eCryptfs

Merge lp:~wlxing/ecryptfs/lp342398 into lp:ecryptfs

lp342398
Merge into trunk

Proposed by Jason Xing on 2017-06-10

Status:

Needs review

Proposed branch:

lp:~wlxing/ecryptfs/lp342398

Merge into:

lp:ecryptfs

Diff against target:

449 lines (+354/-1)

4 files modified

debian/changelog (+2/-0)
src/include/ecryptfs.h (+20/-0)
src/libecryptfs/ecryptfs-stat.c (+322/-1)
src/utils/ecryptfs-stat.c (+10/-0)

To merge this branch:

bzr merge lp:~wlxing/ecryptfs/lp342398

Wishlist

In Progress

Link a bug report

Reviewer	Date Requested	Status
Colin Ian King	2017-06-16	Pending
Tyler Hicks	2017-06-10	Pending
Review via email: mp+325438@code.launchpad.net

Description of the change

Add ecryptfs-stat support for encrypted filenames (LP: #342398). The main process has three parts: decoding filename, parsing filename and printing information.
Test output samples:
Case 1):
[...]
Filename encryption enabled
FNEK sig is [8f9887d2339cafb0]
Filename encrytion cipher is [aes]
Case 2):
[...]
Filename encryption disabled
Case 3):
[...]
Filename encryption enabled
ecryptfs_parse_tag_70_packet: max_packet_size is [42]; real packet size is [35]
ecryptfs_parse_filename: Could not parse tag 70 packet from filename

Unmerged revisions

895. By Jason Xing on 2017-06-10: src/utils/ecryptfs-stat.c, src/libecryptfs/ecryptfs-stat.c, src/include/ecryptfs.h: Add ecryptfs-stat support for encrypted filenames (LP: #342398)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Grzegorz Tymendorf

