From decfc1ab798055234e16a2e9c0782f56ae50669b Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Fri, 27 Nov 2015 00:03:10 +0100
Subject: diriv: Convert filename encryption users to diriv

---
 cryptfs/names_diriv.go | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 cryptfs/names_diriv.go

(limited to 'cryptfs/names_diriv.go')

diff --git a/cryptfs/names_diriv.go b/cryptfs/names_diriv.go
new file mode 100644
index 0000000..c9debab
--- /dev/null
+++ b/cryptfs/names_diriv.go
@@ -0,0 +1,69 @@
+package cryptfs
+
+import (
+	"path/filepath"
+	"io/ioutil"
+	"fmt"
+	"strings"
+)
+
+// readDirIV - read the "gocryptfs.diriv" file from "dir" (absolute path)
+func (be *CryptFS) readDirIV(dir string) (iv []byte, err error) {
+		ivfile := filepath.Join(dir, DIRIV_FILENAME)
+		iv, err = ioutil.ReadFile(ivfile)
+		if err != nil {
+			Warn.Printf("readDirIV: %v\n", err)
+			return nil, err
+		}
+		if len(iv) != DIRIV_LEN {
+			return nil, fmt.Errorf("readDirIV: Invalid length %d\n", len(iv))
+		}
+		return iv, nil
+}
+
+// EncryptPathDirIV - encrypt path using CBC with DirIV
+func (be *CryptFS) EncryptPathDirIV(plainPath string, rootDir string) (string, error) {
+	if be.plaintextNames {
+		return plainPath, nil
+	}
+	// Empty string means root directory
+	if plainPath == "" {
+		return plainPath, nil
+	}
+	var wd = rootDir
+	var encryptedNames []string
+	plainNames := strings.Split(plainPath, "/")
+	for _, plainName := range plainNames {
+		iv, err := be.readDirIV(wd)
+		if err != nil {
+			return "", err
+		}
+		encryptedName := be.encryptName(plainName, iv)
+		encryptedNames = append(encryptedNames, encryptedName)
+		wd = filepath.Join(wd, encryptedName)
+	}
+	return filepath.Join(encryptedNames...), nil
+}
+
+// DecryptPathDirIV - encrypt path using CBC with DirIV
+func (be *CryptFS) DecryptPathDirIV(encryptedPath string, rootDir string) (string, error) {
+	if be.plaintextNames {
+		return encryptedPath, nil
+	}
+	var wd = rootDir
+	var plainNames []string
+	encryptedNames := strings.Split(encryptedPath, "/")
+	for _, encryptedName := range encryptedNames {
+		iv, err := be.readDirIV(wd)
+		if err != nil {
+			return "", err
+		}
+		plainName, err := be.decryptName(encryptedName, iv)
+		if err != nil {
+			return "", err
+		}
+		plainNames = append(plainNames, plainName)
+		wd = filepath.Join(wd, encryptedName)
+	}
+	return filepath.Join(plainNames...), nil
+}
-- 
cgit v1.2.3