hardcoresushi/libcryfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Merge branch 'feature/configurable_blocksize' into develop

Browse Source
This commit is contained in:
Sebastian Messmer 2016-03-09 00:20:33 +01:00
commit 6951e4ce9e
34 changed files with 159 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog.txt
View File

@ -5,6 +5,7 @@ Version 0.9.3 (unreleased)
Furthermore, we won't ask for password confirmation when creating a file system but the password only has to be sent once to stdin.
* You can disable the automatic update check by setting CRYFS_NO_UPDATE_CHECK=true in your environment.
* Building CryFS from the GitHub tarball (i.e. when there is no .git directory present) works.
* The ciphertext block size is configurable. You can use the "--blocksize-bytes" command line argument. If not specified, CryFS will ask you for a block size when creating a file system.
Version 0.9.2
---------------

6
src/blobstore/implementations/onblocks/BlobStoreOnBlocks.cpp
View File

@ -27,7 +27,7 @@ using datanodestore::DataNodeStore;
using datatreestore::DataTreeStore;
using parallelaccessdatatreestore::ParallelAccessDataTreeStore;
BlobStoreOnBlocks::BlobStoreOnBlocks(unique_ref<BlockStore> blockStore, uint32_t blocksizeBytes)
BlobStoreOnBlocks::BlobStoreOnBlocks(unique_ref<BlockStore> blockStore, uint64_t blocksizeBytes)
: _dataTreeStore(make_unique_ref<ParallelAccessDataTreeStore>(make_unique_ref<DataTreeStore>(make_unique_ref<DataNodeStore>(make_unique_ref<ParallelAccessBlockStore>(std::move(blockStore)), blocksizeBytes)))) {
}
@ -52,6 +52,10 @@ void BlobStoreOnBlocks::remove(unique_ref<Blob> blob) {
_dataTreeStore->remove((*_blob)->releaseTree());
}
uint64_t BlobStoreOnBlocks::blocksizeBytes() const {
return _dataTreeStore->blocksizeBytes();
}
uint64_t BlobStoreOnBlocks::numBlocks() const {
return _dataTreeStore->numNodes();
}

5
src/blobstore/implementations/onblocks/BlobStoreOnBlocks.h
View File

@ -16,7 +16,7 @@ class ParallelAccessDataTreeStore;
class BlobStoreOnBlocks final: public BlobStore {
public:
BlobStoreOnBlocks(cpputils::unique_ref<blockstore::BlockStore> blockStore, uint32_t blocksizeBytes);
BlobStoreOnBlocks(cpputils::unique_ref<blockstore::BlockStore> blockStore, uint64_t blocksizeBytes);
~BlobStoreOnBlocks();
cpputils::unique_ref<Blob> create() override;
@ -24,7 +24,8 @@ public:
void remove(cpputils::unique_ref<Blob> blob) override;
//TODO Test numBlocks/estimateSpaceForNumBlocksLeft
//TODO Test blocksizeBytes/numBlocks/estimateSpaceForNumBlocksLeft
uint64_t blocksizeBytes() const override;
uint64_t numBlocks() const override;
uint64_t estimateSpaceForNumBlocksLeft() const override;

6
src/blobstore/implementations/onblocks/datanodestore/DataNodeStore.cpp
View File

@ -20,7 +20,7 @@ namespace blobstore {
namespace onblocks {
namespace datanodestore {
DataNodeStore::DataNodeStore(unique_ref<BlockStore> blockstore, uint32_t blocksizeBytes)
DataNodeStore::DataNodeStore(unique_ref<BlockStore> blockstore, uint64_t blocksizeBytes)
: _blockstore(std::move(blockstore)), _layout(blocksizeBytes) {
}
@ -96,6 +96,10 @@ uint64_t DataNodeStore::estimateSpaceForNumNodesLeft() const {
return _blockstore->estimateNumFreeBytes() / _layout.blocksizeBytes();
}
uint64_t DataNodeStore::blocksizeBytes() const {
return _layout.blocksizeBytes();
}
void DataNodeStore::removeSubtree(unique_ref<DataNode> node) {
//TODO Make this faster by not loading the leaves but just deleting them. Can be recognized, because of the depth of their parents.
DataInnerNode *inner = dynamic_cast<DataInnerNode*>(node.get());

5
src/blobstore/implementations/onblocks/datanodestore/DataNodeStore.h
View File

@ -21,7 +21,7 @@ class DataInnerNode;
class DataNodeStore final {
public:
DataNodeStore(cpputils::unique_ref<blockstore::BlockStore> blockstore, uint32_t blocksizeBytes);
DataNodeStore(cpputils::unique_ref<blockstore::BlockStore> blockstore, uint64_t blocksizeBytes);
~DataNodeStore();
static constexpr uint8_t MAX_DEPTH = 10;
@ -41,7 +41,8 @@ public:
void removeSubtree(cpputils::unique_ref<DataNode> node);
//TODO Test numBlocks/estimateSpaceForNumBlocksLeft
//TODO Test blocksizeBytes/numBlocks/estimateSpaceForNumBlocksLeft
uint64_t blocksizeBytes() const;
uint64_t numNodes() const;
uint64_t estimateSpaceForNumNodesLeft() const;
//TODO Test overwriteNodeWith(), createNodeAsCopyFrom(), removeSubtree()

9
src/blobstore/implementations/onblocks/datanodestore/DataNodeView.h
View File

@ -19,7 +19,7 @@ namespace datanodestore {
//TODO Move DataNodeLayout into own file
class DataNodeLayout final {
public:
constexpr DataNodeLayout(uint32_t blocksizeBytes)
constexpr DataNodeLayout(uint64_t blocksizeBytes)
:_blocksizeBytes(
(HEADERSIZE_BYTES + 2*sizeof(DataInnerNode_ChildEntry) <= blocksizeBytes)
? blocksizeBytes
@ -37,22 +37,21 @@ public:
//Size of a block (header + data region)
constexpr uint32_t blocksizeBytes() const {
constexpr uint64_t blocksizeBytes() const {
return _blocksizeBytes;
}
//Number of bytes in the data region of a node
constexpr uint32_t datasizeBytes() const {
constexpr uint64_t datasizeBytes() const {
return _blocksizeBytes - HEADERSIZE_BYTES;
}
//Maximum number of children an inner node can store
constexpr uint32_t maxChildrenPerInnerNode() const {
constexpr uint64_t maxChildrenPerInnerNode() const {
return datasizeBytes() / sizeof(DataInnerNode_ChildEntry);
}
//Maximum number of bytes a leaf can store
//We are returning uint64_t here, because calculations involving maxBytesPerLeaf most probably should use 64bit integers to support blobs >4GB.
constexpr uint64_t maxBytesPerLeaf() const {
return datasizeBytes();
}

