summaryrefslogtreecommitdiff
path: root/internal/fusefrontend_reverse/rfile.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2016-09-25 11:20:10 +0200
committerJakob Unterwurzacher2016-09-25 16:43:17 +0200
commit7bbf6ad6eae47974b1162af13915785a541b9bb9 (patch)
tree88371ab9828c0dd415d78db1999267afd5432913 /internal/fusefrontend_reverse/rfile.go
parent3a9bd92754e3b6984c97f7012fd5f030d7f8e46c (diff)
reverse: derive file ID and block IVs from file paths
Diffstat (limited to 'internal/fusefrontend_reverse/rfile.go')
-rw-r--r--internal/fusefrontend_reverse/rfile.go34
1 files changed, 21 insertions, 13 deletions
diff --git a/internal/fusefrontend_reverse/rfile.go b/internal/fusefrontend_reverse/rfile.go
index 7e54b17..4e9b5ba 100644
--- a/internal/fusefrontend_reverse/rfile.go
+++ b/internal/fusefrontend_reverse/rfile.go
@@ -13,29 +13,32 @@ import (
"github.com/rfjakob/gocryptfs/internal/tlog"
)
-// File header that contains an all-zero File ID
-var zeroFileHeader *contentenc.FileHeader
-
-func init() {
- zeroFileHeader = contentenc.RandomHeader()
- // Overwrite with zeros
- zeroFileHeader.Id = make([]byte, contentenc.HEADER_ID_LEN)
-}
-
type reverseFile struct {
// Embed nodefs.defaultFile for a ENOSYS implementation of all methods
nodefs.File
// Backing FD
fd *os.File
+ // File header (contains the IV)
+ header contentenc.FileHeader
// Content encryption helper
contentEnc *contentenc.ContentEnc
}
-func NewFile(fd *os.File, contentEnc *contentenc.ContentEnc) (nodefs.File, fuse.Status) {
+func (rfs *reverseFS) NewFile(relPath string, flags uint32) (nodefs.File, fuse.Status) {
+ absPath, err := rfs.abs(rfs.decryptPath(relPath))
+ if err != nil {
+ return nil, fuse.ToStatus(err)
+ }
+ fd, err := os.OpenFile(absPath, int(flags), 0666)
+ if err != nil {
+ return nil, fuse.ToStatus(err)
+ }
+ id := derivePathIV(relPath)
return &reverseFile{
File: nodefs.NewDefaultFile(),
fd: fd,
- contentEnc: contentEnc,
+ header: contentenc.FileHeader{contentenc.CurrentVersion, id},
+ contentEnc: rfs.contentEnc,
}, fuse.OK
}
@@ -64,7 +67,7 @@ func (rf *reverseFile) readBackingFile(off uint64, length uint64) (out []byte, e
plaintext = plaintext[0:n]
// Encrypt blocks
- ciphertext := rf.contentEnc.EncryptBlocks(plaintext, blocks[0].BlockNo, zeroFileHeader.Id, contentenc.ReverseDummyNonce)
+ ciphertext := rf.contentEnc.EncryptBlocks(plaintext, blocks[0].BlockNo, rf.header.Id, contentenc.ReverseDeterministicNonce)
// Crop down to the relevant part
lenHave := len(ciphertext)
@@ -88,7 +91,7 @@ func (rf *reverseFile) Read(buf []byte, ioff int64) (resultData fuse.ReadResult,
// Synthesize file header
if off < contentenc.HEADER_LEN {
- header = zeroFileHeader.Pack()
+ header = rf.header.Pack()
// Truncate to requested part
end := int(off) + len(buf)
if end > len(header) {
@@ -119,3 +122,8 @@ func (rf *reverseFile) Read(buf []byte, ioff int64) (resultData fuse.ReadResult,
return fuse.ReadResultData(out.Bytes()), fuse.OK
}
+
+// Release - FUSE call, close file
+func (rf *reverseFile) Release() {
+ rf.fd.Close()
+}