Commit Graph

15 Commits (b014a9a4409e162a801f749efc50f34093985268)

Author SHA1 Message Date
Peter Cai b014a9a440 Concatenate the symmetric keys instead of using HMAC-SHA256
There is no point trying to KDF here. Gocryptfs does its own KDF anyway
(, and a leaked
gocryptfs password is not really in our security model (because that
compromises the entire storage in any case).
2022-10-10 20:13:52 -04:00
Peter Cai 518e38b11b Add LICENSE 2022-10-10 17:35:58 -04:00
Peter Cai d6e7763de3 Add README 2022-10-10 17:35:08 -04:00
Peter Cai 124a293a33 Only allow alphanumeric passphrases for now
We would need to sanitize the input for perl, or find a better way to do
hmac_sha256 here.
2022-10-10 16:21:20 -04:00
Peter Cai ca322277b2 Supress git errors when the pass store is not a git repo 2022-10-10 16:16:50 -04:00
Peter Cai f9902f8989 Support an extra symmetric passphrase for protecting the crypt subtree
This can help protect against gpg vulnerabilities (e.g. quantum
computing) and/or leakage.
2022-10-10 16:08:44 -04:00
Peter Cai fe28c7e3df Check extraneous arguments on each subcommand 2022-10-10 15:36:37 -04:00
Peter Cai cf670956d8 Use $PROGRAM when delegating pass commands 2022-10-10 15:08:28 -04:00
Peter Cai 9ae5562869 Switch to using internal functions fron pass instead of using pass directly 2022-10-10 15:07:58 -04:00
Peter Cai 780e62a713 gocrypt: Use lazy unmount when absolutely necessary 2022-10-10 14:55:42 -04:00
Peter Cai 1457458ab8 Quote $@ in bash scripts 2022-10-10 14:53:26 -04:00
Peter Cai c9c4f16860 Add `crypt` subcommand to migrate from outside the subdirectory 2022-10-10 14:50:54 -04:00
Peter Cai cc36d53933 Check whether the subdirectory has been opened before opening 2022-10-10 11:39:44 -04:00
Peter Cai 9f1997837e Add help message 2022-10-10 11:36:12 -04:00
Peter Cai 188f523148 Initial implementation of the gocrypt plugin 2022-10-10 11:05:41 -04:00