diff options
author | Jakob Unterwurzacher | 2018-02-17 16:26:35 +0100 |
---|---|---|
committer | Jakob Unterwurzacher | 2018-02-18 11:21:58 +0100 |
commit | 719693ec5dd1153318606f151915231d71ddfe0b (patch) | |
tree | 95dbe7fcbefaf4ea446f528ce9ed194d08a378ae /internal/fusefrontend | |
parent | eeed4b4bef64059e5a52f4ceaa0d3a52b197349a (diff) |
fusefrontend[_reverse]: move crypto init up to caller
Both fusefrontend and fusefrontend_reverse were doing
essentially the same thing, move it into main's
initFuseFrontend.
A side-effect is that we have a reference to cryptocore
in main, which will help with wiping the keys on exit
(https://github.com/rfjakob/gocryptfs/issues/211).
Diffstat (limited to 'internal/fusefrontend')
-rw-r--r-- | internal/fusefrontend/args.go | 9 | ||||
-rw-r--r-- | internal/fusefrontend/fs.go | 12 |
2 files changed, 3 insertions, 18 deletions
diff --git a/internal/fusefrontend/args.go b/internal/fusefrontend/args.go index fc9de73..8a64e99 100644 --- a/internal/fusefrontend/args.go +++ b/internal/fusefrontend/args.go @@ -2,7 +2,6 @@ package fusefrontend import ( "github.com/hanwen/go-fuse/fuse" - "github.com/rfjakob/gocryptfs/internal/cryptocore" ) // Args is a container for arguments that are passed from main() to fusefrontend @@ -10,7 +9,6 @@ type Args struct { // Cipherdir is the backing storage directory (absolute path). // For reverse mode, Cipherdir actually contains *plaintext* files. Cipherdir string - CryptoBackend cryptocore.AEADTypeEnum PlaintextNames bool LongNames bool // Should we chown a file after it has been created? @@ -26,15 +24,8 @@ type Args struct { // location. If it is false, reverse mode maps ".gocryptfs.reverse.conf" // to "gocryptfs.conf" in the plaintext dir. ConfigCustom bool - // Raw64 is true when RawURLEncoding (without padding) should be used for - // file names. - // Corresponds to the Raw64 feature flag introduced in gocryptfs v1.2. - Raw64 bool // NoPrealloc disables automatic preallocation before writing NoPrealloc bool - // Use HKDF key derivation. - // Corresponds to the HKDF feature flag introduced in gocryptfs v1.3. - HKDF bool // Try to serialize read operations, "-serialize_reads" SerializeReads bool // Force decode even if integrity check fails (openSSL only) diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go index 8b0bb2e..b09ed83 100644 --- a/internal/fusefrontend/fs.go +++ b/internal/fusefrontend/fs.go @@ -17,7 +17,6 @@ import ( "github.com/hanwen/go-fuse/fuse/pathfs" "github.com/rfjakob/gocryptfs/internal/contentenc" - "github.com/rfjakob/gocryptfs/internal/cryptocore" "github.com/rfjakob/gocryptfs/internal/nametransform" "github.com/rfjakob/gocryptfs/internal/serialize_reads" "github.com/rfjakob/gocryptfs/internal/syscallcompat" @@ -44,20 +43,15 @@ type FS struct { var _ pathfs.FileSystem = &FS{} // Verify that interface is implemented. // NewFS returns a new encrypted FUSE overlay filesystem. -func NewFS(masterkey []byte, args Args) *FS { - cryptoCore := cryptocore.New(masterkey, args.CryptoBackend, contentenc.DefaultIVBits, args.HKDF, args.ForceDecode) - contentEnc := contentenc.New(cryptoCore, contentenc.DefaultBS, args.ForceDecode) - nameTransform := nametransform.New(cryptoCore.EMECipher, args.LongNames, args.Raw64) - +func NewFS(args Args, c *contentenc.ContentEnc, n *nametransform.NameTransform) *FS { if args.SerializeReads { serialize_reads.InitSerializer() } - return &FS{ FileSystem: pathfs.NewLoopbackFileSystem(args.Cipherdir), args: args, - nameTransform: nameTransform, - contentEnc: contentEnc, + nameTransform: n, + contentEnc: c, } } |