xray: add xchacha support
Also use the new cryptocore algo names.
This commit is contained in:
parent
20ca63cdbc
commit
abaa12992c
|
@ -24,26 +24,22 @@ var GitVersion = "[GitVersion not set - please compile using ./build.bash]"
|
||||||
var BuildDate = "0000-00-00"
|
var BuildDate = "0000-00-00"
|
||||||
|
|
||||||
const (
|
const (
|
||||||
ivLen = contentenc.DefaultIVBits / 8
|
myName = "gocryptfs-xray"
|
||||||
authTagLen = cryptocore.AuthTagLen
|
|
||||||
blockSize = contentenc.DefaultBS + ivLen + cryptocore.AuthTagLen
|
|
||||||
myName = "gocryptfs-xray"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// blockSize is the ciphertext block size including overheads
|
||||||
|
func blockSize(alg cryptocore.AEADTypeEnum) int {
|
||||||
|
return alg.NonceSize + contentenc.DefaultBS + cryptocore.AuthTagLen
|
||||||
|
}
|
||||||
|
|
||||||
func errExit(err error) {
|
func errExit(err error) {
|
||||||
fmt.Println(err)
|
fmt.Println(err)
|
||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
|
|
||||||
func prettyPrintHeader(h *contentenc.FileHeader, aessiv bool) {
|
func prettyPrintHeader(h *contentenc.FileHeader, algo cryptocore.AEADTypeEnum) {
|
||||||
id := hex.EncodeToString(h.ID)
|
id := hex.EncodeToString(h.ID)
|
||||||
msg := "Header: Version: %d, Id: %s"
|
fmt.Printf("Header: Version: %d, Id: %s, assuming %s mode\n", h.Version, id, algo.Name)
|
||||||
if aessiv {
|
|
||||||
msg += ", assuming AES-SIV mode"
|
|
||||||
} else {
|
|
||||||
msg += ", assuming AES-GCM mode"
|
|
||||||
}
|
|
||||||
fmt.Printf(msg+"\n", h.Version, id)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// printVersion prints a version string like this:
|
// printVersion prints a version string like this:
|
||||||
|
@ -79,21 +75,25 @@ func sum(x ...*bool) (s int) {
|
||||||
return s
|
return s
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type argContainer struct {
|
||||||
|
dumpmasterkey *bool
|
||||||
|
decryptPaths *bool
|
||||||
|
encryptPaths *bool
|
||||||
|
aessiv *bool
|
||||||
|
xchacha *bool
|
||||||
|
sep0 *bool
|
||||||
|
fido2 *string
|
||||||
|
version *bool
|
||||||
|
}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
var args struct {
|
var args argContainer
|
||||||
dumpmasterkey *bool
|
|
||||||
decryptPaths *bool
|
|
||||||
encryptPaths *bool
|
|
||||||
aessiv *bool
|
|
||||||
sep0 *bool
|
|
||||||
fido2 *string
|
|
||||||
version *bool
|
|
||||||
}
|
|
||||||
args.dumpmasterkey = flag.Bool("dumpmasterkey", false, "Decrypt and dump the master key")
|
args.dumpmasterkey = flag.Bool("dumpmasterkey", false, "Decrypt and dump the master key")
|
||||||
args.decryptPaths = flag.Bool("decrypt-paths", false, "Decrypt file paths using gocryptfs control socket")
|
args.decryptPaths = flag.Bool("decrypt-paths", false, "Decrypt file paths using gocryptfs control socket")
|
||||||
args.encryptPaths = flag.Bool("encrypt-paths", false, "Encrypt file paths using gocryptfs control socket")
|
args.encryptPaths = flag.Bool("encrypt-paths", false, "Encrypt file paths using gocryptfs control socket")
|
||||||
args.sep0 = flag.Bool("0", false, "Use \\0 instead of \\n as separator")
|
args.sep0 = flag.Bool("0", false, "Use \\0 instead of \\n as separator")
|
||||||
args.aessiv = flag.Bool("aessiv", false, "Assume AES-SIV mode instead of AES-GCM")
|
args.aessiv = flag.Bool("aessiv", false, "Assume AES-SIV mode instead of AES-GCM")
|
||||||
|
args.xchacha = flag.Bool("xchacha", false, "Assume XChaCha20-Poly1305 mode instead of AES-GCM")
|
||||||
args.fido2 = flag.String("fido2", "", "Protect the masterkey using a FIDO2 token instead of a password")
|
args.fido2 = flag.String("fido2", "", "Protect the masterkey using a FIDO2 token instead of a password")
|
||||||
args.version = flag.Bool("version", false, "Print version information")
|
args.version = flag.Bool("version", false, "Print version information")
|
||||||
|
|
||||||
|
@ -121,15 +121,15 @@ func main() {
|
||||||
if *args.encryptPaths {
|
if *args.encryptPaths {
|
||||||
encryptPaths(fn, *args.sep0)
|
encryptPaths(fn, *args.sep0)
|
||||||
}
|
}
|
||||||
fd, err := os.Open(fn)
|
f, err := os.Open(fn)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
errExit(err)
|
errExit(err)
|
||||||
}
|
}
|
||||||
defer fd.Close()
|
defer f.Close()
|
||||||
if *args.dumpmasterkey {