4
src/blobstore/implementations/onblocks/datatreestore/DataTree.cpp
View File

@ -166,7 +166,7 @@ void DataTree::traverseLeaves(uint32_t beginIndex, uint32_t endIndex, function<v
return;
}
uint8_t neededTreeDepth = utils::ceilLog(_nodeStore->layout().maxChildrenPerInnerNode(), endIndex);
uint8_t neededTreeDepth = utils::ceilLog(_nodeStore->layout().maxChildrenPerInnerNode(), (uint64_t)endIndex);
uint32_t numLeaves = this->_numLeaves(*_rootNode); // TODO Querying the size causes a tree traversal down to the leaves. Possible without querying the size?
if (_rootNode->depth() < neededTreeDepth) {
//TODO Test cases that actually increase it here by 0 level / 1 level / more than 1 level
@ -250,7 +250,7 @@ unique_ref<DataNode> DataTree::addChildTo(DataInnerNode *node) {
}
uint32_t DataTree::leavesPerFullChild(const DataInnerNode &root) const {
return utils::intPow(_nodeStore->layout().maxChildrenPerInnerNode(), (uint32_t)root.depth()-1);
return utils::intPow(_nodeStore->layout().maxChildrenPerInnerNode(), (uint64_t)root.depth()-1);
}
uint64_t DataTree::numStoredBytes() const {

7
src/blobstore/implementations/onblocks/datatreestore/DataTreeStore.h
View File

@ -25,7 +25,8 @@ public:
void remove(cpputils::unique_ref<DataTree> tree);
//TODO Test numBlocks/estimateSpaceForNumBlocksLeft
//TODO Test blocksizeBytes/numBlocks/estimateSpaceForNumBlocksLeft
uint64_t blocksizeBytes() const;
uint64_t numNodes() const;
uint64_t estimateSpaceForNumNodesLeft() const;
@ -43,6 +44,10 @@ inline uint64_t DataTreeStore::estimateSpaceForNumNodesLeft() const {
return _nodeStore->estimateSpaceForNumNodesLeft();
}
inline uint64_t DataTreeStore::blocksizeBytes() const {
return _nodeStore->blocksizeBytes();
}
}
}
}

7
src/blobstore/implementations/onblocks/parallelaccessdatatreestore/ParallelAccessDataTreeStore.h
View File

@ -26,7 +26,8 @@ public:
void remove(cpputils::unique_ref<DataTreeRef> tree);
//TODO Test numBlocks/estimateSpaceForNumBlocksLeft
//TODO Test blocksizeBytes/numBlocks/estimateSpaceForNumBlocksLeft
uint64_t blocksizeBytes() const;
uint64_t numNodes() const;
uint64_t estimateSpaceForNumNodesLeft() const;
@ -37,6 +38,10 @@ private:
DISALLOW_COPY_AND_ASSIGN(ParallelAccessDataTreeStore);
};
inline uint64_t ParallelAccessDataTreeStore::blocksizeBytes() const {
return _dataTreeStore->blocksizeBytes();
}
inline uint64_t ParallelAccessDataTreeStore::numNodes() const {
return _dataTreeStore->numNodes();
}

2
src/blobstore/interface/BlobStore.h
View File

@ -11,6 +11,7 @@
namespace blobstore {
//TODO Remove this interface. We'll only use BlobStoreOnBlocks and never a different one. Rename BlobStoreOnBlocks to simply BlobStore.
class BlobStore {
public:
virtual ~BlobStore() {}
@ -21,6 +22,7 @@ public:
virtual uint64_t numBlocks() const = 0;
virtual uint64_t estimateSpaceForNumBlocksLeft() const = 0;
virtual uint64_t blocksizeBytes() const = 0;
};
}

8
src/cryfs-cli/Cli.cpp
View File

@ -193,7 +193,7 @@ namespace cryfs {
CryConfigFile Cli::_loadOrCreateConfig(const ProgramOptions &options) {
try {
auto configFile = _determineConfigFile(options);
auto config = _loadOrCreateConfigFile(configFile, options.cipher());
auto config = _loadOrCreateConfigFile(configFile, options.cipher(), options.blocksizeBytes());
if (config == none) {
std::cerr << "Could not load config file. Did you enter the correct password?" << std::endl;
exit(1);
@ -205,17 +205,17 @@ namespace cryfs {
}
}
optional<CryConfigFile> Cli::_loadOrCreateConfigFile(const bf::path &configFilePath, const optional<string> &cipher) {
optional<CryConfigFile> Cli::_loadOrCreateConfigFile(const bf::path &configFilePath, const optional<string> &cipher, const optional<uint32_t> &blocksizeBytes) {
if (_noninteractive) {
return CryConfigLoader(_console, _keyGenerator, _scryptSettings,
&Cli::_askPasswordNoninteractive,
&Cli::_askPasswordNoninteractive,
cipher, _noninteractive).loadOrCreate(configFilePath);
cipher, blocksizeBytes, _noninteractive).loadOrCreate(configFilePath);
} else {
return CryConfigLoader(_console, _keyGenerator, _scryptSettings,
&Cli::_askPasswordForExistingFilesystem,
&Cli::_askPasswordForNewFilesystem,
cipher, _noninteractive).loadOrCreate(configFilePath);
cipher, blocksizeBytes, _noninteractive).loadOrCreate(configFilePath);
}
}

