Add -forcedecode

Force decode of encrypted files even if the integrity check fails, instead of
failing with an IO error. Warning messages are still printed to syslog if corrupted
files are encountered.
It can be useful to recover files from disks with bad sectors or other corrupted
media.

Closes https://github.com/rfjakob/gocryptfs/pull/102 .

1 files changed, 24 insertions, 1 deletions

diff --git a/cli_args.go b/cli_args.go
index 9414e67..f0bfb48 100644
--- a/cli_args.go
+++ b/cli_args.go
@@ -10,6 +10,7 @@ import (
 
 	"github.com/rfjakob/gocryptfs/internal/configfile"
 	"github.com/rfjakob/gocryptfs/internal/prefer_openssl"
+	"github.com/rfjakob/gocryptfs/internal/stupidgcm"
 	"github.com/rfjakob/gocryptfs/internal/tlog"
 )
 
@@ -18,7 +19,7 @@ type argContainer struct {
 	debug, init, zerokey, fusedebug, openssl, passwd, fg, version,
 	plaintextnames, quiet, nosyslog, wpanic,
 	longnames, allow_other, ro, reverse, aessiv, nonempty, raw64,
-	noprealloc, speed, hkdf, serialize_reads bool
+	noprealloc, speed, hkdf, serialize_reads, forcedecode bool
 	masterkey, mountpoint, cipherdir, cpuprofile, extpass,
 	memprofile, ko, passfile, ctlsock, fsname string
 	// Configuration file name override
@@ -113,6 +114,8 @@ func parseCliOpts() (args argContainer) {
 	flagSet.BoolVar(&args.speed, "speed", false, "Run crypto speed test")
 	flagSet.BoolVar(&args.hkdf, "hkdf", true, "Use HKDF as an additional key derivation step")
 	flagSet.BoolVar(&args.serialize_reads, "serialize_reads", false, "Try to serialize read operations")
+	flagSet.BoolVar(&args.forcedecode, "forcedecode", false, "Force decode of files even if integrity check fails."+
+		" Requires gocryptfs to be compiled with openssl support and implies -openssl true")
 	flagSet.StringVar(&args.masterkey, "masterkey", "", "Mount with explicit master key")
 	flagSet.StringVar(&args.cpuprofile, "cpuprofile", "", "Write cpu profile to specified file")
 	flagSet.StringVar(&args.memprofile, "memprofile", "", "Write memory profile to specified file")
@@ -154,6 +157,26 @@ func parseCliOpts() (args argContainer) {
 			os.Exit(ErrExitUsage)
 		}
 	}
+	// "-forcedecode" only works with openssl. Check compilation and command line parameters
+	if args.forcedecode == true {
+		if stupidgcm.BuiltWithoutOpenssl == true {
+			tlog.Fatal.Printf("The -forcedecode flag requires openssl support, but gocryptfs was compiled without it!")
+			os.Exit(ErrExitUsage)
+		}
+		if args.aessiv == true {
+			tlog.Fatal.Printf("The -forcedecode and -aessiv flags are incompatible because they use different crypto libs (openssl vs native Go)")
+			os.Exit(ErrExitUsage)
+		}
+		if args.reverse == true {
+			tlog.Fatal.Printf("The reverse mode and the -forcedecode option are not compatible")
+			os.Exit(ErrExitUsage)
+		}
+		v, e := strconv.ParseBool(opensslAuto)
+		if e == nil && v == false {
+			tlog.Warn.Printf("-openssl set to true, as it is required by -forcedecode flag")
+		}
+		args.openssl = true
+	}
 	// '-passfile FILE' is a shortcut for -extpass='/bin/cat -- FILE'
 	if args.passfile != "" {
 		args.extpass = "/bin/cat -- " + args.passfile