Releases: cryfs/cryfs
Releases · cryfs/cryfs
1.0.1
1.0.0
Backwards Compatibility:
- Filesystems created with CryFS 0.11.x and CryFS 1.0.0 are fully compatible with each other. The storage format hasn't changed.
- This means filesystems created with 0.10.x or 0.11.x can be mounted without requiring a migration.
- Filesystems created with 1.0.0 or 0.11.x can be mounted by CryFS 0.10.x, but only if you configure it to use a cipher supported by CryFS 0.10.x, e.g. AES-256-GCM. The new default, XChaCha20-Poly1305, is not supported by CryFS 0.10.x.
Fixes/Improvements
- Added a man page for
cryfs-unmount
- Fixed small inaccuracy in calculation of free space in statvfs
- Fix an issue when using
-o
atime mount options - On Windows
- when the wrong DokanY version is installed, or DokanY is not installed, show an error instead of letting it look like mounting succeeded.
- remove '-f' flag and always run CryFS in foreground mode. Background mode didn't work anyways but attempting to use it would swallow logs and errors. Now they show up correctly.
- show better error message when attempting to mount to a non-drive mount path
- libcurl now uses SChannel for SSL instead of OpenSSL. OpenSSL used to have problems finding certificate authorities, but with SChannel, things work fine.
- Fix some Windows build issues when using Visual Studio 2022. Visual Studio 2019 worked fine but 2022 introduced some breaking changes.
- Fix some MacOS build issues
Build changes
- Requires CMake 3.25
- Remove Windows 32bit build, only 64bit remains supported
- Remove MacOS gcc build, only clang remains supported
- Migrate build from Conan 1.x to Conan 2.x
- There is now an easier way to opt-out of conan. CMake now works directly and without conan if the necessary dependencies are already installed.
- Remove apt.cryfs.org from the
.deb
package generation process since that repository isn't being used anymore - We now only link to libcurl if CRYFS_UPDATE_CHECKS is enabled. If the compile time flag is disabled,
that already disabled update checks in previous versions, but needlessly still linked to libcurl.
Now the flag will fully remove the libcurl dependency from the build.
Dependency Updates
- Fuse 2.9
- DokanY 2.2.0.1000
- Crypto++ 8.9
- range-v3 0.12.0
- boost 1.84
- spdlog 1.14.1
- gtest 1.15.0
- Use libcurl dependency from conan instead of requiring it to be preinstalled. Cut away most of it to minimize dependencies, only keep the minimum needed for querying Cryfs release information.
- Use gtest dependency from conan instead of having it in the vendor/ directory of the repository
1.0.0-rc1
PRE-RELEASE
Backwards Compatibility
- Filesystems created with CryFS 0.11.x and CryFS 1.0.0 are fully compatible with each other. The storage format hasn't changed.
- This means filesystems created with 0.10.x or 0.11.x can be mounted without requiring a migration.
- Filesystems created with 1.0.0 or 0.11.x can be mounted by CryFS 0.10.x, but only if you configure it to use a cipher supported by CryFS 0.10.x, e.g. AES-256-GCM. The new default, XChaCha20-Poly1305, is not supported by CryFS 0.10.x.
Fixes/Improvements
- Added a man page for
cryfs-unmount
- Fixed small inaccuracy in calculation of free space in statvfs
- Fix an issue when using
-o
atime mount options - On Windows
- when the wrong DokanY version is installed, or DokanY is not installed, show an error instead of letting it look like mounting succeeded.
- remove '-f' flag and always run CryFS in foreground mode. Background mode didn't work anyways but attempting to use it would swallow logs and errors. Now they show up correctly.
- show better error message when attempting to mount to a non-drive mount path
- libcurl now uses SChannel for SSL instead of OpenSSL. OpenSSL used to have problems finding certificate authorities, but with SChannel, things work fine.
- Fix some Windows build issues when using Visual Studio 2022. Visual Studio 2019 worked fine but 2022 introduced some breaking changes.
- Fix some MacOS build issues
Build changes
- Requires CMake 3.25
- Remove Windows 32bit build, only 64bit remains supported
- Remove MacOS gcc build, only clang remains supported
- Migrate build from Conan 1.x to Conan 2.x
- There is now an easier way to opt-out of conan. CMake now works directly and without conan if the necessary dependencies are already installed.
- Remove apt.cryfs.org from the
.deb
package generation process since that repository isn't being used anymore - We now only link to libcurl if CRYFS_UPDATE_CHECKS is enabled. If the compile time flag is disabled,
that already disabled update checks in previous versions, but needlessly still linked to libcurl.
Now the flag will fully remove the libcurl dependency from the build.
Dependency Updates
- Fuse 2.9
- DokanY 2.2.0.1000
- Crypto++ 8.9
- range-v3 0.12.0
- boost 1.84
- spdlog 1.14.1
- gtest 1.15.0
- Use libcurl dependency from conan instead of requiring it to be preinstalled. Cut away most of it to minimize dependencies, only keep the minimum needed for querying Cryfs release information.
