summaryrefslogtreecommitdiff
path: root/internal/contentenc/content.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/contentenc/content.go')
-rw-r--r--internal/contentenc/content.go116
1 files changed, 116 insertions, 0 deletions
diff --git a/internal/contentenc/content.go b/internal/contentenc/content.go
new file mode 100644
index 0000000..14135a2
--- /dev/null
+++ b/internal/contentenc/content.go
@@ -0,0 +1,116 @@
+package contentenc
+
+// File content encryption / decryption
+
+import (
+ "encoding/binary"
+ "bytes"
+ "encoding/hex"
+ "errors"
+
+ "github.com/rfjakob/gocryptfs/internal/toggledlog"
+)
+
+// DecryptBlocks - Decrypt a number of blocks
+func (be *ContentEnc) DecryptBlocks(ciphertext []byte, firstBlockNo uint64, fileId []byte) ([]byte, error) {
+ cBuf := bytes.NewBuffer(ciphertext)
+ var err error
+ var pBuf bytes.Buffer
+ for cBuf.Len() > 0 {
+ cBlock := cBuf.Next(int(be.cipherBS))
+ var pBlock []byte
+ pBlock, err = be.DecryptBlock(cBlock, firstBlockNo, fileId)
+ if err != nil {
+ break
+ }
+ pBuf.Write(pBlock)
+ firstBlockNo++
+ }
+ return pBuf.Bytes(), err
+}
+
+// DecryptBlock - Verify and decrypt GCM block
+//
+// Corner case: A full-sized block of all-zero ciphertext bytes is translated
+// to an all-zero plaintext block, i.e. file hole passtrough.
+func (be *ContentEnc) DecryptBlock(ciphertext []byte, blockNo uint64, fileId []byte) ([]byte, error) {
+
+ // Empty block?
+ if len(ciphertext) == 0 {
+ return ciphertext, nil
+ }
+
+ // All-zero block?
+ if bytes.Equal(ciphertext, be.allZeroBlock) {
+ toggledlog.Debug.Printf("DecryptBlock: file hole encountered")
+ return make([]byte, be.plainBS), nil
+ }
+
+ if len(ciphertext) < be.cryptoCore.IVLen {
+ toggledlog.Warn.Printf("DecryptBlock: Block is too short: %d bytes", len(ciphertext))
+ return nil, errors.New("Block is too short")
+ }
+
+ // Extract nonce
+ nonce := ciphertext[:be.cryptoCore.IVLen]
+ ciphertextOrig := ciphertext
+ ciphertext = ciphertext[be.cryptoCore.IVLen:]
+
+ // Decrypt
+ var plaintext []byte
+ aData := make([]byte, 8)
+ aData = append(aData, fileId...)
+ binary.BigEndian.PutUint64(aData, blockNo)
+ plaintext, err := be.cryptoCore.Gcm.Open(plaintext, nonce, ciphertext, aData)
+
+ if err != nil {
+ toggledlog.Warn.Printf("DecryptBlock: %s, len=%d", err.Error(), len(ciphertextOrig))
+ toggledlog.Debug.Println(hex.Dump(ciphertextOrig))
+ return nil, err
+ }
+
+ return plaintext, nil
+}
+
+// encryptBlock - Encrypt and add IV and MAC
+func (be *ContentEnc) EncryptBlock(plaintext []byte, blockNo uint64, fileID []byte) []byte {
+
+ // Empty block?
+ if len(plaintext) == 0 {
+ return plaintext
+ }
+
+ // Get fresh nonce
+ nonce := be.cryptoCore.GcmIVGen.Get()
+
+ // Authenticate block with block number and file ID
+ aData := make([]byte, 8)
+ binary.BigEndian.PutUint64(aData, blockNo)
+ aData = append(aData, fileID...)
+
+ // Encrypt plaintext and append to nonce
+ ciphertext := be.cryptoCore.Gcm.Seal(nonce, nonce, plaintext, aData)
+
+ return ciphertext
+}
+
+// MergeBlocks - Merge newData into oldData at offset
+// New block may be bigger than both newData and oldData
+func (be *ContentEnc) MergeBlocks(oldData []byte, newData []byte, offset int) []byte {
+
+ // Make block of maximum size
+ out := make([]byte, be.plainBS)
+
+ // Copy old and new data into it
+ copy(out, oldData)
+ l := len(newData)
+ copy(out[offset:offset+l], newData)
+
+ // Crop to length
+ outLen := len(oldData)
+ newLen := offset + len(newData)
+ if outLen < newLen {
+ outLen = newLen
+ }
+ return out[0:outLen]
+}