2fae 中文文档教程
Two factor authentication encryption file format
此库提供功能用于加密、解密和操作 .2fae
文件。
2fae 是一种文件格式,用于向已加密的文件添加双因素身份验证。 这为加密文件增加了另一层安全性,确保只有文件的预期接收者能够解密它,即使文件密码被泄露也是如此。
文件格式本身不提供此功能,而是加密数据的容器以及 2fae 客户端和服务器执行加密和解密所需的元数据。
Encryption/Decryption flows
当用户加密文件时,原始文件数据默认使用aes-256-gcm
加密方式进行加密。 在加密发生的同时,一个唯一的文件 ID 被生成,这个信息连同执行加密的人的用户 ID、加密 IV、密钥、auth 标签和文件密码被发送到服务器。 同时生成一个2fae
文件,里面只包含加密后的数据和文件id。
服务器安全地存储与给定文件 ID 和用户相关的解密信息。
解密时,用户需要成功提供文件密码并通过双重身份验证过程。 如果两者都正确,则服务器将解密密钥发送给客户端,并使用此信息解密和恢复原始文件。
Format specification
2fae
文件内容具有以下逐字节格式。
标题。 2 个字节 (0-1)。 带有常量的文件头,将其标识为 2fae 文件。 应始终具有十六进制值
2FAE
。格式版本。 1 个字节 (2)。 2fae 格式的版本。 十六进制数。
加密协议。 1 个字节 (3)。 文件使用的加密协议。 十六进制数。
文件 ID。 16 个字节 (4-19)。 文件的唯一标识符。 16 字节的十六进制 UUID。
加密数据。 n 个字节 (20-n)。 原始加密数据。 它还包含原始文件名。 有关加密数据内容的更多详细信息,请参阅下一节。
Encrypted content
字节 20 到 n 包含加密数据。 但是,加密的数据不仅是原始文件数据,还包括一些经过加密以妥善保管的附加信息。 解密后,数据具有以下格式。 为简单起见,字节计数从解密数据的开头开始。
文件名。 k 字节 (0-k)。 文件加密前的原始名称。 这可用于恢复其原始名称和/或扩展名。
文件名结束标志。 4 个字节 ((k+1)-(k+4))。 用于标识原始文件名何时完成的标志。 这允许考虑名称中的可变长度。 始终具有十六进制值
2FAEFDED
。原始数据。 n 个字节 ((k+5)-n)。 原始文件数据已经解密。
Caveats
2fae 的主要缺点是文件无法在没有互联网连接的情况下加密或解密,因为实际的解密密钥和双因素身份验证流存在于服务器中。
Two factor authentication encryption file format
This library provides capabilities for encrypting, decrypting and manipulating .2fae
files.
2fae is a file format for adding two factor authentication to already encrypted files. This adds another layer of security to the encrypted file, making sure that only the intended recipients for the file are able to decrypt it, even if the file password is compromissed.
The file format by itself does not offer this functionality but rather is the container of the encrypted data as well as the metadata required by the 2fae client and server to carry out the encryption and decryption.
Encryption/Decryption flows
When a user encrypts a file, the original file data is encrypted using aes-256-gcm
encryption by default. At the same time that the encryption happens, a unique file id is generated and this information, together with the user id of the person carrying out the encryption, the encryption IV, key, auth tag, and file password are sent to the server. At the same time, a 2fae
file is generated, which contains only the encrypted data and the file id.
The server securely stores the decryption information relating them specificaly to the given file id and the user.
For decryption, the user needs to successfuly provide the file password and go through the two factor authentication process. If both are correct, the server then sends the decryption keys to the client and with this information, the original file is decrypted and restored.
Format specification
2fae
files content have the following format byte to byte.
Header. 2 bytes (0-1). File header with a constant identifying this as a 2fae file. Should always have the value
2FAE
in hexadecimal.Format version. 1 byte (2). Version of the 2fae format. Hexadecimal number.
Encryption protocol. 1 byte (3). Encryption protocol used for the file. Hexadecimal number.
File ID. 16 bytes (4-19). Unique identifier for the file. 16 bytes hexadecimal UUID.
Encrypted data. n bytes (20-n). Original encrypted data. It also contains the original filename. Refer to the next section for more details on the content of the encrypted data.
Encrypted content
The bytes 20 to n contains encrypted data. However, the encrypted data is not only the original file data but some additional information that is encrypted for safekeeping. After decryption, the data has the following format. For simplicity, byte counts starts at the beginning of the decrypted data.
Filename. k bytes (0-k). Original name of the file before it was encrypted. This can be used to restore it's original name and/or extension.
Filename end flag. 4 bytes ((k+1)-(k+4)). Flag to identify when the original filename finishes. This allows to account for variable lenght in the name. Always has the value
2FAEFDED
in hexadecimal.Original data. n bytes ((k+5)-n). Original file data already decrypted.
Caveats
The main drawback of 2fae is that files cannot be encrypted or decrypted without an internet connection since the actual decryption keys and the two factor authentication flow lives in the server.