ecryptfs-stat support for encrypted filenames

Bug #342398 reported by Dustin Kirkland 
34
This bug affects 5 people
Affects Status Importance Assigned to Milestone
eCryptfs
In Progress
Wishlist
Jason Xing

Bug Description

We need to modernize the ecryptfs-stat tool to handle some recent ecryptfs enhancements, such as encrypted filenames.

When developing, debugging, and recovering ecryptfs data, it would be useful to use ecryptfs-stat to parse ecryptfs encrypted files.

:-Dustin

Related branches

Changed in ecryptfs:
assignee: nobody → kirkland
importance: Undecided → High
status: New → Triaged
Revision history for this message
Tyler Hicks (tyhicks) wrote :

This is the current output:
---
tyhicks@gentoo-virt /mnt/.ecryptfs-ext3 $ ecryptfs-stat ECRYPTFS_FNEK_ENCRYPTED.FWZzc4x9NjnS-UTsAK4mvaKSOBy.0pFk10nagE4Fnw8pg4-DKT2YKBm8Sk--
File version: [3]
Decrypted file size: [125]
Number of header bytes at front of file: [8192]
Metadata in the header region
Encrypted
HMAC disabled
---

It would be nice to also know things like how many encrypted FEKs are in the header, what the signatures are of the FEKEKs used, the signature of the FNEK, etc.

Revision history for this message
Serge Hallyn (serge-hallyn) wrote : Re: [Bug 342398] Re: ecryptfs-stat support for encrypted filenames

On Fri, Mar 13, 2009 at 3:07 PM, Tyler Hicks <email address hidden> wrote:
> This is the current output:
> ---
> tyhicks@gentoo-virt /mnt/.ecryptfs-ext3 $ ecryptfs-stat ECRYPTFS_FNEK_ENCRYPTED.FWZzc4x9NjnS-UTsAK4mvaKSOBy.0pFk10nagE4Fnw8pg4-DKT2YKBm8Sk--
> File version: [3]
> Decrypted file size: [125]
> Number of header bytes at front of file: [8192]
> Metadata in the header region
> Encrypted
> HMAC disabled
> ---
>
> It would be nice to also know things like how many encrypted FEKs are in
> the header, what the signatures are of the FEKEKs used, the signature of
> the FNEK, etc.

Right, and it would be nice to be able to have a byte-by-byte accounting
of the contents, i.e.
1-128: header
129-255: FNEK_ENCRYPTED
256-258: file version (3)
[...]
X-Y: FEK_ENCRYPTED_WITH_FNEK
Y-Z: FEK_ROT13d

:)

Revision history for this message
Dustin Kirkland  (kirkland) wrote :

I'm going to assign to Serge for now, as he mentioned some interest in solving this one ;-)

:-Dustin

Changed in ecryptfs:
assignee: Dustin Kirkland (kirkland) → Serge Hallyn (serge-hallyn)
Changed in ecryptfs:
status: Triaged → Confirmed
Revision history for this message
Tyler Hicks (tyhicks) wrote :

Reassigning to myself. Serge, you're more than welcome to help. :)

Changed in ecryptfs:
assignee: Serge Hallyn (serge-hallyn) → Tyler Hicks (tyhicks)
importance: High → Wishlist
Revision history for this message
Tyler Hicks (tyhicks) wrote :

No need for me to be assigned to wishlisted bug

Changed in ecryptfs:
assignee: Tyler Hicks (tyhicks) → nobody
Revision history for this message
Jason Xing (wlxing) wrote :

Hi Dustin Kirkland,
CC Tyler Hicks,

I execute ecryptfs-stat to display some information of eCryptfs encrypted file and it says as Tyler commented eight years ago. It doesn't make any change, I think. I'm going to assign to me because I have plenty of time and have strong interests in eCryptfs.

Thus, I'm going to add 1) what kind of way it encrypted (symmetric/asymmetric encryption), 2) what the signature of FEKEK is, 3) what the signature of FNEK is if user enables filename encryption. What else could be added in ecryptfs-stat and do no harm to eCryptfs security.

Any suggestions and comments are welcome :-)

Jason

Changed in ecryptfs:
assignee: nobody → Jason Xing (wlxing)
Jason Xing (wlxing)
Changed in ecryptfs:
status: Confirmed → In Progress
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.