aboutsummaryrefslogtreecommitdiff
path: root/cryptfs
diff options
context:
space:
mode:
Diffstat (limited to 'cryptfs')
-rw-r--r--cryptfs/config_file.go31
-rw-r--r--cryptfs/config_test.go13
-rw-r--r--cryptfs/cryptfs_names.go3
-rw-r--r--cryptfs/names_diriv.go4
4 files changed, 35 insertions, 16 deletions
diff --git a/cryptfs/config_file.go b/cryptfs/config_file.go
index f258a5e..1e7e3b3 100644
--- a/cryptfs/config_file.go
+++ b/cryptfs/config_file.go
@@ -4,14 +4,18 @@ import (
"encoding/json"
"fmt"
"io/ioutil"
+ "log"
)
import "os"
const (
// The dot "." is not used in base64url (RFC4648), hence
// we can never clash with an encrypted file.
- ConfDefaultName = "gocryptfs.conf"
+ ConfDefaultName = "gocryptfs.conf"
+ // Understood Feature Flags
+ // Also teach isFeatureFlagKnown() about any additions
FlagPlaintextNames = "PlaintextNames"
+ FlagDirIV = "DirIV"
)
type ConfFile struct {
@@ -78,12 +82,8 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) {
return nil, nil, fmt.Errorf("Unsupported on-disk format %d\n", cf.Version)
}
- // Verify that we know all feature flags
for _, flag := range cf.FeatureFlags {
- switch flag {
- case FlagPlaintextNames:
- continue
- default:
+ if cf.isFeatureFlagKnown(flag) == false {
return nil, nil, fmt.Errorf("Unsupported feature flag %s\n", flag)
}
}
@@ -151,8 +151,21 @@ func (cf *ConfFile) WriteFile() error {
return nil
}
+// Verify that we understand a feature flag
+func (cf *ConfFile) isFeatureFlagKnown(flag string) bool {
+ switch flag {
+ case FlagPlaintextNames, FlagDirIV:
+ return true
+ default:
+ return false
+ }
+}
+
// isFeatureFlagSet - is the feature flag "flagWant" enabled?
-func (cf *ConfFile) isFeatureFlagSet(flagWant string) bool {
+func (cf *ConfFile) IsFeatureFlagSet(flagWant string) bool {
+ if !cf.isFeatureFlagKnown(flagWant) {
+ log.Panicf("BUG: Tried to use unsupported feature flag %s", flagWant)
+ }
for _, flag := range cf.FeatureFlags {
if flag == flagWant {
return true
@@ -160,7 +173,3 @@ func (cf *ConfFile) isFeatureFlagSet(flagWant string) bool {
}
return false
}
-
-func (cf *ConfFile) PlaintextNames() bool {
- return cf.isFeatureFlagSet(FlagPlaintextNames)
-}
diff --git a/cryptfs/config_test.go b/cryptfs/config_test.go
index cd8ed2f..e052428 100644
--- a/cryptfs/config_test.go
+++ b/cryptfs/config_test.go
@@ -69,3 +69,16 @@ func TestCreateConfFile(t *testing.T) {
}
}
+
+func TestIsFeatureFlagKnown(t *testing.T) {
+ var cf ConfFile
+ if !cf.isFeatureFlagKnown(FlagDirIV) {
+ t.Errorf("This flag should be known")
+ }
+ if !cf.isFeatureFlagKnown(FlagPlaintextNames) {
+ t.Errorf("This flag should be known")
+ }
+ if cf.isFeatureFlagKnown("StrangeFeatureFlag") {
+ t.Errorf("This flag should be NOT known")
+ }
+}
diff --git a/cryptfs/cryptfs_names.go b/cryptfs/cryptfs_names.go
index 37a769f..2a5f158 100644
--- a/cryptfs/cryptfs_names.go
+++ b/cryptfs/cryptfs_names.go
@@ -65,7 +65,6 @@ func (be *CryptFS) encryptName(plainName string, iv []byte) string {
return cipherName64
}
-
// TranslatePathZeroIV - encrypt or decrypt path using CBC with a constant all-zero IV.
// Just splits the string on "/" and hands the parts to encryptName() / decryptName()
func (be *CryptFS) TranslatePathZeroIV(path string, op int) (string, error) {
@@ -155,5 +154,3 @@ func (be *CryptFS) unPad16(orig []byte) ([]byte, error) {
}
return orig[0:newLen], nil
}
-
-
diff --git a/cryptfs/names_diriv.go b/cryptfs/names_diriv.go
index 1415bcb..46e2bfd 100644
--- a/cryptfs/names_diriv.go
+++ b/cryptfs/names_diriv.go
@@ -1,9 +1,9 @@
package cryptfs
import (
- "path/filepath"
- "io/ioutil"
"fmt"
+ "io/ioutil"
+ "path/filepath"
"strings"
)