Jason Xing

Morty Smith

Sylvain

Tyler Hicks

dingjingmaster

eCryptfs

 === modified file 'debian/changelog'
 --- debian/changelog	2017-06-08 23:29:22 +0000
 +++ debian/changelog	2017-06-10 01:37:57 +0000
@@ -36,6 +36,8 @@
      users that even though the mount was successful, their data may not be
      decrypted when a mount passphrase was used for recovery
      (LP: #1694272, LP: #1439825)
++  * src/utils/ecryptfs-stat.c, src/libecryptfs/ecryptfs-stat.c, src/include/ecryptfs.h:
++    Add ecryptfs-stat support for encrypted filenames. (LP: #342398)
    [ Jelle van der Waa ]
    * src/key_mod/ecryptfs_key_mod_openssl.c,
 === modified file 'src/include/ecryptfs.h'
 --- src/include/ecryptfs.h	2015-02-14 22:11:29 +0000
 +++ src/include/ecryptfs.h	2017-06-10 01:37:57 +0000
@@ -94,6 +94,7 @@
  #define MAGIC_ECRYPTFS_MARKER 0x3c81b7f5
  #define MAGIC_ECRYPTFS_MARKER_SIZE_BYTES 8	/* 4*2 */
  #endif
++#define ECRYPTFS_MAX_CIPHER_NAME_SIZE 32
  #define MAX_NAME_SIZE 128
  #define MAX_KEY_MOD_VALUE_SIZE 4096
  #define ECRYPTFS_TAG_1_PACKET_TYPE 0x01
@@ -103,6 +104,7 @@
  #define ECRYPTFS_TAG_65_PACKET_TYPE 0x41
  #define ECRYPTFS_TAG_66_PACKET_TYPE 0x42
  #define ECRYPTFS_TAG_67_PACKET_TYPE 0x43
++#define ECRYPTFS_TAG_70_PACKET_TYPE 0x46
  #define ECRYPTFS_MSG_HELO 100
  #define ECRYPTFS_MSG_QUIT 101
  #define ECRYPTFS_MSG_REQUEST 102
@@ -143,6 +145,21 @@
  #define ECRYPTFS_ECHO_ON 1
  #define ECRYPTFS_ECHO_OFF 0
++#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX "ECRYPTFS_FNEK_ENCRYPTED."
++#define ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE 24
++#define ECRYPTFS_MIN_PKT_LEN_SIZE 1
++#define ECRYPTFS_TAG_70_MIN_METADATA_SIZE (1 + ECRYPTFS_MIN_PKT_LEN_SIZE \
++					   + ECRYPTFS_SIG_SIZE + 1 + 1)
++
++#define RFC2440_CIPHER_DES3_EDE 0x02
++#define RFC2440_CIPHER_CAST_5 0x03
++#define RFC2440_CIPHER_BLOWFISH 0x04
++#define RFC2440_CIPHER_AES_128 0x07
++#define RFC2440_CIPHER_AES_192 0x08
++#define RFC2440_CIPHER_AES_256 0x09
++#define RFC2440_CIPHER_TWOFISH 0x0a
++#define RFC2440_CIPHER_CAST_6 0x0b
++
  #define ECRYPTFS_AES_BLOCK_SIZE 16
  #define ECRYPTFS_AES_KEY_BYTES 16
@@ -437,6 +454,7 @@
  #define ECRYPTFS_METADATA_IN_XATTR  0x00000100
  #define ECRYPTFS_VIEW_AS_ENCRYPTED  0x00000200
  #define ECRYPTFS_KEY_SET            0x00000400
++#define ECRYPTFS_ENCRYPT_FILENAMES  0x00000800
  	uint32_t flags;
  	unsigned int file_version;
  	uint64_t file_size;
@@ -580,4 +598,6 @@
  char *ecryptfs_fetch_private_mnt(char *pw_dir);
  int ecryptfs_private_is_mounted(char *dev, char *mnt, char *sig, int mounting);
++int ecryptfs_parse_filename(const char *path, size_t path_len);
++
  #endif
 === modified file 'src/libecryptfs/ecryptfs-stat.c'
 --- src/libecryptfs/ecryptfs-stat.c	2013-10-27 22:21:20 +0000
 +++ src/libecryptfs/ecryptfs-stat.c	2017-06-10 01:37:57 +0000
@@ -65,7 +65,8 @@
  static struct ecryptfs_flag_map_elem ecryptfs_flag_map[] = {
  	{0x00000001, ECRYPTFS_ENABLE_HMAC},
  	{0x00000002, ECRYPTFS_ENCRYPTED},
--	{0x00000004, ECRYPTFS_METADATA_IN_XATTR}
++	{0x00000004, ECRYPTFS_METADATA_IN_XATTR},
++	{0x00000008, ECRYPTFS_ENCRYPT_FILENAMES}
  };
  /**
@@ -186,3 +187,323 @@
  out:
  	return rc;
+ }
++
++/* We could either offset on every reverse map or just pad some 0x00's
++ * at the front here */
++static const unsigned char filename_rev_map[256] = {
++	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 7 */
++	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 15 */
++	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 23 */
++	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 31 */
++	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 39 */
++	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, /* 47 */
++	0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, /* 55 */
++	0x0A, 0x0B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, /* 63 */
++	0x00, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, /* 71 */
++	0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, /* 79 */
++	0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, /* 87 */
++	0x23, 0x24, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, /* 95 */
++	0x00, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, /* 103 */
++	0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, /* 111 */
++	0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, /* 119 */
++	0x3D, 0x3E, 0x3F /* 123 - 255 initialized to 0x00 */
++};
++
++static size_t ecryptfs_max_decoded_size(size_t encoded_size)
++{
++	/* Not exact; conservatively long. Every block of 4
++	 * encoded characters decodes into a block of 3
++	 * decoded characters. This segment of code provides
++	 * the caller with the maximum amount of allocated
++	 * space that @dst will need to point to in a
++	 * subsequent call. */
++	return ((encoded_size + 1) * 3) / 4;
++}
++
++/**
++ * ecryptfs_decode_from_filename
++ * @dst: If NULL, this function only sets @dst_size and returns. If
++ *       non-NULL, this function decodes the encoded octets in @src
++ *       into the memory that @dst points to.
++ * @dst_size: Set to the size of the decoded string.
++ * @src: The encoded set of octets to decode.
++ * @src_size: The size of the encoded set of octets to decode.
++ */
++static void
++ecryptfs_decode_from_filename(unsigned char *dst, size_t *dst_size,
++			      const unsigned char *src, size_t src_size)
++{
++	unsigned char current_bit_offset = 0;
++	size_t src_byte_offset = 0;
++	size_t dst_byte_offset = 0;
++
++	if (dst == NULL) {
++		(*dst_size) = ecryptfs_max_decoded_size(src_size);
++		goto out;
++	}
++	while (src_byte_offset < src_size) {
++		unsigned char src_byte =
++				filename_rev_map[(int)src[src_byte_offset]];
++
++		switch (current_bit_offset) {
++		case 0:
++			dst[dst_byte_offset] = (src_byte << 2);
++			current_bit_offset = 6;
++			break;
++		case 6:
++			dst[dst_byte_offset++] |= (src_byte >> 4);
++			dst[dst_byte_offset] = ((src_byte & 0xF)
++						 << 4);
++			current_bit_offset = 4;
++			break;
++		case 4:
++			dst[dst_byte_offset++] |= (src_byte >> 2);
++			dst[dst_byte_offset] = (src_byte << 6);
++			current_bit_offset = 2;
++			break;
++		case 2:
++			dst[dst_byte_offset++] |= (src_byte);
++			dst[dst_byte_offset] = 0;
++			current_bit_offset = 0;
++			break;
++		}
++		src_byte_offset++;
++	}
++	(*dst_size) = dst_byte_offset;
++out:
++	return;
++}
++
++static int ecryptfs_decode_filename(const char *name, size_t name_size,
++								char **decoded_name, size_t *decoded_name_size)
++{
++	int rc = 0;
++
++	if ((name_size > ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE)
++		&& (strncmp(name, ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX,
++			ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE) == 0)) {
++		name += ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE;
++		name_size -= ECRYPTFS_FNEK_ENCRYPTED_FILENAME_PREFIX_SIZE;
++		ecryptfs_decode_from_filename(NULL, decoded_name_size,
++								name, name_size);
++		(*decoded_name) = (char *)malloc(*decoded_name_size);
++		if (!(*decoded_name)) {
++			printf("%s: Out of memory whilst attempting "
++			       "to malloc [%zd] bytes\n", __func__,
++			       *decoded_name_size);
++			rc = -ENOMEM;
++			goto out;
++		}
++		ecryptfs_decode_from_filename(*decoded_name, decoded_name_size,
++					      name, name_size);
++	} else {
++		rc = -EINVAL;
++	}
++out:
++	return rc;
++}
++
++struct ecryptfs_parse_tag_70_packet_stack {
++	unsigned char cipher_code;
++	size_t max_packet_size;