2
src/cryfs-cli/Cli.h
View File

@ -22,7 +22,7 @@ namespace cryfs {
void _checkForUpdates();
void _runFilesystem(const program_options::ProgramOptions &options);
CryConfigFile _loadOrCreateConfig(const program_options::ProgramOptions &options);
boost::optional<CryConfigFile> _loadOrCreateConfigFile(const boost::filesystem::path &configFilePath, const boost::optional<std::string> &cipher);
boost::optional<CryConfigFile> _loadOrCreateConfigFile(const boost::filesystem::path &configFilePath, const boost::optional<std::string> &cipher, const boost::optional<uint32_t> &blocksizeBytes);
boost::filesystem::path _determineConfigFile(const program_options::ProgramOptions &options);
static std::string _askPasswordForExistingFilesystem();
static std::string _askPasswordForNewFilesystem();

9
src/cryfs-cli/program_options/Parser.cpp
View File

@ -62,8 +62,12 @@ ProgramOptions Parser::parse(const vector<string> &supportedCiphers) const {
cipher = vm["cipher"].as<string>();
_checkValidCipher(*cipher, supportedCiphers);
}
optional<uint32_t> blocksizeBytes = none;
if (vm.count("blocksize-bytes")) {
blocksizeBytes = vm["blocksize-bytes"].as<uint32_t>();
}
return ProgramOptions(baseDir, mountDir, configfile, foreground, unmountAfterIdleMinutes, logfile, cipher, options.second);
return ProgramOptions(baseDir, mountDir, configfile, foreground, unmountAfterIdleMinutes, logfile, cipher, blocksizeBytes, options.second);
}
void Parser::_checkValidCipher(const string &cipher, const vector<string> &supportedCiphers) {
@ -108,7 +112,8 @@ void Parser::_addAllowedOptions(po::options_description *desc) {
("help,h", "show help message")
("config,c", po::value<string>(), "Configuration file")
("foreground,f", "Run CryFS in foreground.")
("cipher", po::value<string>(), "Cipher to use for encryption. See possible values by calling cryfs with --show-ciphers")
("cipher", po::value<string>(), "Cipher to use for encryption. See possible values by calling cryfs with --show-ciphers.")
("blocksize-bytes", po::value<uint32_t>(), "The block size used when storing ciphertext blocks (in bytes).")
("show-ciphers", "Show list of supported ciphers.")
("unmount-idle", po::value<double>(), "Automatically unmount after specified number of idle minutes.")
("logfile", po::value<string>(), "Specify the file to write log messages to. If this is not specified, log messages will go to stdout, or syslog if CryFS is running in the background.")

8
src/cryfs-cli/program_options/ProgramOptions.cpp
View File

@ -11,9 +11,11 @@ namespace bf = boost::filesystem;
ProgramOptions::ProgramOptions(const bf::path &baseDir, const bf::path &mountDir, const optional<bf::path> &configFile,
bool foreground, const optional<double> &unmountAfterIdleMinutes,
const optional<bf::path> &logFile, const optional<string> &cipher,
const optional<uint32_t> &blocksizeBytes,
const vector<char*> &fuseOptions)
:_baseDir(baseDir), _mountDir(nullptr), _configFile(configFile), _foreground(foreground),
_cipher(cipher), _unmountAfterIdleMinutes(unmountAfterIdleMinutes), _logFile(logFile), _fuseOptions(fuseOptions) {
_cipher(cipher), _blocksizeBytes(blocksizeBytes), _unmountAfterIdleMinutes(unmountAfterIdleMinutes),
_logFile(logFile), _fuseOptions(fuseOptions) {
string mountDirStr = mountDir.native();
_mountDir = new char[mountDirStr.size()+1];
@ -65,6 +67,10 @@ const optional<string> &ProgramOptions::cipher() const {
return _cipher;
}
const optional<uint32_t> &ProgramOptions::blocksizeBytes() const {
return _blocksizeBytes;
}
const vector<char *> &ProgramOptions::fuseOptions() const {
return _fuseOptions;
}

3
src/cryfs-cli/program_options/ProgramOptions.h
View File

@ -17,6 +17,7 @@ namespace cryfs {
bool foreground, const boost::optional<double> &unmountAfterIdleMinutes,
const boost::optional<boost::filesystem::path> &logFile,
const boost::optional<std::string> &cipher,
const boost::optional<uint32_t> &blocksizeBytes,
const std::vector<char *> &fuseOptions);
ProgramOptions(ProgramOptions &&rhs);
~ProgramOptions();
@ -26,6 +27,7 @@ namespace cryfs {
const boost::optional<boost::filesystem::path> &configFile() const;
bool foreground() const;
const boost::optional<std::string> &cipher() const;
const boost::optional<uint32_t> &blocksizeBytes() const;
const boost::optional<double> &unmountAfterIdleMinutes() const;
const boost::optional<boost::filesystem::path> &logFile() const;
const std::vector<char *> &fuseOptions() const;
@ -36,6 +38,7 @@ namespace cryfs {
boost::optional<boost::filesystem::path> _configFile;
bool _foreground;
boost::optional<std::string> _cipher;
boost::optional<uint32_t> _blocksizeBytes;
boost::optional<double> _unmountAfterIdleMinutes;
boost::optional<boost::filesystem::path> _logFile;
std::vector<char *> _fuseOptions;

