-devrandom: make flag a no-op

rfjakob · rfjakob · commit 61ef6b00a675 · 2021-08-25T12:39:17.000+02:00
Commit f3c777d added the `-devrandom` option: commit f3c777d Author: @slackner Date: Sun Nov 19 13:30:04 2017 +0100 main: Add '-devrandom' commandline option Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy. We now require Go v1.13 and Kernel versions should have also moved on. Make the flag a no-op. #596
diff --git a/Documentation/MANPAGE.md b/Documentation/MANPAGE.md
@@ -114,11 +114,10 @@ leaks information about identical file names across directories
 The resulting `gocryptfs.conf` has "DirIV" missing from "FeatureFlags".
 
 #### -devrandom
-Use `/dev/random` for generating the master key instead of the default Go
-implementation. This is especially useful on embedded systems with Go versions
-prior to 1.9, which fall back to weak random data when the getrandom syscall
-is blocking. Using this option can block indefinitely when the kernel cannot
-harvest enough entropy.
+Obsolete and ignored on gocryptfs v2.2 and later.
+
+See https://github.com/rfjakob/gocryptfs/commit/f3c777d5eaa682d878c638192311e52f9c204294
+and https://github.com/rfjakob/gocryptfs/issues/596 for background info.
 
 #### -hkdf
 Use HKDF to derive separate keys for content and name encryption from
diff --git a/cli_args.go b/cli_args.go
@@ -30,7 +30,7 @@ type argContainer struct {
 	plaintextnames, quiet, nosyslog, wpanic,
 	longnames, allow_other, reverse, aessiv, nonempty, raw64,
 	noprealloc, speed, hkdf, serialize_reads, forcedecode, hh, info,
-	sharedstorage, devrandom, fsck, one_file_system, deterministic_names,
+	sharedstorage, fsck, one_file_system, deterministic_names,
 	xchacha bool
 	// Mount options with opposites
 	dev, nodev, suid, nosuid, exec, noexec, rw, ro, kernel_cache, acl bool
@@ -177,7 +177,6 @@ func parseCliOpts(osArgs []string) (args argContainer) {
 	flagSet.BoolVar(&args.hh, "hh", false, "Show this long help text")
 	flagSet.BoolVar(&args.info, "info", false, "Display information about CIPHERDIR")
 	flagSet.BoolVar(&args.sharedstorage, "sharedstorage", false, "Make concurrent access to a shared CIPHERDIR safer")
-	flagSet.BoolVar(&args.devrandom, "devrandom", false, "Use /dev/random for generating master key")
 	flagSet.BoolVar(&args.fsck, "fsck", false, "Run a filesystem check on CIPHERDIR")
 	flagSet.BoolVar(&args.one_file_system, "one-file-system", false, "Don't cross filesystem boundaries")
 	flagSet.BoolVar(&args.deterministic_names, "deterministic-names", false, "Disable diriv file name randomisation")
@@ -228,11 +227,16 @@ func parseCliOpts(osArgs []string) (args argContainer) {
 	flagSet.DurationVar(&args.idle, "idle", 0, "Auto-unmount after specified idle duration (ignored in reverse mode). "+
 		"Durations are specified like \"500s\" or \"2h45m\". 0 means stay mounted indefinitely.")
 
-	var nofail bool
-	flagSet.BoolVar(&nofail, "nofail", false, "Ignored for /etc/fstab compatibility")
-
 	var dummyString string
 	flagSet.StringVar(&dummyString, "o", "", "For compatibility with mount(1), options can be also passed as a comma-separated list to -o on the end.")
+
+	// Ignored flags
+	{
+		var tmp bool
+		flagSet.BoolVar(&tmp, "nofail", false, "Ignored for /etc/fstab compatibility")
+		flagSet.BoolVar(&tmp, "devrandom", false, "Deprecated (ignored for compatibility)")
+	}
+
 	// Actual parsing
 	err = flagSet.Parse(osArgsPreprocessed[1:])
 	if err == flag.ErrHelp {
diff --git a/init_dir.go b/init_dir.go
@@ -93,7 +93,6 @@ func initDir(args *argContainer) {
 			LogN:               args.scryptn,
 			Creator:            creator,
 			AESSIV:             args.aessiv,
-			Devrandom:          args.devrandom,
 			Fido2CredentialID:  fido2CredentialID,
 			Fido2HmacSalt:      fido2HmacSalt,
 			DeterministicNames: args.deterministic_names,
diff --git a/internal/configfile/config_file.go b/internal/configfile/config_file.go
@@ -5,9 +5,7 @@ package configfile
 import (
 	"encoding/json"
 	"fmt"
-	"io"
 	"io/ioutil"
-	"log"
 	"syscall"
 
 	"os"
@@ -61,21 +59,6 @@ type ConfFile struct {
 	filename string
 }
 
-// randBytesDevRandom gets "n" random bytes from /dev/random or panics
-func randBytesDevRandom(n int) []byte {
-	f, err := os.Open("/dev/random")
-	if err != nil {
-		log.Panic("Failed to open /dev/random: " + err.Error())
-	}
-	defer f.Close()
-	b := make([]byte, n)
-	_, err = io.ReadFull(f, b)
-	if err != nil {
-		log.Panic("Failed to read random bytes: " + err.Error())
-	}
-	return b
-}
-
 // CreateArgs exists because the argument list to Create became too long.
 type CreateArgs struct {
 	Filename           string
@@ -84,7 +67,6 @@ type CreateArgs struct {
 	LogN               int
 	Creator            string
 	AESSIV             bool
-	Devrandom          bool
 	Fido2CredentialID  []byte
 	Fido2HmacSalt      []byte
 	DeterministicNames bool
@@ -136,12 +118,7 @@ func Create(args *CreateArgs) error {
 	}
 	{
 		// Generate new random master key
-		var key []byte
-		if args.Devrandom {
-			key = randBytesDevRandom(cryptocore.KeyLen)
-		} else {
-			key = cryptocore.RandBytes(cryptocore.KeyLen)
-		}
+		key := cryptocore.RandBytes(cryptocore.KeyLen)
 		tlog.PrintMasterkeyReminder(key)
 		// Encrypt it using the password
 		// This sets ScryptObject and EncryptedKey
diff --git a/internal/configfile/config_test.go b/internal/configfile/config_test.go
@@ -86,18 +86,6 @@ func TestCreateConfDefault(t *testing.T) {
 	}
 }
 
-func TestCreateConfDevRandom(t *testing.T) {
-	err := Create(&CreateArgs{
-		Filename:  "config_test/tmp.conf",
-		Password:  testPw,
-		LogN:      10,
-		Creator:   "test",
-		Devrandom: true})
-	if err != nil {
-		t.Fatal(err)
-	}
-}
-
 func TestCreateConfPlaintextnames(t *testing.T) {
 	err := Create(&CreateArgs{
 		Filename:       "config_test/tmp.conf",
