Feature request: optional added file extension in -plaintextnames mode

[tew42]

I'm a recent excited convert to cryptfs (in the form of cppcryptfs). One feature that I've found missing, however (and one or two others also, at least over at bailey27/cppcryptfs#185 - but that would/should be taken up in gocryptfs first, or at least in parallel), is the option to tag on a new file extension to the encrypted files (e.g., file.txt -> file.txt.cfs) when operating in -plaintextnames mode, to prevent any confusion that may otherwise arise between encrypted and unencrypted files.

Possible scenarios that are avoided by the extra extension:

• accidentally picking an encrypted file out of "recent files" when attaching a file to an email, obviously useless to the recipient
• accidentally dropping an unencrypted file directly into the encrypted folder structure, which is non-obvious until attempting to open the file (which would appear corrupted in the "unencrypted" file system)
• in the other thread, 6677028 also mentioned malicious actors more likely to target cloud data with high-value file extensions

The added-extension approach was also how the (now-defunct) e-share/ncryptedcloud (.zip) and Boxcryptor (.bc) handled things.

At this point I unfortunately lack the time and expertise to look into this myself, so have to leave this as a humble feature request.

[rfjakob]

Nicely described and seems reasonable.

Which extension to use? Do you know what cryptomator uses?

[yahesh]

According to this docs page, the extension of cryptomator is *.c9r (with the 9 replacing the 9 characters between the c and the r of the program's name). Occasionally, *.c9s is used as well.