Sorry for not getting back to you sooner. I've been busy with other things. On 2013-06-04 22:50:28, Will Morrison wrote: > To make the changes to store the cipher mode in the file header, we > are proposing the following. > > 1. Change ECRYPTFS_SUPPORTED_FILE_VERSION to 4. This should prevent > old versions of eCryptfs from trying to read new style headers. > > 2. Add a new cipher mode field in the appropriate packets of version 4 > file headers. (I believe these are tag 1 and tag 3, for asymmetric and > symmetric keys). Since there is no equivalent to this field in the > OpenPGP RFCs, we will be creating a new list of constants similar to > the ones in ecryptfs.h for the mode type. > > 3. When reading a file header and initializing a crypt_stat, if the > version number is 4 or greater, read the mode out of the header, > otherwise, default to CBC. > > 4. When writing out headers, refer to the file_version field in the > crypt_stat to determine what to write out. If it's 4 or greater, > include the mode field. > > This should result in the new version 4 header being written for all > new files. Old files would still be read and written with the version > 3 headers and default to using CBC mode. Older versions of eCryptfs > should refuse to open files with version 4 headers. > > Does this make sense? If not, what are we missing? It makes sense, but I don't really like it. It prevents old kernels from being able to open files created by newer kernels even when CBC is used for the new files. Breaking backwards compatibility should only be done for really good reasons, when there's no other option. I didn't want to shoot this idea down without proposing a solution of my own, but I haven't had time to read back through the OpenPGP RFCs and look at what other fields we have in our metadata. The good news is that this shouldn't block you for the time being. You can hardcode your new mount_crypt_stat and crypt_stat cipher mode fields to GCM for now and then figure out how to dynamically set them later when we come to a decision on the metadata format changes. Tyler > > Thanks, > -Will
Attachment:
signature.asc
Description: Digital signature