8
src/cryfs/config/CryConfig.cpp
View File

@ -33,7 +33,7 @@ CryConfig CryConfig::load(const Data &data) {
cfg._encKey = pt.get("cryfs.key", "");
cfg._cipher = pt.get("cryfs.cipher", "");
cfg._version = pt.get("cryfs.version", "0.8"); // CryFS 0.8 didn't specify this field, so if the field doesn't exist, it's 0.8.
cfg._blocksizeBytes = pt.get<uint32_t>("cryfs.blocksizeBytes", 32 * 1024); // TODO Put here the actual block size value of earlier CryFS versions
cfg._blocksizeBytes = pt.get<uint64_t>("cryfs.blocksizeBytes", 32 * 1024); // CryFS <= 0.9.1 used a 32KB block size.
return cfg;
}
@ -44,7 +44,7 @@ Data CryConfig::save() const {
pt.put("cryfs.key", _encKey);
pt.put("cryfs.cipher", _cipher);
pt.put("cryfs.version", _version);
pt.put<uint32_t>("cryfs.blocksizeBytes", _blocksizeBytes);
pt.put<uint64_t>("cryfs.blocksizeBytes", _blocksizeBytes);
stringstream stream;
write_json(stream, pt);
@ -83,11 +83,11 @@ void CryConfig::SetVersion(const std::string &value) {
_version = value;
}
uint32_t CryConfig::BlocksizeBytes() const {
uint64_t CryConfig::BlocksizeBytes() const {
return _blocksizeBytes;
}
void CryConfig::SetBlocksizeBytes(uint32_t value) {
void CryConfig::SetBlocksizeBytes(uint64_t value) {
_blocksizeBytes = value;
}

6
src/cryfs/config/CryConfig.h
View File

@ -27,8 +27,8 @@ public:
const std::string &Version() const;
void SetVersion(const std::string &value);
uint32_t BlocksizeBytes() const;
void SetBlocksizeBytes(uint32_t value);
uint64_t BlocksizeBytes() const;
void SetBlocksizeBytes(uint64_t value);
static CryConfig load(const cpputils::Data &data);
cpputils::Data save() const;
@ -38,7 +38,7 @@ private:
std::string _encKey;
std::string _cipher;
std::string _version;
uint32_t _blocksizeBytes;
uint64_t _blocksizeBytes;
DISALLOW_COPY_AND_ASSIGN(CryConfig);
};

11
src/cryfs/config/CryConfigCreator.cpp
View File

@ -17,19 +17,24 @@ namespace cryfs {
:_console(console), _configConsole(console, noninteractive), _encryptionKeyGenerator(encryptionKeyGenerator) {
}
CryConfig CryConfigCreator::create(const optional<string> &cipherFromCommandLine) {
CryConfig CryConfigCreator::create(const optional<string> &cipherFromCommandLine, const optional<uint32_t> &blocksizeBytesFromCommandLine) {
CryConfig config;
config.SetCipher(_generateCipher(cipherFromCommandLine));
config.SetVersion(gitversion::VersionString());
config.SetBlocksizeBytes(_generateBlocksizeBytes());
config.SetBlocksizeBytes(_generateBlocksizeBytes(blocksizeBytesFromCommandLine));
config.SetRootBlob(_generateRootBlobKey());
config.SetEncryptionKey(_generateEncKey(config.Cipher()));
return config;
}
uint32_t CryConfigCreator::_generateBlocksizeBytes() {
uint32_t CryConfigCreator::_generateBlocksizeBytes(const optional<uint32_t> &blocksizeBytesFromCommandLine) {
if (blocksizeBytesFromCommandLine != none) {
// TODO Check block size is valid (i.e. large enough)
return *blocksizeBytesFromCommandLine;
} else {
return _configConsole.askBlocksizeBytes();
}
}
string CryConfigCreator::_generateCipher(const optional<string> &cipherFromCommandLine) {
if (cipherFromCommandLine != none) {

4
src/cryfs/config/CryConfigCreator.h
View File

@ -14,12 +14,12 @@ namespace cryfs {
CryConfigCreator(std::shared_ptr<cpputils::Console> console, cpputils::RandomGenerator &encryptionKeyGenerator, bool noninteractive);
CryConfigCreator(CryConfigCreator &&rhs) = default;
CryConfig create(const boost::optional<std::string> &cipherFromCommandLine);
CryConfig create(const boost::optional<std::string> &cipherFromCommandLine, const boost::optional<uint32_t> &blocksizeBytesFromCommandLine);
private:
std::string _generateCipher(const boost::optional<std::string> &cipherFromCommandLine);
std::string _generateEncKey(const std::string &cipher);
std::string _generateRootBlobKey();
uint32_t _generateBlocksizeBytes();
uint32_t _generateBlocksizeBytes(const boost::optional<uint32_t> &blocksizeBytesFromCommandLine);
std::shared_ptr<cpputils::Console> _console;
CryConfigConsole _configConsole;

6
src/cryfs/config/CryConfigLoader.cpp
View File

@ -25,10 +25,10 @@ using namespace cpputils::logging;
namespace cryfs {
CryConfigLoader::CryConfigLoader(shared_ptr<Console> console, RandomGenerator &keyGenerator, const SCryptSettings &scryptSettings, function<string()> askPasswordForExistingFilesystem, function<string()> askPasswordForNewFilesystem, const optional<string> &cipherFromCommandLine, bool noninteractive)
CryConfigLoader::CryConfigLoader(shared_ptr<Console> console, RandomGenerator &keyGenerator, const SCryptSettings &scryptSettings, function<string()> askPasswordForExistingFilesystem, function<string()> askPasswordForNewFilesystem, const optional<string> &cipherFromCommandLine, const boost::optional<uint32_t> &blocksizeBytesFromCommandLine, bool noninteractive)
: _creator(std::move(console), keyGenerator, noninteractive), _scryptSettings(scryptSettings),
_askPasswordForExistingFilesystem(askPasswordForExistingFilesystem), _askPasswordForNewFilesystem(askPasswordForNewFilesystem),
_cipherFromCommandLine(cipherFromCommandLine) {
_cipherFromCommandLine(cipherFromCommandLine), _blocksizeBytesFromCommandLine(blocksizeBytesFromCommandLine) {
}
optional<CryConfigFile> CryConfigLoader::_loadConfig(const bf::path &filename) {
@ -66,7 +66,7 @@ optional<CryConfigFile> CryConfigLoader::loadOrCreate(const bf::path &filename)
}
CryConfigFile CryConfigLoader::_createConfig(const bf::path &filename) {
auto config = _creator.create(_cipherFromCommandLine);
auto config = _creator.create(_cipherFromCommandLine, _blocksizeBytesFromCommandLine);
//TODO Ask confirmation if using insecure password (<8 characters)
string password = _askPasswordForNewFilesystem();
std::cout << "Creating config file (this can take some time)..." << std::flush;