- Use gtest dependency from conan instead of having it in the vendor/ directory of the repository
0.11.4
0.11.3
- Fixed build issue on systems with libfmt 9.0 (see #432 )
- Fixed build issue on Apple Silicon Macs (see cryfs/homebrew-tap#10 )
- Fixed build issue on systems that only have
python3
but nopython
executable (see cryfs/homebrew-tap#12 )
0.11.2
0.11.1
Bugfix:
- Fix building of the range-v3 dependency. The conan remote URL for this dependency changed and we have to use the new URL. See #398
- Update to CryptoPP 8.6. This fixes a rare bug where CryptoPP 8.5 encrypts data wrongly, see weidai11/cryptopp#1069
- cryfs-unmount correctly unmounts paths that contain spaces, see #372
- Updated to DokanY 1.2.2.1001
0.11.0
Backwards Compatibility:
- Filesystems created with CryFS 0.10.x can be mounted without requiring a migration.
- Filesystems created with CryFS 0.11.x can be mounted by CryFS 0.10.x if you configure it to use a cipher supported by CryFS 0.10.x, e.g. AES-256-GCM. The new default, XChaCha20-Poly1305, is not supported by CryFS 0.10.x.
Security:
- Added the XChaCha20-Poly1305 encryption cipher. For new filesystems, this will be the default, but you're still able to create a filesystem with the previous default of AES-256-GCM
by saying "no" to the "use default settings?" question when creating the file system. Also, old filesystems will not be automatically converted and will keep using AES-256-GCM.
XChaCha20-Poly1305 is significantly slower than AES-256-GCM on modern CPUs, but it is more secure for large filesystems (>64GB).
For AES-256-GCM, it is recommended to encrypt at most 2^32 blocks, which at the CryFS default block size of 16KB would be 64GB. The more the filesystem grows above that, the
more likely it gets that a nonce gets reused and the two corresponding blocks become decryptable by an adversary. Other blocks would not be affected, but an adversary being
able to access those two blocks (i.e. 64KB of the stored data) is bad enough. See Section 8.3 in https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf
XChaCha20-Poly1305 does not suffer from this constraint and stays secure even if the filesystem gets very large.
New platforms:
- CryFS now works on devices with Apple M1 silicon
Build changes:
- Switch to Conan package manager
- Allow an easy way to modify how the dependencies are found. This is mostly helpful for package maintainers. See "Using local dependencies" in the README.
- Build with macFUSE instead of osxfuse on OSX
- Now requires CMake 3.10 or later, and GCC 7 or later, or Clang 7 or later
- Fix a build issue on Gentoo systems
- Fix a build issue when building with boost 1.77
Improvements:
- Display the file system configuration when mounting a file system
- Now shows a better error message when failing to load the config file that distinguishes between "wrong password" and "config file not found".
New features:
- Add support for atime mount options (noatime, strictatime, relatime, atime, nodiratime).
- The new default is now noatime (in 0.10.x is was relatime).
Noatime reduces the amount of writes necessary and with that reduces the probability of synchronization conflicts,
and the probability of corrupted file systems if a power outage happens while writing. - Add an --immediate flag to cryfs-unmount that tries to unmount immediately and doesn't wait for processes to release their locks on the file system.
- Add a --create-missing-basedir and --create-missing-mountpoint flag to create the base directory and mount directory respectively, if they don't exist, skipping the confirmation prompt.
Other:
- Updated to spdlog 1.8.5
- Updated to ranges-v3 0.11.0
- Updated to boost 1.75
- Updated to crypto++ 8.5
0.10.4
0.11.0 Release Candidate 1
Version 0.11.0
Security:
- Added the XChaCha20-Poly1305 encryption cipher. For new filesystems, this will be the default, but you're still able to create a filesystem with the previous default of AES-256-GCM
by saying "no" to the "use default settings?" question when creating the file system. Also, old filesystems will not be automatically converted and will keep using AES-256-GCM.
XChaCha20-Poly1305 is significantly slower than AES-256-GCM on modern CPUs, but it is more secure for large filesystems (>64GB).
For AES-256-GCM, it is recommended to encrypt at most 2^32 blocks, which at the CryFS default block size of 16KB would be 64GB. The more the filesystem grows above that, the
more likely it gets that a nonce gets reused and the two corresponding blocks become decryptable by an adversary. Other blocks would not be affected, but an adversary being
able to access those two blocks (i.e. 64KB of the stored data) is bad enough. See Section 8.3 in https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf
XChaCha20-Poly1305 does not suffer from this constraint and stays secure even if the filesystem gets very large.
New platforms:
- CryFS now works on devices with Apple M1 silicon
Build changes:
- Switch to Conan package manager
- Allow an easy way to modify how the dependencies are found. This is mostly helpful for package maintainers.
- Build with macFUSE instead of osxfuse on OSX
- Now requires CMake 3.10 or later, and GCC 7 or later, or Clang 7 or later
Improvements:
- Display the file system configuration when mounting a file system
- Now shows a better error message when failing to load the config file that distinguishes between "wrong password" and "config file not found".
New features:
- Add support for atime mount options (noatime, strictatime, relatime, atime, nodiratime).
- The new default is now noatime (in 0.10.x is was relatime).
Noatime reduces the amount of writes necessary and with that reduces the probability of synchronization conflicts,
and the probability of corrupted file systems if a power outage happens while writing. - Add an --immediate flag to cryfs-unmount that tries to unmount immediately and doesn't wait for processes to release their locks on the file system.
- Add a --create-missing-basedir and --create-missing-mountpoint flag to create the base directory and mount directory respectively, if they don't exist, skipping the confirmation prompt.
Other:
- Updated to spdlog 1.8.5
- Updated to ranges-v3 0.11.0
- Updated to boost 1.75
- Updated to crypto++ 8.5