From 7799c88df6b3d8f49879ad83269c96efac9f3895 Mon Sep 17 00:00:00 2001 From: Valient Gough Date: Tue, 5 Mar 2013 06:29:58 +0000 Subject: [PATCH] move code into encfs namespace, split protobufs git-svn-id: http://encfs.googlecode.com/svn/trunk@93 db9cf616-1c43-0410-9cb8-a902689de0d6 --- CMakeLists.txt | 3 + base/CMakeLists.txt | 8 +- base/ConfigReader.cpp | 9 ++- base/ConfigReader.h | 4 + base/ConfigVar.cpp | 29 +++---- base/ConfigVar.h | 9 ++- base/Error.cpp | 3 + base/Error.h | 4 + base/Interface.cpp | 3 + base/Interface.h | 6 +- base/Mutex.h | 4 +- base/Range.h | 2 + base/XmlReader.cpp | 5 +- base/XmlReader.h | 7 +- base/base64.cpp | 39 +++++----- base/base64.h | 23 +++--- base/types.h | 10 +++ cipher/CMakeLists.txt | 1 + cipher/Cipher.cpp | 23 +++--- cipher/Cipher.h | 27 ++++--- cipher/CipherKey.cpp | 4 + cipher/CipherKey.h | 4 + cipher/MemoryPool.cpp | 5 +- cipher/MemoryPool.h | 10 ++- cipher/NullCipher.cpp | 20 ++--- cipher/NullCipher.h | 21 ++--- cipher/SSL_Cipher.cpp | 91 +++++++++++----------- cipher/SSL_Cipher.h | 32 ++++---- cipher/openssl.cpp | 3 + cipher/openssl.h | 4 + encfs/main.cpp | 5 ++ fs/BlockFileIO.cpp | 5 +- fs/BlockFileIO.h | 8 +- fs/BlockNameIO.cpp | 4 + fs/BlockNameIO.h | 4 + fs/CMakeLists.txt | 3 + fs/CipherFileIO.cpp | 5 +- fs/CipherFileIO.h | 4 + fs/Context.cpp | 3 +- fs/Context.h | 4 + fs/DirNode.cpp | 7 +- fs/DirNode.h | 4 + fs/FSConfig.h | 6 +- fs/FileIO.cpp | 5 +- fs/FileIO.h | 4 + fs/FileNode.cpp | 14 ++-- fs/FileNode.h | 3 + fs/FileUtils.cpp | 5 +- fs/FileUtils.h | 4 + fs/MACFileIO.cpp | 6 +- fs/MACFileIO.h | 4 + fs/MemBlockFileIO.cpp | 3 + fs/MemBlockFileIO.h | 4 + fs/MemFileIO.cpp | 3 + fs/MemFileIO.h | 6 +- fs/NameIO.cpp | 5 ++ fs/NameIO.h | 3 + fs/NullNameIO.cpp | 4 + fs/NullNameIO.h | 5 +- fs/RawFileIO.cpp | 5 ++ fs/RawFileIO.h | 6 +- fs/StreamNameIO.cpp | 4 + fs/StreamNameIO.h | 3 + fs/encfs.cpp | 6 +- fs/encfs.h | 4 + fs/test.cpp | 4 +- fs/test_BlockIO.cpp | 4 +- fs/test_IO.cpp | 2 + fs/testing.cpp | 9 ++- fs/testing.h | 4 + base/config.proto => protos/fsconfig.proto | 18 ++--- protos/interface.proto | 17 ++++ util/encfsctl.cpp | 2 +- 73 files changed, 449 insertions(+), 192 deletions(-) create mode 100644 base/types.h rename base/config.proto => protos/fsconfig.proto (70%) create mode 100644 protos/interface.proto diff --git a/CMakeLists.txt b/CMakeLists.txt index a7fe73c..660d9cd 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -50,6 +50,9 @@ if (APPLE) add_definitions (-D__FreeBSD__=10) endif (APPLE) +find_package (Protobuf REQUIRED) +include_directories (${PROTOBUF_INCLUDE_DIR}) + find_package (GLog REQUIRED) include_directories (${GLOG_INCLUDE_DIRS}) diff --git a/base/CMakeLists.txt b/base/CMakeLists.txt index e08d26c..f27f773 100644 --- a/base/CMakeLists.txt +++ b/base/CMakeLists.txt @@ -1,11 +1,11 @@ -find_package (Protobuf REQUIRED) -include_directories (${PROTOBUF_INCLUDE_DIR}) - find_package (TinyXML REQUIRED) include_directories (${TINYXML_INCLUDE_DIR}) set (LIBS ${LIBS} ${TINYXML_LIBRARIES}) -protobuf_generate_cpp (PROTO_SRCS PROTO_HDRS config.proto) +find_package (Protobuf REQUIRED) + + +protobuf_generate_cpp (PROTO_SRCS PROTO_HDRS ${Encfs_SOURCE_DIR}/protos/interface.proto) configure_file (${CMAKE_CURRENT_SOURCE_DIR}/config.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/config.h) diff --git a/base/ConfigReader.cpp b/base/ConfigReader.cpp index 1ba71dd..f5a8f60 100644 --- a/base/ConfigReader.cpp +++ b/base/ConfigReader.cpp @@ -28,9 +28,11 @@ #include #include +#include "base/types.h" using namespace std; +namespace encfs { ConfigReader::ConfigReader() { @@ -69,7 +71,7 @@ bool ConfigReader::load(const char *fileName) } ConfigVar in; - in.write( (unsigned char *)buf, size ); + in.write( (byte *)buf, size ); delete[] buf; return loadFromVar( in ); @@ -132,9 +134,9 @@ ConfigVar ConfigReader::toVar() const for(it = vars.begin(); it != vars.end(); ++it) { out.writeInt( it->first.size() ); - out.write( (unsigned char*)it->first.data(), it->first.size() ); + out.write( (byte*)it->first.data(), it->first.size() ); out.writeInt( it->second.size() ); - out.write( (unsigned char*)it->second.buffer(), it->second.size() ); + out.write( (byte*)it->second.buffer(), it->second.size() ); } return out; @@ -155,3 +157,4 @@ ConfigVar &ConfigReader::operator[] ( const std::string &varName ) return vars[ varName ]; } +} // namespace encfs diff --git a/base/ConfigReader.h b/base/ConfigReader.h index da521e3..95ee22f 100644 --- a/base/ConfigReader.h +++ b/base/ConfigReader.h @@ -26,6 +26,8 @@ #include "base/ConfigVar.h" +namespace encfs { + /* handles Configuration load / store for Encfs filesystems. @@ -63,4 +65,6 @@ private: }; +} // namespace encfs + #endif diff --git a/base/ConfigVar.cpp b/base/ConfigVar.cpp index eb1a1a1..94b7b06 100644 --- a/base/ConfigVar.cpp +++ b/base/ConfigVar.cpp @@ -24,6 +24,8 @@ #include #include +namespace encfs { + #ifndef MIN inline int MIN(int a, int b) { @@ -70,7 +72,7 @@ void ConfigVar::resetOffset() pd->offset = 0; } -int ConfigVar::read(unsigned char *buffer_, int bytes) const +int ConfigVar::read(byte *buffer_, int bytes) const { int toCopy = MIN( bytes, pd->buffer.size() - pd->offset ); @@ -82,7 +84,7 @@ int ConfigVar::read(unsigned char *buffer_, int bytes) const return toCopy; } -int ConfigVar::write(const unsigned char *data, int bytes) +int ConfigVar::write(const byte *data, int bytes) { if(pd->buffer.size() == (unsigned int)pd->offset) { @@ -115,7 +117,7 @@ int ConfigVar::at() const void ConfigVar::writeString(const char *data, int bytes) { writeInt( bytes ); - write( (const unsigned char *)data, bytes ); + write( (const byte *)data, bytes ); } @@ -129,13 +131,13 @@ void ConfigVar::writeInt(int val) // third byte: 0x001fb000 0000,0000 0001,1111 1100,0000 0000,0000 // fourth byte: 0x0fe00000 0000,1111 1110,0000 // fifth byte: 0xf0000000 1111,0000 - unsigned char digit[5]; + byte digit[5]; - digit[4] = (unsigned char)((val & 0x0000007f)); - digit[3] = 0x80 | (unsigned char)((val & 0x00003f80) >> 7); - digit[2] = 0x80 | (unsigned char)((val & 0x001fc000) >> 14); - digit[1] = 0x80 | (unsigned char)((val & 0x0fe00000) >> 21); - digit[0] = 0x80 | (unsigned char)((val & 0xf0000000) >> 28); + digit[4] = (byte)((val & 0x0000007f)); + digit[3] = 0x80 | (byte)((val & 0x00003f80) >> 7); + digit[2] = 0x80 | (byte)((val & 0x001fc000) >> 14); + digit[1] = 0x80 | (byte)((val & 0x0fe00000) >> 21); + digit[0] = 0x80 | (byte)((val & 0xf0000000) >> 28); // find the starting point - we only need to output starting at the most // significant non-zero digit.. @@ -148,7 +150,7 @@ void ConfigVar::writeInt(int val) int ConfigVar::readInt() const { - const unsigned char * buf = (const unsigned char *)buffer(); + const byte * buf = (const byte *)buffer(); int bytes = this->size(); int offset = at(); int value = 0; @@ -158,7 +160,7 @@ int ConfigVar::readInt() const do { - unsigned char tmp = buf[offset++]; + byte tmp = buf[offset++]; highBitSet = tmp & 0x80; value = (value << 7) | (int)(tmp & 0x7f); @@ -227,10 +229,10 @@ const ConfigVar & operator >> (const ConfigVar &src, std::string &result) int readLen; - unsigned char tmpBuf[32]; + byte tmpBuf[32]; if(length > (int)sizeof(tmpBuf)) { - unsigned char *ptr = new unsigned char[length]; + byte *ptr = new byte[length]; readLen = src.read( ptr, length ); result.assign( (char*)ptr, length ); delete[] ptr; @@ -251,3 +253,4 @@ const ConfigVar & operator >> (const ConfigVar &src, std::string &result) return src; } +} // namespace encfs diff --git a/base/ConfigVar.h b/base/ConfigVar.h index 5dcbaa7..1d431db 