fscrypt.git/util, branch v0.2.0 Go tool for managing Linux filesystem encryption pam_fscrypt: Session accounting completed 2017-08-24T01:51:23+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-08-24T01:51:23+00:00 d617d7725ce8b91df2152d6539da10c401c59325 






security: Moved cache dropping function
2017-08-22T19:53:26+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-08-22T19:52:41+00:00

32c9be59a2485ef44ac4b3accc2f102cf2eb5a39












cmd/fscrypt: purge command now clears cache
2017-08-18T05:49:44+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-08-16T01:11:29+00:00

151e8965fa3a9c8f65e316430f9df0fa763fb02d












util: Slice/Pointer conversion fits in MatInt32
2017-08-14T00:43:37+00:00

Joseph Richey
joerichey94@gmail.com

2017-08-14T00:40:15+00:00

778a9e762cba5ebb6e03b12018e354ac1b38023b












tests: Unit tests and Integration tests work
2017-07-19T04:08:02+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-19T04:08:02+00:00

3afdd84a5c0cea217043e9d32ce61e9f6bccf18b

Now the testing functions will skip the integration tests if a testing
filesystem is not specified.





Now the testing functions will skip the integration tests if a testing
filesystem is not specified.







util: Add conversions for byte/pointer arrays
2017-07-17T22:40:02+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-17T22:40:02+00:00

0b643ea0976f7bbd3cebef08c449090869701226












util: Move line reading into common package
2017-07-17T22:01:38+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-17T22:01:38+00:00

f4de90f84d0ead2761ae3ae47d91de2977fe374b












Change error handling to new package
2017-06-28T21:06:52+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-06-21T16:52:40+00:00

77b226a90ef70b77ca556830528c013a23b01e57

This commit changes the error handing for the crypto, filesystem,
metadata, pam, and util packages to use the error handling library
github.com/pkg/errors. This means elimination of the FSError type, an
increased use of wrapping errors (as opposed to logging), switching
on the Cause() of an error (as opposed to its value), and improving our
integration tests involving TEST_FILESYSTEM_ROOT.

This commit also fixes a few bugs with the keyring code to ensure that
our {Find|Remove|Insert}PolicyKey functions are always operating on the
same keyring. The check for filesystem support has been moved from the
filesystem package to the metadata package. Finally, the API for the
filesystem package has been slightly modified:
	* filesystem.AllFilesystems() now returns all the filesystems in
	  sorted order
	* certain path methods are now public

O_SYNC is also removed for writing the metadata. We don't get that much
from syncing the metadata, as the actual file data could also be
corrupted by and IO error. The sync operation is also occasionally very
slow (~3 seconds) and can be unfriendly to battery life.

Change-Id: I392c2655141714b16dfdbc84ac09780072be2cf0





This commit changes the error handing for the crypto, filesystem,
metadata, pam, and util packages to use the error handling library
github.com/pkg/errors. This means elimination of the FSError type, an
increased use of wrapping errors (as opposed to logging), switching
on the Cause() of an error (as opposed to its value), and improving our
integration tests involving TEST_FILESYSTEM_ROOT.

This commit also fixes a few bugs with the keyring code to ensure that
our {Find|Remove|Insert}PolicyKey functions are always operating on the
same keyring. The check for filesystem support has been moved from the
filesystem package to the metadata package. Finally, the API for the
filesystem package has been slightly modified:
	* filesystem.AllFilesystems() now returns all the filesystems in
	  sorted order
	* certain path methods are now public

O_SYNC is also removed for writing the metadata. We don't get that much
from syncing the metadata, as the actual file data could also be
corrupted by and IO error. The sync operation is also occasionally very
slow (~3 seconds) and can be unfriendly to battery life.

Change-Id: I392c2655141714b16dfdbc84ac09780072be2cf0







util: better handing of custom errors
2017-05-31T19:33:58+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-05-24T01:32:18+00:00

4b6d0ce14b8553a93b2d14fd858dfd35bfd61104

This commit changes how we handle InvalidInput and System errors.
Instead of having formatting functions, the now just wrap a string and
should be created with fmt.Sprintf or similar. We also move all of the
error related code into a single place.

Finally, the utils package gets additional functionality with MinInt64
and GetUsername, and the UnderlyingError function gets better logging.

Note that this will break packages that depend on it. For instance,
metadata and crypto currently do not build. This is fixed in a later
commit.

Change-Id: I819e4d1970604456a5b4b6a7c86426f180a6d092





This commit changes how we handle InvalidInput and System errors.
Instead of having formatting functions, the now just wrap a string and
should be created with fmt.Sprintf or similar. We also move all of the
error related code into a single place.

Finally, the utils package gets additional functionality with MinInt64
and GetUsername, and the UnderlyingError function gets better logging.

Note that this will break packages that depend on it. For instance,
metadata and crypto currently do not build. This is fixed in a later
commit.

Change-Id: I819e4d1970604456a5b4b6a7c86426f180a6d092







crypto: reading and writing recovery keys
2017-05-02T20:39:18+00:00

Joe Richey
joerichey@google.com

2017-03-02T22:01:20+00:00

ee10adc91e79bca395a6b069797a99863fc957dd

This commit adds in the concept of recovery codes: human-readable
strings that contain the necessary information to rederive a
cryptographic key. These keys look like:
	73PZBXVP-DKJX7SKV-NNTFIC7A-QEGRPZUX-4K5ORRH2-MTKMKP3B-HFCA====

They are input or output directly to a io.Reader or io.Writer
respectively. This prevents the data from passing through unsecured
memory before it gets to its destination. Of course, if the provided
io.Reader or io.Writer is insecure, there is nothing we can do. In most
cases the provided io.Reader or io.Writer will be stdin or stdout. In
some rare cases you might want to pipe the output to another key.

This commit also adds tests and benchmarks for encoding/decoding
recovery codes. It also tests that encoding/decoding will fail in the
correct situations. A benchmark is also added to measure the effect of
locking the keys in memory.

Change-Id: Ifa0bc4c08582789785cf1cdd9a4acfe76c79534f





This commit adds in the concept of recovery codes: human-readable
strings that contain the necessary information to rederive a
cryptographic key. These keys look like:
	73PZBXVP-DKJX7SKV-NNTFIC7A-QEGRPZUX-4K5ORRH2-MTKMKP3B-HFCA====

They are input or output directly to a io.Reader or io.Writer
respectively. This prevents the data from passing through unsecured
memory before it gets to its destination. Of course, if the provided
io.Reader or io.Writer is insecure, there is nothing we can do. In most
cases the provided io.Reader or io.Writer will be stdin or stdout. In
some rare cases you might want to pipe the output to another key.

This commit also adds tests and benchmarks for encoding/decoding
recovery codes. It also tests that encoding/decoding will fail in the
correct situations. A benchmark is also added to measure the effect of
locking the keys in memory.

Change-Id: Ifa0bc4c08582789785cf1cdd9a4acfe76c79534f