptfs.conf
...
Creating the config file can fail easily, for example if the
password is not entered the same twice. This would leave an
orphaned gocryptfs.diriv behind.
2015-12-06 14:24:45 +01:00
fc23aba65b
performance.txt: link to linux-3.0.tar.gz
2015-12-04 22:45:16 +01:00
353d29b502
Update manpage with -diriv and -scryptn
2015-12-04 22:41:14 +01:00
018d047ab2
Show base64 encoding in filename encryption svg
2015-12-04 22:26:50 +01:00
a6971ade94
svg: add colored annotations
...
Also, show the IV in the master key decryption process
2015-12-02 09:03:37 +01:00
026ab56de4
Cut down the text in SECURITY.md, add graphs
2015-12-01 23:06:56 +01:00
6515c8d42c
Add svgs explaining the encryption steps
2015-12-01 22:54:40 +01:00
2734dc81e5
Make sure MANPAGE-render.bash works when called from outside Documentation
2015-12-01 21:04:58 +01:00
accf8144ca
Move docs to Documentation folder
2015-12-01 18:19:24 +01:00
cbb18380be
Update README and SECURITY documents
2015-11-29 22:36:25 +01:00
ce42a6f23d
Run go fmt
2015-11-29 21:55:20 +01:00
20b058a333
Add single-element cache for DirIV lookup
...
Another 3x performance boost for applications that walk the
directory tree.
Excerpt from performance.txt:
VERSION UNTAR LS RM
v0.4 48 1.5 5
v0.5-rc1 56 7 19
v0.5-rc1-1 54 4.1 9
v0.5-rc1-2 45 1.7 3.4 <---- THIS VERSION
2015-11-29 21:41:38 +01:00
1d0a442405
OpenDir performance: Read DirIV once and reuse it for all names
...
Formerly, we called decryptPath for every name.
That resulted in a directory walk that reads in all diriv files
on the way.
Massive improvement for RM and LS (check performance.txt for details)
VERSION UNTAR RM LS
v0.4 48 5 1.5
v0.5-rc1 56 19 7
v0.5-rc1-1 54 9 4.1 <---- THIS VERSION
2015-11-29 20:03:37 +01:00
6f764b3867
Handle all operations except mounting without forking a child
...
This saves 170ms for each start (why do we take 170ms to start up?)
and cuts down test time by 2 seconds.
2015-11-29 19:09:12 +01:00
bb116282b7
Add "-scryptn" option that sets the cost parameter for scrypt
...
Use that option to speed up the automated tests by 7 seconds.
Before:
ok github.com/rfjakob/gocryptfs/integration_tests 26.667s
After:
ok github.com/rfjakob/gocryptfs/integration_tests 19.534s
2015-11-29 18:53:40 +01:00
Jakob Unterwurzacher