3
src/cryfs/config/CryConfigLoader.h
View File

@ -13,7 +13,7 @@ namespace cryfs {
class CryConfigLoader final {
public:
CryConfigLoader(std::shared_ptr<cpputils::Console> console, cpputils::RandomGenerator &keyGenerator, const cpputils::SCryptSettings &scryptSettings, std::function<std::string()> askPasswordForExistingFilesystem, std::function<std::string()> askPasswordForNewFilesystem, const boost::optional<std::string> &cipherFromCommandLine, bool noninteractive);
CryConfigLoader(std::shared_ptr<cpputils::Console> console, cpputils::RandomGenerator &keyGenerator, const cpputils::SCryptSettings &scryptSettings, std::function<std::string()> askPasswordForExistingFilesystem, std::function<std::string()> askPasswordForNewFilesystem, const boost::optional<std::string> &cipherFromCommandLine, const boost::optional<uint32_t> &blocksizeBytesFromCommandLine, bool noninteractive);
CryConfigLoader(CryConfigLoader &&rhs) = default;
boost::optional<CryConfigFile> loadOrCreate(const boost::filesystem::path &filename);
@ -29,6 +29,7 @@ private:
std::function<std::string()> _askPasswordForExistingFilesystem;
std::function<std::string()> _askPasswordForNewFilesystem;
boost::optional<std::string> _cipherFromCommandLine;
boost::optional<uint32_t> _blocksizeBytesFromCommandLine;
DISALLOW_COPY_AND_ASSIGN(CryConfigLoader);
};

6
src/cryfs/filesystem/CryDevice.cpp
View File

@ -45,8 +45,6 @@ namespace bf = boost::filesystem;
namespace cryfs {
constexpr uint32_t CryDevice::BLOCKSIZE_BYTES;
CryDevice::CryDevice(CryConfigFile configFile, unique_ref<BlockStore> blockStore)
: _fsBlobStore(
make_unique_ref<ParallelAccessFsBlobStore>(
@ -55,7 +53,7 @@ CryDevice::CryDevice(CryConfigFile configFile, unique_ref<BlockStore> blockStore
make_unique_ref<BlobStoreOnBlocks>(
make_unique_ref<CachingBlockStore>(
CreateEncryptedBlockStore(*configFile.config(), std::move(blockStore))
), BLOCKSIZE_BYTES)))
), configFile.config()->BlocksizeBytes())))
)
),
_rootKey(GetOrCreateRootKey(&configFile)),
@ -140,7 +138,7 @@ void CryDevice::statfs(const bf::path &path, struct statvfs *fsstat) {
callFsActionCallbacks();
uint64_t numUsedBlocks = _fsBlobStore->numBlocks();
uint64_t numFreeBlocks = _fsBlobStore->estimateSpaceForNumBlocksLeft();
fsstat->f_bsize = BLOCKSIZE_BYTES;
fsstat->f_bsize = _fsBlobStore->blocksizeBytes();
fsstat->f_blocks = numUsedBlocks + numFreeBlocks;
fsstat->f_bfree = numFreeBlocks;
fsstat->f_bavail = numFreeBlocks;

2
src/cryfs/filesystem/CryDevice.h
View File

@ -17,8 +17,6 @@ namespace cryfs {
class CryDevice final: public fspp::Device {
public:
static constexpr uint32_t BLOCKSIZE_BYTES = 32 * 1024;
CryDevice(CryConfigFile config, cpputils::unique_ref<blockstore::BlockStore> blockStore);
void statfs(const boost::filesystem::path &path, struct ::statvfs *fsstat) override;

5
src/cryfs/filesystem/cachingfsblobstore/CachingFsBlobStore.h
View File

@ -24,6 +24,7 @@ namespace cryfs {
cpputils::unique_ref<SymlinkBlobRef> createSymlinkBlob(const boost::filesystem::path &target);
boost::optional<cpputils::unique_ref<FsBlobRef>> load(const blockstore::Key &key);
void remove(cpputils::unique_ref<FsBlobRef> blob);
uint64_t blocksizeBytes() const;
uint64_t numBlocks() const;
uint64_t estimateSpaceForNumBlocksLeft() const;
@ -80,6 +81,10 @@ namespace cryfs {
_cache.push(key, std::move(baseBlob));
}
inline uint64_t CachingFsBlobStore::blocksizeBytes() const {
return _baseBlobStore->blocksizeBytes();
}
inline uint64_t CachingFsBlobStore::numBlocks() const {
return _baseBlobStore->numBlocks();
}

10
src/cryfs/filesystem/fsblobstore/DirBlob.cpp
View File

@ -27,8 +27,8 @@ namespace fsblobstore {
constexpr off_t DirBlob::DIR_LSTAT_SIZE;
DirBlob::DirBlob(unique_ref<Blob> blob, std::function<off_t (const blockstore::Key&)> getLstatSize) :
FsBlob(std::move(blob)), _getLstatSize(getLstatSize), _entries(), _mutex(), _changed(false) {
DirBlob::DirBlob(FsBlobStore *fsBlobStore, unique_ref<Blob> blob, std::function<off_t (const blockstore::Key&)> getLstatSize) :
FsBlob(std::move(blob)), _fsBlobStore(fsBlobStore), _getLstatSize(getLstatSize), _entries(), _mutex(), _changed(false) {
ASSERT(baseBlob().blobType() == FsBlobView::BlobType::DIR, "Loaded blob is not a directory");
_readEntriesFromBlob();
}
@ -44,9 +44,9 @@ void DirBlob::flush() {
baseBlob().flush();
}
unique_ref<DirBlob> DirBlob::InitializeEmptyDir(unique_ref<Blob> blob, std::function<off_t(const blockstore::Key&)> getLstatSize) {
unique_ref<DirBlob> DirBlob::InitializeEmptyDir(FsBlobStore *fsBlobStore, unique_ref<Blob> blob, std::function<off_t(const blockstore::Key&)> getLstatSize) {
InitializeBlob(blob.get(), FsBlobView::BlobType::DIR);
return make_unique_ref<DirBlob>(std::move(blob), getLstatSize);
return make_unique_ref<DirBlob>(fsBlobStore, std::move(blob), getLstatSize);
}
void DirBlob::_writeEntriesToBlob() {
@ -136,7 +136,7 @@ void DirBlob::statChild(const Key &key, struct ::stat *result) const {
result->st_size = _getLstatSize(key);
//TODO Move ceilDivision to general utils which can be used by cryfs as well
result->st_blocks = blobstore::onblocks::utils::ceilDivision(result->st_size, (off_t)512);
result->st_blksize = CryDevice::BLOCKSIZE_BYTES; //TODO FsBlobStore::BLOCKSIZE_BYTES would be cleaner
result->st_blksize = _fsBlobStore->blocksizeBytes();
}
void DirBlob::chmodChild(const Key &key, mode_t mode) {