100644 --- a/base/ConfigVar.h +++ b/base/ConfigVar.h @@ -23,6 +23,9 @@ #include #include "base/shared_ptr.h" +#include "base/types.h" + +namespace encfs { class ConfigVar { @@ -46,10 +49,10 @@ public: void resetOffset(); // read bytes - int read(unsigned char *buffer, int size) const; + int read(byte *buffer, int size) const; // write bytes.. - int write(const unsigned char *data, int size); + int write(const byte *data, int size); int readInt() const; int readInt( int defaultValue ) const; @@ -77,5 +80,7 @@ const ConfigVar & operator >> (const ConfigVar &, bool &); const ConfigVar & operator >> (const ConfigVar &, int &); const ConfigVar & operator >> (const ConfigVar &, std::string &str); +} // namespace encfs + #endif diff --git a/base/Error.cpp b/base/Error.cpp index ee628e0..e901c8e 100644 --- a/base/Error.cpp +++ b/base/Error.cpp @@ -1,7 +1,10 @@ #include "base/Error.h" +namespace encfs { + Error::Error(const char *msg) : runtime_error(msg) { } +} // namespace encfs diff --git a/base/Error.h b/base/Error.h index 836af32..ce76f0b 100644 --- a/base/Error.h +++ b/base/Error.h @@ -4,6 +4,8 @@ #include #include +namespace encfs { + class Error : public std::runtime_error { public: @@ -21,5 +23,7 @@ public: } while(0) +} // namespace encfs + #endif diff --git a/base/Interface.cpp b/base/Interface.cpp index 03c0d10..d1b9b00 100644 --- a/base/Interface.cpp +++ b/base/Interface.cpp @@ -25,6 +25,8 @@ #include #include +namespace encfs { + std::ostream& operator << (std::ostream& out, const Interface &iface) { out << iface.name() << "(" << iface.major() @@ -82,3 +84,4 @@ bool operator != (const Interface &a, const Interface &b) return false; } +} // namespace encfs diff --git a/base/Interface.h b/base/Interface.h index 38b5e62..1c144c4 100644 --- a/base/Interface.h +++ b/base/Interface.h @@ -22,7 +22,9 @@ #define _Interface_incl_ #include -#include "base/config.pb.h" +#include "base/interface.pb.h" + +namespace encfs { // check if A implements the interface described by B. // Note that implements(A, B) is not the same as implements(B, A) @@ -38,5 +40,7 @@ const ConfigVar & operator >> (const ConfigVar &, Interface &); bool operator != (const Interface &a, const Interface &b); +} // namespace encfs + #endif diff --git a/base/Mutex.h b/base/Mutex.h index 0a13a60..4675af6 100644 --- a/base/Mutex.h +++ b/base/Mutex.h @@ -23,7 +23,7 @@ #include -namespace rel +namespace encfs { class Lock @@ -60,7 +60,7 @@ inline void Lock::leave() _mutex = 0; } -} // namespace rel +} // namespace encfs #endif diff --git a/base/Range.h b/base/Range.h index b89804c..f5f6a81 100644 --- a/base/Range.h +++ b/base/Range.h @@ -21,6 +21,7 @@ #ifndef _Range_incl_ #define _Range_incl_ +namespace encfs { class Range { @@ -112,4 +113,5 @@ inline int Range::inc() const return increment; } +} // namespace encfs #endif diff --git a/base/XmlReader.cpp b/base/XmlReader.cpp index c774708..ad37b45 100644 --- a/base/XmlReader.cpp +++ b/base/XmlReader.cpp @@ -41,6 +41,8 @@ using namespace std; +namespace encfs { + XmlValue::~XmlValue() { } @@ -106,7 +108,7 @@ bool XmlValue::read(const char *path, bool *out) const return true; } -bool XmlValue::readB64(const char *path, unsigned char *data, int length) const +bool XmlValue::readB64(const char *path, byte *data, int length) const { XmlValuePtr value = find(path); if (!value) @@ -246,3 +248,4 @@ XmlValuePtr XmlReader::operator[] ( const char *name ) const return XmlValuePtr(new XmlNode(element)); } +} // namespace encfs diff --git a/base/XmlReader.h b/base/XmlReader.h index dae3826..37b38b2 100644 --- a/base/XmlReader.h +++ b/base/XmlReader.h @@ -23,6 +23,9 @@ #include #include "base/shared_ptr.h" +#include "base/types.h" + +namespace encfs { class XmlValue; typedef shared_ptr XmlValuePtr; @@ -51,7 +54,7 @@ public: } bool read(const char *path, std::string *out) const; - bool readB64(const char *path, unsigned char *out, int length) const; + bool readB64(const char *path, byte *out, int length) const; bool read(const char *path, int *out) const; bool read(const char *path, long *out) const; @@ -79,4 +82,6 @@ private: shared_ptr pd; }; +} // namespace encfs + #endif diff --git a/base/base64.cpp b/base/base64.cpp index cfb0e38..f89997f 100644 --- a/base/base64.cpp +++ b/base/base64.cpp @@ -22,17 +22,19 @@ #include +namespace encfs { + // change between two powers of two, stored as the low bits of the bytes in the // arrays. // It is the caller's responsibility to make sure the output array is large // enough. -void changeBase2(unsigned char *src, int srcLen, int src2Pow, - unsigned char *dst, int dstLen, int dst2Pow) +void changeBase2(byte *src, int srcLen, int src2Pow, + byte *dst, int dstLen, int dst2Pow) { unsigned long work = 0; int workBits = 0; // number of bits left in the work buffer - unsigned char *end = src + srcLen; - unsigned char *origDst = dst; + byte *end = src + srcLen; + byte *origDst = dst; const int mask = (1 << dst2Pow) -1; // copy the new bits onto the high bits of the stream. @@ -63,12 +65,12 @@ void changeBase2(unsigned char *src, int srcLen, int src2Pow, to be written, then write the value at the tail end of the recursion. */ static -void changeBase2Inline(unsigned char *src, int srcLen, +void changeBase2Inline(byte *src, int srcLen, int src2Pow, int dst2Pow, bool outputPartialLastByte, unsigned long work, int workBits, - unsigned char *outLoc) + byte *outLoc) { const int mask = (1 << dst2Pow) -1; if(!outLoc) @@ -84,7 +86,7 @@ void changeBase2Inline(unsigned char *src, int srcLen, } // we have at least one value that can be output - unsigned char outVal = work & mask; + byte outVal = work & mask; work >>= dst2Pow; workBits -= dst2Pow; @@ -112,7 +114,7 @@ void changeBase2Inline(unsigned char *src, int srcLen, } } -void changeBase2Inline(unsigned char *src, int srcLen, +void changeBase2Inline(byte *src, int srcLen, int src2Pow, int dst2Pow, bool outputPartialLastByte) { @@ -128,7 +130,7 @@ void changeBase2Inline(unsigned char *src, int srcLen, // '.' included in the encrypted names, so that it can be reserved for files // with special meaning. static const char B642AsciiTable[] = ",-0123456789"; -void B64ToAscii(unsigned char *in, int length) +void B64ToAscii(byte *in, int length) { for(int offset=0; offset= 'A') { if(ch >= 'a') @@ -174,7 +176,7 @@ void AsciiToB64(unsigned char *out, const unsigned char *in, int length) } -void B32ToAscii(unsigned char *buf, int len) +void B32ToAscii(byte *buf, int len) { for(int offset=0; offset= 'A') lch -= 'A'; else lch += 26 - '2'; - *out++ = (unsigned char)lch; + *out++ = (byte)lch; } } +} // namespace encfs diff --git a/base/base64.h b/base/base64.h index 2d7b9b2..6be224c 100644 --- a/base/base64.h +++ b/base/base64.h @@ -21,6 +21,9 @@ #ifndef _base64_incl_ #define _base64_incl_ +#include "base/types.h" + +namespace encfs { inline int B64ToB256Bytes( int numB64Bytes ) { @@ -46,29 +49,31 @@ inline int B256ToB32Bytes( int numB256Bytes ) /* convert data between different bases - each being a power of 2. */ -void changeBase2(unsigned char *src, int srcLength, int srcPow2, - unsigned char *dst, int dstLength, int dstPow2); +void changeBase2(byte *src, int srcLength, int srcPow2, + byte *dst, int dstLength, int dstPow2); /* same as changeBase2, but writes output over the top of input data. */ -void changeBase2Inline(unsigned char *buf, int srcLength, +void changeBase2Inline(byte *buf, int srcLength, int srcPow2, int dst2Pow, bool outputPartialLastByte); // inplace translation from values [0,2^6] => base64 ASCII -void B64ToAscii(unsigned char *buf, int