summaryrefslogtreecommitdiff
path: root/internal/nametransform/names.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2021-12-19 14:43:56 +0100
committerJakob Unterwurzacher2021-12-19 14:43:56 +0100
commit64be5de75f42e415198ff5e77de509680b69e0e1 (patch)
tree8897db6d0de0a4c11921bba72de621e30f0ce501 /internal/nametransform/names.go
parenteb42e541828336e9b19e1bc5e087a419835b0c85 (diff)
fusefrontend: allow slashes in xattr names
xattr names have fewer restrictions than file names, relax the validation. Fixes https://github.com/rfjakob/gocryptfs/issues/627
Diffstat (limited to 'internal/nametransform/names.go')
-rw-r--r--internal/nametransform/names.go34
1 files changed, 24 insertions, 10 deletions
diff --git a/internal/nametransform/names.go b/internal/nametransform/names.go
index e07ccfb..ebe0fb6 100644
--- a/internal/nametransform/names.go
+++ b/internal/nametransform/names.go
@@ -66,7 +66,14 @@ func New(e *eme.EMECipher, longNames bool, longNameMax uint8, raw64 bool, badnam
func (n *NameTransform) DecryptName(cipherName string, iv []byte) (string, error) {
res, err := n.decryptName(cipherName, iv)
if err != nil && n.HaveBadnamePatterns() {
- return n.decryptBadname(cipherName, iv)
+ res, err = n.decryptBadname(cipherName, iv)
+ }
+ if err != nil {
+ return "", err
+ }
+ if err := IsValidName(res); err != nil {
+ tlog.Warn.Printf("DecryptName %q: invalid name after decryption: %v", cipherName, err)
+ return "", syscall.EBADMSG
}
return res, err
}
@@ -79,30 +86,29 @@ func (n *NameTransform) decryptName(cipherName string, iv []byte) (string, error
return "", err
}
if len(bin) == 0 {
- tlog.Warn.Printf("DecryptName: empty input")
+ tlog.Warn.Printf("decryptName: empty input")
return "", syscall.EBADMSG
}
if len(bin)%aes.BlockSize != 0 {
- tlog.Debug.Printf("DecryptName %q: decoded length %d is not a multiple of 16", cipherName, len(bin))
+ tlog.Debug.Printf("decryptName %q: decoded length %d is not a multiple of 16", cipherName, len(bin))
return "", syscall.EBADMSG
}
bin = n.emeCipher.Decrypt(iv, bin)
bin, err = unPad16(bin)
if err != nil {
- tlog.Warn.Printf("DecryptName %q: unPad16 error: %v", cipherName, err)
+ tlog.Warn.Printf("decryptName %q: unPad16 error: %v", cipherName, err)
return "", syscall.EBADMSG
}
plain := string(bin)
- if err := IsValidName(plain); err != nil {
- tlog.Warn.Printf("DecryptName %q: invalid name after decryption: %v", cipherName, err)
- return "", syscall.EBADMSG
- }
return plain, err
}
-// EncryptName encrypts "plainName", returns a base64-encoded "cipherName64",
+// EncryptName encrypts a file name "plainName" and returns a base64-encoded "cipherName64",
// encrypted using EME (https://github.com/rfjakob/eme).
//
+// plainName is checked for null bytes, slashes etc. and such names are rejected
+// with an error.
+//
// This function is exported because in some cases, fusefrontend needs access
// to the full (not hashed) name if longname is used.
func (n *NameTransform) EncryptName(plainName string, iv []byte) (cipherName64 string, err error) {
@@ -110,11 +116,19 @@ func (n *NameTransform) EncryptName(plainName string, iv []byte) (cipherName64 s
tlog.Warn.Printf("EncryptName %q: invalid plainName: %v", plainName, err)
return "", syscall.EBADMSG
}
+ return n.encryptName(plainName, iv), nil
+}
+
+// encryptName encrypts "plainName" and returns a base64-encoded "cipherName64",
+// encrypted using EME (https://github.com/rfjakob/eme).
+//
+// No checks for null bytes etc are performed against plainName.
+func (n *NameTransform) encryptName(plainName string, iv []byte) (cipherName64 string) {
bin := []byte(plainName)
bin = pad16(bin)
bin = n.emeCipher.Encrypt(iv, bin)
cipherName64 = n.B64.EncodeToString(bin)
- return cipherName64, nil
+ return cipherName64
}
// EncryptAndHashName encrypts "name" and hashes it to a longname if it is