aboutsummaryrefslogtreecommitdiff
path: root/internal/fusefrontend_reverse/ctlsock_interface.go
blob: 1bfe1c96a84df32b60388d659c6310ea3a260c6e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
package fusefrontend_reverse

import (
	"path/filepath"
	"strings"

	"golang.org/x/sys/unix"

	"github.com/rfjakob/gocryptfs/v2/internal/ctlsocksrv"
)

// Verify that the interface is implemented.
var _ ctlsocksrv.Interface = &RootNode{}

// EncryptPath implements ctlsock.Backend.
// This is used for the control socket and for the "-exclude" logic.
func (rn *RootNode) EncryptPath(plainPath string) (string, error) {
	if rn.args.PlaintextNames || plainPath == "" {
		return plainPath, nil
	}
	cipherPath := ""
	parts := strings.Split(plainPath, "/")
	for _, part := range parts {
		dirIV := rn.deriveDirIV(cipherPath)
		encryptedPart, err := rn.nameTransform.EncryptName(part, dirIV)
		if err != nil {
			return "", err
		}
		if rn.args.LongNames && (len(encryptedPart) > unix.NAME_MAX || len(encryptedPart) > rn.nameTransform.GetLongNameMax()) {
			encryptedPart = rn.nameTransform.HashLongName(encryptedPart)
		}
		cipherPath = filepath.Join(cipherPath, encryptedPart)
	}
	return cipherPath, nil
}

// DecryptPath implements ctlsock.Backend
func (rn *RootNode) DecryptPath(cipherPath string) (string, error) {
	p, err := rn.decryptPath(cipherPath)
	return p, err
}