mirrors/cryptomator
1
0
Fork 0
mirror of https://github.com/cryptomator/cryptomator.git synced 2026-05-22 20:51:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
190 Commits 36 Branches 214 Tags
bbeeb79812c77706bf44eeb2c8fd5ec331afe2db
Commit Graph

64 Commits

Author SHA1 Message Date
Sebastian Stenzel
bbeeb79812 reduced max file name size, locking metadata files before read/write. 2015-05-05 06:50:16 +02:00
Sebastian Stenzel
4d08e9d72b cleanup 2015-05-04 22:02:47 +02:00
Sebastian Stenzel
040f260bf0 authenticated file header 2015-05-04 21:31:41 +02:00
Sebastian Stenzel
cdf9c28a38 refactored directory structure, so windows (and OneDrive) can handle vaults better 2015-04-28 18:19:05 +02:00
Sebastian Stenzel
b9b85a58ac Increased Version to 0.7.0-SNAPSHOT 2015-03-14 22:10:51 +01:00
Sebastian Stenzel
9024465d6c Beta 0.6.0 2015-03-14 22:09:25 +01:00
Sebastian Stenzel
652c4cbafb Using 96 bit of random data and a 32 bit counter (as specified in https://tools.ietf.org/html/rfc3686#section-4). Thus maximum file size supported by Cryptomator is 64GiB, but decreasing risk of IV collisions to 1 : 2^48 2015-03-14 21:58:06 +01:00
Sebastian Stenzel
188a13b202 - better handling of MAC auth fails, providing link to help page 
- use random data as file size obfuscation padding
- fixed osx unmount error
- new attempt to close #41
 2015-03-14 19:11:24 +01:00
Sebastian Stenzel
c1dd902a10 Async MAC authentication for HTTP range requests. Fixes #38 2015-03-09 16:32:59 +01:00
Sebastian Stenzel
2849e39e85 on-the-fly MAC calculation for better performance (addresses issue #38) 
we still need to add some kind of warning on the UI and create an async MAC checker for ranged requests
 2015-03-01 22:23:42 +01:00
Sebastian Stenzel
9433c22d7f minor I/O improvements 2015-03-01 20:55:32 +01:00
Sebastian Stenzel
5bd38d31bf Merge branch '0.5.1' 
Conflicts:
	main/core/pom.xml
	main/crypto-aes/pom.xml
	main/crypto-api/pom.xml
	main/pom.xml
	main/ui/pom.xml
 2015-02-23 14:53:31 +01:00
Sebastian Stenzel
63f64fae03 Fixed performance implications due to slow /dev/random. Now seeding PRNG only once per Cryptor. Fixes #36 2015-02-23 14:51:52 +01:00
Sebastian Stenzel
f86b27d62f Updated Version to 0.6.0-SNAPSHOT 2015-02-22 22:19:13 +01:00
Sebastian Stenzel
cba8bbefc5 Beta Version 0.5.0 2015-02-22 22:18:18 +01:00
Sebastian Stenzel
ea3384d189 removed multi user functionality (see #21) 
using fixed masterkey filename now
 2015-02-22 15:15:43 +01:00
Sebastian Stenzel
b68cf71494 - always check HMAC before decryption 
- separating AES and CMAC key during SIV mode
 2015-02-20 19:47:45 +01:00
Sebastian Stenzel
5569ecbfc7 fixes #23 2015-02-19 19:50:03 +01:00
Sebastian Stenzel
19bc1ed569 using beginning of long filename instead of checksum 2015-02-19 18:54:31 +01:00
Sebastian Stenzel
5aaee7bbf6 - fixed xorend function 
- SIV implementation now satisfies all official test vectors
 2015-02-15 15:55:49 +01:00
Sebastian Stenzel
3187520797 - fixed special chars in folder names 
- fixed IndexOutOfBoundsException
- removal of no longer existing vault directories (at runtime)
 2015-02-15 00:48:03 +01:00
Sebastian Stenzel
bcee1e0d12 Filename padding no longer needed: This was done in order to prevent AES-CTR to switch to a stream mode on the last block, which would be highly exploitable. Now we're using SIV mode, which operates on whole blocks. 2015-02-14 19:21:08 +01:00
Sebastian Stenzel
9fdd2f339c - changed file name encryption to SIV mode 
- vastly improved exception handling, if decryption of a path name fails
 2015-02-14 18:55:33 +01:00
Sebastian Stenzel
ebdf37ed63 RFC 5297 AEAD_AES_SIV_CMAC_256 2015-02-14 18:20:17 +01:00
Sebastian Stenzel
5e0ebab587 refactored "add vault" functionality, which fixes #14 
removed some dependencies
refactored Main/MainApplication, which fixes #16
 2015-02-13 19:46:07 +01:00
Tillmann Gaida
0cfc3fb7f7 Prevents starting a second instance of the GUI and forwards 
main-method-arguments to the running instance. Command line arguments
are treated by showing the corresponding folder in the GUI.

