Add EME filename encryption & enable it by default

author: Jakob Unterwurzacher 2015-12-08 16:13:29 +0100
committer: Jakob Unterwurzacher 2015-12-08 16:17:04 +0100
commit: c6dacd6f913b4c6eb7a8917af49190dce32db108 (patch)
tree: c0fd9a08f42c37bd977b95d2bb0a7c96226045c1 /pathfs_frontend
parent: ff8c81f95b311eb1cd9c822202519f1a90a8cdd4 (diff)
3 files changed, 46 insertions, 18 deletions
diff --git a/pathfs_frontend/args.go b/pathfs_frontend/args.go
index 86a907d..fb0b81f 100644
--- a/pathfs_frontend/args.go
+++ b/pathfs_frontend/args.go
@@ -7,4 +7,5 @@ type Args struct {
 	OpenSSL        bool
 	PlaintextNames bool
 	DirIV          bool
+	EMENames       bool
 }
diff --git a/pathfs_frontend/fs.go b/pathfs_frontend/fs.go
index 40e0d1d..0f462b0 100644
--- a/pathfs_frontend/fs.go
+++ b/pathfs_frontend/fs.go
@@ -48,7 +48,7 @@ func (fs *FS) getBackingPath(relPath string) (string, error) {
 
 func (fs *FS) GetAttr(name string, context *fuse.Context) (*fuse.Attr, fuse.Status) {
 	cryptfs.Debug.Printf("FS.GetAttr('%s')\n", name)
-	if fs.CryptFS.IsFiltered(name) {
+	if fs.isFiltered(name) {
 		return nil, fuse.EPERM
 	}
 	cName, err := fs.encryptPath(name)
@@ -103,7 +103,7 @@ func (fs *FS) OpenDir(dirName string, context *fuse.Context) ([]fuse.DirEntry, f
 			continue
 		}
 		var name string
-		name, err = fs.CryptFS.DecryptName(cName, cachedIV)
+		name, err = fs.CryptFS.DecryptName(cName, cachedIV, fs.args.EMENames)
 		if err != nil {
 			cryptfs.Warn.Printf("Invalid name \"%s\" in dir \"%s\": %s\n", cName, dirName, err)
 			continue
@@ -128,7 +128,7 @@ func (fs *FS) mangleOpenFlags(flags uint32) (newFlags int, writeOnly bool) {
 }
 
 func (fs *FS) Open(path string, flags uint32, context *fuse.Context) (fuseFile nodefs.File, status fuse.Status) {
-	if fs.CryptFS.IsFiltered(path) {
+	if fs.isFiltered(path) {
 		return nil, fuse.EPERM
 	}
 	iflags, writeOnly := fs.mangleOpenFlags(flags)
@@ -147,7 +147,7 @@ func (fs *FS) Open(path string, flags uint32, context *fuse.Context) (fuseFile n
 }
 
 func (fs *FS) Create(path string, flags uint32, mode uint32, context *fuse.Context) (fuseFile nodefs.File, code fuse.Status) {
-	if fs.CryptFS.IsFiltered(path) {
+	if fs.isFiltered(path) {
 		return nil, fuse.EPERM
 	}
 	iflags, writeOnly := fs.mangleOpenFlags(flags)
@@ -163,7 +163,7 @@ func (fs *FS) Create(path string, flags uint32, mode uint32, context *fuse.Conte
 }
 
 func (fs *FS) Chmod(path string, mode uint32, context *fuse.Context) (code fuse.Status) {
-	if fs.CryptFS.IsFiltered(path) {
+	if fs.isFiltered(path) {
 		return fuse.EPERM
 	}
 	cPath, err := fs.encryptPath(path)
@@ -174,7 +174,7 @@ func (fs *FS) Chmod(path string, mode uint32, context *fuse.Context) (code fuse.
 }
 
 func (fs *FS) Chown(path string, uid uint32, gid uint32, context *fuse.Context) (code fuse.Status) {
-	if fs.CryptFS.IsFiltered(path) {
+	if fs.isFiltered(path) {
 		return fuse.EPERM
 	}
 	cPath, err := fs.encryptPath(path)
@@ -185,7 +185,7 @@ func (fs *FS) Chown(path string, uid uint32, gid uint32, context *fuse.Context)
 }
 
 func (fs *FS) Mknod(path string, mode uint32, dev uint32, context *fuse.Context) (code fuse.Status) {
-	if fs.CryptFS.IsFiltered(path) {
+	if fs.isFiltered(path) {
 		return fuse.EPERM
 	}
 	cPath, err := fs.encryptPath(path)
@@ -201,7 +201,7 @@ func (fs *FS) Truncate(path string, offset uint64, context *fuse.Context) (code
 }
 
 func (fs *FS) Utimens(path string, Atime *time.Time, Mtime *time.Time, context *fuse.Context) (code fuse.Status) {
-	if fs.CryptFS.IsFiltered(path) {
+	if fs.isFiltered(path) {
 		return fuse.EPERM
 	}
 	cPath, err := fs.encryptPath(path)
@@ -244,7 +244,7 @@ func (fs *FS) Readlink(path string, context *fuse.Context) (out string, status f
 }
 
 func (fs *FS) Mkdir(relPath string, mode uint32, context *fuse.Context) (code fuse.Status) {
-	if fs.CryptFS.IsFiltered(relPath) {
+	if fs.isFiltered(relPath) {
 		return fuse.EPERM
 	}
 	encPath, err := fs.getBackingPath(relPath)
@@ -275,7 +275,7 @@ func (fs *FS) Mkdir(relPath string, mode uint32, context *fuse.Context) (code fu
 }
 
