information about this package can be found in the README. here is a html-version of the README:
needs testing. really could use the opinion on the crypto from someone with more experience in this area. haven't done performance tests.
this is cryptfile, an encrypted block file served over styx. for more information, see the manual page, cryptfile(4).
see http://www.ueber.net/code/r/cryptfile for instructions.
change the "mkconfig" if you don't have $ROOT set. now "mk" to compile and "mk install" to install the files.
when building from within inferno, insert SYSHOST=Inferno and ROOT= in the mk invocations to override the values in the mkconfig.
this code is in the public domain, written by mechiel lukkien, reachable at mechiel@ueber.net.
after a "forget" the user enters a password. if it is wrong, the styx read/write on the file fails. this might upset file servers such as kfs much. perhaps it is better not to respond to the styx request until the user enters a correct password.
add option to change the password (but keep the key of course). involves making a new salt, deriving a new key, making a new iv and making a new crypted data (with new random cookie, the same key and the calculated sha1).
to clone & pull:
hg clone http://www.ueber.net/hgsrv/cryptfile/
hg clone static-http://www.ueber.net/who/mjl/hg/cryptfile/
download a snapshot of the latest version: cryptfile-14.tgz.
the files in the latest revision can be found at /hg/cryptfile/files/tip/. a specific revision can be access by replacing "tip" with the revision number, (partial) nodeid or tag name. a few direct links to useful files in the latest revision:
| rev | nodeid | when | diff | why |
|---|---|---|---|---|
| 14 | 1bd3505512dd | 14 months | diff | remove old email address, add mkconfig. |
| 13 | ca33f57599a6 | 2 years | diff | change synopsis from "X" to "mount {X} mtpt". also don't use -A i... |
| 12 | 9ff045bc9bc9 | 3 years | diff | add another todo, and warn in stronger words about current state o... |
| 11 | 31a68ecd2f93 | 3 years | diff | a README with enough information to get going. |
| 10 | 53fc2b78c1a2 | 3 years | diff | add some comments for easier matching to the rfc. and remove the ... |
| 9 | 7876605026f8 | 3 years | diff | implement xts-mode. add manual page. add options for setting key... |
| 8 | b283dab64a2e | 3 years | diff | wstat of nulldir passes it on to underlying file. |
| 7 | 1a9f40c2e979 | 3 years | diff | don't use the user-input key for the data in the file, use a rando... |
| 6 | b5132051b82a | 3 years | diff | use first sector of underlying file for info. ... |
| 5 | 007d7438b4d7 | 3 years | diff | fix pbkdf2 module. use factotum to read password. better style. |
| 4 | 5fe11cda2df7 | 3 years | diff | implement Qctl for "forget" message. and get the key from factotum. |
| 3 | c4d563789dd6 | 3 years | diff | use aesecb instead of aescbc, and do it more sensibly (i think, bu... |
| 2 | 203ebf8d55c5 | 3 years | diff | add README with warning that this is not to be used (it's not publ... |
| 1 | 5dc383e6ffcf | 3 years | diff | replace file2chan by styxservers. we now provide a file "data" wh... |
| 0 | f7699026ecbf | 3 years | - | starter for cryptfile, what i had lying around. |