If an argument is a folder, it is shown directly. If an argument is a
.masterkey.json file, the parent directory is shown. If an argument does
not exist, but the folder can be created, the newly created folder is
shown.

It was necessary to move the main function away from the MainApplication
class because running the main method of a class, which extends the
javafx Application class, will start a non-daemon thread. This prevents
the VM from exiting naturally.

OSX needs its own mechanism, which is implemented in OS-specific code.
It is vital that the required handler is added in the main thread of the
application, not the Java FX thread, which is a bit awkward to
implement. Since it is possible to open .cryptomator packages on OSX,
this extension is now hidden in the folder list.
 2015-01-21 17:35:25 +01:00
Sebastian Stenzel
7813a11381 - pad filenames with NULL bytes (fixes #24) 2015-01-16 19:55:33 +01:00
Sebastian Stenzel
d774546bf8 - pad file contents to reach a multiple of 16 bytes (so AES/CTR always works on complete blocks) - references #24 
- calculate MAC over complete ciphertext (including file length obfuscation trash data)
 2015-01-16 19:50:57 +01:00
Sebastian Stenzel
0aef60efc4 - Single Jetty instnace (fixes #19) 2015-01-15 12:27:10 +01:00
Sebastian Stenzel
8bfdad38b9 - fixed timing attack on MAC (see http://codahale.com/a-lesson-in-timing-attacks/) 2015-01-14 19:34:36 +01:00
Sebastian Stenzel
5e6f343e68 - Updated version to 0.5.0-SNAPSHOT 2015-01-13 11:04:58 +01:00
Sebastian Stenzel
b49eb82f38 - Beta Version 0.4.0 2015-01-13 11:01:42 +01:00
Sebastian Stenzel
2e67910a60 - added file integrity check (#17) - not yet visible to the user 2015-01-06 11:39:31 +01:00
Sebastian Stenzel
e19cf1c942 - Changed file layout, added MAC (see #17) 
- Obfuscates file size (fixes #18)
 2015-01-06 01:23:16 +01:00
Sebastian Stenzel
55e758315d - bugfix: using hmac key for hmac operations 2015-01-05 22:34:02 +01:00
Sebastian Stenzel
0e288f0c84 - fixes #8: Using Scrypt key derivation function now 2015-01-04 18:19:13 +01:00
Sebastian Stenzel
3f2ef3a83a - Using RFC AES 3394 Key Wrap algorithm for storing master keys 
- Storing HMac key and encryption key separately
- Thanks to key wrap, simplified keyfile (no more IV needed)
 2015-01-04 16:32:50 +01:00
Sebastian Stenzel
1a076d9c1b - Using hmac_sha256(key, plaintext) instead of sha256(key || plaintext) for IV generation during filename encryption. Still references #7 2014-12-31 11:06:56 +01:00
Sebastian Stenzel
9fe135ef0f - fixes #6, simplifies password verification 
- improves filename IV -> SIV using substring from sha256(secondaryKey + plaintextFilename). References #7
 2014-12-31 01:21:08 +01:00
Sebastian Stenzel
4cb9da7252 - file name encryption is deterministic again (broken by fix for #7) 
- improved unit test to avoid this mistake in the future
 2014-12-30 20:06:05 +01:00
Sebastian Stenzel
ebea3dae65 - Increased file name IV length 2014-12-30 18:13:43 +01:00
Sebastian Stenzel
d8c9279f6f - fixes #7 
- removes any use of CBC mode (might affect issue #9)
 2014-12-30 17:38:57 +01:00
Sebastian Stenzel
5bbaf62c67 - Updated version to 0.4.0-SNAPSHOT 2014-12-24 14:39:33 +01:00
Sebastian Stenzel
1770bab699 - updated metadata file names 2014-12-21 20:08:09 +01:00
Sebastian Stenzel
1d05e878ab - Support for HTTP Range header fields, thus vastly improved performance for video streaming 
- Simplified cryptor implementation for partial decryption
 2014-12-21 16:54:47 +01:00
Sebastian Stenzel
f76091ddc0 - Made unit tests I/O-independent 2014-12-20 16:46:50 +01:00
Sebastian Stenzel
6dff296872 - using java.util.Random in unit tests again, as performance doesn't change by using non-random PRNG - of course still using a cryptographically secure PRNG in production ;-) 2014-12-20 11:18:12 +01:00
Sebastian Stenzel
6d98442f7e - preparation for http range requests: cryptor supports partial decryption now 2014-12-20 10:47:26 +01:00
Sebastian Stenzel
38a0cfb2eb - faster unit test using insecure PRNG - test only ;) 2014-12-16 12:13:01 +01:00
Sebastian Stenzel
9c8e4fbf3b Merge branch 'master' of https://github.com/totalvoidness/cryptomator 2014-12-11 20:07:56 +01:00