libgocryptfs/internal/fusefrontend_reverse/ctlsock_interface.go

package fusefrontend_reverse

import (
	"path/filepath"
	"strings"
	"syscall"

	"github.com/rfjakob/gocryptfs/internal/ctlsock"
	"github.com/rfjakob/gocryptfs/internal/pathiv"
)

var _ ctlsock.Interface = &ReverseFS{} // Verify that interface is implemented.

// EncryptPath implements ctlsock.Backend.
// This is actually not used inside reverse mode, but we implement it because
// third-party tools want to encrypt paths through the control socket.
func (rfs *ReverseFS) EncryptPath(plainPath string) (string, error) {
	if rfs.args.PlaintextNames || plainPath == "" {
		return plainPath, nil
	}
	cipherPath := ""
	parts := strings.Split(plainPath, "/")
	for _, part := range parts {
		dirIV := pathiv.Derive(cipherPath, pathiv.PurposeDirIV)
		encryptedPart := rfs.nameTransform.EncryptName(part, dirIV)
		if rfs.args.LongNames && len(encryptedPart) > syscall.NAME_MAX {
			encryptedPart = rfs.nameTransform.HashLongName(encryptedPart)
		}
		cipherPath = filepath.Join(cipherPath, encryptedPart)
	}
	return cipherPath, nil
}

// DecryptPath implements ctlsock.Backend
func (rfs *ReverseFS) DecryptPath(cipherPath string) (string, error) {
	p, err := rfs.decryptPath(cipherPath)
	return p, err
}
ctlsock: add initial limited implementation At the moment, in forward mode you can only encrypt paths and in reverse mode you can only decrypt paths. 2016-11-10 00:27:08 +01:00			`package fusefrontend_reverse`

			`import (`
ctlsock: implement EncryptPath for reverse mode, add tests 2016-11-10 23:32:51 +01:00			`"path/filepath"`
			`"strings"`
			`"syscall"`
ctlsock: add initial limited implementation At the moment, in forward mode you can only encrypt paths and in reverse mode you can only decrypt paths. 2016-11-10 00:27:08 +01:00
			`"github.com/rfjakob/gocryptfs/internal/ctlsock"`
fusefrontend_reverse: move pathiv to its own package We will also need it in forward mode. 2017-05-28 18:09:02 +02:00			`"github.com/rfjakob/gocryptfs/internal/pathiv"`
ctlsock: add initial limited implementation At the moment, in forward mode you can only encrypt paths and in reverse mode you can only decrypt paths. 2016-11-10 00:27:08 +01:00			`)`

Fix golint warnings $ golint ./... \| grep -v underscore \| grep -v ALL_CAPS internal/fusefrontend_reverse/rfs.go:52:36: exported func NewFS returns unexported type *fusefrontend_reverse.reverseFS, which can be annoying to use internal/nametransform/raw64_go1.5.go:10:2: exported const HaveRaw64 should have comment (or a comment on this block) or be unexported 2016-11-10 00:38:01 +01:00			`var _ ctlsock.Interface = &ReverseFS{} // Verify that interface is implemented.`
ctlsock: add initial limited implementation At the moment, in forward mode you can only encrypt paths and in reverse mode you can only decrypt paths. 2016-11-10 00:27:08 +01:00
ctlsock: implement EncryptPath for reverse mode, add tests 2016-11-10 23:32:51 +01:00			`// EncryptPath implements ctlsock.Backend.`
			`// This is actually not used inside reverse mode, but we implement it because`
			`// third-party tools want to encrypt paths through the control socket.`
Fix golint warnings $ golint ./... \| grep -v underscore \| grep -v ALL_CAPS internal/fusefrontend_reverse/rfs.go:52:36: exported func NewFS returns unexported type *fusefrontend_reverse.reverseFS, which can be annoying to use internal/nametransform/raw64_go1.5.go:10:2: exported const HaveRaw64 should have comment (or a comment on this block) or be unexported 2016-11-10 00:38:01 +01:00			`func (rfs *ReverseFS) EncryptPath(plainPath string) (string, error) {`
ctlsock: implement EncryptPath for reverse mode, add tests 2016-11-10 23:32:51 +01:00			`if rfs.args.PlaintextNames \|\| plainPath == "" {`
			`return plainPath, nil`
			`}`
			`cipherPath := ""`
			`parts := strings.Split(plainPath, "/")`
			`for _, part := range parts {`
fusefrontend_reverse: move pathiv to its own package We will also need it in forward mode. 2017-05-28 18:09:02 +02:00			`dirIV := pathiv.Derive(cipherPath, pathiv.PurposeDirIV)`
ctlsock: implement EncryptPath for reverse mode, add tests 2016-11-10 23:32:51 +01:00			`encryptedPart := rfs.nameTransform.EncryptName(part, dirIV)`
			`if rfs.args.LongNames && len(encryptedPart) > syscall.NAME_MAX {`
nametransform: fix Raw64 not affecting longnames HashLongName() incorrectly hardcoded the call to base64.URLEncoding. 2017-03-05 22:25:41 +01:00			`encryptedPart = rfs.nameTransform.HashLongName(encryptedPart)`
ctlsock: implement EncryptPath for reverse mode, add tests 2016-11-10 23:32:51 +01:00			`}`
			`cipherPath = filepath.Join(cipherPath, encryptedPart)`
			`}`
			`return cipherPath, nil`
ctlsock: add initial limited implementation At the moment, in forward mode you can only encrypt paths and in reverse mode you can only decrypt paths. 2016-11-10 00:27:08 +01:00			`}`

			`// DecryptPath implements ctlsock.Backend`
ctlsock: implement EncryptPath for reverse mode, add tests 2016-11-10 23:32:51 +01:00			`func (rfs *ReverseFS) DecryptPath(cipherPath string) (string, error) {`
			`p, err := rfs.decryptPath(cipherPath)`
			`return p, err`
ctlsock: add initial limited implementation At the moment, in forward mode you can only encrypt paths and in reverse mode you can only decrypt paths. 2016-11-10 00:27:08 +01:00			`}`