|
if *args.dumpmasterkey {
|
||||||
dumpMasterKey(fn, *args.fido2)
|
dumpMasterKey(fn, *args.fido2)
|
||||||
} else {
|
} else {
|
||||||
inspectCiphertext(fd, *args.aessiv)
|
inspectCiphertext(&args, f)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -166,7 +166,13 @@ func dumpMasterKey(fn string, fido2Path string) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func inspectCiphertext(fd *os.File, aessiv bool) {
|
func inspectCiphertext(args *argContainer, fd *os.File) {
|
||||||
|
algo := cryptocore.BackendGoGCM
|
||||||
|
if *args.aessiv {
|
||||||
|
algo = cryptocore.BackendAESSIV
|
||||||
|
} else if *args.xchacha {
|
||||||
|
algo = cryptocore.BackendXChaCha20Poly1305
|
||||||
|
}
|
||||||
headerBytes := make([]byte, contentenc.HeaderLen)
|
headerBytes := make([]byte, contentenc.HeaderLen)
|
||||||
n, err := fd.ReadAt(headerBytes, 0)
|
n, err := fd.ReadAt(headerBytes, 0)
|
||||||
if err == io.EOF && n == 0 {
|
if err == io.EOF && n == 0 {
|
||||||
|
@ -182,11 +188,11 @@ func inspectCiphertext(fd *os.File, aessiv bool) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
errExit(err)
|
errExit(err)
|
||||||
}
|
}
|
||||||
prettyPrintHeader(header, aessiv)
|
prettyPrintHeader(header, algo)
|
||||||
var i int64
|
var i int64
|
||||||
buf := make([]byte, blockSize)
|
buf := make([]byte, blockSize(algo))
|
||||||
for i = 0; ; i++ {
|
for i = 0; ; i++ {
|
||||||
off := contentenc.HeaderLen + i*blockSize
|
off := contentenc.HeaderLen + i*int64(blockSize(algo))
|
||||||
n, err := fd.ReadAt(buf, off)
|
n, err := fd.ReadAt(buf, off)
|
||||||
if err != nil && err != io.EOF {
|
if err != nil && err != io.EOF {
|
||||||
errExit(err)
|
errExit(err)
|
||||||
|
@ -195,15 +201,15 @@ func inspectCiphertext(fd *os.File, aessiv bool) {
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
// A block contains at least the IV, the Auth Tag and 1 data byte
|
// A block contains at least the IV, the Auth Tag and 1 data byte
|
||||||
if n < ivLen+authTagLen+1 {
|
if n < algo.NonceSize+cryptocore.AuthTagLen+1 {
|
||||||
errExit(fmt.Errorf("corrupt block: truncated data, len=%d", n))
|
errExit(fmt.Errorf("corrupt block: truncated data, len=%d", n))
|
||||||
}
|
}
|
||||||
data := buf[:n]
|
data := buf[:n]
|
||||||
// Parse block data
|
// Parse block data
|
||||||
iv := data[:ivLen]
|
iv := data[:algo.NonceSize]
|
||||||
tag := data[len(data)-authTagLen:]
|
tag := data[len(data)-cryptocore.AuthTagLen:]
|
||||||
if aessiv {
|
if *args.aessiv {
|
||||||
tag = data[ivLen : ivLen+authTagLen]
|
tag = data[algo.NonceSize : algo.NonceSize+cryptocore.AuthTagLen]
|
||||||
}
|
}
|
||||||
fmt.Printf("Block %2d: IV: %s, Tag: %s, Offset: %5d Len: %d\n",
|
fmt.Printf("Block %2d: IV: %s, Tag: %s, Offset: %5d Len: %d\n",
|
||||||
i, hex.EncodeToString(iv), hex.EncodeToString(tag), off, len(data))
|
i, hex.EncodeToString(iv), hex.EncodeToString(tag), off, len(data))
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
Header: Version: 2, Id: 8932adf303fe0289679d47fa84d2b241, assuming AES-GCM mode
|
Header: Version: 2, Id: 8932adf303fe0289679d47fa84d2b241, assuming AES-GCM-256-Go mode
|
||||||
Block 0: IV: c8536b4bfd92f5dc3c1e2ac29f116d4a, Tag: 22b20422749b2f4bba67ec7d3bb1ac34, Offset: 18 Len: 4128
|
Block 0: IV: c8536b4bfd92f5dc3c1e2ac29f116d4a, Tag: 22b20422749b2f4bba67ec7d3bb1ac34, Offset: 18 Len: 4128
|
||||||
Block 1: IV: 2de68f4965779bb137ef2b3c20453556, Tag: 3e8758d6872234b1fffab2504e623467, Offset: 4146 Len: 936
|
Block 1: IV: 2de68f4965779bb137ef2b3c20453556, Tag: 3e8758d6872234b1fffab2504e623467, Offset: 4146 Len: 936
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
Header: Version: 2, Id: d839806747918e345633fcdd0988e67c, assuming AES-SIV mode
|
Header: Version: 2, Id: d839806747918e345633fcdd0988e67c, assuming AES-SIV-512-Go mode
|
||||||
Block 0: IV: 1d3ce2b13260f83766ccf9a670478a4b, Tag: 0b6f95bd523b4c93704e15ecc6bef8e7, Offset: 18 Len: 4128
|
Block 0: IV: 1d3ce2b13260f83766ccf9a670478a4b, Tag: 0b6f95bd523b4c93704e15ecc6bef8e7, Offset: 18 Len: 4128
|
||||||
Block 1: IV: 7eb947d2adf18adf3bed39bbc8052968, Tag: 1a272903e5a987f53f07344840387c20, Offset: 4146 Len: 936
|
Block 1: IV: 7eb947d2adf18adf3bed39bbc8052968, Tag: 1a272903e5a987f53f07344840387c20, Offset: 4146 Len: 936
|
||||||
|
|
Loading…
Reference in New Issue