static int encfs_open(const char *path, struct fuse_file_info *fi)
{
int res;
char fpath[PATH_MAX]; // Full buffer to pass to static function
dj_fullpath(fpath, path);
bool is_encrypted = IsEncrypted(fpath);
if(is_encrypted) {
res = open(fpath, fi->flags);
if (res == -1)
return -errno;
close(res);
} else {
res = open(fpath, fi->flags);
if (res == -1)
return -errno;
close(res);
}
return 0;
}
CFStringRef _FSCopyLocalizedNameForVolumeFormatAtNode(CFStringRef devnode)
{
CFStringRef formatName = NULL;
char devnodename[MAXPATHLEN + 1];
char fsname[MAX_FSNAME];
int fssubtype = 0;
/* convert CFStringRef devnode to CSTR */
if (true == CFStringGetCString(devnode, devnodename, MAXPATHLEN + 1, kCFStringEncodingUTF8)) {
bool encrypted = false;
encrypted = IsEncrypted(devnodename);
/* get fsname and fssubtype */
memset(fsname, MAX_FSNAME, 0);
if (getfstype(devnodename, fsname, &fssubtype) == true) {
/* get unlocalized string */
CFStringRef fsType = CFStringCreateWithCString(NULL, fsname, kCFStringEncodingASCII);
formatName = FSCopyFormatNameForFSType(fsType, fssubtype, true, encrypted);
CFRelease(fsType);
}
}
return formatName;
}
CFStringRef _FSCopyNameForVolumeFormatAtURL(CFURLRef url)
{
CFStringRef formatName = NULL;
uint8_t buffer[MAXPATHLEN + 1];
if ((NULL != url) && CFURLGetFileSystemRepresentation(url, true, buffer, MAXPATHLEN)) {
struct statfs fsInfo;
if (statfs((char *)buffer, &fsInfo) == 0) {
CFStringRef fsType = CFStringCreateWithCString(NULL, fsInfo.f_fstypename, kCFStringEncodingASCII);
bool encrypted = false;
encrypted = IsEncrypted(fsInfo.f_mntfromname);
#ifdef _DARWIN_FEATURE_64_BIT_INODE
formatName = FSCopyFormatNameForFSType(fsType, fsInfo.f_fssubtype, false, encrypted);
#else
formatName = FSCopyFormatNameForFSType(fsType, fsInfo.f_reserved1, false, encrypted);
#endif
CFRelease(fsType);
}
}
return formatName;
}
void TestDocuments::TestOpen4WithEncryptedFile(void)
{
CreateTestDocument(TESTRESULT_FILE_OPEN_PROTECTED, TEST_FILE_OPEN_PROTECTED);
assertMessage(IsEncrypted(TESTRESULT_FILE_OPEN_PROTECTED), TESTRESULT_FILE_OPEN_PROTECTED + CStdString(" is not encrypted"));
IMWApplicationPtr spApplication = CreateApplicationObject();
IMWDocuments4Ptr spDocuments = spApplication->Documents;
IMWDocumentPtr spDocument = spDocuments->Open4(TESTRESULT_FILE_OPEN_PROTECTED, L"workshare", L"");
IMWMetadataElementsPtr spElements(CLSID_CMetadataElements);
spElements->SelectAllElements();
spDocument->RemoveMetadata(spElements);
spDocument->Save();
assertMessage(IsEncrypted(TESTRESULT_FILE_OPEN_PROTECTED), TESTRESULT_FILE_OPEN_PROTECTED + CStdString(" is not encrypted after the IMWDocument::Save"));
}
static int encfs_read(const char *path, char *buf, size_t size, off_t offset,
struct fuse_file_info *fi)
{
int res;
(void) fi;
char *key = DJ_DATA->encfs_keyphrase;
char fpath[PATH_MAX]; // Full buffer to pass to static function
dj_fullpath(fpath, path);
bool is_encrypted = IsEncrypted(fpath);
if (key == NULL)
printf("\n\n **** KEY IS NULL **** \n\n");
printf("\n\n***** FILE ENCRYPTED: %d *****\n\n", is_encrypted);
if(is_encrypted)
{
char tpath[PATH_MAX];
tmpFileName(fpath, tpath);
//int td = open(tpath, O_WRONLY);
FILE* realFile = fopen(fpath, "rb");
FILE* tmpFile = fopen(tpath, "wb");
DecryptFile(realFile, tmpFile, key);
//fflush(tmpFile);
//actual_descriptor = dup(fileno(tmpFile));
fclose(realFile);
fclose(tmpFile);
int fd = open(tpath, O_RDONLY);
res = pread(fd, buf, size, offset);
close(fd);