length); +void B64ToAscii(byte *buf, int length); // inplace translation from values [0,2^5] => base32 ASCII -void B32ToAscii(unsigned char *buf, int length); +void B32ToAscii(byte *buf, int length); // inplace translation from values base64 ASCII => [0,2^6] -void AsciiToB64(unsigned char *buf, int length); -void AsciiToB64(unsigned char *out, const unsigned char *in, int length); +void AsciiToB64(byte *buf, int length); +void AsciiToB64(byte *out, const byte *in, int length); // inplace translation from values base32 ASCII => [0,2^5] -void AsciiToB32(unsigned char *buf, int length); -void AsciiToB32(unsigned char *out, const unsigned char *in, int length); +void AsciiToB32(byte *buf, int length); +void AsciiToB32(byte *out, const byte *in, int length); + +} // namespace encfs #endif diff --git a/base/types.h b/base/types.h new file mode 100644 index 0000000..2f6d519 --- /dev/null +++ b/base/types.h @@ -0,0 +1,10 @@ +#ifndef TYPES_H +#define TYPES_H + +namespace encfs { + +typedef unsigned char byte; + +} + +#endif // TYPES_H diff --git a/cipher/CMakeLists.txt b/cipher/CMakeLists.txt index ea56731..158b28e 100644 --- a/cipher/CMakeLists.txt +++ b/cipher/CMakeLists.txt @@ -7,6 +7,7 @@ find_package (GTest REQUIRED) add_library (encfs-cipher readpassphrase.cpp + BlockCipher.cpp Cipher.cpp CipherKey.cpp MemoryPool.cpp diff --git a/cipher/Cipher.cpp b/cipher/Cipher.cpp index 2d208c0..b84684e 100644 --- a/cipher/Cipher.cpp +++ b/cipher/Cipher.cpp @@ -21,22 +21,24 @@ #include "base/config.h" #include "cipher/Cipher.h" -#include "base/Interface.h" -#include "base/Range.h" -#include "base/base64.h" - #include #include #include #include +#include "base/Interface.h" +#include "base/Range.h" +#include "base/base64.h" + // for static build. Need to reference the modules which are registered at // run-time, to ensure that the linker doesn't optimize them away. -#include "NullCipher.h" -#include "SSL_Cipher.h" +#include "cipher/NullCipher.h" +#include "cipher/SSL_Cipher.h" using namespace std; +namespace encfs { + #define REF_MODULE(TYPE) \ if( !TYPE::Enabled() ) \ cerr << "referenceModule: should never happen\n"; @@ -180,7 +182,7 @@ Cipher::~Cipher() { } -unsigned int Cipher::MAC_32( const unsigned char *src, int len, +unsigned int Cipher::MAC_32( const byte *src, int len, const CipherKey &key, uint64_t *chainedIV ) const { uint64_t mac64 = MAC_64( src, len, key, chainedIV ); @@ -190,7 +192,7 @@ unsigned int Cipher::MAC_32( const unsigned char *src, int len, return mac32; } -unsigned int Cipher::MAC_16( const unsigned char *src, int len, +unsigned int Cipher::MAC_16( const byte *src, int len, const CipherKey &key, uint64_t *chainedIV ) const { uint64_t mac64 = MAC_64( src, len, key, chainedIV ); @@ -205,12 +207,12 @@ string Cipher::encodeAsString(const CipherKey &key, const CipherKey &encodingKey ) { int encodedKeySize = this->encodedKeySize(); - unsigned char *keyBuf = new unsigned char[ encodedKeySize ]; + byte *keyBuf = new byte[ encodedKeySize ]; this->writeKey( key, keyBuf, encodingKey ); int b64Len = B256ToB64Bytes( encodedKeySize ); - unsigned char *b64Key = new unsigned char[ b64Len + 1 ]; + byte *b64Key = new byte[ b64Len + 1 ]; changeBase2( keyBuf, encodedKeySize, 8, b64Key, b64Len, 6 ); @@ -225,3 +227,4 @@ bool Cipher::hasStreamMode() const return true; } +} // namespace encfs diff --git a/cipher/Cipher.h b/cipher/Cipher.h index 8b0795d..229dffb 100644 --- a/cipher/Cipher.h +++ b/cipher/Cipher.h @@ -24,11 +24,14 @@ #include "cipher/CipherKey.h" #include "base/Interface.h" #include "base/Range.h" +#include "base/types.h" #include #include #include +namespace encfs { + /* Mostly pure virtual interface defining operations on a cipher. @@ -91,7 +94,7 @@ public: // milliseconds the password derivation function should take to run. virtual CipherKey newKey(const char *password, int passwdLength, int &iterationCount, long desiredFunctionDuration, - const unsigned char *salt, int saltLen) =0; + const byte *salt, int saltLen) =0; // deprecated - for backward compatibility virtual CipherKey newKey(const char *password, int passwdLength ) =0; @@ -100,11 +103,11 @@ public: virtual CipherKey newRandomKey() =0; // data must be len encodedKeySize() - virtual CipherKey readKey(const unsigned char *data, + virtual CipherKey readKey(const byte *data, const CipherKey &encodingKey, bool checkKey = true) =0; - virtual void writeKey(const CipherKey &key, unsigned char *data, + virtual void writeKey(const CipherKey &key, byte *data, const CipherKey &encodingKey) =0; virtual std::string encodeAsString(const CipherKey &key, @@ -124,37 +127,39 @@ public: // The data may be pseudo random and might not be suitable for key // generation. For generating keys, uses newRandomKey() instead. // Returns true on success, false on failure. - virtual bool randomize( unsigned char *buf, int len, + virtual bool randomize( byte *buf, int len, bool strongRandom ) const =0; // 64 bit MAC of the data with the given key - virtual uint64_t MAC_64( const unsigned char *src, int len, + virtual uint64_t MAC_64( const byte *src, int len, const CipherKey &key, uint64_t *chainedIV = 0 ) const =0; // based on reductions of MAC_64 - unsigned int MAC_32( const unsigned char *src, int len, + unsigned int MAC_32( const byte *src, int len, const CipherKey &key, uint64_t *chainedIV = 0 ) const; - unsigned int MAC_16( const unsigned char *src, int len, + unsigned int MAC_16( const byte *src, int len, const CipherKey &key, uint64_t *chainedIV = 0 ) const; // functional interfaces /* Stream encoding of data in-place. The stream data can be any length. */ - virtual bool streamEncode( unsigned char *data, int len, + virtual bool streamEncode( byte *data, int len, uint64_t iv64, const CipherKey &key) const=0; - virtual bool streamDecode( unsigned char *data, int len, + virtual bool streamDecode( byte *data, int len, uint64_t iv64, const CipherKey &key) const=0; /* Block encoding of data in-place. The data size should be a multiple of the cipher block size. */ - virtual bool blockEncode(unsigned char *buf, int size, + virtual bool blockEncode(byte *buf, int size, uint64_t iv64, const CipherKey &key) const=0; - virtual bool blockDecode(unsigned char *buf, int size, + virtual bool blockDecode(byte *buf, int size, uint64_t iv64, const CipherKey &key) const=0; }; +} // namespace encfs + #endif diff --git a/cipher/CipherKey.cpp b/cipher/CipherKey.cpp index 01b9a3f..6512466 100644 --- a/cipher/CipherKey.cpp +++ b/cipher/CipherKey.cpp @@ -20,6 +20,8 @@ #include "cipher/CipherKey.h" +namespace encfs { + AbstractCipherKey::AbstractCipherKey() { } @@ -28,3 +30,5 @@ AbstractCipherKey::~AbstractCipherKey() { } +} // namespace encfs + diff --git a/cipher/CipherKey.h b/cipher/CipherKey.h index 9c1490b..62edaf0 100644 --- a/cipher/CipherKey.h +++ b/cipher/CipherKey.h @@ -23,6 +23,8 @@ #include "base/shared_ptr.h" +namespace encfs { + class AbstractCipherKey { public: @@ -32,5 +34,7 @@ public: typedef shared_ptr CipherKey; +} // namespace encfs + #endif diff --git a/cipher/MemoryPool.cpp b/cipher/MemoryPool.cpp index d1cd935..5d7793f 100644 --- a/cipher/MemoryPool.cpp +++ b/cipher/MemoryPool.cpp @@ -47,6 +47,8 @@ using namespace std; # include # include +namespace encfs { + static BUF_MEM *allocBlock( int size ) { BUF_MEM *block = BUF_MEM_new( ); @@ -87,7 +89,7 @@ void MemBlock::allocate(int size) } internalData = mem; - data = reinterpret_cast(mem->data); + data = reinterpret_cast(mem->data); VALGRIND_MAKE_MEM_UNDEFINED( data, size ); } @@ -161,4 +163,5 @@ SecureMem::~SecureMem() } } +} // namespace