feat: Encrypt header by embedding it to prevent metadata sniffing
This commit is contained in:
Felicitas Pojtinger
@@ -6,6 +6,7 @@ import (
|
||||
"compress/gzip"
|
||||
"context"
|
||||
"encoding/base32"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
@@ -421,27 +422,27 @@ func encryptHeader(
|
||||
encryptionFormat string,
|
||||
pubkey []byte,
|
||||
) error {
|
||||
var err error
|
||||
if encryptionFormat == encryptionFormatNoneKey {
|
||||
return nil
|
||||
}
|
||||
|
||||
hdr.Name, err = encryptString(hdr.Name, encryptionFormat, pubkey)
|
||||
newHdr := &tar.Header{
|
||||
Format: tar.FormatPAX,
|
||||
Size: hdr.Size,
|
||||
PAXRecords: map[string]string{},
|
||||
}
|
||||
|
||||
wrappedHeader, err := json.Marshal(hdr)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
hdr.Linkname, err = encryptString(hdr.Linkname, encryptionFormat, pubkey)
|
||||
newHdr.PAXRecords[pax.STFSEmbeddedHeader], err = encryptString(string(wrappedHeader), encryptionFormat, pubkey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
hdr.Uname, err = encryptString(hdr.Uname, encryptionFormat, pubkey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
hdr.Gname, err = encryptString(hdr.Gname, encryptionFormat, pubkey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
*hdr = *newHdr
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -7,6 +7,8 @@ import (
|
||||
"compress/gzip"
|
||||
"context"
|
||||
"encoding/base32"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"io"
|
||||
"os"
|
||||
"path/filepath"
|
||||
@@ -20,6 +22,7 @@ import (
|
||||
"github.com/pierrec/lz4/v4"
|
||||
"github.com/pojntfx/stfs/pkg/controllers"
|
||||
"github.com/pojntfx/stfs/pkg/formatting"
|
||||
"github.com/pojntfx/stfs/pkg/pax"
|
||||
"github.com/spf13/cobra"
|
||||
"github.com/spf13/viper"
|
||||
"github.com/volatiletech/sqlboiler/v4/boil"
|
||||
@@ -32,6 +35,10 @@ const (
|
||||
previewFlag = "preview"
|
||||
)
|
||||
|
||||
var (
|
||||
errEmbeddedHeaderMissing = errors.New("embedded header is missing")
|
||||
)
|
||||
|
||||
var recoveryFetchCmd = &cobra.Command{
|
||||
Use: "fetch",
|
||||
Short: "Fetch a file or directory from tape or tar file by record and block",
|
||||
@@ -237,27 +244,30 @@ func decryptHeader(
|
||||
encryptionFormat string,
|
||||
privkey []byte,
|
||||
) error {
|
||||
var err error
|
||||
if encryptionFormat == encryptionFormatNoneKey {
|
||||
return nil
|
||||
}
|
||||
|
||||
hdr.Name, err = decryptString(hdr.Name, encryptionFormat, privkey)
|
||||
if hdr.PAXRecords == nil {
|
||||
return errEmbeddedHeaderMissing
|
||||
}
|
||||
|
||||
encryptedEmbeddedHeader, ok := hdr.PAXRecords[pax.STFSEmbeddedHeader]
|
||||
if !ok {
|
||||
return errEmbeddedHeaderMissing
|
||||
}
|
||||
|
||||
embeddedHeader, err := decryptString(encryptedEmbeddedHeader, encryptionFormat, privkey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
hdr.Linkname, err = decryptString(hdr.Linkname, encryptionFormat, privkey)
|
||||
if err != nil {
|
||||
var newHdr tar.Header
|
||||
if err := json.Unmarshal([]byte(embeddedHeader), &newHdr); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
hdr.Uname, err = decryptString(hdr.Uname, encryptionFormat, privkey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
hdr.Gname, err = decryptString(hdr.Gname, encryptionFormat, privkey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
*hdr = newHdr
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -20,6 +20,8 @@ const (
|
||||
STFSRecordReplacesName = STFSPrefix + "ReplacesName"
|
||||
|
||||
STFSRecordUncompressedSize = STFSPrefix + "UncompressedSize"
|
||||
|
||||
STFSEmbeddedHeader = STFSPrefix + "EmbeddedHeader"
|
||||
)
|
||||
|
||||
var (
|
||||
|
||||
Reference in New Issue
Block a user