diff options
Diffstat (limited to 'internal/pathiv')
-rw-r--r-- | internal/pathiv/pathiv.go | 26 |
1 files changed, 23 insertions, 3 deletions
diff --git a/internal/pathiv/pathiv.go b/internal/pathiv/pathiv.go index d2d90a2..aa11b75 100644 --- a/internal/pathiv/pathiv.go +++ b/internal/pathiv/pathiv.go @@ -6,13 +6,19 @@ import ( "github.com/rfjakob/gocryptfs/internal/nametransform" ) +// Purpose identifies for which purpose the IV will be used. This is mixed into the +// derivation. type Purpose string const ( - PurposeDirIV Purpose = "DIRIV" - PurposeFileID Purpose = "FILEID" + // PurposeDirIV means the value will be used as a directory IV + PurposeDirIV Purpose = "DIRIV" + // PurposeFileID means the value will be used as the file ID in the file header + PurposeFileID Purpose = "FILEID" + // PurposeSymlinkIV means the value will be used as the IV for symlink encryption PurposeSymlinkIV Purpose = "SYMLINKIV" - PurposeBlock0IV Purpose = "BLOCK0IV" + // PurposeBlock0IV means the value will be used as the IV of ciphertext block #0. + PurposeBlock0IV Purpose = "BLOCK0IV" ) // Derive derives an IV from an encrypted path by hashing it with sha256 @@ -22,3 +28,17 @@ func Derive(path string, purpose Purpose) []byte { hash := sha256.Sum256(extended) return hash[:nametransform.DirIVLen] } + +// FileIVs contains both IVs that are needed to create a file. +type FileIVs struct { + ID []byte + Block0IV []byte +} + +// DeriveFile derives both IVs that are needed to create a file and returns them +// in a container struct. +func DeriveFile(path string) (fileIVs FileIVs) { + fileIVs.ID = Derive(path, PurposeFileID) + fileIVs.Block0IV = Derive(path, PurposeBlock0IV) + return fileIVs +} |