fscrypt.git/crypto/crypto_test.go, branch refactor Go tool for managing Linux filesystem encryption util: Add better user lookup functions 2017-10-19T10:34:51+00:00 Joseph Richey joerichey94@gmail.com 2017-10-19T10:15:28+00:00 b7de8535f899f2b88d61f4f1264fe6a272196536 When looking up users in fscrypt, we often want to proceed even if the requested uid doesn't appear to be a valid user on the system. This mainly occurs when a user is deleted, but they still have a login protector on disk. Thus, GetUser() with a bad uid creates a fake user with a pretty placeholder name. The corresponding call sites of util.EffectiveUser are changed (often simplifying logic). Various documentation is updated and typos are fixed. 
When looking up users in fscrypt, we often want to proceed even if the
requested uid doesn't appear to be a valid user on the system. This
mainly occurs when a user is deleted, but they still have a login
protector on disk.

Thus, GetUser() with a bad uid creates a fake user with a pretty
placeholder name. The corresponding call sites of util.EffectiveUser are
changed (often simplifying logic). Various documentation is updated and
typos are fixed.
crypto: Updated to include user parameter 2017-08-31T00:57:38+00:00 Joe Richey joerichey@google.com 2017-08-31T00:57:38+00:00 d685f6b232485a0dc0cc8b915561b9be37d32722 






crypto: Handle when "ulimit -l" is too low
2017-08-29T18:17:10+00:00

Joe Richey
joerichey94@gmail.com

2017-08-29T18:17:10+00:00

7568ca2aab4a3266eb95cbda64298e2292743c7b












cmd/fscrypt: purge command now clears cache
2017-08-18T05:49:44+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-08-16T01:11:29+00:00

151e8965fa3a9c8f65e316430f9df0fa763fb02d












crypto: Add more tests for bad key lengths
2017-07-20T01:10:12+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-20T00:54:12+00:00

a7eb527485dfe8871f303740dec9e67c2ac6bda1












Small fixes so "make lint" doesn't complain.
2017-07-18T06:16:00+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-18T06:16:00+00:00

744dbff34969ef612b219cde5b8f116f3ae3d26f












crypto: Use single description parameter
2017-07-14T19:03:59+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-14T18:43:24+00:00

7ee5d16c1d4da0561976b372da15bd2d7a32d8b8

Instead of using the service+descriptor parameters (which are always
combined in the same way), use a single description parameter.





Instead of using the service+descriptor parameters (which are always
combined in the same way), use a single description parameter.







Finalize import paths and documentation
2017-06-28T22:15:21+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-06-28T20:57:55+00:00

2c52eca8727df744d093703bbcbd87fc39d57d30

This commit changes all the internal import paths from `fscrypt/foo` to
`github.com/google/fscrypt/foo` so that it can be built once we release
externaly. The documentation in README.md is updated accordingly.

Also, the README has a note noting that we do not make any guarantees
about project stability before 1.0 (when it ships with Ubuntu).

Change-Id: I6ba86e442c74057c8a06ba32a42e17f94833e280





This commit changes all the internal import paths from `fscrypt/foo` to
`github.com/google/fscrypt/foo` so that it can be built once we release
externaly. The documentation in README.md is updated accordingly.

Also, the README has a note noting that we do not make any guarantees
about project stability before 1.0 (when it ships with Ubuntu).

Change-Id: I6ba86e442c74057c8a06ba32a42e17f94833e280







actions: Simplify the callback mechanism
2017-06-26T22:40:08+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-06-01T00:54:35+00:00

defd27f75df3a6eef84ac33adf89b1ce255e738c

This commit makes the callbacks for getting keys easier to understand.
Functions which need keys now take a KeyFunc callback. This callback
contains a ProtectorInfo parameter (basically a read-only version of
metadata.ProtectorData) and a boolean which indicates if the call is
being retried. The documentation is also updated to say which functions
will retry the KeyFunc.

For selecting a protector, there is now an OptionFunc callback which
takes a slice of ProtectorOptions. A ProtectorOption is a ProtectorInfo
along with additional information about a linked filesystem (if
applicable).

This commit also adds in methods for getting the protector options for a
specific filesystem or policy. It also adds a function for getting the
policy descriptor for a specific path.

Change-Id: I41e0d94ffd44e7166b0c5cf1b5d18437960bdf90





This commit makes the callbacks for getting keys easier to understand.
Functions which need keys now take a KeyFunc callback. This callback
contains a ProtectorInfo parameter (basically a read-only version of
metadata.ProtectorData) and a boolean which indicates if the call is
being retried. The documentation is also updated to say which functions
will retry the KeyFunc.

For selecting a protector, there is now an OptionFunc callback which
takes a slice of ProtectorOptions. A ProtectorOption is a ProtectorInfo
along with additional information about a linked filesystem (if
applicable).

This commit also adds in methods for getting the protector options for a
specific filesystem or policy. It also adds a function for getting the
policy descriptor for a specific path.

Change-Id: I41e0d94ffd44e7166b0c5cf1b5d18437960bdf90







crypto: add in additional keyring functionality
2017-06-16T05:32:35+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-06-08T17:51:04+00:00

ea3e258610340de0dd585c221f4e18a199f16bca

This commit adds in the FindPolicyKey and RemovePolicyKey functions to
complement the InsertPolicyKey function. The existing functions were
also refactored slightly.

Change-Id: Iabd275f2186a9e3023d5efd44c772966123e3657





This commit adds in the FindPolicyKey and RemovePolicyKey functions to
complement the InsertPolicyKey function. The existing functions were
also refactored slightly.

Change-Id: Iabd275f2186a9e3023d5efd44c772966123e3657