summaryrefslogtreecommitdiff
path: root/cryptfs/cryptfs_content.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2015-10-03 13:34:33 +0200
committerJakob Unterwurzacher2015-10-03 13:34:33 +0200
commit38bf8a2fcfe0b7260c08d49ed04c9667871f0992 (patch)
treef787ce0acc977ffb4e7fa2c034087f7df31911ee /cryptfs/cryptfs_content.go
parent3fef613591b6831d0ebc8bd2aff4264346a1d047 (diff)
Implement file hole passtrough
Fixes xfstests generic/010 Note that file holes are not authenticated,
Diffstat (limited to 'cryptfs/cryptfs_content.go')
-rw-r--r--cryptfs/cryptfs_content.go9
1 files changed, 9 insertions, 0 deletions
diff --git a/cryptfs/cryptfs_content.go b/cryptfs/cryptfs_content.go
index 0494b69..e42011a 100644
--- a/cryptfs/cryptfs_content.go
+++ b/cryptfs/cryptfs_content.go
@@ -32,6 +32,9 @@ func (be *CryptFS) DecryptBlocks(ciphertext []byte) ([]byte, error) {
}
// DecryptBlock - Verify and decrypt GCM block
+//
+// Corner case: A full-sized block of all-zero ciphertext bytes is translated
+// to an all-zero plaintext block, i.e. file hole passtrough.
func (be *CryptFS) DecryptBlock(ciphertext []byte) ([]byte, error) {
// Empty block?
@@ -39,6 +42,12 @@ func (be *CryptFS) DecryptBlock(ciphertext []byte) ([]byte, error) {
return ciphertext, nil
}
+ // All-zero block?
+ if bytes.Equal(ciphertext, be.allZeroBlock) {
+ Debug.Printf("DecryptBlock: file hole encountered\n")
+ return make([]byte, be.plainBS), nil
+ }
+
if len(ciphertext) < NONCE_LEN {
Warn.Printf("decryptBlock: Block is too short: %d bytes\n", len(ciphertext))
return nil, errors.New("Block is too short")