fscrypt.git/crypto/crypto.go, branch refactor Go tool for managing Linux filesystem encryption crypto: Remove crypto.randReader 2017-10-20T18:24:14+00:00 Joseph Richey joerichey94@gmail.com 2017-10-19T18:34:07+00:00 6de6b14a09b3695fe797e5fd59a04b3c3834641a As #19274 is now fixed in Go 1.9, there is no longer any reason to have a duplicate implementation to the standard library. We can now move safely to crypto/rand. 
As #19274 is now fixed in Go 1.9, there is no longer any reason to have
a duplicate implementation to the standard library. We can now move
safely to crypto/rand.
crypto: Handle when "ulimit -l" is too low 2017-08-29T18:17:10+00:00 Joe Richey joerichey94@gmail.com 2017-08-29T18:17:10+00:00 7568ca2aab4a3266eb95cbda64298e2292743c7b 






cmd/fscrypt: purge command now clears cache
2017-08-18T05:49:44+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-08-16T01:11:29+00:00

151e8965fa3a9c8f65e316430f9df0fa763fb02d












crypto: Switch from session to user keyring
2017-08-15T20:16:08+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-08-15T19:06:11+00:00

5e8dfc196020693d2a9dc809cf6bc87096ddc09f












Finalize import paths and documentation
2017-06-28T22:15:21+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-06-28T20:57:55+00:00

2c52eca8727df744d093703bbcbd87fc39d57d30

This commit changes all the internal import paths from `fscrypt/foo` to
`github.com/google/fscrypt/foo` so that it can be built once we release
externaly. The documentation in README.md is updated accordingly.

Also, the README has a note noting that we do not make any guarantees
about project stability before 1.0 (when it ships with Ubuntu).

Change-Id: I6ba86e442c74057c8a06ba32a42e17f94833e280





This commit changes all the internal import paths from `fscrypt/foo` to
`github.com/google/fscrypt/foo` so that it can be built once we release
externaly. The documentation in README.md is updated accordingly.

Also, the README has a note noting that we do not make any guarantees
about project stability before 1.0 (when it ships with Ubuntu).

Change-Id: I6ba86e442c74057c8a06ba32a42e17f94833e280







Change error handling to new package
2017-06-28T21:06:52+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-06-21T16:52:40+00:00

77b226a90ef70b77ca556830528c013a23b01e57

This commit changes the error handing for the crypto, filesystem,
metadata, pam, and util packages to use the error handling library
github.com/pkg/errors. This means elimination of the FSError type, an
increased use of wrapping errors (as opposed to logging), switching
on the Cause() of an error (as opposed to its value), and improving our
integration tests involving TEST_FILESYSTEM_ROOT.

This commit also fixes a few bugs with the keyring code to ensure that
our {Find|Remove|Insert}PolicyKey functions are always operating on the
same keyring. The check for filesystem support has been moved from the
filesystem package to the metadata package. Finally, the API for the
filesystem package has been slightly modified:
	* filesystem.AllFilesystems() now returns all the filesystems in
	  sorted order
	* certain path methods are now public

O_SYNC is also removed for writing the metadata. We don't get that much
from syncing the metadata, as the actual file data could also be
corrupted by and IO error. The sync operation is also occasionally very
slow (~3 seconds) and can be unfriendly to battery life.

Change-Id: I392c2655141714b16dfdbc84ac09780072be2cf0





This commit changes the error handing for the crypto, filesystem,
metadata, pam, and util packages to use the error handling library
github.com/pkg/errors. This means elimination of the FSError type, an
increased use of wrapping errors (as opposed to logging), switching
on the Cause() of an error (as opposed to its value), and improving our
integration tests involving TEST_FILESYSTEM_ROOT.

This commit also fixes a few bugs with the keyring code to ensure that
our {Find|Remove|Insert}PolicyKey functions are always operating on the
same keyring. The check for filesystem support has been moved from the
filesystem package to the metadata package. Finally, the API for the
filesystem package has been slightly modified:
	* filesystem.AllFilesystems() now returns all the filesystems in
	  sorted order
	* certain path methods are now public

O_SYNC is also removed for writing the metadata. We don't get that much
from syncing the metadata, as the actual file data could also be
corrupted by and IO error. The sync operation is also occasionally very
slow (~3 seconds) and can be unfriendly to battery life.

Change-Id: I392c2655141714b16dfdbc84ac09780072be2cf0







crypto: add in additional keyring functionality
2017-06-16T05:32:35+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-06-08T17:51:04+00:00

ea3e258610340de0dd585c221f4e18a199f16bca

This commit adds in the FindPolicyKey and RemovePolicyKey functions to
complement the InsertPolicyKey function. The existing functions were
also refactored slightly.

Change-Id: Iabd275f2186a9e3023d5efd44c772966123e3657





This commit adds in the FindPolicyKey and RemovePolicyKey functions to
complement the InsertPolicyKey function. The existing functions were
also refactored slightly.

Change-Id: Iabd275f2186a9e3023d5efd44c772966123e3657







crypto: tests, errors, and descriptor computation
2017-05-31T19:37:35+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-05-24T01:41:36+00:00

bc66b8a56ee7ae4f703cf30502aff8b7d68953d0

This changes the crypto package so it now builds in light of the changes
to the util and metadata package. This commit also improves the error
handling, adds tests, and makes it so recovery keys now correspond to
Policy keys (as they are used to recover a directory in the absence of
any metadata).

The only feature addition here is the ability to compute descriptors.
For backwards compatibility, we keep the same descriptor algorithm used
before (double SHA512).

Change-Id: Ia2b53c6e85ce65c57595e6823d3c4c92219bc8dc





This changes the crypto package so it now builds in light of the changes
to the util and metadata package. This commit also improves the error
handling, adds tests, and makes it so recovery keys now correspond to
Policy keys (as they are used to recover a directory in the absence of
any metadata).

The only feature addition here is the ability to compute descriptors.
For backwards compatibility, we keep the same descriptor algorithm used
before (double SHA512).

Change-Id: Ia2b53c6e85ce65c57595e6823d3c4c92219bc8dc







crypto: passphrase hashing with Argon2
2017-05-02T20:39:18+00:00

Joe Richey
joerichey@google.com

2017-03-03T01:32:50+00:00

3f9c09b1e0901248c96c47e392a2888c40b2f182

This commit adds in the PassphraseHash function which hashes the
provided passphrase (in key form) using Argon2id. This cost parameters
for Argon2id and that salt are both fed into the function. It also
includes tests and benchmarks for the passphrase hashing.

Change-Id: I060db3e71213c756d45ce5603a0a59d3d7a1e609





This commit adds in the PassphraseHash function which hashes the
provided passphrase (in key form) using Argon2id. This cost parameters
for Argon2id and that salt are both fed into the function. It also
includes tests and benchmarks for the passphrase hashing.

Change-Id: I060db3e71213c756d45ce5603a0a59d3d7a1e609







crypto: secure key wrapping/unwrapping
2017-05-02T20:39:18+00:00

Joe Richey
joerichey@google.com

2017-03-02T19:58:07+00:00

8128b35375dfc4846dd1573dda55ef232ffd2d66

This commit adds in the ability to use the WrappedKeyData from the
metadata package to wrap and unwrap cryptographic keys of any length.
This makes use of several cryptographic primitives:
	- Unsalted, SHA256-based HKDF for key stretching
	- AES256 in CTR mode for encryption
	- SHA256-based HMAC for authentication

Note that the key wrapping/unwrapping uses an "Encrypt then MAC" scheme
for doing authenticated unwrapping. This means we can detect if bogus
metadata has been given. This package also standardizes the length for
fscrypt's internal keys.

This CL is the first to add benchmarks, which can be run with:
	go test -bench=. ./...

Change-Id: I2e5fc23a8a8cc36b17ccb3f26f03edcaccc517e1





This commit adds in the ability to use the WrappedKeyData from the
metadata package to wrap and unwrap cryptographic keys of any length.
This makes use of several cryptographic primitives:
	- Unsalted, SHA256-based HKDF for key stretching
	- AES256 in CTR mode for encryption
	- SHA256-based HMAC for authentication

Note that the key wrapping/unwrapping uses an "Encrypt then MAC" scheme
for doing authenticated unwrapping. This means we can detect if bogus
metadata has been given. This package also standardizes the length for
fscrypt's internal keys.

This CL is the first to add benchmarks, which can be run with:
	go test -bench=. ./...

Change-Id: I2e5fc23a8a8cc36b17ccb3f26f03edcaccc517e1