Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Request for comments: Allow more than one encrypted master key #760

Open
wants to merge 25 commits into
base: master
Choose a base branch
from
Open

Request for comments: Allow more than one encrypted master key #760

wants to merge 25 commits into from
+712 −150

Conversation

aanno
Copy link

@aanno aanno commented Jun 25, 2023
edited
Loading

Hello,

I've hacked a fix to #748. This is not ready for merge. But before putting more work into this, I need some feedback.

So long, gocryptfs only allows one instance of the encrypted master key. (Decryption could be done with a passphrase or by using a (modern) FIDO2 device.)

I hacked the gocryptfs.conf configuration format from v2 to v3. The new format supports (a) several instances of the encrypted master key and (b) several instances of the FIDO2 device details. v2 could be easily converted to v3.

Omissions:

  1. No documentation.
  2. Around 9% of the tests still fail (mostly tests that rely on the v2 format).
  3. No new tests for the new features.

Usage

# init a new crypted fs
gocryptfs -init -user user cipher
# add another user/password instance
gocryptfs -user user -add-user testuser cipher
# use it
gocryptfs -user testuser cipher mnt

# add FIDO2 device
gocryptfs -user testuser -add-fido2 /dev/hidraw3 -add-fido2-name solo cipher
# use FIDO2 device
gocryptfs -fido2 /dev/hidraw3 -fido2-name solo cipher mnt
umount cipher
# delete FIDO2 device
gocryptfs -user user -delete-fido2-name solo cipher

Is that anything gocryptfs could consider to merge when ready?

Kind regards,

aanno

aanno added 25 commits June 24, 2023 18:49
@aanno
changed configfile layout, introduced DefaultKey
93baadf
@aanno
new flags, implement user for -init
48f7d09
@aanno
addUser implemented
b0938fb
@aanno
better vscode support
465402f
@aanno
deleteUser
84a1e28
@aanno
fixes
24e4f9d
@aanno
introduced initializeScryptObjectIfNeeded and fixed mount with more t…
b3dd88a 
…han one user
@aanno
simple fido2 only support working again
ad453be
@aanno
support for fido2 init and add-user afterwards
33c659c
@aanno
fido2: no more need to use cipherdir as user name
4989c56
@aanno
towards support for adding fido2 device
0178dce
@aanno
support for adding fido2 device
2aca393
@aanno
rename flags more consistent
98e5c7c
@aanno
fixes
f252940
@aanno
support deleting FIDO2 devices
920faee
@aanno
test complie fixes
4c6e335
@aanno
tests compile again
9ab00e7
@aanno
2 folders: config_test.v2 and config_test.v3
1ee0f19
@aanno
changed test conf files
403fa27
@aanno
test fixes
67d7b3a
@aanno
more conf fixes
0f7a6b0
@aanno
1 test fix
de7d73a
@aanno
fixes
30e80a6
@aanno
test fixes
b72fe55
@aanno
more test fixes
2359b2c
@rfjakob
Copy link
Owner

rfjakob commented Jul 1, 2023

Hi, thanks for the PR! I understand the need, but I am afraid of the complexity and the format change.

Maybe this could be done by having multiple copies of gocryptfs.conf ? Like, gocryptfs.user1.conf etc. This would work already today using the -config= flag, but could be made more userfriendly by adding -user= as you suggested, though I would call it `keyslot" to match what LUKS does.

@schlomie
Copy link

schlomie commented Jun 6, 2024

This does work already. The only UX improvement I would recommend is prompting the user for the masterkey (to recreate the config file) instead of accepting it on stdin - as to not expose the masterkey to buffer and history.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aanno @rfjakob @schlomie