fusefrontend[_reverse]: move crypto init up to caller

Both fusefrontend and fusefrontend_reverse were doing
essentially the same thing, move it into main's
initFuseFrontend.

A side-effect is that we have a reference to cryptocore
in main, which will help with wiping the keys on exit
(https://github.com/rfjakob/gocryptfs/issues/211).

1 files changed, 3 insertions, 9 deletions

diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go
index 8b0bb2e..b09ed83 100644
--- a/internal/fusefrontend/fs.go
+++ b/internal/fusefrontend/fs.go
@@ -17,7 +17,6 @@ import (
 	"github.com/hanwen/go-fuse/fuse/pathfs"
 
 	"github.com/rfjakob/gocryptfs/internal/contentenc"
-	"github.com/rfjakob/gocryptfs/internal/cryptocore"
 	"github.com/rfjakob/gocryptfs/internal/nametransform"
 	"github.com/rfjakob/gocryptfs/internal/serialize_reads"
 	"github.com/rfjakob/gocryptfs/internal/syscallcompat"
@@ -44,20 +43,15 @@ type FS struct {
 var _ pathfs.FileSystem = &FS{} // Verify that interface is implemented.
 
 // NewFS returns a new encrypted FUSE overlay filesystem.
-func NewFS(masterkey []byte, args Args) *FS {
-	cryptoCore := cryptocore.New(masterkey, args.CryptoBackend, contentenc.DefaultIVBits, args.HKDF, args.ForceDecode)
-	contentEnc := contentenc.New(cryptoCore, contentenc.DefaultBS, args.ForceDecode)
-	nameTransform := nametransform.New(cryptoCore.EMECipher, args.LongNames, args.Raw64)
-
+func NewFS(args Args, c *contentenc.ContentEnc, n *nametransform.NameTransform) *FS {
 	if args.SerializeReads {
 		serialize_reads.InitSerializer()
 	}
-
 	return &FS{
 		FileSystem:    pathfs.NewLoopbackFileSystem(args.Cipherdir),
 		args:          args,
-		nameTransform: nameTransform,
-		contentEnc:    contentEnc,
+		nameTransform: n,
+		contentEnc:    c,
 	}
 }