Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Decrypt filenames from reverse mount without gocryptfs.diriv #753

Open
skius opened this issue Jun 3, 2023 · 1 comment
Open

Decrypt filenames from reverse mount without gocryptfs.diriv #753

skius opened this issue Jun 3, 2023 · 1 comment

Comments

@skius
Copy link

skius commented Jun 3, 2023

I was just playing around with this and didn't see it documented anywhere, so I figured posting here might help someone:

If you have an encrypted backup of your files created using the reverse option (I believe this implies feature flags DirIV and AESSIV among others), you have lost your original plaintext files, and for some reason your gocryptfs.diriv files are missing from the encrypted backup, you can still recover their filenames.

  1. Create directories recovered, recovered-enc, backup, backup-decrypted
  2. Copy the encrypted backup files (the ones where the gocryptfs.diriv are missing) into backup
  3. Using the same mount options and config as your original reverse mount, reverse mount recovered to recovered-enc
  4. Copy recovered-enc/gocryptfs.diriv to backup/
  5. Using the same config, but forward mount options, mount backup to backup-decrypted
  6. You should see one level of decrypted files, but you will probably see errors when looking into subdirectories
  7. Repeat the following steps for all folders:
  8. Create a folder of the same name as the ones in backup-decrypted (i.e., your original folder names) in recovered
  9. You should see an encrypted folder in recovered-enc appear with the same name as one in backup
  10. Copy the gocryptfs.diriv file from that encrypted folder in recovered-enc/<encrypted_folder>/gocryptfs.diriv to backup/<encrypted_folder>/
  11. The filenames in that folder should now be decrypted in backup-decrypted

All filenames should be recoverable this way.

My feature request to the authors: (assuming I didn't miss such an option) it would be great if we could "regenerate" such gocryptfs.diriv files from a "broken" (i.e., missing gocryptfs.diriv files) backup of a reverse mount natively from within gocryptfs (or some helper tool).

I suppose at that point the question becomes: Why do the gocryptfs.diriv files even exist for a reverse mount? If it's possible to recover the original filenames with just the config + password, what additional security do they provide? Is it just for performance reasons?

@yahesh
Copy link
Contributor

yahesh commented Feb 23, 2024

Interesting find. I would have expected the DIRIV to actually be randomly generated but as it seems, it's just the sha256 hash of the corresponding path name (with the base folder being some static string): https://github.com/rfjakob/gocryptfs/blob/master/internal/pathiv/pathiv.go#L26-L31

Due to these coincidences it's possible to recursively re-generate the DIRIV files.

This also leads to the gocryptfs.diriv file in the base folders of different gocryptfs mounts to be identical even with different master keys. The DIRIV only starts to differ at the first subfolder level.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants