| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-05-31 | crypto: tests, errors, and descriptor computation | Joe Richey joerichey@google.com | |
| This changes the crypto package so it now builds in light of the changes to the util and metadata package. This commit also improves the error handling, adds tests, and makes it so recovery keys now correspond to Policy keys (as they are used to recover a directory in the absence of any metadata). The only feature addition here is the ability to compute descriptors. For backwards compatibility, we keep the same descriptor algorithm used before (double SHA512). Change-Id: Ia2b53c6e85ce65c57595e6823d3c4c92219bc8dc | |||
| 2017-05-02 | crypto: add secure random reader using getrandom | Joe Richey | |
| This commit adds in RandReader, a cryptographically secure io.Reader that will fail when the os has insufficient randomness. This is done using the getrandom() syscall in non-blocking mode. see: http://man7.org/linux/man-pages/man2/getrandom.2.html Any kernel new enough to have filesystem encryption will also have this syscall. This RandReader is preferable to the one provided by the standard library in crypto/rand. See the bugs: https://github.com/golang/go/issues/11833 https://github.com/golang/go/issues/19274 This will be removed when go updates the crypto/rand implementation. Change-Id: Icccaf07bc6011b95cd31a5c268e7486807dcffe2 | |||
 |
index : fscrypt.git | |
| Go tool for managing Linux filesystem encryption |
| aboutsummaryrefslogtreecommitdiff |