} else {
int rd = open(fpath, O_RDONLY);
if (rd == -1)
return -errno;
res = pread(rd, buf, size, offset);
if (res == -1)
res = -errno;
close(rd);
}
return res;
}
static int encfs_write(const char *path, const char *buf, size_t size,
off_t offset, struct fuse_file_info *fi)
{
int res;
(void) fi;
char fpath[PATH_MAX]; // Full buffer to pass to static function
dj_fullpath(fpath, path);
char *key = DJ_DATA->encfs_keyphrase;
bool is_encrypted = IsEncrypted(fpath);
if (is_encrypted) {
// The solution i see for now involves creating a new buf and size
// Write to the tmp file, Encrypt it, and then read the new file
// Finally, pwrite to the original file using the new buffer and size
char tpath[PATH_MAX];
char tpath01[PATH_MAX];
// Write unencrypted file
tmpFileName(fpath, tpath);
FILE* dec_file = fopen(tpath, "wb");
fprintf(dec_file, "%s", buf);
fflush(dec_file);
// Write encrypted file
tmpFileName(fpath, tpath01);
FILE* enc_file = fopen(tpath01, "wb");
EncryptFile(dec_file, enc_file, key);
fclose(dec_file);
fclose(enc_file);
// Set new buf and
remove(tpath);
int td = open(tpath01, O_RDONLY);
off_t new_size;
new_size = lseek(td, 0, SEEK_END);
lseek(td, 0, SEEK_SET);
char* new_buf = malloc(new_size + 1);
read(td, new_buf, new_size);
close(td);
remove(tpath01);
int fd = open(fpath, O_WRONLY);
if(fd == -1)
return -errno;
// This is where its broken :'(
// In order for unencryption to work, we need to maintain entire blocks
// By encrypting the file, reading the encrypted file, the rewriting to the actual file, we lose some block data
// and thus render decryption impossible.
res = pwrite(fd, new_buf, new_size, offset);
if(res == -1)
return -errno;
close(fd);
//~ char tpath[PATH_MAX];
//~ tmpFileName(fpath, tpath);
//~ int td = open(tpath, O_WRONLY);
//~ res = pwrite(td, buf, size, offset);
//~ close(td);
//~ FILE* tmp = fopen(tpath, "w");
//~ fprintf(tmp, "%s", buf);
//~ fflush(tmp);
//FILE* real = fopen(fpath, "w");
//~ EncryptFile(tmp, real, key);
//fclose(real);
//fclose(tmp);
} else {
int fd = open(fpath, O_WRONLY);
if (fd == -1)
return -errno;
res = pwrite(fd, buf, size, offset);
if (res == -1)
res = -errno;
close(fd);
}
return res;
}
BOOL CXmlFileEx::Decrypt(LPCTSTR szPassword)
{
if (!IsEncrypted())
return TRUE; // nothing to do
// we don't try to decrypt if no encryption capabilities
if (!CanEncrypt())
{
m_nFileError = XFL_NOENCRYPTIONDLL;
return FALSE;
}
// use existing password if required
if (!szPassword)
szPassword = m_sPassword;
CXmlItem* pXI = GetEncryptedBlock();
if (pXI && !pXI->GetSibling())
{
// else keep getting password till success or user cancels
while (TRUE)
{
CString sPassword(szPassword);
if (sPassword.IsEmpty())
{
CString sExplanation(s_sPasswordExplanation);
if (sExplanation.Find(_T("%s")) != -1)
sExplanation.Format(s_sPasswordExplanation, GetFileName());
if (!CPasswordDialog::RetrievePassword(FALSE, sPassword, sExplanation))
{
// RB - Set m_nFileError to avoid "The selected task list could not be opened..." message when cancelling
m_nFileError = XFL_CANCELLED;
return FALSE;
}
}
CString sFile;
if (Decrypt(pXI->GetValue(), sFile, sPassword))
{
m_sPassword = sPassword;
sFile.TrimLeft();
sFile.TrimRight();
sFile = _T("<ROOT>") + sFile + _T("</ROOT>");
// delete the cdata item
m_xiRoot.DeleteItem(pXI);
try
{
CXmlDocumentWrapper doc;
// reparse decrypted xml
if (doc.LoadXML(sFile))
{
CXmlNodeWrapper node(doc.AsNode());
return ParseItem(m_xiRoot, &node);
}
}
catch (...)
