allow per-block rand bytes to be use independently from block MAC

git-svn-id: http://encfs.googlecode.com/svn/trunk@62 db9cf616-1c43-0410-9cb8-a902689de0d6
2025-06-20 03:37:50 +02:00 · 2010-09-06 04:23:22 +00:00 · 2010-09-06 04:23:22 +00:00 · 0d24e66ec9
commit 0d24e66ec9
parent 832d3da98b
3 changed files with 39 additions and 41 deletions
--- a/encfs/FileNode.cpp
+++ b/encfs/FileNode.cpp
@ -80,7 +80,7 @@ FileNode::FileNode(DirNode *parent_, const FSConfigPtr &cfg,
    shared_ptr<FileIO> rawIO( new RawFileIO( _cname ) );
    io = shared_ptr<FileIO>( new CipherFileIO( rawIO, fsConfig ));

-    if(cfg->config->blockMACBytes)
+    if(cfg->config->blockMACBytes || cfg->config->blockMACRandBytes)
        io = shared_ptr<FileIO>(new MACFileIO(io, fsConfig));
 }

--- a/encfs/FileUtils.cpp
+++ b/encfs/FileUtils.cpp
@ -879,8 +879,9 @@ void selectBlockMAC(int *macBytes, int *macRandBytes)
 	"within a block will be caught and will cause a read error."));

    if(addMAC)
-    {
 	*macBytes = 8;
+    else
+	*macBytes = 0;

    // xgroup(setup)
    cout << _("Add random bytes to each block header?\n"
@ -903,11 +904,6 @@ void selectBlockMAC(int *macBytes, int *macRandBytes)
        randSize = 8;

    *macRandBytes = randSize;
-    } else
-    {
-	*macBytes = 0;
-	*macRandBytes = 0;
-    }
 }

 static
@ -1305,7 +1301,7 @@ void showFSInfo( const boost::shared_ptr<EncFSConfig> &config )
 	cout << autosprintf(_("Salt Size: %i bits"), 
                8*(int)config->salt.size()) << "\n";
    }
-    if(config->blockMACBytes)
+    if(config->blockMACBytes || config->blockMACRandBytes)
    {
        if(config->subVersion < 20040813)
 	{
--- a/encfs/MACFileIO.cpp
+++ b/encfs/MACFileIO.cpp
@ -66,7 +66,7 @@ MACFileIO::MACFileIO( const shared_ptr<FileIO> &_base,
   , randBytes( cfg->config->blockMACRandBytes )
   , warnOnly( cfg->opts->forceDecode )
 {
-    rAssert( macBytes > 0 && macBytes <= 8 );
+    rAssert( macBytes >= 0 && macBytes <= 8 );
    rAssert( randBytes >= 0 );
    rLog(Info, "fs block size = %i, macBytes = %i, randBytes = %i",
 	    cfg->config->blockSize, 
@ -183,17 +183,16 @@ ssize_t MACFileIO::readOneBlock( const IORequest &req ) const
    ssize_t readSize = base->read( tmp );

    // don't store zeros if configured for zero-block pass-through
-    bool skipBlock;
+    bool skipBlock = true;
    if( _allowHoles )
    {
-        skipBlock = true;
        for(int i=0; i<readSize; ++i)
            if(tmp.data[i] != 0)
            {
                skipBlock = false;
                break;
            }
-    } else
+    } else if(macBytes > 0)
       skipBlock = false; 

    if(readSize > headerSize)
@ -257,12 +256,14 @@ bool MACFileIO::writeOneBlock( const IORequest &req )

    memset( newReq.data, 0, headerSize );
    memcpy( newReq.data + headerSize, req.data, req.dataLen );
-    if(randBytes)
+    if(randBytes > 0)
    {
 	if(!cipher->randomize( newReq.data+macBytes, randBytes, false ))
            return false;
    }

+    if(macBytes > 0)
+    {
        // compute the mac (which includes the random data) and fill it in
        uint64_t mac = cipher->MAC_64( newReq.data+macBytes, 
                req.dataLen + randBytes, key );
@ -272,6 +273,7 @@ bool MACFileIO::writeOneBlock( const IORequest &req )
            newReq.data[i] = mac & 0xff;
            mac >>= 8;
        }
+    }

    // now, we can let the next level have it..
    bool ok = base->write( newReq );