libgocryptfs/internal/configfile/feature_flags.go

74 lines
2.3 KiB
Go
Raw Normal View History

package configfile
type flagIota int
const (
2016-10-02 06:14:18 +02:00
// FlagPlaintextNames indicates that filenames are unencrypted.
FlagPlaintextNames flagIota = iota
2016-10-02 06:14:18 +02:00
// FlagDirIV indicates that a per-directory IV file is used.
FlagDirIV
2016-10-02 06:14:18 +02:00
// FlagEMENames indicates EME (ECB-Mix-ECB) filename encryption.
// This flag is mandatory since gocryptfs v1.0.
FlagEMENames
2016-10-02 06:14:18 +02:00
// FlagGCMIV128 indicates 128-bit GCM IVs.
// This flag is mandatory since gocryptfs v1.0,
// except when XChaCha20Poly1305 is used.
FlagGCMIV128
// FlagLongNames allows file names longer than 175 bytes.
FlagLongNames
// FlagLongNameMax sets a custom name length limit, names longer than that
// will be hashed.
FlagLongNameMax
2016-10-02 06:14:18 +02:00
// FlagAESSIV selects an AES-SIV based crypto backend.
FlagAESSIV
// FlagRaw64 enables raw (unpadded) base64 encoding for file names
FlagRaw64
2017-02-26 21:25:58 +01:00
// FlagHKDF enables HKDF-derived keys for use with GCM, EME and SIV
// instead of directly using the master key (GCM and EME) or the SHA-512
// hashed master key (SIV).
// Note that this flag does not change the password hashing algorithm
// which always is scrypt.
FlagHKDF
2020-09-05 22:42:15 +02:00
// FlagFIDO2 means that "-fido2" was used when creating the filesystem.
// The masterkey is protected using a FIDO2 token instead of a password.
FlagFIDO2
// FlagXChaCha20Poly1305 means we use XChaCha20-Poly1305 file content encryption
FlagXChaCha20Poly1305
)
// knownFlags stores the known feature flags and their string representation
2016-10-02 06:14:18 +02:00
var knownFlags = map[flagIota]string{
FlagPlaintextNames: "PlaintextNames",
FlagDirIV: "DirIV",
FlagEMENames: "EMENames",
FlagGCMIV128: "GCMIV128",
FlagLongNames: "LongNames",
FlagLongNameMax: "LongNameMax",
FlagAESSIV: "AESSIV",
FlagRaw64: "Raw64",
FlagHKDF: "HKDF",
FlagFIDO2: "FIDO2",
FlagXChaCha20Poly1305: "XChaCha20Poly1305",
}
2016-10-02 06:14:18 +02:00
// isFeatureFlagKnown verifies that we understand a feature flag.
func isFeatureFlagKnown(flag string) bool {
for _, knownFlag := range knownFlags {
if knownFlag == flag {
return true
}
}
return false
}
2016-10-02 06:14:18 +02:00
// IsFeatureFlagSet returns true if the feature flag "flagWant" is enabled.
func (cf *ConfFile) IsFeatureFlagSet(flagWant flagIota) bool {
flagString := knownFlags[flagWant]
for _, flag := range cf.FeatureFlags {
if flag == flagString {
return true
}
}
return false
}