Not compatible with rclone crypt.

[textrix]

Please make sure of the following things

• I have read the documentation.
  我已经阅读了文档。

• I'm sure there are no duplicate issues or discussions.
  我确定没有重复的issue或讨论。

• I'm sure this issue is not fixed in the latest version.
  我确定这个问题在最新版本中没有被修复。

• I'm sure it's due to AList and not something else(such as Network ,Dependencies or Operational).
  我确定是AList的问题，而不是其他原因（例如网络，依赖或操作）。

AList Version / AList 版本

v3.28.0

Driver used / 使用的存储驱动

OneDrive App

Describe the bug / 问题描述

Update

It seems reasonable to properly obfuscate web-generated plaintext passwords. However, this issue is due to the lack of a manual and can only be concluded as an accident. Please change this issue from being categorized as a bug to something else.

Anyway, I propose the following additions to the guide

1. the guide should explain how the password and password2 of the Storage created with AList's Crypt can be used for rclone crypt.
   Also, in the current version, the password is not visible in the Storage settings on the web, so you need to access the db directly to get the password, remove the ___Obfuscated___ prefix, and use it. I need a way to check it on the web.

2. If you use the password and password2 used in rclone crypt for AList's Crypt, prefix them with ___Obfuscated___.

Original

First, thanks for releasing a great app.

I have a rclone crypt repository that I've been using for a long time. I use it for synchronization across multiple PCs using Windows and Ubuntu.

Recently, I found AList on the web that looked like it might come in handy, and while testing it out, it seems to be incompatible with rclone crypt, so I thought I'd let you know.

My environment is as follows and I will explain the strange situation with reproduction. Please check it out and fix it.

ubuntu$ rclone version
rclone v1.64.2
- os/version: ubuntu 22.04 (64 bit)
- os/kernel: 5.15.0-1047-oracle (aarch64)
- os/type: linux
- os/arch: arm64 (ARMv8 compatible)
- go/version: go1.21.3
- go/linking: static
- go/tags: none

ubuntu$ echo alist1 | rclone obscure -
GzgsivwNcZ5jsSK9k2h3NEEDH2dSGw # use password
ubuntu$ echo alist2 | rclone obscure - 
l40rrivBoBmJ6vVlHO2xZqW2x8KS2Q # use password2

ubuntu$ cat ~/.config/rclone/rclone.conf
[20]
type = onedrive
token = {"access_token":"ey...Eg","token_type":"Bearer","refresh_token":"0e...z1","expiry":"20...00"}
drive_id = b!x...Qeb
drive_type = business
[s20]
type = crypt
remote = 20:ss
filename_encryption = obfuscate
directory_name_encryption = true
password = GzgsivwNcZ5jsSK9k2h3NEEDH2dSGw
password2 = l40rrivBoBmJ6vVlHO2xZqW2x8KS2Q
filename_encoding = base64

Reproduction / 复现链接

For testing purposes, I created the following test file in the repository

# Original OneDriver repository
ubuntu$ rclone ls 20:
        0 .loc.20

# Secret repository location created
ubuntu$ rclone mkdir 20:ss

# Creating and verifying files in the secret repo
ubuntu$ rclone ls s20: 
ubuntu$ echo "alist test" | rclone rcat s20:ABCabc_1234567890.txt
ubuntu$ rclone ls s20:
        11 ABCabc_1234567890.txt
ubuntu$ rclone cat s20:ABCabc_1234567890.txt
alist test

# Verify encrypted filename (obfuscate)
ubuntu$ rclone ls 20:ss
       59 230.XYZxyz_0123456789.QUQ

After creating and viewing the storage for 20 and s20 in Alist, it does not show the correct file names as shown in the following screen.

Of course, the file name is incorrect, so I clicked the file name to check the contents, and the screen below appears.

Config / 配置

Logs / 日志

No response

[welcome]

Thanks for opening your first issue here! Be sure to follow the issue template!

[textrix]

Similarly, when I create a file or folder in the s20 storage of Alist, the number part is also displayed incorrectly in rclone.

[textrix]

Even if you don't encrypt filenames and directory names, encrypting/decrypting file contents doesn't work correctly either.

ubuntu$ rclone cat uu20:1234ABCD.txt
2023/11/21 08:56:14 ERROR : 1234ABCD.txt: Failed to send to output: failed to authenticate decrypted block - bad password?
2023/11/21 08:56:14 Failed to cat: failed to authenticate decrypted block - bad password?

[textrix]

I think I found the cause.

When creating Crypt Storage in Alist, the values entered for password and password2 are prefixed with ___Obfuscated___ and seem to be obfuscated when stored in the db.

However, when encrypting the actual file name and contents, it seems to remove the prefix and use the obfuscated passwords without decrypting them.

Proof: Alist Crypt and rclone crypt work fine when configured like below.

# Alist Crypt Storage setting:
password: GzgsivwNcZ5jsSK9k2h3NEEDH2dSGw
password2: l40rrivBoBmJ6vVlHO2xZqW2x8KS2Q
obfuscated password: ___Obfuscated___yJLWwFdvtDElQzk0bJcOy3SEtUqukBRXal7OC4m9PC1wpvUPsO11ysbKpyWgFQ
obfuscated password2: ___Obfuscated___6shiftPcRh3e8Bfr78k2_fqN5pRBNRwcLTXPxANDiy-PKXF6WfFgGIc9kJ6e-Q

# rclone crypt setting:
[uu20]
type = crypt
remote = 20:ss
filename_encryption = obfuscate
directory_name_encryption = true
password = yJLWwFdvtDElQzk0bJcOy3SEtUqukBRXal7OC4m9PC1wpvUPsO11ysbKpyWgFQ
password2 = 6shiftPcRh3e8Bfr78k2_fqN5pRBNRwcLTXPxANDiy-PKXF6WfFgGIc9kJ6e-Q
filename_encoding = base64

[textrix]

Wordaround:
If you prefix ___Obfuscated___ to the password and password2 used in the existing rclone crypt and set Storage in Alist, it works fine.

[xhofe]

Thanks for the survey information, which may answer questions for future users.