This commit implements support for externalIvChaining in
EncFSInputStream and EncFSOutputStream which causes a file's volume path
to change the initialization vector (IV) which is used for encrypting
and decrypting the file contents.
EncFSLocalFileProvider.delete() was only deleting a directory if it was
completely empty. It is more functional to just recursively delete
everything under a directory if its not empty.
* EncFSFileInputStream now extends FilterInputStream
* EncFSFileOutputStream now extends FilterOutputStream
* EncFSInputStream now extends FilterInputStream
EncFSOutputStream was already using FilterOutputStream.
Unfortunate to have to do this, but with the new version of git diff
explicitly showing CRLF as ^M this was starting to get annoying. We
shall use Unix newline style in encfs-java going forward.
BoxCryptor uses an unencrypted name algorithm to encrypt file contents
without encrypting filenames. This change implements this algorithm
and adds a unit test. Thanks 1jr for requesting this and providing
test cases.
Also added a volume integration test for this algorithm.
uniqueIV just generates a bunch of random bytes in the file header so
we can use fileProvider.copy() which is more efficient for most file
providers rather than doing a full stream read/write copy.
With network based file providers it is possible for the input stream's
read() function to return before reading a full block. The current code
treated such partial reads incorrectly by using stream decoding to
decode them. Fix is to keep reading until we either read a full block
or we hit the end of the input stream.
Unfortunately some network storage systems such as Dropbox require
length of the file before opening an upload request so we need to
plumb file length all throughout the OutputStream creation. It is
optional for EncFSLocalFileProvider, but it is good practice to
supply this parameter whenever possible.
copyPath() movePath() and deletePath() now take an optional
EncFSProgressListener in order to post progress events. This is useful
for displaying progress of long running operations.
Stream name decoding with chained name IV was broken because chained
name IV computation was unconditionally padding each path element
whereas that should only be done for block name I/O algorithm. Fix
uses each path element as is for chained IV computation with stream
name algorithm.
Also added an integration test case containing a volume created with
encfs 1.7.4 that uses stream name algorithm and chained name IV
with a directory and a test file in that directory to exercise the
path that fails without this commit.
Previous implementation didn't work if dstPath was an existing
directory, fix the implementation to move srcPath under dstPath
if dstPath exists and is a directory.
When copying a directory recursively we should manually
perform the recursion since EncFSFileProvider.copy()
interface doesn't allow recursive copies.
Also, we should update dstPath with the newly created
directory to copy/move stuff from srcPath into it.
Implemented recursive directory deletion support controlled by a
boolean option in EncFSVolume.deletePath(). Extended the EncFSShell
'rm' command to make use of this functionality and added a test
case to EncFSVolumeTest to exercise recursive deletion of a
non-empty directory path.
There was a bug in EncFSVolume.movePath() that caused recursive moves
in the case of ChainedNameIV configurations to fail. Also improved
rollback handling in the case of an error during the recursive move
by trying to delete the newly created directories.
Added a FileNotFoundException to EncFSLocalFileProvider.move()
implementation as well.
Made EncFSLocalFileProvider.mkdir() throw a FileNotFoundException
if one or more path elements aren't found. Also modified
EncFSVolume.makeDir to filter this exception to print the
unencrypted path in the exception message.
Noticed we're doing full InputStream->OutputStream copies quite a bit
around the code, so this commit adds a utility function for that and
calls it from everywhere.
This is a massive commit serving a few purposes:
* Unify code formatting and style to conform to Eclipse formatting. We
will use this formatting from now on for all new code to have a
uniform codebase.
* Clean up API naming and remove redundancies. I've renamed a lot of
API functions to promote coherence across the codebase. I've also
removed some redundant API's to promote best practices.
* Improve JavaDoc coverage. This commit documents all public methods
within the library itself.
* Fix JavaDoc warnings.
The extra copy in EncFSInputStream wasn't necessary. Unfortunately the
copy in EncFSOutputStream can't be averted, but this commit moves it to
be in streamEncode() itself.
This commit implements the blockMACBytes and blockMACRandBytes options
that cause a header to be inserted in front of every file block
containing a MAC of the block (and optionally some random data).
Added support to EncFSConfig, EncFSConfigParser and EncFSConfigWriter
to recognize these options. Implemented the MAC computation,
verification and insertion in EncFSInputStream and EncFSOutputStream.
Added a new test volume configured with 8 bytes of MAC and 8 bytes of
random bytes as 'testvol-blockmac', and extended EncFSVolumeTest to
include a long file test that verifies the MAC computations.