encfs diff --git a/cipher/MemoryPool.h b/cipher/MemoryPool.h index 330e5ce..1fe3b72 100644 --- a/cipher/MemoryPool.h +++ b/cipher/MemoryPool.h @@ -21,19 +21,23 @@ #ifndef _MemoryPool_incl_ #define _MemoryPool_incl_ +#include "base/types.h" + +namespace encfs { + /* Memory Pool for fixed sized objects. Usage: MemBlock mb( size ); // do things with storage in mb.data - unsigned char *buffer = mb.data; + byte *buffer = mb.data; // memblock freed when destructed */ struct MemBlock { - unsigned char *data; + byte *data; void *internalData; MemBlock(); @@ -61,5 +65,7 @@ struct SecureMem ~SecureMem(); }; +} // namespace encfs + #endif diff --git a/cipher/NullCipher.cpp b/cipher/NullCipher.cpp index 867328b..7af4a10 100644 --- a/cipher/NullCipher.cpp +++ b/cipher/NullCipher.cpp @@ -28,6 +28,7 @@ using namespace std; +namespace encfs { static Interface NullInterface = makeInterface( "nullCipher", 1, 0, 0 ); static Range NullKeyRange(0); @@ -81,7 +82,7 @@ Interface NullCipher::interface() const } CipherKey NullCipher::newKey(const char *, int, - int &, long, const unsigned char *, int ) + int &, long, const byte *, int ) { return gNullKey; } @@ -96,25 +97,25 @@ CipherKey NullCipher::newRandomKey() return gNullKey; } -bool NullCipher::randomize( unsigned char *buf, int len, bool ) const +bool NullCipher::randomize( byte *buf, int len, bool ) const { memset( buf, 0, len ); return true; } -uint64_t NullCipher::MAC_64(const unsigned char *, int , +uint64_t NullCipher::MAC_64(const byte *, int , const CipherKey &, uint64_t *) const { return 0; } -CipherKey NullCipher::readKey( const unsigned char *, +CipherKey NullCipher::readKey( const byte *, const CipherKey &, bool) { return gNullKey; } -void NullCipher::writeKey(const CipherKey &, unsigned char *, +void NullCipher::writeKey(const CipherKey &, byte *, const CipherKey &) { } @@ -142,7 +143,7 @@ int NullCipher::cipherBlockSize() const return 1; } -bool NullCipher::streamEncode( unsigned char *src, int len, +bool NullCipher::streamEncode( byte *src, int len, uint64_t iv64, const CipherKey &key) const { (void)src; @@ -152,7 +153,7 @@ bool NullCipher::streamEncode( unsigned char *src, int len, return true; } -bool NullCipher::streamDecode( unsigned char *src, int len, +bool NullCipher::streamDecode( byte *src, int len, uint64_t iv64, const CipherKey &key) const { (void)src; @@ -162,13 +163,13 @@ bool NullCipher::streamDecode( unsigned char *src, int len, return true; } -bool NullCipher::blockEncode( unsigned char *, int , uint64_t, +bool NullCipher::blockEncode( byte *, int , uint64_t, const CipherKey & ) const { return true; } -bool NullCipher::blockDecode( unsigned char *, int, uint64_t, +bool NullCipher::blockDecode( byte *, int, uint64_t, const CipherKey & ) const { return true; @@ -179,3 +180,4 @@ bool NullCipher::Enabled() return true; } +} // namespace encfs diff --git a/cipher/NullCipher.h b/cipher/NullCipher.h index afe6cb4..e3b815f 100644 --- a/cipher/NullCipher.h +++ b/cipher/NullCipher.h @@ -24,6 +24,8 @@ #include "cipher/Cipher.h" #include "base/Interface.h" +namespace encfs { + /* Implements Cipher interface for a pass-through mode. May be useful for testing, but that's it. @@ -41,16 +43,16 @@ public: // create a new key based on a password virtual CipherKey newKey(const char *password, int passwdLength, int &iterationCount, long desiredDuration, - const unsigned char *salt, int saltLen); + const byte *salt, int saltLen); virtual CipherKey newKey(const char *password, int passwdLength); // create a new random key virtual CipherKey newRandomKey(); // data must be len keySize() - virtual CipherKey readKey(const unsigned char *data, + virtual CipherKey readKey(const byte *data, const CipherKey &encodingKey, bool checkKey); - virtual void writeKey(const CipherKey &key, unsigned char *data, + virtual void writeKey(const CipherKey &key, byte *data, const CipherKey &encodingKey); virtual bool compareKey( const CipherKey &A, const CipherKey &B ) const; @@ -60,27 +62,28 @@ public: virtual int encodedKeySize() const; virtual int cipherBlockSize() const; - virtual bool randomize( unsigned char *buf, int len, + virtual bool randomize( byte *buf, int len, bool strongRandom ) const; - virtual uint64_t MAC_64(const unsigned char *data, int len, + virtual uint64_t MAC_64(const byte *data, int len, const CipherKey &key, uint64_t *chainedIV) const; // functional interfaces - virtual bool streamEncode(unsigned char *in, int len, + virtual bool streamEncode(byte *in, int len, uint64_t iv64, const CipherKey &key) const; - virtual bool streamDecode(unsigned char *in, int len, + virtual bool streamDecode(byte *in, int len, uint64_t iv64, const CipherKey &key) const; - virtual bool blockEncode(unsigned char *buf, int size, + virtual bool blockEncode(byte *buf, int size, uint64_t iv64, const CipherKey &key) const; - virtual bool blockDecode(unsigned char *buf, int size, + virtual bool blockDecode(byte *buf, int size, uint64_t iv64, const CipherKey &key) const; // hack to help with static builds static bool Enabled(); }; +} // namespace encfs #endif diff --git a/cipher/SSL_Cipher.cpp b/cipher/SSL_Cipher.cpp index 8390ad3..d8614ce 100644 --- a/cipher/SSL_Cipher.cpp +++ b/cipher/SSL_Cipher.cpp @@ -43,7 +43,8 @@ #include "base/i18n.h" using namespace std; -using namespace rel; + +namespace encfs { const int MAX_KEYLENGTH = 64; // in bytes (256 bit) const int MAX_IVLENGTH = 16; @@ -65,13 +66,13 @@ inline int MIN(int a, int b) DEPRECATED: this is here for backward compatibilty only. Use PBKDF */ int BytesToKey( int keyLen, int ivLen, const EVP_MD *md, - const unsigned char *data, int dataLen, - unsigned int rounds, unsigned char *key, unsigned char *iv) + const byte *data, int dataLen, + unsigned int rounds, byte *key, byte *iv) { if( data == NULL || dataLen == 0 ) return 0; // OpenSSL returns nkey here, but why? It is a failure.. - unsigned char mdBuf[ EVP_MAX_MD_SIZE ]; + byte mdBuf[ EVP_MAX_MD_SIZE ]; unsigned int mds=0; int addmd =0; int nkey = key ? keyLen : 0; @@ -127,8 +128,8 @@ long time_diff(const timeval &end, const timeval &start) } int SSL_Cipher::TimedPBKDF2(const char *pass, int passlen, - const unsigned char *salt, int saltlen, - int keylen, unsigned char *out, + const byte *salt, int saltlen, + int keylen, byte *out, long desiredPDFTime) { int iter = 1000; @@ -138,7 +139,7 @@ int SSL_Cipher::TimedPBKDF2(const char *pass, int passlen, { gettimeofday( &start, 0 ); int res = PKCS5_PBKDF2_HMAC_SHA1( - pass, passlen, const_cast(salt), saltlen, + pass, passlen, const_cast(salt), saltlen, iter, keylen, out); if(res != 1) return -1; @@ -329,14 +330,14 @@ SSLKey::~SSLKey() pthread_mutex_destroy( &mutex ); } -inline unsigned char* KeyData( const shared_ptr &key ) +inline byte* KeyData( const shared_ptr &key ) { - return (unsigned char *)key->buf.data; + return (byte *)key->buf.data; } -inline unsigned char* IVData( const shared_ptr &key ) +inline byte* IVData( const shared_ptr &key ) { - return (unsigned char *)key->buf.data + key->keySize; + return (byte *)key->buf.data + key->keySize; } void initKey(const shared_ptr &key, const EVP_CIPHER *_blockCipher, @@ -424,7 +425,7 @@ Interface SSL_Cipher::interface() const */ CipherKey SSL_Cipher::newKey(const char *password, int passwdLength, int &iterationCount, long desiredDuration, - const unsigned char *salt, int saltLen) + const byte *salt, int saltLen) { shared_ptr key( new SSLKey( _keySize, _ivLength) ); @@ -446,7 +447,7 @@ CipherKey SSL_Cipher::newKey(const char *password, int passwdLength, // known iteration length if(PKCS5_PBKDF2_HMAC_SHA1( password, passwdLength, - const_cast(salt), saltLen, + const_cast(salt), saltLen, iterationCount, _keySize + _ivLength, KeyData(key)) != 1) { LOG(ERROR) << "openssl error, PBKDF2 failed"; @@ -469,7 +470,7 @@ CipherKey SSL_Cipher::newKey(const char *password, int passwdLength) // now we use BytesToKey, which can deal with Blowfish keys larger then // 128 bits. bytes = BytesToKey( _keySize, _ivLength, EVP_sha1(), - (unsigned char *)password, passwdLength, 16, + (byte *)password, passwdLength, 16, KeyData(key), IVData(key) ); // the reason for moving from EVP_BytesToKey to BytesToKey function.. @@ -482,7 +483,7 @@ CipherKey SSL_Cipher::newKey(const char *password, int passwdLength) { // for backward compatibility with filesystems created with 1:0 bytes = EVP_BytesToKey( _blockCipher, EVP_sha1(), NULL, - (unsigned char *)password, passwdLength, 16, + (byte *)password, passwdLength, 16, KeyData(key), IVData(key) ); } @@ -502,9 +503,9 @@ CipherKey SSL_Cipher::newKey(const char *password, int passwdLength) CipherKey SSL_Cipher::newRandomKey() { const int bufLen = MAX_KEYLENGTH; - unsigned char tmpBuf[ bufLen ]; + byte tmpBuf[ bufLen ]; int saltLen = 20; - unsigned char saltBuf[ saltLen ]; + byte saltBuf[ saltLen ]; if(!randomize(tmpBuf, bufLen, true) || !randomize(saltBuf, saltLen, true)) @@ -532,14 +533,14 @@ CipherKey SSL_Cipher::newRandomKey() Compute a 64-bit check value for the data using HMAC. */ static uint64_t _checksum_64(SSLKey *key, - const unsigned char *data, + const byte *data, int dataLen, uint64_t *chainedIV) { rAssert( dataLen > 0 ); Lock lock( key->mutex ); - unsigned char md[EVP_MAX_MD_SIZE]; + byte md[EVP_MAX_MD_SIZE]; unsigned int mdLen = EVP_MAX_MD_SIZE; HMAC_Init_ex( &key->mac_ctx, 0, 0, 0, 0 ); @@ -548,7 +549,7 @@ static uint64_t _checksum_64(SSLKey *key, { // toss in the chained IV as well uint64_t tmp = *chainedIV; - unsigned char h[8]; + byte h[8]; for(unsigned int i=0; i<8; ++i) { h[i] = tmp & 0xff; @@ -563,9 +564,9 @@ static uint64_t _checksum_64(SSLKey *key, rAssert(mdLen >= 8); // chop this down to a 64bit value.. - unsigned char h[8] = {0,0,0,0,0,0,0,0}; + byte h[8] = {0,0,0,0,0,0,0,0}; for(unsigned int i=0; i<(mdLen-1); ++i) - h[i%8] ^= (unsigned char)(md[i]); + h[i%8] ^= (byte)(md[i]); uint64_t value = (uint64_t)h[0]; for(int i=1; i<8; ++i) @@ -574,7 +575,7 @@ static uint64_t _checksum_64(SSLKey *key, return value; } -bool SSL_Cipher::randomize( unsigned char *buf, int len, +bool SSL_Cipher::randomize( byte *buf, int len, bool strongRandom ) const { // to avoid warnings of uninitialized data from valgrind @@ -597,7 +598,7 @@ bool SSL_Cipher::randomize( unsigned char *buf, int len, return true; } -uint64_t SSL_Cipher::MAC_64( const unsigned char *data, int len, +uint64_t SSL_Cipher::MAC_64( const byte *data, int len, const CipherKey &key, uint64_t *chainedIV ) const { shared_ptr mk = dynamic_pointer_cast(key); @@ -609,13 +610,13 @@ uint64_t SSL_Cipher::MAC_64( const unsigned char *data, int len, return tmp; } -CipherKey SSL_Cipher::readKey(const unsigned char *data, +CipherKey SSL_Cipher::readKey(const byte *data, const CipherKey &masterKey, bool checkKey) { shared_ptr mk = dynamic_pointer_cast(masterKey); rAssert(mk->keySize == _keySize); - unsigned char tmpBuf[ 2 * MAX_KEYLENGTH ]; + byte tmpBuf[ 2 * MAX_KEYLENGTH ]; // First N bytes are checksum bytes. unsigned int checksum = 0; @@ -654,7 +655,7 @@ CipherKey SSL_Cipher::readKey(const unsigned char *data, return key; } -void SSL_Cipher::writeKey(const CipherKey &ckey, unsigned char *data, +void SSL_Cipher::writeKey(const CipherKey &ckey, byte *data, const CipherKey &masterKey) { shared_ptr key = dynamic_pointer_cast(ckey); @@ -665,7 +666,7 @@ void SSL_Cipher::writeKey(const CipherKey &ckey, unsigned char *data, rAssert(mk->keySize == _keySize); rAssert(mk->ivLength == _ivLength); - unsigned char tmpBuf[ 2 * MAX_KEYLENGTH ]; + byte tmpBuf[ 2 * MAX_KEYLENGTH ]; unsigned int bufLen = key->buf.size; rAssert(_keySize + _ivLength == bufLen ); @@ -729,19 +730,19 @@ int SSL_Cipher::cipherBlockSize() const return size; } -void SSL_Cipher::setIVec(unsigned char *ivec, uint64_t seed, +void SSL_Cipher::setIVec(byte *ivec, uint64_t seed, const shared_ptr &key) const { if (iface.major() >= 3) { memcpy( ivec, IVData(key), _ivLength ); - unsigned char md[EVP_MAX_MD_SIZE]; + byte md[EVP_MAX_MD_SIZE]; unsigned int mdLen = EVP_MAX_MD_SIZE; for(int i=0; i<8; ++i) { - md[i] = (unsigned char)(seed & 0xff); + md[i] = (byte)(seed & 0xff); seed >>= 8; } @@ -764,7 +765,7 @@ void SSL_Cipher::setIVec(unsigned char *ivec, uint64_t seed, // could get a victim to store a carefully crafted file, they could later // determine if the victim had the file in encrypted storage (without decrypting // the file). -void SSL_Cipher::setIVec_old(unsigned char *ivec, +void SSL_Cipher::setIVec_old(byte *ivec, unsigned int seed, const shared_ptr &key) const { @@ -795,9 +796,9 @@ void SSL_Cipher::setIVec_old(unsigned char *ivec, } } -static void flipBytes(unsigned char *buf, int size) +static void flipBytes(byte *buf, int size) { - unsigned char revBuf[64]; + byte revBuf[64]; int bytesLeft = size; while(bytesLeft) @@ -814,13 +815,13 @@ static void flipBytes(unsigned char *buf, int size) memset(revBuf, 0, sizeof(revBuf)); } -static void shuffleBytes(unsigned char *buf, int size) +static void shuffleBytes(byte *buf, int size) { for(int i=0; i 0 ); @@ -840,7 +841,7 @@ bool SSL_Cipher::streamEncode(unsigned char *buf, int size, Lock lock( key->mutex ); - unsigned char ivec[ MAX_IVLENGTH ]; + byte ivec[ MAX_IVLENGTH ]; int dstLen=0, tmpLen=0; shuffleBytes( buf, size ); @@ -865,7 +866,7 @@ bool SSL_Cipher::streamEncode(unsigned char *buf, int size, return true; } -bool SSL_Cipher::streamDecode(unsigned char *buf, int size, +bool SSL_Cipher::streamDecode(byte *buf, int size, uint64_t iv64, const CipherKey &ckey) const { rAssert( size > 0 ); @@ -876,7 +877,7 @@ bool SSL_Cipher::streamDecode(unsigned char *buf, int size, Lock lock( key->mutex ); - unsigned char ivec[ MAX_IVLENGTH ]; + byte ivec[ MAX_IVLENGTH ]; int dstLen=0, tmpLen=0; setIVec( ivec, iv64 + 1, key ); @@ -902,7 +903,7 @@ bool SSL_Cipher::streamDecode(unsigned char *buf, int size, } -bool SSL_Cipher::blockEncode(unsigned char *buf, int size, +bool SSL_Cipher::blockEncode(byte *buf, int size, uint64_t iv64, const CipherKey &ckey ) const { rAssert( size > 0 ); @@ -916,7 +917,7 @@ bool SSL_Cipher::blockEncode(unsigned char *buf, int size, Lock lock( key->mutex ); - unsigned char ivec[ MAX_IVLENGTH ]; + byte ivec[ MAX_IVLENGTH ]; int dstLen = 0, tmpLen = 0; setIVec( ivec, iv64, key ); @@ -932,7 +933,7 @@ bool SSL_Cipher::blockEncode(unsigned char *buf, int size, return true; } -bool SSL_Cipher::blockDecode(unsigned char *buf, int size, +bool SSL_Cipher::blockDecode(byte *buf, int size, uint64_t iv64, const CipherKey &ckey ) const { rAssert( size > 0 ); @@ -946,7 +947,7 @@ bool SSL_Cipher::blockDecode(unsigned char *buf, int size, Lock lock( key->mutex ); - unsigned char ivec[ MAX_IVLENGTH ]; + byte ivec[ MAX_IVLENGTH ]; int dstLen = 0, tmpLen = 0; setIVec( ivec, iv64, key ); @@ -971,3 +972,5 @@ bool SSL_Cipher::hasStreamMode() const { return false; } + +} // namespace encfs diff --git a/cipher/SSL_Cipher.h b/cipher/SSL_Cipher.h index 9eb4d1b..1dcd1d6 100644 --- a/cipher/SSL_Cipher.h +++ b/cipher/SSL_Cipher.h @@ -24,12 +24,14 @@ #include "cipher/Cipher.h" #include "base/Interface.h" -class SSLKey; #ifndef EVP_CIPHER struct evp_cipher_st; typedef struct evp_cipher_st EVP_CIPHER; #endif +namespace encfs { +class SSLKey; + /* Implements Cipher interface for OpenSSL's ciphers. @@ -89,17 +91,17 @@ class SSL_Cipher : public Cipher // create a new key based on a password virtual CipherKey newKey(const char *password, int passwdLength, int &iterationCount, long desiredDuration, - const unsigned char *salt, int saltLen); + const byte *salt, int saltLen); // deprecated - for backward compatibility virtual CipherKey newKey(const char *password, int passwdLength); // create a new random key virtual CipherKey newRandomKey(); // data must be len keySize() - virtual CipherKey readKey(const unsigned char *data, + virtual CipherKey readKey(const byte *data, const CipherKey &encodingKey, bool checkKey); - virtual void writeKey(const CipherKey &key, unsigned char *data, + virtual void writeKey(const CipherKey &key, byte *data, const CipherKey &encodingKey); virtual bool compareKey( const CipherKey &A, const CipherKey &B ) const; @@ -111,19 +113,19 @@ class SSL_Cipher : public Cipher virtual bool hasStreamMode() const; - virtual bool randomize( unsigned char *buf, int len, + virtual bool randomize( byte *buf, int len, bool strongRandom ) const; - virtual uint64_t MAC_64( const unsigned char *src, int len, + virtual uint64_t MAC_64( const byte *src, int len, const CipherKey &key, uint64_t *augment ) const; // functional interfaces /* Stream encoding in-place. */ - virtual bool streamEncode(unsigned char *in, int len, + virtual bool streamEncode(byte *in, int len, uint64_t iv64, const CipherKey &key) const; - virtual bool streamDecode(unsigned char *in, int len, + virtual bool streamDecode(byte *in, int len, uint64_t iv64, const CipherKey &key) const; /* @@ -131,9 +133,9 @@ class SSL_Cipher : public Cipher blocks are always expected to begin on a block boundary. See blockSize(). */ - virtual bool blockEncode(unsigned char *buf, int size, + virtual bool blockEncode(byte *buf, int size, uint64_t iv64, const CipherKey &key) const; - virtual bool blockDecode(unsigned char *buf, int size, + virtual bool blockDecode(byte *buf, int size, uint64_t iv64, const CipherKey &key) const; // hack to help with static builds @@ -143,17 +145,19 @@ class SSL_Cipher : public Cipher // number of iterations based on a desired execution time (in microseconds). // Returns the number of iterations applied. static int TimedPBKDF2(const char *pass, int passLen, - const unsigned char *salt, int saltLen, - int keyLen, unsigned char *out, + const byte *salt, int saltLen, + int keyLen, byte *out, long desiredPDFTimeMicroseconds); private: - void setIVec( unsigned char *ivec, uint64_t seed, + void setIVec( byte *ivec, uint64_t seed, const shared_ptr &key ) const; // deprecated - for backward compatibility - void setIVec_old( unsigned char *ivec, unsigned int seed, + void setIVec_old( byte *ivec, unsigned int seed, const shared_ptr &key ) const; }; +} // namespace encfs + #endif diff --git a/cipher/openssl.cpp b/cipher/openssl.cpp index 658ea99..f38e4b0 100644 --- a/cipher/openssl.cpp +++ b/cipher/openssl.cpp @@ -31,6 +31,8 @@ #include #endif +namespace encfs { + unsigned long pthreads_thread_id() { return (unsigned long)pthread_self(); @@ -107,3 +109,4 @@ void openssl_shutdown(bool threaded) pthreads_locking_cleanup(); } +} // namespace encfs diff --git a/cipher/openssl.h b/cipher/openssl.h index a7df0e2..c021c48 100644 --- a/cipher/openssl.h +++ b/cipher/openssl.h @@ -21,9 +21,13 @@ #ifndef _openssl_incl_ #define _openssl_incl_ +namespace encfs { + void openssl_init(bool isThreaded); void openssl_shutdown(bool isThreaded); +} // namespace encfs + #endif diff --git a/encfs/main.cpp b/encfs/main.cpp index b7f2ecb..f331baa 100644 --- a/encfs/main.cpp +++ b/encfs/main.cpp @@ -63,6 +63,9 @@ inline static int MAX(int a, int b) using namespace std; using namespace gnu; +using namespace encfs; + +namespace encfs { // Maximum number of arguments that we're going to pass on to fuse. Doesn't // affect how many arguments we can handle, just how many we can pass on.. @@ -111,6 +114,8 @@ struct EncFS_Args static int oldStderr = STDERR_FILENO; +} // namespace encfs + static void usage(const char *name) { diff --git a/fs/BlockFileIO.cpp b/fs/BlockFileIO.cpp index 2b0632e..5dbd178 100644 --- a/fs/BlockFileIO.cpp +++ b/fs/BlockFileIO.cpp @@ -20,14 +20,16 @@ #include "fs/BlockFileIO.h" -#include "base/config.pb.h" #include "base/Error.h" #include "base/i18n.h" #include "cipher/MemoryPool.h" +#include "fs/fsconfig.pb.h" #include #include +namespace encfs { + template inline Type min( Type A, Type B ) { @@ -424,3 +426,4 @@ int BlockFileIO::blockTruncate( off_t size, FileIO *base ) return res; } +} // namespace encfs diff --git a/fs/BlockFileIO.h b/fs/BlockFileIO.h index 42acd54..4cc8898 100644 --- a/fs/BlockFileIO.h +++ b/fs/BlockFileIO.h @@ -21,8 +21,10 @@ #ifndef _BlockFileIO_incl_ #define _BlockFileIO_incl_ -#include "FileIO.h" -#include "FSConfig.h" +#include "fs/FileIO.h" +#include "fs/FSConfig.h" + +namespace encfs { /* Implements block scatter / gather interface. Requires derived classes to @@ -64,5 +66,7 @@ protected: mutable IORequest _cache; }; +} // namespace encfs + #endif diff --git a/fs/BlockNameIO.cpp b/fs/BlockNameIO.cpp index 69b4f91..3b78f54 100644 --- a/fs/BlockNameIO.cpp +++ b/fs/BlockNameIO.cpp @@ -28,6 +28,8 @@ #include #include +namespace encfs { + static shared_ptr NewBlockNameIO( const Interface &iface, const shared_ptr &cipher, const CipherKey &key ) { @@ -248,3 +250,5 @@ bool BlockNameIO::Enabled() return true; } +} // namespace encfs + diff --git a/fs/BlockNameIO.h b/fs/BlockNameIO.h index 832bad3..cfce608 100644 --- a/fs/BlockNameIO.h +++ b/fs/BlockNameIO.h @@ -26,6 +26,8 @@ #include +namespace encfs { + class Cipher; /* @@ -65,5 +67,7 @@ private: bool _caseSensitive; }; +} // namespace encfs + #endif diff --git a/fs/CMakeLists.txt b/fs/CMakeLists.txt index 22ff52c..2b64e50 100644 --- a/fs/CMakeLists.txt +++ b/fs/CMakeLists.txt @@ -1,9 +1,12 @@ find_package (FUSE REQUIRED) include_directories (${FUSE_INCLUDE_DIR}) +protobuf_generate_cpp (PROTO_SRCS PROTO_HDRS ${Encfs_SOURCE_DIR}/protos/fsconfig.proto) + enable_testing () find_package (GTest) +include_directories (${Encfs_BINARY_DIR}/base) add_library (encfs-fs encfs.cpp Context.cpp diff --git a/fs/CipherFileIO.cpp b/fs/CipherFileIO.cpp index 11dcddf..e2cde83 100644 --- a/fs/CipherFileIO.cpp +++ b/fs/CipherFileIO.cpp @@ -20,16 +20,18 @@ #include "fs/CipherFileIO.h" -#include "base/config.pb.h" #include "base/Error.h" #include "cipher/Cipher.h" #include "cipher/MemoryPool.h" +#include "fs/fsconfig.pb.h" #include #include #include +namespace encfs { + /* Version 3:0 adds support for block-only encryption by adding space for a full block to the file header. @@ -511,3 +513,4 @@ bool CipherFileIO::isWritable() const return base->isWritable(); } +} // namespace encfs diff --git a/fs/CipherFileIO.h b/fs/CipherFileIO.h index efc1dcd..5ebb4e6 100644 --- a/fs/CipherFileIO.h +++ b/fs/CipherFileIO.h @@ -27,6 +27,8 @@ #include +namespace encfs { + class Cipher; /* @@ -95,4 +97,6 @@ private: CipherKey key; }; +} // namespace encfs + #endif diff --git a/fs/Context.cpp b/fs/Context.cpp index b24d06a..af7fc9c 100644 --- a/fs/Context.cpp +++ b/fs/Context.cpp @@ -25,7 +25,7 @@ #include "fs/FileUtils.h" #include "fs/DirNode.h" -using namespace rel; +namespace encfs { EncFS_Context::EncFS_Context() { @@ -173,3 +173,4 @@ void EncFS_Context::eraseNode(const char *path, void *pl) delete ph; } +} // namespace encfs diff --git a/fs/Context.h b/fs/Context.h index 0f470a4..a27da53 100644 --- a/fs/Context.h +++ b/fs/Context.h @@ -33,6 +33,8 @@ using std::tr1::unordered_map; using std::unordered_map; #endif +namespace encfs { + struct EncFS_Args; struct EncFS_Opts; class FileNode; @@ -102,5 +104,7 @@ private: int remountFS( EncFS_Context *ctx ); +} // namespace encfs + #endif diff --git a/fs/DirNode.cpp b/fs/DirNode.cpp index 8a967e0..13aa807 100644 --- a/fs/DirNode.cpp +++ b/fs/DirNode.cpp @@ -39,6 +39,7 @@ #include "fs/Context.h" #include "fs/DirNode.h" #include "fs/FileUtils.h" +#include "fs/fsconfig.pb.h" #include @@ -46,7 +47,8 @@ #include using namespace std; -using namespace rel; + +namespace encfs { class DirDeleter { @@ -814,3 +816,6 @@ int DirNode::unlink( const char *plaintextName ) return res; } + +} // namespace encfs + diff --git a/fs/DirNode.h b/fs/DirNode.h index 0c3a344..8bee674 100644 --- a/fs/DirNode.h +++ b/fs/DirNode.h @@ -36,6 +36,8 @@ #include "fs/NameIO.h" #include "fs/FSConfig.h" +namespace encfs { + class Cipher; class RenameOp; struct RenameEl; @@ -170,4 +172,6 @@ private: shared_ptr naming; }; +} // namespace encfs + #endif diff --git a/fs/FSConfig.h b/fs/FSConfig.h index 75cc003..a351870 100644 --- a/fs/FSConfig.h +++ b/fs/FSConfig.h @@ -25,9 +25,12 @@ #include "base/shared_ptr.h" #include "cipher/CipherKey.h" #include "fs/encfs.h" +#include "fs/fsconfig.pb.h" #include +namespace encfs { + enum ConfigType { Config_None = 0, @@ -42,7 +45,6 @@ enum ConfigType struct EncFS_Opts; class Cipher; class NameIO; -class EncfsConfig; CipherKey getUserKey(const EncfsConfig &config, bool useStdin); CipherKey getUserKey(const EncfsConfig &config, @@ -77,5 +79,7 @@ struct FSConfig typedef shared_ptr FSConfigPtr; +} // namespace encfs + #endif diff --git a/fs/FileIO.cpp b/fs/FileIO.cpp index 3bd226c..7f44bb0 100644 --- a/fs/FileIO.cpp +++ b/fs/FileIO.cpp @@ -18,7 +18,9 @@ * along with this program. If not, see . */ -#include "FileIO.h" +#include "fs/FileIO.h" + +namespace encfs { FileIO::FileIO() { @@ -39,3 +41,4 @@ bool FileIO::setIV( uint64_t iv ) return true; } +} // namespace encfs diff --git a/fs/FileIO.h b/fs/FileIO.h index 0c71213..dca4831 100644 --- a/fs/FileIO.h +++ b/fs/FileIO.h @@ -26,6 +26,8 @@ #include +namespace encfs { + struct IORequest { off_t offset; @@ -82,5 +84,7 @@ private: FileIO &operator = ( const FileIO & ); }; +} // namespace encfs + #endif diff --git a/fs/FileNode.cpp b/fs/FileNode.cpp index fc5cdc8..ca38c61 100644 --- a/fs/FileNode.cpp +++ b/fs/FileNode.cpp @@ -39,19 +39,20 @@ #include "cipher/Cipher.h" #include "cipher/MemoryPool.h" +#include "fs/CipherFileIO.h" +#include "fs/DirNode.h" +#include "fs/FileIO.h" #include "fs/FileNode.h" #include "fs/FileUtils.h" -#include "fs/CipherFileIO.h" -#include "fs/RawFileIO.h" #include "fs/MACFileIO.h" -#include "fs/DirNode.h" - -#include "fs/FileIO.h" +#include "fs/RawFileIO.h" +#include "fs/fsconfig.pb.h" #include using namespace std; -using namespace rel; + +namespace encfs { /* TODO: locking at the FileNode level is inefficient, since this precludes @@ -301,3 +302,4 @@ int FileNode::sync(bool datasync) return fh; } +} // namespace encfs diff --git a/fs/FileNode.h b/fs/FileNode.h index c827a89..9bae285 100644 --- a/fs/FileNode.h +++ b/fs/FileNode.h @@ -29,6 +29,8 @@ #include #include +namespace encfs { + class Cipher; class FileIO; class DirNode; @@ -95,6 +97,7 @@ private: }; +} // namespace encfs #endif diff --git a/fs/FileUtils.cpp b/fs/FileUtils.cpp index 28ab025..b8a5a34 100644 --- a/fs/FileUtils.cpp +++ b/fs/FileUtils.cpp @@ -25,10 +25,10 @@ #define _BSD_SOURCE // pick up setenv on RH7.3 #include "fs/encfs.h" +#include "fs/fsconfig.pb.h" #include "base/autosprintf.h" #include "base/config.h" -#include "base/config.pb.h" #include "base/ConfigReader.h" #include "base/Error.h" #include "base/i18n.h" @@ -69,6 +69,8 @@ using namespace std; using namespace gnu; +namespace encfs { + static const int DefaultBlockSize = 2048; // The maximum length of text passwords. If longer are needed, // use the extpass option, as extpass can return arbitrary length binary data. @@ -1674,3 +1676,4 @@ int remountFS(EncFS_Context *ctx) } } +} // namespace encfs diff --git a/fs/FileUtils.h b/fs/FileUtils.h index 83b4f56..bbcdfa4 100644 --- a/fs/FileUtils.h +++ b/fs/FileUtils.h @@ -26,6 +26,8 @@ #include "fs/encfs.h" #include "fs/FSConfig.h" +namespace encfs { + // true if the path points to an existing node (of any type) bool fileExists( const char *fileName ); // true if path is a directory @@ -131,4 +133,6 @@ bool readV6Config( const char *configFile, EncfsConfig &config, bool readProtoConfig( const char *configFile, EncfsConfig &config, struct ConfigInfo *); + +} // namespace encfs #endif diff --git a/fs/MACFileIO.cpp b/fs/MACFileIO.cpp index 430464b..95c4aa7 100644 --- a/fs/MACFileIO.cpp +++ b/fs/MACFileIO.cpp @@ -19,8 +19,8 @@ */ #include "fs/MACFileIO.h" +#include "fs/fsconfig.pb.h" -#include "base/config.pb.h" #include "base/Error.h" #include "base/i18n.h" #include "cipher/MemoryPool.h" @@ -32,6 +32,8 @@ using namespace std; +namespace encfs { + // // Version 1.0 worked on blocks of size (blockSize + headerSize). // That is, it took [blockSize] worth of user data and added headers. @@ -293,3 +295,5 @@ bool MACFileIO::isWritable() const { return base->isWritable(); } + +} // namespace encfs diff --git a/fs/MACFileIO.h b/fs/MACFileIO.h index 0a27709..bf73f67 100644 --- a/fs/MACFileIO.h +++ b/fs/MACFileIO.h @@ -24,6 +24,8 @@ #include "cipher/Cipher.h" #include "fs/BlockFileIO.h" +namespace encfs { + class MACFileIO : public BlockFileIO { public: @@ -63,5 +65,7 @@ private: bool warnOnly; }; +} // namespace encfs + #endif diff --git a/fs/MemBlockFileIO.cpp b/fs/MemBlockFileIO.cpp index 5192f79..dd85989 100644 --- a/fs/MemBlockFileIO.cpp +++ b/fs/MemBlockFileIO.cpp @@ -24,6 +24,8 @@ #include +namespace encfs { + static Interface MemBlockFileIO_iface = makeInterface("FileIO/MemBlock", 1, 0, 0); @@ -74,3 +76,4 @@ bool MemBlockFileIO::isWritable() const { return impl->isWritable(); } +} // namespace encfs diff --git a/fs/MemBlockFileIO.h b/fs/MemBlockFileIO.h index 82f8484..b1bf64e 100644 --- a/fs/MemBlockFileIO.h +++ b/fs/MemBlockFileIO.h @@ -27,6 +27,8 @@ #include #include +namespace encfs { + class MemFileIO; class MemBlockFileIO : public BlockFileIO { @@ -55,5 +57,7 @@ class MemBlockFileIO : public BlockFileIO { MemFileIO *impl; }; +} // namespace encfs + #endif diff --git a/fs/MemFileIO.cpp b/fs/MemFileIO.cpp index d24e583..0ca5a5b 100644 --- a/fs/MemFileIO.cpp +++ b/fs/MemFileIO.cpp @@ -25,6 +25,8 @@ #include +namespace encfs { + static Interface MemFileIO_iface = makeInterface("FileIO/Mem", 1, 0, 0); MemFileIO* NewMemFileIO(const Interface& iface) { @@ -104,3 +106,4 @@ bool MemFileIO::isWritable() const { return writable; } +} // namespace encfs diff --git a/fs/MemFileIO.h b/fs/MemFileIO.h index 894f229..804a107 100644 --- a/fs/MemFileIO.h +++ b/fs/MemFileIO.h @@ -22,11 +22,13 @@ #ifndef _MEMFILEIO_incl_ #define _MEMFILEIO_incl_ -#include "FileIO.h" +#include "fs/FileIO.h" #include #include +namespace encfs { + class MemFileIO : public FileIO { public: MemFileIO(int size); @@ -54,5 +56,7 @@ class MemFileIO : public FileIO { bool writable; }; +} // namespace encfs + #endif diff --git a/fs/NameIO.cpp b/fs/NameIO.cpp index a3795ff..0ec1b2f 100644 --- a/fs/NameIO.cpp +++ b/fs/NameIO.cpp @@ -36,6 +36,8 @@ using namespace std; +namespace encfs { + #define REF_MODULE(TYPE) \ do { \ if(!TYPE::Enabled() ) \ @@ -336,3 +338,6 @@ std::string NameIO::decodeName( const char *path, int length ) const _encodeName( path, length ) : _decodeName( path, length ); } + +} // namespace