5
src/cryfs/filesystem/fsblobstore/DirBlob.h
View File

@ -17,10 +17,10 @@ namespace cryfs {
public:
constexpr static off_t DIR_LSTAT_SIZE = 4096;
static cpputils::unique_ref<DirBlob> InitializeEmptyDir(cpputils::unique_ref<blobstore::Blob> blob,
static cpputils::unique_ref<DirBlob> InitializeEmptyDir(FsBlobStore *fsBlobStore, cpputils::unique_ref<blobstore::Blob> blob,
std::function<off_t (const blockstore::Key&)> getLstatSize);
DirBlob(cpputils::unique_ref<blobstore::Blob> blob, std::function<off_t (const blockstore::Key&)> getLstatSize);
DirBlob(FsBlobStore *fsBlobStore, cpputils::unique_ref<blobstore::Blob> blob, std::function<off_t (const blockstore::Key&)> getLstatSize);
~DirBlob();
@ -68,6 +68,7 @@ namespace cryfs {
cpputils::unique_ref<blobstore::Blob> releaseBaseBlob() override;
FsBlobStore *_fsBlobStore;
std::function<off_t (const blockstore::Key&)> _getLstatSize;
DirEntryList _entries;
mutable std::mutex _mutex;

2
src/cryfs/filesystem/fsblobstore/FsBlobStore.cpp
View File

@ -23,7 +23,7 @@ boost::optional<unique_ref<FsBlob>> FsBlobStore::load(const blockstore::Key &key
if (blobType == FsBlobView::BlobType::FILE) {
return unique_ref<FsBlob>(make_unique_ref<FileBlob>(std::move(*blob)));
} else if (blobType == FsBlobView::BlobType::DIR) {
return unique_ref<FsBlob>(make_unique_ref<DirBlob>(std::move(*blob), _getLstatSize()));
return unique_ref<FsBlob>(make_unique_ref<DirBlob>(this, std::move(*blob), _getLstatSize()));
} else if (blobType == FsBlobView::BlobType::SYMLINK) {
return unique_ref<FsBlob>(make_unique_ref<SymlinkBlob>(std::move(*blob)));
} else {

8
src/cryfs/filesystem/fsblobstore/FsBlobStore.h
View File

@ -25,6 +25,8 @@ namespace cryfs {
uint64_t numBlocks() const;
uint64_t estimateSpaceForNumBlocksLeft() const;
uint64_t blocksizeBytes() const;
private:
std::function<off_t(const blockstore::Key &)> _getLstatSize();
@ -45,7 +47,7 @@ namespace cryfs {
inline cpputils::unique_ref<DirBlob> FsBlobStore::createDirBlob() {
auto blob = _baseBlobStore->create();
return DirBlob::InitializeEmptyDir(std::move(blob), _getLstatSize());
return DirBlob::InitializeEmptyDir(this, std::move(blob), _getLstatSize());
}
inline cpputils::unique_ref<SymlinkBlob> FsBlobStore::createSymlinkBlob(const boost::filesystem::path &target) {
@ -72,6 +74,10 @@ namespace cryfs {
return (*blob)->lstat_size();
};
}
inline uint64_t FsBlobStore::blocksizeBytes() const {
return _baseBlobStore->blocksizeBytes();
}
}
}

5
src/cryfs/filesystem/parallelaccessfsblobstore/ParallelAccessFsBlobStore.h
View File

@ -26,6 +26,7 @@ namespace cryfs {
cpputils::unique_ref<SymlinkBlobRef> createSymlinkBlob(const boost::filesystem::path &target);
boost::optional<cpputils::unique_ref<FsBlobRef>> load(const blockstore::Key &key);
void remove(cpputils::unique_ref<FsBlobRef> blob);
uint64_t blocksizeBytes() const;
uint64_t numBlocks() const;
uint64_t estimateSpaceForNumBlocksLeft() const;
@ -57,6 +58,10 @@ namespace cryfs {
};
}
inline uint64_t ParallelAccessFsBlobStore::blocksizeBytes() const {
return _baseBlobStore->blocksizeBytes();
}
inline uint64_t ParallelAccessFsBlobStore::numBlocks() const {
return _baseBlobStore->numBlocks();
}

