Feature Request: Encrypt file in-place

[Anuskuss]

Let's consider this file layout:

🗀 /mnt/
├─ 🗀 enc/
│  ├─ 🗋 gocryptfs.conf
│  └─ 🗋 gocryptfs.diriv
├─ 🗀 dec/
└─ 🗋 file

$ stat -c %w file
2024-09-10 00:00:00.000000000 +0000

Everything resides on the same file system. Now I mount enc at dec. I want to encrypt file so I mv file dec/. The issue with that is that file no loses it's btime because it has to be copied into dec, creating a new file which inherits every property except btime:

🗀 /mnt/
├─ 🗀 enc/
│  ├─ 🗋 gocryptfs.conf
│  ├─ 🗋 gocryptfs.diriv
│  └─ 🗋 tmQgCkoEOwR6t6gIHuLfbg
└─ 🗀 dec/
   └─ 🗋 file

$ stat -c %w enc/tmQgCkoEOwR6t6gIHuLfbg
2024-09-10 00:00:01.000000000 +0000

What I'm asking for is the ability to retain all properties by encrypting the file in-place,

• either always: Moving a file first checks if the file and the encrypted directory are on the same filesystem, then it "hijacks" the move by moving the file into the encrypted directory instead, encrypting it's data, renaming and then finally restoring the mtime
• or via a new tool: gocryptfs-xray -encrypt file enc.sock which will encrypt and place the file into the root of the encrypted directory (it can then be moved freely in the decrypted directory)