summaryrefslogtreecommitdiff
path: root/gocryptfs-xray
diff options
context:
space:
mode:
authorJakob Unterwurzacher2020-05-09 19:11:06 +0200
committerJakob Unterwurzacher2020-05-09 19:11:06 +0200
commit24554b11f773cd6c944b8be2f661962867897520 (patch)
treec2e36811d66a77dc9b617cc4a6de20632a48e2ea /gocryptfs-xray
parent171b1eac91263cc8896506321ce686f17cc66314 (diff)
gocryptfs-xray: integrate ctlsock path encryption/decryption
Implementation seems to work ok, but is missing tests and documentation for now. I will only delete ctlsock-encrypt.bash when both are done. https://github.com/rfjakob/gocryptfs/issues/416
Diffstat (limited to 'gocryptfs-xray')
-rw-r--r--gocryptfs-xray/paths_ctlsock.go43
-rw-r--r--gocryptfs-xray/xray_main.go37
2 files changed, 76 insertions, 4 deletions
diff --git a/gocryptfs-xray/paths_ctlsock.go b/gocryptfs-xray/paths_ctlsock.go
new file mode 100644
index 0000000..3c69ec3
--- /dev/null
+++ b/gocryptfs-xray/paths_ctlsock.go
@@ -0,0 +1,43 @@
+package main
+
+import (
+ "bufio"
+ "fmt"
+ "os"
+
+ "github.com/rfjakob/gocryptfs/ctlsock"
+)
+
+func decryptPaths(socketPath string) {
+ var req ctlsock.RequestStruct
+ transformPaths(socketPath, &req, &req.DecryptPath)
+}
+
+func encryptPaths(socketPath string) {
+ var req ctlsock.RequestStruct
+ transformPaths(socketPath, &req, &req.EncryptPath)
+}
+
+func transformPaths(socketPath string, req *ctlsock.RequestStruct, in *string) {
+ c, err := ctlsock.New(socketPath)
+ if err != nil {
+ fmt.Printf("fatal: %v\n", err)
+ os.Exit(1)
+ }
+ line := 0
+ scanner := bufio.NewScanner(os.Stdin)
+ for scanner.Scan() {
+ line++
+ *in = scanner.Text()
+ resp, err := c.Query(req)
+ if err != nil {
+ fmt.Fprintf(os.Stderr, "error at input line %d %q: %v\n", line, *in, err)
+ continue
+ }
+ if resp.WarnText != "" {
+ fmt.Fprintf(os.Stderr, "warning at input line %d %q: %v\n", line, *in, resp.WarnText)
+ }
+ fmt.Println(resp.Result)
+ }
+ os.Exit(0)
+}
diff --git a/gocryptfs-xray/xray_main.go b/gocryptfs-xray/xray_main.go
index 34f695b..0777524 100644
--- a/gocryptfs-xray/xray_main.go
+++ b/gocryptfs-xray/xray_main.go
@@ -49,25 +49,54 @@ func usage() {
" gocryptfs-xray -dumpmasterkey myfs/gocryptfs.conf\n")
}
+// sum counts the number of true values
+func sum(x ...*bool) (s int) {
+ for _, v := range x {
+ if *v {
+ s++
+ }
+ }
+ return s
+}
+
func main() {
- dumpmasterkey := flag.Bool("dumpmasterkey", false, "Decrypt and dump the master key")
- aessiv := flag.Bool("aessiv", false, "Assume AES-SIV mode instead of AES-GCM")
+ var args struct {
+ dumpmasterkey *bool
+ decryptPaths *bool
+ encryptPaths *bool
+ aessiv *bool
+ }
+ args.dumpmasterkey = flag.Bool("dumpmasterkey", false, "Decrypt and dump the master key")
+ args.decryptPaths = flag.Bool("decrypt-paths", false, "Decrypt file paths using gocryptfs control socket")
+ args.encryptPaths = flag.Bool("encrypt-paths", false, "Encrypt file paths using gocryptfs control socket")
+ args.aessiv = flag.Bool("aessiv", false, "Assume AES-SIV mode instead of AES-GCM")
flag.Usage = usage
flag.Parse()
+ s := sum(args.dumpmasterkey, args.decryptPaths, args.encryptPaths)
+ if s > 1 {
+ fmt.Printf("fatal: %d operations were requested\n", s)
+ os.Exit(1)
+ }
if flag.NArg() != 1 {
usage()
os.Exit(1)
}
fn := flag.Arg(0)
+ if *args.decryptPaths {
+ decryptPaths(fn)
+ }
+ if *args.encryptPaths {
+ encryptPaths(fn)
+ }
fd, err := os.Open(fn)
if err != nil {
errExit(err)
}
defer fd.Close()
- if *dumpmasterkey {
+ if *args.dumpmasterkey {
dumpMasterKey(fn)
} else {
- inspectCiphertext(fd, *aessiv)
+ inspectCiphertext(fd, *args.aessiv)
}
}