parent
8518d6d7bd
commit
00a712b4d1
|
@ -86,7 +86,7 @@ func (be *CryptFS) DecryptBlock(ciphertext []byte, blockNo uint64, fileId []byte
|
|||
}
|
||||
|
||||
// encryptBlock - Encrypt and add IV and MAC
|
||||
func (be *CryptFS) EncryptBlock(plaintext []byte, blockNo uint64, fileId []byte) []byte {
|
||||
func (be *CryptFS) EncryptBlock(plaintext []byte, blockNo uint64, fileID []byte) []byte {
|
||||
|
||||
// Empty block?
|
||||
if len(plaintext) == 0 {
|
||||
|
@ -96,10 +96,12 @@ func (be *CryptFS) EncryptBlock(plaintext []byte, blockNo uint64, fileId []byte)
|
|||
// Get fresh nonce
|
||||
nonce := gcmNonce.Get()
|
||||
|
||||
// Encrypt plaintext and append to nonce
|
||||
// Authenticate block with block number and file ID
|
||||
aData := make([]byte, 8)
|
||||
binary.BigEndian.PutUint64(aData, blockNo)
|
||||
aData = append(aData, fileId...)
|
||||
aData = append(aData, fileID...)
|
||||
|
||||
// Encrypt plaintext and append to nonce
|
||||
ciphertext := be.gcm.Seal(nonce, nonce, plaintext, aData)
|
||||
|
||||
return ciphertext
|
||||
|
|
|
@ -3,8 +3,8 @@
|
|||
package cryptfs
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"crypto/cipher"
|
||||
"fmt"
|
||||
)
|
||||
|
||||
// goGCMWrapper - This wrapper makes sure gocryptfs can be compiled on Go
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
package cryptfs
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"strings"
|
||||
"encoding/json"
|
||||
)
|
||||
|
||||
type logChannel struct {
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
package cryptfs
|
||||
|
||||
import (
|
||||
"encoding/binary"
|
||||
"bytes"
|
||||
"crypto/rand"
|
||||
"encoding/binary"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
)
|
||||
|
|
|
@ -1,13 +1,13 @@
|
|||
package integration_tests
|
||||
|
||||
import (
|
||||
"syscall"
|
||||
"crypto/md5"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"os/exec"
|
||||
"syscall"
|
||||
"testing"
|
||||
|
||||
"github.com/rfjakob/gocryptfs/cryptfs"
|
||||
|
|
|
@ -333,7 +333,6 @@ func TestRename(t *testing.T) {
|
|||
testRename(t, defaultPlainDir)
|
||||
}
|
||||
|
||||
|
||||
// Overwrite an empty directory with another directory
|
||||
func TestDirOverwrite(t *testing.T) {
|
||||
dir1 := defaultPlainDir + "DirOverwrite1"
|
||||
|
|
|
@ -261,7 +261,6 @@ func (f *file) doWrite(data []byte, off int64) (uint32, fuse.Status) {
|
|||
cryptfs.Debug.Printf("len(oldData)=%d len(blockData)=%d\n", len(oldData), len(blockData))
|
||||
}
|
||||
|
||||
// Write
|
||||
blockOffset, blockLen := b.CiphertextRange()
|
||||
blockData = f.cfs.EncryptBlock(blockData, b.BlockNo, f.header.Id)
|
||||
cryptfs.Debug.Printf("ino%d: Writing %d bytes to block #%d, md5=%s\n",
|
||||
|
@ -276,6 +275,8 @@ func (f *file) doWrite(data []byte, off int64) (uint32, fuse.Status) {
|
|||
status = fuse.ToStatus(err)
|
||||
break
|
||||
}
|
||||
|
||||
// Write
|
||||
f.fdLock.Lock()
|
||||
_, err = f.fd.WriteAt(blockData, int64(blockOffset))
|
||||
f.fdLock.Unlock()
|
||||
|
|
|
@ -244,8 +244,6 @@ func (fs *FS) Readlink(path string, context *fuse.Context) (out string, status f
|
|||
return string(target), fuse.OK
|
||||
}
|
||||
|
||||
|
||||
|
||||
func (fs *FS) Unlink(path string, context *fuse.Context) (code fuse.Status) {
|
||||
if fs.isFiltered(path) {
|
||||
return fuse.EPERM
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
package pathfs_frontend
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"syscall"
|
||||
"fmt"
|
||||
|
||||
"github.com/hanwen/go-fuse/fuse"
|
||||
"github.com/rfjakob/gocryptfs/cryptfs"
|
||||
|
|
|
@ -24,7 +24,6 @@ func (fs *FS) isFiltered(path string) bool {
|
|||
return false
|
||||
}
|
||||
|
||||
|
||||
// encryptPath - encrypt relative plaintext path
|
||||
func (fs *FS) encryptPath(plainPath string) (string, error) {
|
||||
if fs.args.PlaintextNames {
|
||||
|
|
Loading…
Reference in New Issue