diff options
author | Jakob Unterwurzacher | 2020-06-06 12:49:45 +0200 |
---|---|---|
committer | Jakob Unterwurzacher | 2020-06-06 12:49:45 +0200 |
commit | 261cf12829dcef31f1a02559b898e5067a03af31 (patch) | |
tree | 16df982e6b594a3c4dac3fcf8428aa6607250d28 /internal/nametransform/names.go | |
parent | a8230d271f394e130a8190d554eef2a86bc962d7 (diff) |
badname: stop trying to decrypt at length 22
At least 16 bytes due to AES --> at least 22 characters in base64
Diffstat (limited to 'internal/nametransform/names.go')
-rw-r--r-- | internal/nametransform/names.go | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/internal/nametransform/names.go b/internal/nametransform/names.go index 675ed34..a659f0a 100644 --- a/internal/nametransform/names.go +++ b/internal/nametransform/names.go @@ -61,8 +61,10 @@ func (n *NameTransform) DecryptName(cipherName string, iv []byte) (string, error for _, pattern := range n.BadnamePatterns { match, err := filepath.Match(pattern, cipherName) if err == nil && match { // Pattern should have been validated already - //find longest decryptable substring - for charpos := len(cipherName) - 1; charpos > 0; charpos-- { + // Find longest decryptable substring + // At least 16 bytes due to AES --> at least 22 characters in base64 + nameMin := n.B64.EncodedLen(aes.BlockSize) + for charpos := len(cipherName) - 1; charpos >= nameMin; charpos-- { res, err = n.decryptName(cipherName[:charpos], iv) if err == nil { return res + cipherName[charpos:] + " GOCRYPTFS_BAD_NAME", nil |