Documentation ¶
Overview ¶
Package crypt provides wrappers for Fs and Object which implement encryption
Index ¶
- Variables
- func NewFs(name, rpath string, m configmap.Mapper) (fs.Fs, error)
- type Cipher
- func (c *Cipher) DecryptData(rc io.ReadCloser) (io.ReadCloser, error)
- func (c *Cipher) DecryptDataSeek(ctx context.Context, open OpenRangeSeek, offset, limit int64) (ReadSeekCloser, error)
- func (c *Cipher) DecryptDirName(in string) (string, error)
- func (c *Cipher) DecryptFileName(in string) (string, error)
- func (c *Cipher) DecryptedSize(size int64) (int64, error)
- func (c *Cipher) EncryptData(in io.Reader) (io.Reader, error)
- func (c *Cipher) EncryptDirName(in string) string
- func (c *Cipher) EncryptFileName(in string) string
- func (c *Cipher) EncryptedSize(size int64) int64
- func (c *Cipher) Key(password, salt string) (err error)
- func (c *Cipher) NameEncryptionMode() NameEncryptionMode
- type Fs
- func (f *Fs) About(ctx context.Context) (*fs.Usage, error)
- func (f *Fs) ChangeNotify(ctx context.Context, notifyFunc func(string, fs.EntryType), ...)
- func (f *Fs) CleanUp(ctx context.Context) error
- func (f *Fs) Command(ctx context.Context, name string, arg []string, opt map[string]string) (out interface{}, err error)
- func (f *Fs) ComputeHash(ctx context.Context, o *Object, src fs.Object, hashType hash.Type) (hashStr string, err error)
- func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object, error)
- func (f *Fs) DecryptFileName(encryptedFileName string) (string, error)
- func (f *Fs) DirCacheFlush()
- func (f *Fs) DirMove(ctx context.Context, src fs.Fs, srcRemote, dstRemote string) error
- func (f *Fs) Disconnect(ctx context.Context) error
- func (f *Fs) EncryptFileName(fileName string) string
- func (f *Fs) Features() *fs.Features
- func (f *Fs) Hashes() hash.Set
- func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err error)
- func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (err error)
- func (f *Fs) MergeDirs(ctx context.Context, dirs []fs.Directory) error
- func (f *Fs) Mkdir(ctx context.Context, dir string) error
- func (f *Fs) Move(ctx context.Context, src fs.Object, remote string) (fs.Object, error)
- func (f *Fs) Name() string
- func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error)
- func (f *Fs) PublicLink(ctx context.Context, remote string) (string, error)
- func (f *Fs) Purge(ctx context.Context) error
- func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error)
- func (f *Fs) PutStream(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error)
- func (f *Fs) PutUnchecked(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error)
- func (f *Fs) Rmdir(ctx context.Context, dir string) error
- func (f *Fs) Root() string
- func (f *Fs) SetWrapper(wrapper fs.Fs)
- func (f *Fs) String() string
- func (f *Fs) UnWrap() fs.Fs
- func (f *Fs) UserInfo(ctx context.Context) (map[string]string, error)
- func (f *Fs) WrapFs() fs.Fs
- type NameEncryptionMode
- type Object
- func (o *Object) Fs() fs.Info
- func (o *Object) GetTier() string
- func (o *Object) Hash(ctx context.Context, ht hash.Type) (string, error)
- func (o *Object) ID() string
- func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (rc io.ReadCloser, err error)
- func (o *Object) Remote() string
- func (o *Object) SetTier(tier string) error
- func (o *Object) Size() int64
- func (o *Object) String() string
- func (o *Object) UnWrap() fs.Object
- func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) error
- type ObjectInfo
- type OpenRangeSeek
- type Options
- type ReadSeekCloser
Constants ¶
This section is empty.
