From a2510efe12d2720399afcd8baea0c6634d4779e6 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Thu, 29 Sep 2016 21:29:45 +0200
Subject: reverse: use per-purpose nonce generation

Also pull all the deterministic nonce code into fusefrontend_reverse
to greatly simplify the normal code path.
---
 internal/fusefrontend/file.go | 2 +-
 internal/fusefrontend/fs.go   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'internal/fusefrontend')

diff --git a/internal/fusefrontend/file.go b/internal/fusefrontend/file.go
index aca7d90..a04b6af 100644
--- a/internal/fusefrontend/file.go
+++ b/internal/fusefrontend/file.go
@@ -256,7 +256,7 @@ func (f *file) doWrite(data []byte, off int64) (uint32, fuse.Status) {
 
 		// Encrypt
 		blockOffset := b.BlockCipherOff()
-		blockData = f.contentEnc.EncryptBlock(blockData, b.BlockNo, f.header.Id, contentenc.RandomNonce, nil)
+		blockData = f.contentEnc.EncryptBlock(blockData, b.BlockNo, f.header.Id)
 		tlog.Debug.Printf("ino%d: Writing %d bytes to block #%d",
 			f.ino, uint64(len(blockData))-f.contentEnc.BlockOverhead(), b.BlockNo)
 
diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go
index 295d011..62146a2 100644
--- a/internal/fusefrontend/fs.go
+++ b/internal/fusefrontend/fs.go
@@ -326,7 +326,7 @@ func (fs *FS) Symlink(target string, linkName string, context *fuse.Context) (co
 		return fuse.ToStatus(err)
 	}
 	// Symlinks are encrypted like file contents (GCM) and base64-encoded
-	cBinTarget := fs.contentEnc.EncryptBlock([]byte(target), 0, nil, contentenc.RandomNonce, nil)
+	cBinTarget := fs.contentEnc.EncryptBlock([]byte(target), 0, nil)
 	cTarget := base64.URLEncoding.EncodeToString(cBinTarget)
 
 	// Handle long file name
-- 
cgit v1.2.3