38
test/cryfs-cli/program_options/ProgramOptionsTest.cpp
View File

@ -23,73 +23,83 @@ namespace boost {
class ProgramOptionsTest: public ProgramOptionsTestBase {};
TEST_F(ProgramOptionsTest, BaseDir) {
ProgramOptions testobj("/home/user/mydir", "", none, false, none, none, none, options({"./myExecutable"}));
ProgramOptions testobj("/home/user/mydir", "", none, false, none, none, none, none, options({"./myExecutable"}));
EXPECT_EQ("/home/user/mydir", testobj.baseDir());
}
TEST_F(ProgramOptionsTest, MountDir) {
ProgramOptions testobj("", "/home/user/mydir", none, false, none, none, none, options({"./myExecutable"}));
ProgramOptions testobj("", "/home/user/mydir", none, false, none, none, none, none, options({"./myExecutable"}));
EXPECT_EQ("/home/user/mydir", testobj.mountDir());
}
TEST_F(ProgramOptionsTest, ConfigfileNone) {
ProgramOptions testobj("", "", none, true, none, none, none, options({"./myExecutable"}));
ProgramOptions testobj("", "", none, true, none, none, none, none, options({"./myExecutable"}));
EXPECT_EQ(none, testobj.configFile());
}
TEST_F(ProgramOptionsTest, ConfigfileSome) {
ProgramOptions testobj("", "", bf::path("/home/user/configfile"), true, none, none, none, options({"./myExecutable"}));
ProgramOptions testobj("", "", bf::path("/home/user/configfile"), true, none, none, none, none, options({"./myExecutable"}));
EXPECT_EQ("/home/user/configfile", testobj.configFile().get());
}
TEST_F(ProgramOptionsTest, ForegroundFalse) {
ProgramOptions testobj("", "", none, false, none, none, none, options({"./myExecutable"}));
ProgramOptions testobj("", "", none, false, none, none, none, none, options({"./myExecutable"}));
EXPECT_FALSE(testobj.foreground());
}
TEST_F(ProgramOptionsTest, ForegroundTrue) {
ProgramOptions testobj("", "", none, true, none, none, none, options({"./myExecutable"}));
ProgramOptions testobj("", "", none, true, none, none, none, none, options({"./myExecutable"}));
EXPECT_TRUE(testobj.foreground());
}
TEST_F(ProgramOptionsTest, LogfileNone) {
ProgramOptions testobj("", "", none, true, none, none, none, options({"./myExecutable"}));
ProgramOptions testobj("", "", none, true, none, none, none, none, options({"./myExecutable"}));
EXPECT_EQ(none, testobj.logFile());
}
TEST_F(ProgramOptionsTest, LogfileSome) {
ProgramOptions testobj("", "", none, true, none, bf::path("logfile"), none, options({"./myExecutable"}));
ProgramOptions testobj("", "", none, true, none, bf::path("logfile"), none, none, options({"./myExecutable"}));
EXPECT_EQ("logfile", testobj.logFile().get());
}
TEST_F(ProgramOptionsTest, UnmountAfterIdleMinutesNone) {
ProgramOptions testobj("", "", none, true, none, none, none, options({"./myExecutable"}));
ProgramOptions testobj("", "", none, true, none, none, none, none, options({"./myExecutable"}));
EXPECT_EQ(none, testobj.unmountAfterIdleMinutes());
}
TEST_F(ProgramOptionsTest, UnmountAfterIdleMinutesSome) {
ProgramOptions testobj("", "", none, true, 10, none, none, options({"./myExecutable"}));
ProgramOptions testobj("", "", none, true, 10, none, none, none, options({"./myExecutable"}));
EXPECT_EQ(10, testobj.unmountAfterIdleMinutes().get());
}
TEST_F(ProgramOptionsTest, CipherNone) {
ProgramOptions testobj("", "", none, true, none, none, none, options({"./myExecutable"}));
ProgramOptions testobj("", "", none, true, none, none, none, none, options({"./myExecutable"}));
EXPECT_EQ(none, testobj.cipher());
}
TEST_F(ProgramOptionsTest, CipherSome) {
ProgramOptions testobj("", "", none, true, none, none, string("aes-256-gcm"), options({"./myExecutable"}));
ProgramOptions testobj("", "", none, true, none, none, string("aes-256-gcm"), none, options({"./myExecutable"}));
EXPECT_EQ("aes-256-gcm", testobj.cipher().get());
}
TEST_F(ProgramOptionsTest, BlocksizeBytesNone) {
ProgramOptions testobj("", "", none, true, none, none, none, none, options({"./myExecutable"}));
EXPECT_EQ(none, testobj.blocksizeBytes());
}
TEST_F(ProgramOptionsTest, BlocksizeSome) {
ProgramOptions testobj("", "", none, true, none, none, none, 10*1024, options({"./myExecutable"}));
EXPECT_EQ(10*1024u, testobj.blocksizeBytes().get());
}
TEST_F(ProgramOptionsTest, EmptyFuseOptions) {
ProgramOptions testobj("/rootDir", "/home/user/mydir", none, false, none, none, none, options({"./myExecutable"}));
ProgramOptions testobj("/rootDir", "/home/user/mydir", none, false, none, none, none, none, options({"./myExecutable"}));
//Fuse should have the mount dir as first parameter
EXPECT_VECTOR_EQ({"./myExecutable", "/home/user/mydir"}, testobj.fuseOptions());
}
TEST_F(ProgramOptionsTest, SomeFuseOptions) {
ProgramOptions testobj("/rootDir", "/home/user/mydir", none, false, none, none, none, options({"./myExecutable", "-f", "--longoption"}));
ProgramOptions testobj("/rootDir", "/home/user/mydir", none, false, none, none, none, none, options({"./myExecutable", "-f", "--longoption"}));
//Fuse should have the mount dir as first parameter
EXPECT_VECTOR_EQ({"./myExecutable", "/home/user/mydir", "-f", "--longoption"}, testobj.fuseOptions());
}