encfs + diff --git a/fs/NameIO.h b/fs/NameIO.h index 7761a06..d5344dd 100644 --- a/fs/NameIO.h +++ b/fs/NameIO.h @@ -29,6 +29,8 @@ #include "base/Interface.h" #include "cipher/CipherKey.h" +namespace encfs { + class Cipher; class NameIO @@ -137,6 +139,7 @@ do { \ } \ } while(0) +} // namespace encfs #endif diff --git a/fs/NullNameIO.cpp b/fs/NullNameIO.cpp index d3295c1..deeb2a6 100644 --- a/fs/NullNameIO.cpp +++ b/fs/NullNameIO.cpp @@ -24,6 +24,8 @@ #include +namespace encfs { + static shared_ptr NewNNIO( const Interface &, const shared_ptr &, const CipherKey & ) { @@ -82,3 +84,5 @@ bool NullNameIO::Enabled() return true; } +} // namespace encfs + diff --git a/fs/NullNameIO.h b/fs/NullNameIO.h index 2f37bab..3f1f1f1 100644 --- a/fs/NullNameIO.h +++ b/fs/NullNameIO.h @@ -21,7 +21,9 @@ #ifndef _NullNameIO_incl_ #define _NullNameIO_incl_ -#include "NameIO.h" +#include "fs/NameIO.h" + +namespace encfs { class NullNameIO : public NameIO { @@ -47,6 +49,7 @@ protected: private: }; +} // namespace encfs #endif diff --git a/fs/RawFileIO.cpp b/fs/RawFileIO.cpp index a46e916..4b15743 100644 --- a/fs/RawFileIO.cpp +++ b/fs/RawFileIO.cpp @@ -37,6 +37,8 @@ using namespace std; +namespace encfs { + static Interface RawFileIO_iface = makeInterface("FileIO/Raw", 1, 0, 0); FileIO *NewRawFileIO( const Interface &iface ) @@ -328,3 +330,6 @@ bool RawFileIO::isWritable() const { return canWrite; } + +} // namespace encfs + diff --git a/fs/RawFileIO.h b/fs/RawFileIO.h index b2c58a9..dc7c7ab 100644 --- a/fs/RawFileIO.h +++ b/fs/RawFileIO.h @@ -21,10 +21,12 @@ #ifndef _RawFileIO_incl_ #define _RawFileIO_incl_ -#include "FileIO.h" +#include "fs/FileIO.h" #include +namespace encfs { + class RawFileIO : public FileIO { public: @@ -60,5 +62,7 @@ protected: bool canWrite; }; +} // namespace encfs + #endif diff --git a/fs/StreamNameIO.cpp b/fs/StreamNameIO.cpp index d03df64..df9b18a 100644 --- a/fs/StreamNameIO.cpp +++ b/fs/StreamNameIO.cpp @@ -30,6 +30,8 @@ using namespace std; +namespace encfs { + static shared_ptr NewStreamNameIO( const Interface &iface, const shared_ptr &cipher, const CipherKey &key) { @@ -204,3 +206,5 @@ bool StreamNameIO::Enabled() return true; } +} // namespace encfs + diff --git a/fs/StreamNameIO.h b/fs/StreamNameIO.h index 9ff40a3..5238cda 100644 --- a/fs/StreamNameIO.h +++ b/fs/StreamNameIO.h @@ -24,6 +24,8 @@ #include "cipher/CipherKey.h" #include "fs/NameIO.h" +namespace encfs { + class Cipher; class StreamNameIO : public NameIO @@ -54,6 +56,7 @@ private: CipherKey _key; }; +} // namespace encfs #endif diff --git a/fs/encfs.cpp b/fs/encfs.cpp index e41620d..500acb6 100644 --- a/fs/encfs.cpp +++ b/fs/encfs.cpp @@ -60,14 +60,14 @@ using namespace std; #include +namespace encfs { + #ifndef MIN #define MIN(a,b) (((a)<(b)) ? (a): (b)) #endif #define ESUCCESS 0 -using rel::Lock; - #define GET_FN(ctx, finfo) ctx->getNode((void*)(uintptr_t)finfo->fh) static EncFS_Context * context() @@ -789,5 +789,7 @@ int encfs_removexattr( const char *path, const char *name ) return withCipherPath( "removexattr", path, _do_removexattr, name ); } +} // namespace encfs + #endif // HAVE_XATTR diff --git a/fs/encfs.h b/fs/encfs.h index 912e9fd..d380185 100644 --- a/fs/encfs.h +++ b/fs/encfs.h @@ -57,6 +57,8 @@ static __inline int setfsgid(gid_t gid) } #endif +namespace encfs { + int encfs_getattr(const char *path, struct stat *stbuf); int encfs_fgetattr(const char *path, struct stat *stbuf, struct fuse_file_info *fi); @@ -105,5 +107,7 @@ int encfs_removexattr( const char *path, const char *name ); int encfs_utimens( const char *path, const struct timespec ts[2] ); +} // namespace encfs + #endif diff --git a/fs/test.cpp b/fs/test.cpp index f7c9af4..c1a0c1d 100644 --- a/fs/test.cpp +++ b/fs/test.cpp @@ -56,6 +56,8 @@ using std::unordered_set; using namespace std; +namespace encfs { + const int FSBlockSize = 256; static @@ -552,5 +554,5 @@ int main(int argc, char *argv[]) return 0; } - +} // namespace encfs diff --git a/fs/test_BlockIO.cpp b/fs/test_BlockIO.cpp index c81462e..b5f529c 100644 --- a/fs/test_BlockIO.cpp +++ b/fs/test_BlockIO.cpp @@ -30,6 +30,8 @@ #include "fs/MemFileIO.h" #include "fs/MemBlockFileIO.h" +using namespace encfs; + namespace { TEST(BlockFileIOTest, BasicIO) { @@ -63,5 +65,5 @@ TEST(BlockFileIOTest, BasicIO) { ASSERT_NO_FATAL_FAILURE(compare(&base, &block, 0, 1024)); } -} // namespace +} // namespace encfs diff --git a/fs/test_IO.cpp b/fs/test_IO.cpp index a89317e..5efe7cf 100644 --- a/fs/test_IO.cpp +++ b/fs/test_IO.cpp @@ -33,6 +33,8 @@ #include "fs/MACFileIO.h" #include "fs/MemFileIO.h" +using namespace encfs; + namespace { TEST(MemIOTest, BasicIO) { diff --git a/fs/testing.cpp b/fs/testing.cpp index 819f7d5..c3288cf 100644 --- a/fs/testing.cpp +++ b/fs/testing.cpp @@ -30,13 +30,16 @@ #include "cipher/Cipher.h" #include "cipher/MemoryPool.h" -#include "fs/MemFileIO.h" -#include "fs/FileUtils.h" #include "fs/FSConfig.h" +#include "fs/fsconfig.pb.h" +#include "fs/FileUtils.h" #include "fs/MACFileIO.h" +#include "fs/MemFileIO.h" using namespace std; +namespace encfs { + FSConfigPtr makeConfig(const shared_ptr& cipher, int blockSize) { FSConfigPtr cfg = FSConfigPtr(new FSConfig); cfg->cipher = cipher; @@ -169,3 +172,5 @@ int main(int argc, char **argv) { return RUN_ALL_TESTS(); } +} // namespace encfs + diff --git a/fs/testing.h b/fs/testing.h index a4aeec3..ab291cf 100644 --- a/fs/testing.h +++ b/fs/testing.h @@ -7,6 +7,8 @@ #include "fs/FileUtils.h" #include "fs/FSConfig.h" +namespace encfs { + class FileIO; FSConfigPtr makeConfig(const shared_ptr& cipher, int blockSize); @@ -19,5 +21,7 @@ void comparisonTest(FSConfigPtr& cfg, FileIO* a, FileIO* b); void compare(FileIO* a, FileIO* b, int offset, int len); +} // namespace encfs + #endif diff --git a/base/config.proto b/protos/fsconfig.proto similarity index 70% rename from base/config.proto rename to protos/fsconfig.proto index 28b1bad..5d34f94 100644 --- a/base/config.proto +++ b/protos/fsconfig.proto @@ -1,4 +1,10 @@ +package encfs; + +option optimize_for = CODE_SIZE; + +import "interface.proto"; + message EncfsConfig { optional string creator = 1; @@ -34,15 +40,3 @@ message EncryptedKey optional int32 kdf_duration = 11 [default=500]; } -message Interface -{ - required string name = 1; - required uint32 major = 2; // major version number - required uint32 minor = 3; // minor version number - - // Age indicates number of major versions supported. 0 means no backward - // compatibility. See libtool "updating version information" for more - // details on how major/minor/age are used for versioning libraries. - optional uint32 age = 4; -} - diff --git a/protos/interface.proto b/protos/interface.proto new file mode 100644 index 0000000..3fb88fb --- /dev/null +++ b/protos/interface.proto @@ -0,0 +1,17 @@ + +package encfs; + +option optimize_for = CODE_SIZE; + +message Interface +{ + required string name = 1; + required uint32 major = 2; // major version number + required uint32 minor = 3; // minor version number + + // Age indicates number of major versions supported. 0 means no backward + // compatibility. See libtool "updating version information" for more + // details on how major/minor/age are used for versioning libraries. + optional uint32 age = 4; +} + diff --git a/util/encfsctl.cpp b/util/encfsctl.cpp index 8b89113..1357fc8 100644 --- a/util/encfsctl.cpp +++ b/util/encfsctl.cpp @@ -48,7 +48,7 @@ using namespace std; using namespace gnu; - +using namespace encfs; static int showInfo( int argc, char **argv ); static int showVersion( int argc, char **argv );