{
m_nFileError = XFL_BADMSXML;
}
return FALSE;
}
// RB - Added code to format the error message before calling AfxMessage
else
{
CEnString sMessage(s_sDecryptFailed, GetFileName());
if (IDNO == AfxMessageBox(sMessage, MB_YESNO))
{
m_nFileError = XFL_CANCELLED;
return FALSE;
}
// else user will try again
}
}
}
// else
m_nFileError = XFL_UNKNOWNENCRYPTION;
return FALSE;
}
//----------------------------------------------------------//
// CPacket::Serialize
//----------------------------------------------------------//
CPacket::Error::Enum CPacket::Serialize(CPacketSerializer& serializer)
{
if (ISerializer::Mode::Serializing == serializer.GetMode())
{
//-- Serializing
m_nVersion = Version::Current;
if (IS_ZERO(serializer.SerializeU8(m_nVersion, 'pktV')))
{
return Error::Serializer;
}
//-- Serializer must have at least the size of the header in bytes free to proceed
size_t nUnusedSize = serializer.GetSize() - serializer.GetOffset();
if (nUnusedSize < GetHeaderSize())
{
//-- Not enough bytes in serializer.
return Error::Serializer;
}
//-- Version::V1
if ( IS_ZERO(serializer.SerializeU8(m_HeaderV1.m_nFlags, 'flgs'))
|| IS_ZERO(serializer.SerializeU16(m_HeaderV1.m_nMessages, 'mess')) )
{
return Error::Serializer;
}
if (IS_TRUE(IsEncrypted()))
{
size_t nEncodedSize = SysString::Base64EncodedSize(m_DataBuffer.UsedSize());
if (IS_ZERO(nEncodedSize))
{
//-- Failed.
//-- Something went wrong with the Encode.
return Error::EncryptionFailed;
}
m_HeaderV1.m_nDataSize = nEncodedSize;
if (IS_ZERO(serializer.SerializeU16(m_HeaderV1.m_nDataSize, 'size')))
{
return Error::Serializer;
}
//-- We need a spare byte for null terminating the encoded base64 string.
//-- This is blegh!
//-- Test for unused space in serializer.
size_t nUnusedSize = serializer.GetSize() - serializer.GetOffset();
if (nUnusedSize < ((size_t)m_HeaderV1.m_nDataSize + 1))
{
//-- Not enough bytes in serializer.
return Error::Serializer;
}
//-- Notice we do not include the extra byte when we reserve space.
u8* pReserved = serializer.SerializeReserve(m_HeaderV1.m_nDataSize);
if (IS_NULL_PTR(pReserved))
{
//-- Failed.
return Error::Serializer;
}
//-- Valid encryption key?
if (SysString::INVALID_KEY == m_Key)
{
return Error::EncryptionFailed;
}
//-- NOTE: this will actually put a null terminator beyond the end
//-- of the pReserved block! But should be ok because we checked
//-- if there was room enough in the unused size of the serializer
//-- for it.
//-- Whatever gets serialized next will overwrite the null terminator,
//-- which is ok.
nEncodedSize = SysString::KeyEncode(
(s8*)pReserved,
m_HeaderV1.m_nDataSize + 1,
m_DataBuffer.Buffer(),
m_DataBuffer.UsedSize(),
m_Key);
if (IS_ZERO(nEncodedSize))
{
//-- Failed.
//-- Something went wrong with the Encode.
return Error::EncryptionFailed;
}
if (IS_NULL_PTR(m_DataBuffer.StripHead(NULL, m_DataBuffer.UsedSize())))
{
//-- Failed.
