summaryrefslogtreecommitdiff
path: root/internal/nametransform
diff options
context:
space:
mode:
authorJakob Unterwurzacher2021-08-20 10:57:26 +0200
committerJakob Unterwurzacher2021-08-20 10:58:42 +0200
commit195d9d18a90d88ff2cb0530d832c59d98934fd1f (patch)
treee226de2355cfdf3f2d3a26411b85a338f2a264ef /internal/nametransform
parent8f94083a2114c3aef4bc0320065e0374c420ea4a (diff)
Implement -deterministic-names: extended -zerodiriv
-deterministc-names uses all-zero dirivs but does not write them to disk anymore.
Diffstat (limited to 'internal/nametransform')
-rw-r--r--internal/nametransform/diriv.go22
-rw-r--r--internal/nametransform/longnames.go4
-rw-r--r--internal/nametransform/names.go14
3 files changed, 24 insertions, 16 deletions
diff --git a/internal/nametransform/diriv.go b/internal/nametransform/diriv.go
index a288aa5..3a80baa 100644
--- a/internal/nametransform/diriv.go
+++ b/internal/nametransform/diriv.go
@@ -1,6 +1,7 @@
package nametransform
import (
+ "bytes"
"fmt"
"io"
"os"
@@ -22,7 +23,11 @@ const (
// ReadDirIVAt reads "gocryptfs.diriv" from the directory that is opened as "dirfd".
// Using the dirfd makes it immune to concurrent renames of the directory.
// Retries on EINTR.
-func ReadDirIVAt(dirfd int) (iv []byte, err error) {
+// If deterministicNames is set it returns an all-zero slice.
+func (n *NameTransform) ReadDirIVAt(dirfd int) (iv []byte, err error) {
+ if n.deterministicNames {
+ return make([]byte, DirIVLen), nil
+ }
fdRaw, err := syscallcompat.Openat(dirfd, DirIVFilename,
syscall.O_RDONLY|syscall.O_NOFOLLOW, 0)
if err != nil {
@@ -33,6 +38,9 @@ func ReadDirIVAt(dirfd int) (iv []byte, err error) {
return fdReadDirIV(fd)
}
+// allZeroDirIV is preallocated to quickly check if the data read from disk is all zero
+var allZeroDirIV = make([]byte, DirIVLen)
+
// fdReadDirIV reads and verifies the DirIV from an opened gocryptfs.diriv file.
func fdReadDirIV(fd *os.File) (iv []byte, err error) {
// We want to detect if the file is bigger than DirIVLen, so
@@ -46,6 +54,9 @@ func fdReadDirIV(fd *os.File) (iv []byte, err error) {
if len(iv) != DirIVLen {
return nil, fmt.Errorf("wanted %d bytes, got %d", DirIVLen, len(iv))
}
+ if bytes.Equal(iv, allZeroDirIV) {
+ return nil, fmt.Errorf("diriv is all-zero")
+ }
return iv, nil
}
@@ -53,13 +64,8 @@ func fdReadDirIV(fd *os.File) (iv []byte, err error) {
// "dirfd". On error we try to delete the incomplete file.
// This function is exported because it is used from fusefrontend, main,
// and also the automated tests.
-func WriteDirIVAt(dirfd int, randomInitialization bool) error {
- var iv []byte
- if randomInitialization {
- iv = cryptocore.RandBytes(DirIVLen)
- } else {
- iv = make([]byte, DirIVLen)
- }
+func WriteDirIVAt(dirfd int) error {
+ iv := cryptocore.RandBytes(DirIVLen)
// 0400 permissions: gocryptfs.diriv should never be modified after creation.
// Don't use "ioutil.WriteFile", it causes trouble on NFS:
// https://github.com/rfjakob/gocryptfs/commit/7d38f80a78644c8ec4900cc990bfb894387112ed
diff --git a/internal/nametransform/longnames.go b/internal/nametransform/longnames.go
index 74ddb07..bf8060b 100644
--- a/internal/nametransform/longnames.go
+++ b/internal/nametransform/longnames.go
@@ -114,7 +114,7 @@ func ReadLongNameAt(dirfd int, cName string) (string, error) {
func DeleteLongNameAt(dirfd int, hashName string) error {
err := syscallcompat.Unlinkat(dirfd, hashName+LongNameSuffix, 0)
if err != nil {
- tlog.Warn.Printf("DeleteLongName: %v", err)
+ tlog.Warn.Printf("DeleteLongNameAt: %v", err)
}
return err
}
@@ -128,7 +128,7 @@ func (n *NameTransform) WriteLongNameAt(dirfd int, hashName string, plainName st
plainName = filepath.Base(plainName)
// Encrypt the basename
- dirIV, err := ReadDirIVAt(dirfd)
+ dirIV, err := n.ReadDirIVAt(dirfd)
if err != nil {
return err
}
diff --git a/internal/nametransform/names.go b/internal/nametransform/names.go
index 566f0c7..412ccc0 100644
--- a/internal/nametransform/names.go
+++ b/internal/nametransform/names.go
@@ -25,11 +25,12 @@ type NameTransform struct {
// on the Raw64 feature flag
B64 *base64.Encoding
// Patterns to bypass decryption
- badnamePatterns []string
+ badnamePatterns []string
+ deterministicNames bool
}
// New returns a new NameTransform instance.
-func New(e *eme.EMECipher, longNames bool, raw64 bool, badname []string) *NameTransform {
+func New(e *eme.EMECipher, longNames bool, raw64 bool, badname []string, deterministicNames bool) *NameTransform {
tlog.Debug.Printf("nametransform.New: longNames=%v, raw64=%v, badname=%q",
longNames, raw64, badname)
@@ -38,10 +39,11 @@ func New(e *eme.EMECipher, longNames bool, raw64 bool, badname []string) *NameTr
b64 = base64.RawURLEncoding
}
return &NameTransform{
- emeCipher: e,
- longNames: longNames,
- B64: b64,
- badnamePatterns: badname,
+ emeCipher: e,
+ longNames: longNames,
+ B64: b64,
+ badnamePatterns: badname,
+ deterministicNames: deterministicNames,
}
}