fusefrontend[_reverse]: move crypto init up to caller

Both fusefrontend and fusefrontend_reverse were doing essentially the same thing, move it into main's initFuseFrontend. A side-effect is that we have a reference to cryptocore in main, which will help with wiping the keys on exit (https://github.com/rfjakob/gocryptfs/issues/211).
author: Jakob Unterwurzacher 2018-02-17 16:26:35 +0100
committer: Jakob Unterwurzacher 2018-02-18 11:21:58 +0100
commit: 719693ec5dd1153318606f151915231d71ddfe0b (patch)
tree: 95dbe7fcbefaf4ea446f528ce9ed194d08a378ae /internal
parent: eeed4b4bef64059e5a52f4ceaa0d3a52b197349a (diff)
3 files changed, 6 insertions, 29 deletions
diff --git a/internal/fusefrontend/args.go b/internal/fusefrontend/args.go
index fc9de73..8a64e99 100644
--- a/internal/fusefrontend/args.go
+++ b/internal/fusefrontend/args.go
@@ -2,7 +2,6 @@ package fusefrontend
 
 import (
 	"github.com/hanwen/go-fuse/fuse"
-	"github.com/rfjakob/gocryptfs/internal/cryptocore"
 )
 
 // Args is a container for arguments that are passed from main() to fusefrontend
@@ -10,7 +9,6 @@ type Args struct {
 	// Cipherdir is the backing storage directory (absolute path).
 	// For reverse mode, Cipherdir actually contains *plaintext* files.
 	Cipherdir      string
-	CryptoBackend  cryptocore.AEADTypeEnum
 	PlaintextNames bool
 	LongNames      bool
 	// Should we chown a file after it has been created?
@@ -26,15 +24,8 @@ type Args struct {
 	// location. If it is false, reverse mode maps ".gocryptfs.reverse.conf"
 	// to "gocryptfs.conf" in the plaintext dir.
 	ConfigCustom bool
-	// Raw64 is true when RawURLEncoding (without padding) should be used for
-	// file names.
-	// Corresponds to the Raw64 feature flag introduced in gocryptfs v1.2.
-	Raw64 bool
 	// NoPrealloc disables automatic preallocation before writing
 	NoPrealloc bool
-	// Use HKDF key derivation.
-	// Corresponds to the HKDF feature flag introduced in gocryptfs v1.3.
-	HKDF bool
 	// Try to serialize read operations, "-serialize_reads"
 	SerializeReads bool
 	// Force decode even if integrity check fails (openSSL only)
diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go
index 8b0bb2e..b09ed83 100644
--- a/internal/fusefrontend/fs.go
+++ b/internal/fusefrontend/fs.go
@@ -17,7 +17,6 @@ import (
 	"github.com/hanwen/go-fuse/fuse/pathfs"
 
 	"github.com/rfjakob/gocryptfs/internal/contentenc"
-	"github.com/rfjakob/gocryptfs/internal/cryptocore"
 	"github.com/rfjakob/gocryptfs/internal/nametransform"
 	"github.com/rfjakob/gocryptfs/internal/serialize_reads"
 	"github.com/rfjakob/gocryptfs/internal/syscallcompat"
@@ -44,20 +43,15 @@ type FS struct {
 var _ pathfs.FileSystem = &FS{} // Verify that interface is implemented.
 
 // NewFS returns a new encrypted FUSE overlay filesystem.
-func NewFS(masterkey []byte, args Args) *FS {
-	cryptoCore := cryptocore.New(masterkey, args.CryptoBackend, contentenc.DefaultIVBits, args.HKDF, args.ForceDecode)
-	contentEnc := contentenc.New(cryptoCore, contentenc.DefaultBS, args.ForceDecode)
-	nameTransform := nametransform.New(cryptoCore.EMECipher, args.LongNames, args.Raw64)
-
+func NewFS(args Args, c *contentenc.ContentEnc, n *nametransform.NameTransform) *FS {
 	if args.SerializeReads {
 		serialize_reads.InitSerializer()
 	}
-
 	return &FS{
 		FileSystem:    pathfs.NewLoopbackFileSystem(args.Cipherdir),
 		args:          args,
-		nameTransform: nameTransform,
-		contentEnc:    contentEnc,
+		nameTransform: n,
+		contentEnc:    c,
 	}
 }
 
diff --git a/internal/fusefrontend_reverse/rfs.go b/internal/fusefrontend_reverse/rfs.go
index 1523c18..b281c76 100644
--- a/internal/fusefrontend_reverse/rfs.go
+++ b/internal/fusefrontend_reverse/rfs.go
@@ -2,7 +2,6 @@ package fusefrontend_reverse
 
 import (
 	"fmt"
-	"log"
 	"path/filepath"
 	"syscall"
 
@@ -42,22 +41,15 @@ var _ pathfs.FileSystem = &ReverseFS{}
 // NewFS returns an encrypted FUSE overlay filesystem.
 // In this case (reverse mode) the backing directory is plain-text and
 // ReverseFS provides an encrypted view.
-func NewFS(masterkey []byte, args fusefrontend.Args) *ReverseFS {
-	if args.CryptoBackend != cryptocore.BackendAESSIV {
-		log.Panic("reverse mode must use AES-SIV, everything else is insecure")
-	}
+func NewFS(args fusefrontend.Args, c *contentenc.ContentEnc, n *nametransform.NameTransform) *ReverseFS {
 	initLongnameCache()
-	cryptoCore := cryptocore.New(masterkey, args.CryptoBackend, contentenc.DefaultIVBits, args.HKDF, false)
-	contentEnc := contentenc.New(cryptoCore, contentenc.DefaultBS, false)
-	nameTransform := nametransform.New(cryptoCore.EMECipher, args.LongNames, args.Raw64)
-
 	return &ReverseFS{
 		// pathfs.defaultFileSystem returns ENOSYS for all operations
 		FileSystem:    pathfs.NewDefaultFileSystem(),
 		loopbackfs:    pathfs.NewLoopbackFileSystem(args.Cipherdir),
 		args:          args,
-		nameTransform: nameTransform,
-		contentEnc:    contentEnc,
+		nameTransform: n,
+		contentEnc:    c,
 	}
 }
author	Jakob Unterwurzacher	2018-02-17 16:26:35 +0100
committer	Jakob Unterwurzacher	2018-02-18 11:21:58 +0100
commit	719693ec5dd1153318606f151915231d71ddfe0b (patch)
tree	95dbe7fcbefaf4ea446f528ce9ed194d08a378ae /internal
parent	eeed4b4bef64059e5a52f4ceaa0d3a52b197349a (diff)