Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AES-XTS VFS #171

Merged
merged 6 commits into from
Oct 17, 2024
Merged

AES-XTS VFS #171

merged 6 commits into from
Oct 17, 2024

Conversation

ncruces
Copy link
Owner

@ncruces ncruces commented Oct 17, 2024
edited
Loading

Fix #167.

Thank you, @ben-krieger!

@ncruces ncruces marked this pull request as ready for review October 17, 2024 11:48
ben-krieger
ben-krieger approved these changes Oct 17, 2024
View reviewed changes
vfs/xts/xts.go Outdated Show resolved Hide resolved
internal/util/math_test.go Show resolved Hide resolved
vfs/xts/aes_test.go Outdated Show resolved Hide resolved
vfs/xts/api.go Show resolved Hide resolved
vfs/xts/xts.go Outdated Show resolved Hide resolved
vfs/xts/xts.go Outdated Show resolved Hide resolved
vfs/xts/xts.go Show resolved Hide resolved
@ben-krieger
Copy link
Contributor

Behavior seems to be the same as before with fido-device-onboard/go-fdo#11, but I can't directly compare, since the pepper and sector size changed.

ncruces and others added 2 commits October 17, 2024 22:59
@ncruces @ben-krieger
Apply suggestions from code review
9324386 
Co-authored-by: Ben Krieger <ben.krieger@intel.com>
@ncruces
Address code review.
cb2f28d
@ncruces ncruces merged commit d6aebe6 into main Oct 17, 2024
5 checks passed
@ncruces ncruces deleted the xts branch October 17, 2024 22:53
@ncruces
Copy link
Owner Author

ncruces commented Oct 18, 2024

@ben-krieger the fact that I merged this doesn't mean that it's final (even if I tag a release).
I'll mention in the release notes that this VFS is experimental, until you give final approval.

If security review on your end feels that anything should change, and that requires a compatibility break, we do it anyway.
Security review is kinda whole the point of this, and go-fdo the primary client.
There's little point in keeping compatibility with something that fails review and goes unused.

@ben-krieger
Copy link
Contributor

@ben-krieger the fact that I merged this doesn't mean that it's final (even if I tag a release). I'll mention in the release notes that this VFS is experimental, until you give final approval.

If security review on your end feels that anything should change, and that requires a compatibility break, we do it anyway. Security review is kinda whole the point of this, and go-fdo the primary client. There's little point in keeping compatibility with something that fails review and goes unused.

I'm trying to get an informal review done now. But worst case, there will be another official review once we tag the first release of go-fdo, so I'll keep you updated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ben-krieger ben-krieger ben-krieger approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

AES-XTS VFS
2 participants
@ncruces @ben-krieger