hardcoresushi/libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

fusefrontend: create helpers for symlink encryption

Browse Source 
These will be reused by the upcoming xattr support.
This commit is contained in:
Jakob Unterwurzacher 2018-03-24 21:36:45 +01:00
parent 9bc039a4ba
commit 3d54fc3a3a
1 changed files with 24 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
internal/fusefrontend/fs.go
View File

@ -346,6 +346,20 @@ func (fs *FS) StatFs(path string) *fuse.StatfsOut {
return fs.FileSystem.StatFs(cPath)
}
// decryptSymlinkTarget: "cData64" is base64-decoded and decrypted
// like file contents (GCM).
func (fs *FS) decryptSymlinkTarget(cData64 string) (string, error) {
cData, err := fs.nameTransform.B64.DecodeString(cData64)
if err != nil {
return "", err
}
data, err := fs.contentEnc.DecryptBlock([]byte(cData), 0, nil)
if err != nil {
return "", err
}
return string(data), nil
}
// Readlink implements pathfs.Filesystem.
func (fs *FS) Readlink(path string, context *fuse.Context) (out string, status fuse.Status) {
cPath, err := fs.getBackingPath(path)
@ -360,12 +374,7 @@ func (fs *FS) Readlink(path string, context *fuse.Context) (out string, status f
return cTarget, fuse.OK
}
// Symlinks are encrypted like file contents (GCM) and base64-encoded
cBinTarget, err := fs.nameTransform.B64.DecodeString(cTarget)
if err != nil {
tlog.Warn.Printf("Readlink: %v", err)
return "", fuse.EIO
}
target, err := fs.contentEnc.DecryptBlock([]byte(cBinTarget), 0, nil)
target, err := fs.decryptSymlinkTarget(cTarget)
if err != nil {
tlog.Warn.Printf("Readlink: %v", err)
return "", fuse.EIO
@ -398,6 +407,14 @@ func (fs *FS) Unlink(path string, context *fuse.Context) (code fuse.Status) {
return fuse.ToStatus(err)
}
// encryptSymlinkTarget: "data" is encrypted like file contents (GCM)
// and base64-encoded.
func (fs *FS) encryptSymlinkTarget(data string) (cData64 string) {
cData := fs.contentEnc.EncryptBlock([]byte(data), 0, nil)
cData64 = fs.nameTransform.B64.EncodeToString(cData)
return cData64
}
// Symlink implements pathfs.Filesystem.
func (fs *FS) Symlink(target string, linkName string, context *fuse.Context) (code fuse.Status) {
tlog.Debug.Printf("Symlink(\"%s\", \"%s\")", target, linkName)
@ -412,8 +429,7 @@ func (fs *FS) Symlink(target string, linkName string, context *fuse.Context) (co
var cTarget string = target
if !fs.args.PlaintextNames {
// Symlinks are encrypted like file contents (GCM) and base64-encoded
cBinTarget := fs.contentEnc.EncryptBlock([]byte(target), 0, nil)
cTarget = fs.nameTransform.B64.EncodeToString(cBinTarget)
cTarget = fs.encryptSymlinkTarget(target)
}
// Create ".name" file to store long file name (except in PlaintextNames mode)
if !fs.args.PlaintextNames && nametransform.IsLongContent(cName) {