Variables ¶
var ( ErrorBadDecryptUTF8 = errors.New("bad decryption - utf-8 invalid") ErrorBadDecryptControlChar = errors.New("bad decryption - contains control chars") ErrorNotAMultipleOfBlocksize = errors.New("not a multiple of blocksize") ErrorTooShortAfterDecode = errors.New("too short after base32 decode") ErrorTooLongAfterDecode = errors.New("too long after base32 decode") ErrorEncryptedFileTooShort = errors.New("file is too short to be encrypted") ErrorEncryptedFileBadHeader = errors.New("file has truncated block header") ErrorEncryptedBadMagic = errors.New("not an encrypted file - bad magic string") ErrorEncryptedBadBlock = errors.New("failed to authenticate decrypted block - bad password?") ErrorBadBase32Encoding = errors.New("bad base32 filename encoding") ErrorFileClosed = errors.New("file already closed") ErrorNotAnEncryptedFile = errors.New("not an encrypted file - no \"" + encryptedSuffix + "\" suffix") ErrorBadSeek = errors.New("Seek beyond end of file") )
Errors returned by cipher
Functions ¶
Types ¶
type Cipher ¶
type Cipher struct {
// contains filtered or unexported fields
}
Cipher defines an encoding and decoding cipher for the crypt backend
func (*Cipher) DecryptData ¶
func (c *Cipher) DecryptData(rc io.ReadCloser) (io.ReadCloser, error)
DecryptData decrypts the data stream
func (*Cipher) DecryptDataSeek ¶
func (c *Cipher) DecryptDataSeek(ctx context.Context, open OpenRangeSeek, offset, limit int64) (ReadSeekCloser, error)
DecryptDataSeek decrypts the data stream from offset
The open function must return a ReadCloser opened to the offset supplied ¶
You must use this form of DecryptData if you might want to Seek the file handle
func (*Cipher) DecryptDirName ¶
DecryptDirName decrypts a directory path
func (*Cipher) DecryptFileName ¶
DecryptFileName decrypts a file path
func (*Cipher) DecryptedSize ¶
DecryptedSize calculates the size of the data when decrypted
func (*Cipher) EncryptData ¶
EncryptData encrypts the data stream
func (*Cipher) EncryptDirName ¶
EncryptDirName encrypts a directory path
func (*Cipher) EncryptFileName ¶
EncryptFileName encrypts a file path
func (*Cipher) EncryptedSize ¶
EncryptedSize calculates the size of the data when encrypted
func (*Cipher) Key ¶
Key creates all the internal keys from the password passed in using scrypt.
If salt is "" we use a fixed salt just to make attackers lives slighty harder than using no salt.
Note that empty passsword makes all 0x00 keys which is used in the tests.
func (*Cipher) NameEncryptionMode ¶
func (c *Cipher) NameEncryptionMode() NameEncryptionMode
NameEncryptionMode returns the encryption mode in use for names
type Fs ¶
Fs represents a wrapped fs.Fs
func (*Fs) ChangeNotify ¶
func (f *Fs) ChangeNotify(ctx context.Context, notifyFunc func(string, fs.EntryType), pollIntervalChan <-chan time.Duration)
ChangeNotify calls the passed function with a path that has had changes. If the implementation uses polling, it should adhere to the given interval.
func (*Fs) CleanUp ¶
CleanUp the trash in the Fs
Implement this if you have a way of emptying the trash or otherwise cleaning up old versions of files.
func (*Fs) Command ¶
func (f *Fs) Command(ctx context.Context, name string, arg []string, opt map[string]string) (out interface{}, err error)
Command the backend to run a named command
The command run is name args may be used to read arguments from opts may be used to read optional arguments from
The result should be capable of being JSON encoded If it is a string or a []string it will be shown to the user otherwise it will be JSON encoded and shown to the user like that
func (*Fs) ComputeHash ¶
func (f *Fs) ComputeHash(ctx context.Context, o *Object, src fs.Object, hashType hash.Type) (hashStr string, err error)
ComputeHash takes the nonce from o, and encrypts the contents of src with it, and calculates the hash given by HashType on the fly
Note that we break lots of encapsulation in this function.
func (*Fs) Copy ¶
Copy src to this remote using server side copy operations.
This is stored with the remote path given ¶
It returns the destination Object and a possible error ¶
Will only be called if src.Fs().Name() == f.Name()
If it isn't possible then return fs.ErrorCantCopy
func (*Fs) DecryptFileName ¶
DecryptFileName returns a decrypted file name
func (*Fs) DirCacheFlush ¶
func (f *Fs) DirCacheFlush()
DirCacheFlush resets the directory cache - used in testing as an optional interface
func (*Fs) DirMove ¶
DirMove moves src, srcRemote to this remote at dstRemote using server side move operations.
Will only be called if src.Fs().Name() == f.Name()
If it isn't possible then return fs.ErrorCantDirMove
If destination exists then return fs.ErrorDirExists
func (*Fs) Disconnect ¶
Disconnect the current user
func (*Fs) EncryptFileName ¶
EncryptFileName returns an encrypted file name
func (*Fs) List ¶
List the objects and directories in dir into entries. The entries can be returned in any order but should be for a complete directory.
dir should be "" to list the root, and should not have trailing slashes.