++	size_t packet_size_len;
++	size_t parsed_tag_70_packet_size;
++	size_t block_aligned_filename_size;
++	char fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX + 1];
++	char cipher_string[ECRYPTFS_MAX_CIPHER_NAME_SIZE];
++};
++
++struct ecryptfs_cipher_code_str_map_elem {
++	char cipher_str[16];
++	unsigned char cipher_code;
++};
++
++/* For now eCryptfs doesn't support public-key type for
++ * filename encrytion/decrption*/
++static struct ecryptfs_cipher_code_str_map_elem
++ecryptfs_cipher_code_str_map[] = {
++	{"aes",RFC2440_CIPHER_AES_128 },
++	{"blowfish", RFC2440_CIPHER_BLOWFISH},
++	{"des3_ede", RFC2440_CIPHER_DES3_EDE},
++	{"cast5", RFC2440_CIPHER_CAST_5},
++	{"twofish", RFC2440_CIPHER_TWOFISH},
++	{"cast6", RFC2440_CIPHER_CAST_6},
++	{"aes", RFC2440_CIPHER_AES_192},
++	{"aes", RFC2440_CIPHER_AES_256}
++};
++
++/**
++ * ecryptfs_cipher_code_to_string
++ * @str: Destination to write out the cipher name
++ * @cipher_code: The code to convert to cipher name string
++ *
++ * Returns zero on success
++ */
++static int ecryptfs_cipher_code_to_string(char *str, unsigned char cipher_code)
++{
++	int rc = 0;
++	int i;
++
++	str[0] = '\0';
++	for (i = 0; i < (sizeof(ecryptfs_cipher_code_str_map) / sizeof(ecryptfs_cipher_code_str_map[0])); i++)
++		if (cipher_code == ecryptfs_cipher_code_str_map[i].cipher_code)
++			strcpy(str, ecryptfs_cipher_code_str_map[i].cipher_str);
++	if (str[0] == '\0') {
++		printf("Cipher code not recognized: [%d]\n", cipher_code);
++		rc = -EINVAL;
++	}
++	return rc;
++}
++
++/**
++ * ecryptfs_to_hex
++ * @dst: Buffer to take hex character representation of contents of
++ *       src; must be at least of size (src_size * 2)
++ * @src: Buffer to be converted to a hex string respresentation
++ * @src_size: number of bytes to convert
++ */
++static void ecryptfs_to_hex(char *dst, char *src, size_t src_size)
++{
++	int x;
++
++	for (x = 0; x < src_size; x++)
++		sprintf(&dst[x * 2], "%.2x", (unsigned char)src[x]);
++}
++
++/**
++ * parse_tag_70_packet - Parse and process FNEK-encrypted passphrase packet
++ * Tag 70 packet format:
++ * 		Octet 0: Tag 70 identifier
++ * 		Octets 1-N1: Tag 70 packet size (includes cipher identifier
++ *              		and block-aligned encrypted filename size)
++ * 		Octets N1-N2: FNEK sig (ECRYPTFS_SIG_SIZE)
++ * 		Octet N2-N3: Cipher identifier (1 octet)
++ * 		Octets N3-N4: Block-aligned encrypted filename
++ *
++ * @s: Parse tag 70 packet into this structure and print its members one by
++ * 	   one later
++ * @packet_size: This function sets this to the the number of octets
++ *               in the packet parsed
++ * @data: The memory location containing the start of the tag 70
++ *        packet
++ * @max_packet_size: The maximum legal size of the packet to be parsed
++ *                   from @data
++ *
++ * Returns zero on success; non-zero otherwise
++ */
++static int ecryptfs_parse_tag_70_packet(struct ecryptfs_parse_tag_70_packet_stack **s, size_t *packet_size,
++						char *data, size_t max_packet_size)
++{
++	int rc = 0;
++
++	(*packet_size) = 0;
++	*s = (struct ecryptfs_parse_tag_70_packet_stack *)malloc(sizeof(**s));
++	if (!(*s)) {
++		printf("%s: Out of memory whilst trying to malloc "
++		       "[%zd] bytes of memory\n", __func__, sizeof(**s));
++		rc = -ENOMEM;
++		goto out;
++	}
++	if (max_packet_size < ECRYPTFS_TAG_70_MIN_METADATA_SIZE) {
++		printf("%s: max_packet_size is [%zd]; it must be "
++		       "at least [%d]\n", __func__, max_packet_size,
++		       ECRYPTFS_TAG_70_MIN_METADATA_SIZE);
++		rc = -EINVAL;
++		goto out;
++	}
++	/* Tag 70 identifier */
++	if (data[(*packet_size)++] != ECRYPTFS_TAG_70_PACKET_TYPE) {
++		printf("%s: Invalid packet tag [0x%.2x]; must be "
