1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
package main
import (
"encoding/hex"
"flag"
"fmt"
"io"
"os"
"github.com/rfjakob/gocryptfs/internal/configfile"
"github.com/rfjakob/gocryptfs/internal/contentenc"
"github.com/rfjakob/gocryptfs/internal/cryptocore"
"github.com/rfjakob/gocryptfs/internal/exitcodes"
"github.com/rfjakob/gocryptfs/internal/readpassword"
"github.com/rfjakob/gocryptfs/internal/tlog"
)
const (
ivLen = contentenc.DefaultIVBits / 8
authTagLen = cryptocore.AuthTagLen
blockSize = contentenc.DefaultBS + ivLen + cryptocore.AuthTagLen
myName = "gocryptfs-xray"
)
func errExit(err error) {
fmt.Println(err)
os.Exit(1)
}
func prettyPrintHeader(h *contentenc.FileHeader, aessiv bool) {
id := hex.EncodeToString(h.ID)
msg := "Header: Version: %d, Id: %s"
if aessiv {
msg += ", assuming AES-SIV mode"
} else {
msg += ", assuming AES-GCM mode"
}
fmt.Printf(msg+"\n", h.Version, id)
}
func usage() {
fmt.Fprintf(os.Stderr, "Usage: %s [OPTIONS] FILE\n"+
"\n"+
"Options:\n", myName)
flag.PrintDefaults()
fmt.Fprintf(os.Stderr, "\n"+
"Examples:\n"+
" gocryptfs-xray myfs/mCXnISiv7nEmyc0glGuhTQ\n"+
" gocryptfs-xray -dumpmasterkey myfs/gocryptfs.conf\n")
}
func main() {
dumpmasterkey := flag.Bool("dumpmasterkey", false, "Decrypt and dump the master key")
aessiv := flag.Bool("aessiv", false, "Assume AES-SIV mode instead of AES-GCM")
flag.Usage = usage
flag.Parse()
if flag.NArg() != 1 {
usage()
os.Exit(1)
}
fn := flag.Arg(0)
fd, err := os.Open(fn)
if err != nil {
errExit(err)
}
defer fd.Close()
if *dumpmasterkey {
dumpMasterKey(fn)
} else {
inspectCiphertext(fd, *aessiv)
}
}
func dumpMasterKey(fn string) {
tlog.Info.Enabled = false
pw := readpassword.Once(nil, "", "")
masterkey, _, err := configfile.LoadAndDecrypt(fn, pw)
if err != nil {
fmt.Fprintln(os.Stderr, err)
exitcodes.Exit(err)
}
fmt.Println(hex.EncodeToString(masterkey))
for i := range pw {
pw[i] = 0
}
}
func inspectCiphertext(fd *os.File, aessiv bool) {
headerBytes := make([]byte, contentenc.HeaderLen)
n, err := fd.ReadAt(headerBytes, 0)
if err == io.EOF && n == 0 {
fmt.Println("empty file")
os.Exit(0)
} else if err == io.EOF {
fmt.Printf("incomplete file header: read %d bytes, want %d\n", n, contentenc.HeaderLen)
os.Exit(1)
} else if err != nil {
errExit(err)
}
header, err := contentenc.ParseHeader(headerBytes)
if err != nil {
errExit(err)
}
prettyPrintHeader(header, aessiv)
var i int64
buf := make([]byte, blockSize)
for i = 0; ; i++ {
off := contentenc.HeaderLen + i*blockSize
n, err := fd.ReadAt(buf, off)
if err != nil && err != io.EOF {
errExit(err)
}
if n == 0 && err == io.EOF {
break
}
// A block contains at least the IV, the Auth Tag and 1 data byte
if n < ivLen+authTagLen+1 {
errExit(fmt.Errorf("corrupt block: truncated data, len=%d", n))
}
data := buf[:n]
// Parse block data
iv := data[:ivLen]
tag := data[len(data)-authTagLen:]
if aessiv {
tag = data[ivLen : ivLen+authTagLen]
}
fmt.Printf("Block %2d: IV: %s, Tag: %s, Offset: %5d Len: %d\n",
i, hex.EncodeToString(iv), hex.EncodeToString(tag), off, len(data))
}
}
|