This should return ErrDirNotFound if the directory isn't found.
func (*Fs) ListR ¶
ListR lists the objects and directories of the Fs starting from dir recursively into out.
dir should be "" to start from the root, and should not have trailing slashes.
This should return ErrDirNotFound if the directory isn't found.
It should call callback for each tranche of entries read. These need not be returned in any particular order. If callback returns an error then the listing will stop immediately.
Don't implement this unless you have a more efficient way of listing recursively that doing a directory traversal.
func (*Fs) MergeDirs ¶
MergeDirs merges the contents of all the directories passed in into the first one and rmdirs the other directories.
func (*Fs) Mkdir ¶
Mkdir makes the directory (container, bucket)
Shouldn't return an error if it already exists
func (*Fs) Move ¶
Move src to this remote using server side move operations.
This is stored with the remote path given ¶
It returns the destination Object and a possible error ¶
Will only be called if src.Fs().Name() == f.Name()
If it isn't possible then return fs.ErrorCantMove
func (*Fs) PublicLink ¶
PublicLink generates a public link to the remote path (usually readable by anyone)
func (*Fs) Purge ¶
Purge all files in the root and the root directory
Implement this if you have a way of deleting all the files quicker than just running Remove() on the result of List()
Return an error if it doesn't exist
func (*Fs) Put ¶
func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error)
Put in to the remote path with the modTime given of the given size
May create the object even if it returns an error - if so will return the object and the error, otherwise will return nil and the error
func (*Fs) PutStream ¶
func (f *Fs) PutStream(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error)
PutStream uploads to the remote path with the modTime given of indeterminate size
func (*Fs) PutUnchecked ¶
func (f *Fs) PutUnchecked(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error)
PutUnchecked uploads the object
This will create a duplicate if we upload a new file without checking to see if there is one already - use Put() for that.
func (*Fs) Rmdir ¶
Rmdir removes the directory (container, bucket) if empty
Return an error if it doesn't exist or isn't empty
func (*Fs) SetWrapper ¶
SetWrapper sets the Fs that is wrapping this Fs
type NameEncryptionMode ¶
type NameEncryptionMode int
NameEncryptionMode is the type of file name encryption in use
const ( NameEncryptionOff NameEncryptionMode = iota NameEncryptionStandard NameEncryptionObfuscated )
NameEncryptionMode levels
func NewNameEncryptionMode ¶
func NewNameEncryptionMode(s string) (mode NameEncryptionMode, err error)
NewNameEncryptionMode turns a string into a NameEncryptionMode
func (NameEncryptionMode) String ¶
func (mode NameEncryptionMode) String() (out string)
String turns mode into a human readable string
type Object ¶
Object describes a wrapped for being read from the Fs
This decrypts the remote name and decrypts the data
func (*Object) Hash ¶
Hash returns the selected checksum of the file If no checksum is available it returns ""
func (*Object) Open ¶
func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (rc io.ReadCloser, err error)
Open opens the file for read. Call Close() on the returned io.ReadCloser
type ObjectInfo ¶
type ObjectInfo struct { fs.ObjectInfo // contains filtered or unexported fields }
ObjectInfo describes a wrapped fs.ObjectInfo for being the source
This encrypts the remote name and adjusts the size
func (*ObjectInfo) Fs ¶
func (o *ObjectInfo) Fs() fs.Info
Fs returns read only access to the Fs that this object is part of
type OpenRangeSeek ¶
OpenRangeSeek opens the file handle at the offset with the limit given
type Options ¶
type Options struct { Remote string `config:"remote"` FilenameEncryption string `config:"filename_encryption"` DirectoryNameEncryption bool `config:"directory_name_encryption"` Password string `config:"password"` Password2 string `config:"password2"` ShowMapping bool `config:"show_mapping"` }
Options defines the configuration for this backend
type ReadSeekCloser ¶
ReadSeekCloser is the interface of the read handles
Directories ¶
Path | Synopsis |
---|---|
Package pkcs7 implements PKCS#7 padding This is a standard way of encoding variable length buffers into buffers which are a multiple of an underlying crypto block size.
|
Package pkcs7 implements PKCS#7 padding This is a standard way of encoding variable length buffers into buffers which are a multiple of an underlying crypto block size. |