aboutsummaryrefslogtreecommitdiff
path: root/cryptfs/names_diriv.go
diff options
context:
space:
mode:
Diffstat (limited to 'cryptfs/names_diriv.go')
-rw-r--r--cryptfs/names_diriv.go140
1 files changed, 0 insertions, 140 deletions
diff --git a/cryptfs/names_diriv.go b/cryptfs/names_diriv.go
deleted file mode 100644
index 276316c..0000000
--- a/cryptfs/names_diriv.go
+++ /dev/null
@@ -1,140 +0,0 @@
-package cryptfs
-
-import (
- "fmt"
- "io/ioutil"
- "os"
- "path/filepath"
- "strings"
- "sync"
-)
-
-// A simple one-entry DirIV cache
-type dirIVCache struct {
- // Invalidated?
- cleared bool
- // The DirIV
- iv []byte
- // Directory the DirIV belongs to
- dir string
- // Ecrypted version of "dir"
- translatedDir string
- // Synchronisation
- lock sync.RWMutex
-}
-
-// lookup - fetch entry for "dir" from the cache
-func (c *dirIVCache) lookup(dir string) (bool, []byte, string) {
- c.lock.RLock()
- defer c.lock.RUnlock()
- if !c.cleared && c.dir == dir {
- return true, c.iv, c.translatedDir
- }
- return false, nil, ""
-}
-
-// store - write entry for "dir" into the caches
-func (c *dirIVCache) store(dir string, iv []byte, translatedDir string) {
- c.lock.Lock()
- defer c.lock.Unlock()
- c.cleared = false
- c.iv = iv
- c.dir = dir
- c.translatedDir = translatedDir
-}
-
-func (c *dirIVCache) Clear() {
- c.lock.Lock()
- defer c.lock.Unlock()
- c.cleared = true
-}
-
-// readDirIV - read the "gocryptfs.diriv" file from "dir" (absolute ciphertext path)
-func (be *CryptFS) ReadDirIV(dir string) (iv []byte, readErr error) {
- ivfile := filepath.Join(dir, DIRIV_FILENAME)
- Debug.Printf("ReadDirIV: reading %s\n", ivfile)
- iv, readErr = ioutil.ReadFile(ivfile)
- if readErr != nil {
- // The directory may have been concurrently deleted or moved. Failure to
- // read the diriv is not an error in that case.
- _, statErr := os.Stat(dir)
- if os.IsNotExist(statErr) {
- Debug.Printf("ReadDirIV: Dir %s was deleted under our feet", dir)
- } else {
- // This should not happen
- Warn.Printf("ReadDirIV: Dir exists but diriv does not: %v\n", readErr)
- }
- return nil, readErr
- }
- if len(iv) != DIRIV_LEN {
- return nil, fmt.Errorf("ReadDirIV: Invalid length %d\n", len(iv))
- }
- return iv, nil
-}
-
-// WriteDirIV - create diriv file inside "dir" (absolute ciphertext path)
-// This function is exported because it is used from pathfs_frontend, main,
-// and also the automated tests.
-func WriteDirIV(dir string) error {
- iv := RandBytes(DIRIV_LEN)
- file := filepath.Join(dir, DIRIV_FILENAME)
- // 0444 permissions: the file is not secret but should not be written to
- return ioutil.WriteFile(file, iv, 0444)
-}
-
-// EncryptPathDirIV - encrypt path using EME with DirIV
-func (be *CryptFS) EncryptPathDirIV(plainPath string, rootDir string, eme bool) (cipherPath string, err error) {
- // Empty string means root directory
- if plainPath == "" {
- return plainPath, nil
- }
- // Check if the DirIV is cached
- parentDir := filepath.Dir(plainPath)
- found, iv, cParentDir := be.DirIVCache.lookup(parentDir)
- if found {
- //fmt.Print("h")
- baseName := filepath.Base(plainPath)
- cBaseName := be.encryptName(baseName, iv, eme)
- cipherPath = cParentDir + "/" + cBaseName
- return cipherPath, nil
- }
- // Walk the directory tree
- var wd = rootDir
- var encryptedNames []string
- plainNames := strings.Split(plainPath, "/")
- for _, plainName := range plainNames {
- iv, err = be.ReadDirIV(wd)
- if err != nil {
- return "", err
- }
- encryptedName := be.encryptName(plainName, iv, eme)
- encryptedNames = append(encryptedNames, encryptedName)
- wd = filepath.Join(wd, encryptedName)
- }
- // Cache the final DirIV
- cipherPath = strings.Join(encryptedNames, "/")
- cParentDir = filepath.Dir(cipherPath)
- be.DirIVCache.store(parentDir, iv, cParentDir)
- return cipherPath, nil
-}
-
-// DecryptPathDirIV - decrypt path using EME with DirIV
-func (be *CryptFS) DecryptPathDirIV(encryptedPath string, rootDir string, eme bool) (string, error) {
- var wd = rootDir
- var plainNames []string
- encryptedNames := strings.Split(encryptedPath, "/")
- Debug.Printf("DecryptPathDirIV: decrypting %v\n", encryptedNames)
- for _, encryptedName := range encryptedNames {
- iv, err := be.ReadDirIV(wd)
- if err != nil {
- return "", err
- }
- plainName, err := be.decryptName(encryptedName, iv, eme)
- if err != nil {
- return "", err
- }
- plainNames = append(plainNames, plainName)
- wd = filepath.Join(wd, encryptedName)
- }
- return filepath.Join(plainNames...), nil
-}