diff options
| author | Jakob Unterwurzacher | 2015-11-27 00:03:10 +0100 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2015-11-27 00:03:10 +0100 |
| commit | decfc1ab798055234e16a2e9c0782f56ae50669b (patch) | |
| tree | bdff27eb861a17399b66e28883abfd2624b184c1 /cryptfs/names_diriv.go | |
| parent | fe2fcf6c162a8370670fd1262b90925bf321f199 (diff) | |
diriv: Convert filename encryption users to diriv
Diffstat (limited to 'cryptfs/names_diriv.go')
| -rw-r--r-- | cryptfs/names_diriv.go | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/cryptfs/names_diriv.go b/cryptfs/names_diriv.go new file mode 100644 index 0000000..c9debab --- /dev/null +++ b/cryptfs/names_diriv.go @@ -0,0 +1,69 @@ +package cryptfs + +import ( + "path/filepath" + "io/ioutil" + "fmt" + "strings" +) + +// readDirIV - read the "gocryptfs.diriv" file from "dir" (absolute path) +func (be *CryptFS) readDirIV(dir string) (iv []byte, err error) { + ivfile := filepath.Join(dir, DIRIV_FILENAME) + iv, err = ioutil.ReadFile(ivfile) + if err != nil { + Warn.Printf("readDirIV: %v\n", err) + return nil, err + } + if len(iv) != DIRIV_LEN { + return nil, fmt.Errorf("readDirIV: Invalid length %d\n", len(iv)) + } + return iv, nil +} + +// EncryptPathDirIV - encrypt path using CBC with DirIV +func (be *CryptFS) EncryptPathDirIV(plainPath string, rootDir string) (string, error) { + if be.plaintextNames { + return plainPath, nil + } + // Empty string means root directory + if plainPath == "" { + return plainPath, nil + } + var wd = rootDir + var encryptedNames []string + plainNames := strings.Split(plainPath, "/") + for _, plainName := range plainNames { + iv, err := be.readDirIV(wd) + if err != nil { + return "", err + } + encryptedName := be.encryptName(plainName, iv) + encryptedNames = append(encryptedNames, encryptedName) + wd = filepath.Join(wd, encryptedName) + } + return filepath.Join(encryptedNames...), nil +} + +// DecryptPathDirIV - encrypt path using CBC with DirIV +func (be *CryptFS) DecryptPathDirIV(encryptedPath string, rootDir string) (string, error) { + if be.plaintextNames { + return encryptedPath, nil + } + var wd = rootDir + var plainNames []string + encryptedNames := strings.Split(encryptedPath, "/") + for _, encryptedName := range encryptedNames { + iv, err := be.readDirIV(wd) + if err != nil { + return "", err + } + plainName, err := be.decryptName(encryptedName, iv) + if err != nil { + return "", err + } + plainNames = append(plainNames, plainName) + wd = filepath.Join(wd, encryptedName) + } + return filepath.Join(plainNames...), nil +} |