1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
// Package namtransforms encrypts and decrypts filenames.
package nametransform
import (
"crypto/aes"
"encoding/base64"
"syscall"
"github.com/rfjakob/eme"
"github.com/rfjakob/gocryptfs/internal/cryptocore"
"github.com/rfjakob/gocryptfs/internal/tlog"
)
type NameTransform struct {
cryptoCore *cryptocore.CryptoCore
longNames bool
DirIVCache dirIVCache
}
func New(c *cryptocore.CryptoCore, longNames bool) *NameTransform {
return &NameTransform{
cryptoCore: c,
longNames: longNames,
}
}
// DecryptName - decrypt base64-encoded encrypted filename "cipherName"
// Used by DecryptPathDirIV().
// The encryption is either CBC or EME, depending on "useEME".
//
// This function is exported because it allows for a very efficient readdir
// implementation (read IV once, decrypt all names using this function).
func (n *NameTransform) DecryptName(cipherName string, iv []byte) (string, error) {
bin, err := base64.URLEncoding.DecodeString(cipherName)
if err != nil {
return "", err
}
if len(bin)%aes.BlockSize != 0 {
tlog.Warn.Printf("DecryptName %q: decoded length %d is not a multiple of 16", cipherName, len(bin))
return "", syscall.EINVAL
}
bin = eme.Transform(n.cryptoCore.BlockCipher, iv, bin, eme.DirectionDecrypt)
bin, err = unPad16(bin)
if err != nil {
tlog.Debug.Printf("pad16 error detail: %v", err)
// unPad16 returns detailed errors including the position of the
// incorrect bytes. Kill the padding oracle by lumping everything into
// a generic error.
return "", syscall.EINVAL
}
plain := string(bin)
return plain, err
}
// encryptName - encrypt "plainName", return base64-encoded "cipherName64".
// Used internally by EncryptPathDirIV().
// The encryption is either CBC or EME, depending on "useEME".
//
// This function is exported because fusefrontend needs access to the full (not hashed)
// name if longname is used. Otherwise you should use EncryptPathDirIV()
func (n *NameTransform) EncryptName(plainName string, iv []byte) (cipherName64 string) {
bin := []byte(plainName)
bin = pad16(bin)
bin = eme.Transform(n.cryptoCore.BlockCipher, iv, bin, eme.DirectionEncrypt)
cipherName64 = base64.URLEncoding.EncodeToString(bin)
return cipherName64
}
|
