hardcoresushi
/
DroidFS
2
2
Fork 1
Code Issues 10 Pull Requests 2 Releases 23 Activity

[feature request] remote encrypted volumes #19

New Issue
Open
opened 2023-09-18 16:21:09 +02:00 by sophana · 3 comments
sophana commented 2023-09-18 16:21:09 +02:00
Copy Link

I love droidfs. However, It would be very nice if encrypted files could be stored in a remote (custom or public) server.
protocol would be sftp, webdav, ftp or another?

Ideally it would keep compatibility with gocryptfs, so data could be accessed from android or desktop machines.

From what I've read gocryptfs was modified to change its backend file provider.
I don't know much about android content providers, but it seems that it is possible to access a "remote content provider" like google drive or others. Unfortunately, they are not listed when I create a volume.

If android SAF can't do the job, what about using a specific library to access files remotely (jsch, or any other)?

I love droidfs. However, It would be very nice if encrypted files could be stored in a remote (custom or public) server. protocol would be sftp, webdav, ftp or another? Ideally it would keep compatibility with gocryptfs, so data could be accessed from android or desktop machines. From what I've read gocryptfs was modified to change its backend file provider. I don't know much about android content providers, but it seems that it is possible to access a "remote content provider" like google drive or others. Unfortunately, they are not listed when I create a volume. If android SAF can't do the job, what about using a specific library to access files remotely (jsch, or any other)?
hardcoresushi commented 2023-09-19 17:36:13 +02:00
Owner
Copy Link

As explained in the README, this is not possible. This is because gocryptfs and cryfs are programs designed to access the encrypted volume via direct file system calls. The only way to open remote volumes would be to simulate their local presence via FUSE or directly in the kernel. Unfortunately, these methods require root access on Android. As a workaround, you can store the encrypted volume locally and synchronize it on a remote server using an external application such as Nextcloud.

As explained in the README, this is not possible. This is because gocryptfs and cryfs are programs designed to access the encrypted volume via direct file system calls. The only way to open remote volumes would be to simulate their local presence via FUSE or directly in the kernel. Unfortunately, these methods require root access on Android. As a workaround, you can store the encrypted volume locally and synchronize it on a remote server using an external application such as Nextcloud.
sophana commented 2023-09-19 17:43:09 +02:00
Author
Copy Link

weren't libgocryptfs modified to access volume files through api calls?

I've seen cppcryptfs written in c++. Maybe it is more hackable?
https://github.com/bailey27/cppcryptfs/tree/master/libcppcryptfs/file

weren't libgocryptfs modified to access volume files through api calls? I've seen cppcryptfs written in c++. Maybe it is more hackable? https://github.com/bailey27/cppcryptfs/tree/master/libcppcryptfs/file
hardcoresushi commented 2023-09-19 18:13:50 +02:00
Owner
Copy Link

There are actually two sides to an encryption program like gocryptfs. The decrypted/plaintext side has been modified to be accessible via function calls, but the encrypted/ciphertext side has not been touched. As a result, it expects the encrypted volume to be stored on the file system.

It would take at least an equivalent amount of work to also modify the encrypted part so that it works with callbacks. If you have time, you create a PR for this.

There are actually two sides to an encryption program like gocryptfs. The decrypted/plaintext side has been modified to be accessible via function calls, but the encrypted/ciphertext side has not been touched. As a result, it expects the encrypted volume to be stored on the file system. It would take at least an equivalent amount of work to also modify the encrypted part so that it works with callbacks. If you have time, you create a PR for this.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
fdroid-test
volume-provider
cryfs
v2.1.3
v2.1.2
v2.1.1
v2.1.0
v2.0.2
v2.0.1
v2.0.0
v2.0.0-alpha2
v2.0.0-alpha1
v1.10.1
v1.10.0
v1.9.1
v1.9.0
v1.8.0
v1.7.2
v1.7.1
v1.7.0
v1.6.0
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.6
v1.4.5
v1.4.4-1
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.0
v1.2.0
v1.1.9
v1.1.8
v1.1.7
v1.1.6
v1.1.4
v1.1.3
v1.1.2
v1.0.1
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

No Label
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: hardcoresushi/DroidFS#19
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?