34
test/cryfs/config/CryConfigCreatorTest.cpp
View File

@ -62,72 +62,82 @@ public:
TEST_F(CryConfigCreatorTest, DoesAskForCipherIfNotSpecified) {
AnswerNoToDefaultSettings();
EXPECT_ASK_FOR_CIPHER().WillOnce(ChooseAnyCipher());
CryConfig config = creator.create(none);
CryConfig config = creator.create(none, none);
}
TEST_F(CryConfigCreatorTest, DoesNotAskForCipherIfSpecified) {
AnswerNoToDefaultSettings();
EXPECT_DOES_NOT_ASK_FOR_CIPHER();
CryConfig config = creator.create(string("aes-256-gcm"));
CryConfig config = creator.create(string("aes-256-gcm"), none);
}
TEST_F(CryConfigCreatorTest, DoesNotAskForCipherIfUsingDefaultSettings) {
AnswerYesToDefaultSettings();
EXPECT_DOES_NOT_ASK_FOR_CIPHER();
CryConfig config = creator.create(none);
CryConfig config = creator.create(none, none);
}
TEST_F(CryConfigCreatorTest, DoesNotAskForCipherIfNoninteractive) {
EXPECT_DOES_NOT_ASK_TO_USE_DEFAULT_SETTINGS();
EXPECT_DOES_NOT_ASK_FOR_CIPHER();
CryConfig config = noninteractiveCreator.create(none);
CryConfig config = noninteractiveCreator.create(none, none);
}
TEST_F(CryConfigCreatorTest, DoesAskForBlocksizeIfNotSpecified) {
AnswerNoToDefaultSettings();
EXPECT_ASK_FOR_BLOCKSIZE().WillOnce(Return(1));
CryConfig config = creator.create(none);
CryConfig config = creator.create(none, none);
}
//TODO DoesNotAskForCipherIfSpecified
TEST_F(CryConfigCreatorTest, DoesNotAskForBlocksizeIfSpecified) {
AnswerNoToDefaultSettings();
EXPECT_DOES_NOT_ASK_FOR_BLOCKSIZE();
CryConfig config = creator.create(none, 10*1024u);
}
TEST_F(CryConfigCreatorTest, DoesNotAskForBlocksizeIfNoninteractive) {
EXPECT_DOES_NOT_ASK_TO_USE_DEFAULT_SETTINGS();
EXPECT_DOES_NOT_ASK_FOR_BLOCKSIZE();
CryConfig config = noninteractiveCreator.create(none);
CryConfig config = noninteractiveCreator.create(none, none);
}
TEST_F(CryConfigCreatorTest, DoesNotAskForBlocksizeIfUsingDefaultSettings) {
AnswerYesToDefaultSettings();
EXPECT_DOES_NOT_ASK_FOR_BLOCKSIZE();
CryConfig config = creator.create(none);
CryConfig config = creator.create(none, none);
}
TEST_F(CryConfigCreatorTest, ChoosesEmptyRootBlobId) {
AnswerNoToDefaultSettings();
CryConfig config = creator.create(none);
CryConfig config = creator.create(none, none);
EXPECT_EQ("", config.RootBlob()); // This tells CryFS to create a new root blob
}
TEST_F(CryConfigCreatorTest, ChoosesValidEncryptionKey_448) {
AnswerNoToDefaultSettings();
EXPECT_ASK_FOR_CIPHER().WillOnce(ChooseCipher("mars-448-gcm"));
CryConfig config = creator.create(none);
CryConfig config = creator.create(none, none);
cpputils::Mars448_GCM::EncryptionKey::FromString(config.EncryptionKey()); // This crashes if invalid
}
TEST_F(CryConfigCreatorTest, ChoosesValidEncryptionKey_256) {
AnswerNoToDefaultSettings();
EXPECT_ASK_FOR_CIPHER().WillOnce(ChooseCipher("aes-256-gcm"));
CryConfig config = creator.create(none);
CryConfig config = creator.create(none, none);
cpputils::AES256_GCM::EncryptionKey::FromString(config.EncryptionKey()); // This crashes if invalid
}
TEST_F(CryConfigCreatorTest, ChoosesValidEncryptionKey_128) {
AnswerNoToDefaultSettings();
EXPECT_ASK_FOR_CIPHER().WillOnce(ChooseCipher("aes-128-gcm"));
CryConfig config = creator.create(none);
CryConfig config = creator.create(none, none);
cpputils::AES128_GCM::EncryptionKey::FromString(config.EncryptionKey()); // This crashes if invalid
}
TEST_F(CryConfigCreatorTest, DoesNotAskForAnythingIfEverythingIsSpecified) {
EXPECT_DOES_NOT_ASK_TO_USE_DEFAULT_SETTINGS();
EXPECT_DOES_NOT_ASK_FOR_CIPHER();
CryConfig config = noninteractiveCreator.create(string("aes-256-gcm"), 10*1024u);
}
//TODO Add test cases ensuring that the values entered are correctly taken

2
test/cryfs/config/CryConfigLoaderTest.cpp
View File

@ -32,7 +32,7 @@ public:
CryConfigLoader loader(const string &password, bool noninteractive, const optional<string> &cipher = none) {
auto askPassword = [password] { return password;};
return CryConfigLoader(mockConsole(), cpputils::Random::PseudoRandom(), SCrypt::TestSettings, askPassword, askPassword, cipher, noninteractive);
return CryConfigLoader(mockConsole(), cpputils::Random::PseudoRandom(), SCrypt::TestSettings, askPassword, askPassword, cipher, none, noninteractive);
}
CryConfigFile Create(const string &password = "mypassword", const optional<string> &cipher = none, bool noninteractive = false) {

2
test/cryfs/filesystem/CryFsTest.cpp
View File

@ -37,7 +37,7 @@ public:
CryConfigFile loadOrCreateConfig() {
auto askPassword = [] {return "mypassword";};
return CryConfigLoader(mockConsole(), Random::PseudoRandom(), SCrypt::TestSettings, askPassword, askPassword, none, true).loadOrCreate(config.path()).value();
return CryConfigLoader(mockConsole(), Random::PseudoRandom(), SCrypt::TestSettings, askPassword, askPassword, none, none, true).loadOrCreate(config.path()).value();
}
unique_ref<OnDiskBlockStore> blockStore() {

2
test/cryfs/filesystem/FileSystemTest.cpp
View File

@ -28,7 +28,7 @@ public:
unique_ref<Device> createDevice() override {
auto blockStore = cpputils::make_unique_ref<FakeBlockStore>();
auto askPassword = [] {return "mypassword";};
auto config = CryConfigLoader(mockConsole(), Random::PseudoRandom(), SCrypt::TestSettings, askPassword, askPassword, none, true)
auto config = CryConfigLoader(mockConsole(), Random::PseudoRandom(), SCrypt::TestSettings, askPassword, askPassword, none, none, true)
.loadOrCreate(configFile.path()).value();
return make_unique_ref<CryDevice>(std::move(config), std::move(blockStore));
}