//-- DataBuffer wasn't full enough
return Error::DataBufferEmpty;
}
}
else
{
//-- Write directly into serializer.
m_HeaderV1.m_nDataSize = m_DataBuffer.UsedSize();
if (IS_ZERO(serializer.SerializeU16(m_HeaderV1.m_nDataSize, 'size')))
{
return Error::Serializer;
}
u8* pReserved = serializer.SerializeReserve(m_HeaderV1.m_nDataSize);
if (IS_NULL_PTR(pReserved))
{
//-- Failed.
return Error::Serializer;
}
if (IS_NULL_PTR(SysMemory::Memcpy(pReserved, m_HeaderV1.m_nDataSize, m_DataBuffer.Buffer(), m_HeaderV1.m_nDataSize)))
{
//-- Failed.
return Error::CopyFailed;
}
if (IS_NULL_PTR(m_DataBuffer.StripHead(NULL, m_HeaderV1.m_nDataSize)))
{
//-- Failed.
//-- DataBuffer wasn't full enough
return Error::DataBufferEmpty;
}
}
//-- DataBuffer should now be empty.
assert(IS_ZERO(m_DataBuffer.UsedSize()));
assert(m_HeaderV1.m_nMessages > 0);
assert(m_HeaderV1.m_nDataSize > 0);
//-- End.
}
else
{
//-- Deserializing.
SysMemory::Memclear(&m_HeaderV1, sizeof(m_HeaderV1));
m_DataBuffer.Clear();
//-- Read version number.
if (IS_ZERO(serializer.SerializeU8(m_nVersion, 'pktV')))
{
//-- Failed to read version number.
return Error::Serializer;
}
//-- Serializer must be at least the size of the header in bytes to proceed
size_t nUnreadSize = serializer.GetSize() - serializer.GetOffset();
if (nUnreadSize < GetHeaderSize())
{
//-- Not enough bytes in serializer.
return Error::Serializer;
}
//-- Read the header
switch (m_nVersion)
{
case Version::V1:
{
if ( IS_ZERO(serializer.SerializeU8(m_HeaderV1.m_nFlags, 'flgs'))
|| IS_ZERO(serializer.SerializeU16(m_HeaderV1.m_nMessages, 'mess'))
|| IS_ZERO(serializer.SerializeU16(m_HeaderV1.m_nDataSize, 'size')) )
{
return Error::Serializer;
}
if (Version::Unknown == Validate())
{
return Error::ProtocolMismatch;
}
u8* pDataSrc = serializer.SerializeReserve(m_HeaderV1.m_nDataSize);
if (IS_NULL_PTR(pDataSrc))
{
//-- Failed.
return Error::Serializer;
}
//-- Is packet encrypted?
if (IS_TRUE(IsEncrypted()))
{
//-- Decrypt packet payload data to DataBuffer
size_t nDecodedSize = SysString::Base64DecodedSize((const s8*)pDataSrc, m_HeaderV1.m_nDataSize);
if (IS_ZERO(nDecodedSize))
{
//-- Failed.
//-- Something went wrong with the Decode.
return Error::EncryptionFailed;
}
assert(m_DataBuffer.Size() >= nDecodedSize);
u8* pDataDest = m_DataBuffer.InsTail(NULL, nDecodedSize);
if (IS_NULL_PTR(pDataDest))
{
//-- Failed.
//-- DataBuffer is too full.
return Error::DataBufferFull;
}
//-- Valid encryption key?
if (SysString::INVALID_KEY == m_Key)
{
return Error::EncryptionFailed;
}
nDecodedSize = SysString::KeyDecode(
pDataDest,
nDecodedSize,
(const s8*)pDataSrc,
m_HeaderV1.m_nDataSize,
m_Key);
if (IS_ZERO(nDecodedSize))
{
//-- Failed.
//-- Something went wrong with the Decode.
return Error::EncryptionFailed;
}
}
else
{
//-- Read directly into buffer.
assert(m_DataBuffer.Size() >= m_HeaderV1.m_nDataSize);
if (IS_NULL_PTR(m_DataBuffer.InsTail(pDataSrc, m_HeaderV1.m_nDataSize)))
{
//-- Failed.
//-- DataBuffer is too full.
return Error::DataBufferFull;
}
}
//-- DataBuffer should now have exactly m_HeaderV1.m_nMessages inside it.
//-- End.
}
break;
default:
{
//-- Unexpected version
return Error::UnknownVersion;
}
break;
}
}
return Error::Ok;
}