 func (fs *FS) Unlink(path string, context *fuse.Context) (code fuse.Status) {
-	if fs.CryptFS.IsFiltered(path) {
+	if fs.isFiltered(path) {
 		return fuse.EPERM
 	}
 	cPath, err := fs.getBackingPath(path)
@@ -349,7 +349,7 @@ func (fs *FS) Rmdir(name string, context *fuse.Context) (code fuse.Status) {
 
 func (fs *FS) Symlink(target string, linkName string, context *fuse.Context) (code fuse.Status) {
 	cryptfs.Debug.Printf("Symlink(\"%s\", \"%s\")\n", target, linkName)
-	if fs.CryptFS.IsFiltered(linkName) {
+	if fs.isFiltered(linkName) {
 		return fuse.EPERM
 	}
 	cPath, err := fs.getBackingPath(linkName)
@@ -376,7 +376,7 @@ func (fs *FS) Symlink(target string, linkName string, context *fuse.Context) (co
 }
 
 func (fs *FS) Rename(oldPath string, newPath string, context *fuse.Context) (code fuse.Status) {
-	if fs.CryptFS.IsFiltered(newPath) {
+	if fs.isFiltered(newPath) {
 		return fuse.EPERM
 	}
 	cOldPath, err := fs.getBackingPath(oldPath)
@@ -396,7 +396,7 @@ func (fs *FS) Rename(oldPath string, newPath string, context *fuse.Context) (cod
 }
 
 func (fs *FS) Link(oldPath string, newPath string, context *fuse.Context) (code fuse.Status) {
-	if fs.CryptFS.IsFiltered(newPath) {
+	if fs.isFiltered(newPath) {
 		return fuse.EPERM
 	}
 	cOldPath, err := fs.getBackingPath(oldPath)
@@ -411,7 +411,7 @@ func (fs *FS) Link(oldPath string, newPath string, context *fuse.Context) (code
 }
 
 func (fs *FS) Access(path string, mode uint32, context *fuse.Context) (code fuse.Status) {
-	if fs.CryptFS.IsFiltered(path) {
+	if fs.isFiltered(path) {
 		return fuse.EPERM
 	}
 	cPath, err := fs.getBackingPath(path)
diff --git a/pathfs_frontend/names.go b/pathfs_frontend/names.go
index bb73ff4..e1783a6 100644
--- a/pathfs_frontend/names.go
+++ b/pathfs_frontend/names.go
@@ -6,20 +6,47 @@ import (
 	"github.com/rfjakob/gocryptfs/cryptfs"
 )
 
+// isFiltered - check if plaintext "path" should be forbidden
+//
+// Prevents name clashes with internal files when file names are not encrypted
+func (fs *FS) isFiltered(path string) bool {
+	if !fs.args.PlaintextNames {
+		return false
+	}
+	// gocryptfs.conf in the root directory is forbidden
+	if path == cryptfs.ConfDefaultName {
+		cryptfs.Warn.Printf("The name /%s is reserved when -plaintextnames is used\n",
+			cryptfs.ConfDefaultName)
+		return true
+	}
+	// Note: gocryptfs.diriv is NOT forbidden because diriv and plaintextnames
+	// are exclusive
+	return false
+}
+
+
+// encryptPath - encrypt relative plaintext path
 func (fs *FS) encryptPath(plainPath string) (string, error) {
+	if fs.args.PlaintextNames {
+		return plainPath, nil
+	}
 	if !fs.args.DirIV {
-		return fs.CryptFS.TranslatePathZeroIV(plainPath, cryptfs.OpEncrypt)
+		return fs.CryptFS.EncryptPathNoIV(plainPath), nil
 	}
 	fs.dirIVLock.RLock()
 	defer fs.dirIVLock.RUnlock()
-	return fs.CryptFS.EncryptPathDirIV(plainPath, fs.args.Cipherdir)
+	return fs.CryptFS.EncryptPathDirIV(plainPath, fs.args.Cipherdir, fs.args.EMENames)
 }
 
+// decryptPath - decrypt relative ciphertext path
 func (fs *FS) decryptPath(cipherPath string) (string, error) {
+	if fs.args.PlaintextNames {
+		return cipherPath, nil
+	}
 	if !fs.args.DirIV {
-		return fs.CryptFS.TranslatePathZeroIV(cipherPath, cryptfs.OpDecrypt)
+		return fs.CryptFS.DecryptPathNoIV(cipherPath)
 	}
 	fs.dirIVLock.RLock()
 	defer fs.dirIVLock.RUnlock()
-	return fs.CryptFS.DecryptPathDirIV(cipherPath, fs.args.Cipherdir)
+	return fs.CryptFS.DecryptPathDirIV(cipherPath, fs.args.Cipherdir, fs.args.EMENames)
 }
author	Jakob Unterwurzacher	2015-12-08 16:13:29 +0100
committer	Jakob Unterwurzacher	2015-12-08 16:17:04 +0100
commit	c6dacd6f913b4c6eb7a8917af49190dce32db108 (patch)
tree	c0fd9a08f42c37bd977b95d2bb0a7c96226045c1 /pathfs_frontend
parent	ff8c81f95b311eb1cd9c822202519f1a90a8cdd4 (diff)