++		       "tag [0x%.2x]\n", __func__,
++		       data[((*packet_size) - 1)], ECRYPTFS_TAG_70_PACKET_TYPE);
++		rc = -EINVAL;
++		goto out;
++	}
++	/* Tag 70 packet size */
++	rc = ecryptfs_parse_packet_length(&data[(*packet_size)],
++					  &(*s)->parsed_tag_70_packet_size,
++					  &(*s)->packet_size_len);
++	if (rc) {
++		printf("%s: Error parsing packet length; "
++		       "rc = [%d]\n", __func__, rc);
++		goto out;
++	}
++	(*s)->block_aligned_filename_size = ((*s)->parsed_tag_70_packet_size
++					  - ECRYPTFS_SIG_SIZE - 1);
++	if ((1 + (*s)->packet_size_len + (*s)->parsed_tag_70_packet_size)
++	    > max_packet_size) {
++		printf("%s: max_packet_size is [%zd]; real packet "
++		       "size is [%zd]\n", __func__, max_packet_size,
++		       (1 + (*s)->packet_size_len + 1
++			+ (*s)->block_aligned_filename_size));
++		rc = -EINVAL;
++		goto out;
++	}
++	(*packet_size) += (*s)->packet_size_len;
++	/* FNEK sig */
++	ecryptfs_to_hex((*s)->fnek_sig_hex, &data[(*packet_size)],
++			ECRYPTFS_SIG_SIZE);
++	(*s)->fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX] = '\0';
++	(*packet_size) += ECRYPTFS_SIG_SIZE;
++	/* Cipher identifier */
++	(*s)->cipher_code = data[(*packet_size)++];
++	rc = ecryptfs_cipher_code_to_string((*s)->cipher_string, (*s)->cipher_code);
++	if (rc) {
++		printf("%s: Cipher code [%d] is invalid\n",
++		       __func__, (*s)->cipher_code);
++		goto out;
++	}
++out:
++	return rc;
++}
++
++static void ecryptfs_print_stack(struct ecryptfs_parse_tag_70_packet_stack *s)
++{
++	printf("FNEK sig is [%s]\n", s->fnek_sig_hex);
++	printf("Filename encrytion cipher is [%s]\n", s->cipher_string);
++	return;
++}
++
++/*
++ * find filename portion of a path (/foo/bar -> baz)
++ */
++static char *ecryptfs_get_filename(const char *s, int len)
++{
++	const char *e = s + len;
++
++	while (e != s && *(e-1) != '/')
++		e--;
++	return (char *)e;
++}
++
++int ecryptfs_parse_filename(const char *path, size_t path_len)
++{
++	const char *name;
++	char *decoded_name = NULL;
++	struct ecryptfs_parse_tag_70_packet_stack *s = NULL;
++	size_t name_size, decoded_name_size, packet_size;
++	int rc = 0;
++
++	name = ecryptfs_get_filename(path, path_len);
++	name_size = strlen(name);
++	rc = ecryptfs_decode_filename(name, name_size,
++					&decoded_name, &decoded_name_size);
++	if (rc) {
++		printf("%s: Could not decode filename\n", __func__);
++		goto out;
++	}
++	rc = ecryptfs_parse_tag_70_packet(&s,
++					  &packet_size,
++					  decoded_name,
++					  decoded_name_size);
++	if (rc) {
++		goto out;
++	}
++	ecryptfs_print_stack(s);
++out:
++	if (s)
++		free(s);
++	if (decoded_name)
++		free(decoded_name);
++	return rc;
++}
 === modified file 'src/utils/ecryptfs-stat.c'
 --- src/utils/ecryptfs-stat.c	2009-02-03 08:50:36 +0000
 +++ src/utils/ecryptfs-stat.c	2017-06-10 01:37:57 +0000
@@ -3,6 +3,7 @@
   */
  #include <stdio.h>
++#include <string.h>
  #include <fcntl.h>
  #include <unistd.h>
  #include <errno.h>
@@ -19,6 +20,7 @@
  int main(int argc, const char *argv[])
+ {
  	const char *filename;
++	size_t filename_size;
  	int fd = -1;
  	ssize_t quant_read;
  	struct ecryptfs_crypt_stat_user crypt_stat;
@@ -30,6 +32,7 @@
  		goto out;
+ 	}
  	filename = argv[1];
++	filename_size = strlen(filename);
  	fd = open(filename, O_RDONLY);
  	if (fd == -1) {
  		printf("Error opening file [%s] for RD_ONLY access; errno msg "
@@ -68,6 +71,13 @@
  		printf("HMAC enabled\n");
  	else
  		printf("HMAC disabled\n");
++	if (crypt_stat.flags & ECRYPTFS_ENCRYPT_FILENAMES) {
++		printf("Filename encryption enabled\n");
++		rc = ecryptfs_parse_filename(filename, filename_size);
++	}
++	else
++		printf("Filename encryption disabled\n");
++
  out:
  	if (fd != -1)
  		close(fd);