summaryrefslogtreecommitdiff
path: root/internal/fusefrontend
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-03-05 21:59:55 +0100
committerJakob Unterwurzacher2017-03-05 21:59:55 +0100
commitd0bc7970f721cee607d993406d97d32e2c660abe (patch)
tree894b016af6e7785bb707e3d2e0f660608ceeea06 /internal/fusefrontend
parent4fadcbaf68ce25dcdc7665059f43226f5f9a4da5 (diff)
full stack: implement HKDF support
...but keep it disabled by default for new filesystems. We are still missing an example filesystem and CLI arguments to explicitely enable and disable it.
Diffstat (limited to 'internal/fusefrontend')
-rw-r--r--internal/fusefrontend/args.go6
-rw-r--r--internal/fusefrontend/fs.go2
2 files changed, 6 insertions, 2 deletions
diff --git a/internal/fusefrontend/args.go b/internal/fusefrontend/args.go
index c111dbf..f76848d 100644
--- a/internal/fusefrontend/args.go
+++ b/internal/fusefrontend/args.go
@@ -19,8 +19,12 @@ type Args struct {
// to "gocryptfs.conf" in the plaintext dir.
ConfigCustom bool
// Raw64 is true when RawURLEncoding (without padding) should be used for
- // file names
+ // file names.
+ // Corresponds to the Raw64 feature flag introduced in gocryptfs v1.2.
Raw64 bool
// NoPrealloc disables automatic preallocation before writing
NoPrealloc bool
+ // Use HKDF key derivation.
+ // Corresponds to the HKDF feature flag introduced in gocryptfs v1.3.
+ HKDF bool
}
diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go
index e0fdc48..020032b 100644
--- a/internal/fusefrontend/fs.go
+++ b/internal/fusefrontend/fs.go
@@ -40,7 +40,7 @@ var _ pathfs.FileSystem = &FS{} // Verify that interface is implemented.
// NewFS returns a new encrypted FUSE overlay filesystem.
func NewFS(args Args) *FS {
- cryptoCore := cryptocore.New(args.Masterkey, args.CryptoBackend, contentenc.DefaultIVBits)
+ cryptoCore := cryptocore.New(args.Masterkey, args.CryptoBackend, contentenc.DefaultIVBits, args.HKDF)
contentEnc := contentenc.New(cryptoCore, contentenc.DefaultBS)
nameTransform := nametransform.New(cryptoCore.EMECipher, args.LongNames, args.Raw64)