crypt

package
v1.51.0-mod-v1.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 9, 2020 License: MIT Imports: 26 Imported by: 0

Documentation

Overview

Package crypt provides wrappers for Fs and Object which implement encryption

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrorBadDecryptUTF8          = errors.New("bad decryption - utf-8 invalid")
	ErrorBadDecryptControlChar   = errors.New("bad decryption - contains control chars")
	ErrorNotAMultipleOfBlocksize = errors.New("not a multiple of blocksize")
	ErrorTooShortAfterDecode     = errors.New("too short after base32 decode")
	ErrorTooLongAfterDecode      = errors.New("too long after base32 decode")
	ErrorEncryptedFileTooShort   = errors.New("file is too short to be encrypted")
	ErrorEncryptedFileBadHeader  = errors.New("file has truncated block header")
	ErrorEncryptedBadMagic       = errors.New("not an encrypted file - bad magic string")
	ErrorEncryptedBadBlock       = errors.New("failed to authenticate decrypted block - bad password?")
	ErrorBadBase32Encoding       = errors.New("bad base32 filename encoding")
	ErrorFileClosed              = errors.New("file already closed")
	ErrorNotAnEncryptedFile      = errors.New("not an encrypted file - no \"" + encryptedSuffix + "\" suffix")
	ErrorBadSeek                 = errors.New("Seek beyond end of file")
)

Errors returned by cipher

Functions

func NewFs

func NewFs(name, rpath string, m configmap.Mapper) (fs.Fs, error)

NewFs constructs an Fs from the path, container:path

Types

type Cipher

type Cipher interface {
	// EncryptFileName encrypts a file path
	EncryptFileName(string) string
	// DecryptFileName decrypts a file path, returns error if decrypt was invalid
	DecryptFileName(string) (string, error)
	// EncryptDirName encrypts a directory path
	EncryptDirName(string) string
	// DecryptDirName decrypts a directory path, returns error if decrypt was invalid
	DecryptDirName(string) (string, error)
	// EncryptData
	EncryptData(io.Reader) (io.Reader, error)
	// DecryptData
	DecryptData(io.ReadCloser) (io.ReadCloser, error)
	// DecryptDataSeek decrypt at a given position
	DecryptDataSeek(ctx context.Context, open OpenRangeSeek, offset, limit int64) (ReadSeekCloser, error)
	// EncryptedSize calculates the size of the data when encrypted
	EncryptedSize(int64) int64
	// DecryptedSize calculates the size of the data when decrypted
	DecryptedSize(int64) (int64, error)
	// NameEncryptionMode returns the used mode for name handling
	NameEncryptionMode() NameEncryptionMode
}

Cipher is used to swap out the encryption implementations

func NewCipher

func NewCipher(m configmap.Mapper) (Cipher, error)

NewCipher constructs a Cipher for the given config

type Fs

type Fs struct {
	fs.Fs
	// contains filtered or unexported fields
}

Fs represents a wrapped fs.Fs

func (*Fs) About

func (f *Fs) About(ctx context.Context) (*fs.Usage, error)

About gets quota information from the Fs

func (*Fs) ChangeNotify

func (f *Fs) ChangeNotify(ctx context.Context, notifyFunc func(string, fs.EntryType), pollIntervalChan <-chan time.Duration)

ChangeNotify calls the passed function with a path that has had changes. If the implementation uses polling, it should adhere to the given interval.

func (*Fs) CleanUp

func (f *Fs) CleanUp(ctx context.Context) error

CleanUp the trash in the Fs

Implement this if you have a way of emptying the trash or otherwise cleaning up old versions of files.

func (*Fs) ComputeHash

func (f *Fs) ComputeHash(ctx context.Context, o *Object, src fs.Object, hashType hash.Type) (hashStr string, err error)

ComputeHash takes the nonce from o, and encrypts the contents of src with it, and calculates the hash given by HashType on the fly

Note that we break lots of encapsulation in this function.

func (*Fs) Copy

func (f *Fs) Copy(ctx context.Context, src fs.Object, remote string) (fs.Object, error)

Copy src to this remote using server side copy operations.

This is stored with the remote path given

It returns the destination Object and a possible error

Will only be called if src.Fs().Name() == f.Name()

If it isn't possible then return fs.ErrorCantCopy

func (*Fs) DecryptFileName

func (f *Fs) DecryptFileName(encryptedFileName string) (string, error)

DecryptFileName returns a decrypted file name

func (*Fs) DirCacheFlush

func (f *Fs) DirCacheFlush()

DirCacheFlush resets the directory cache - used in testing as an optional interface

func (*Fs) DirMove

func (f *Fs) DirMove(ctx context.Context, src fs.Fs, srcRemote, dstRemote string) error

DirMove moves src, srcRemote to this remote at dstRemote using server side move operations.

Will only be called if src.Fs().Name() == f.Name()

If it isn't possible then return fs.ErrorCantDirMove

If destination exists then return fs.ErrorDirExists

func (*Fs) Disconnect

func (f *Fs) Disconnect(ctx context.Context) error

Disconnect the current user

func (*Fs) EncryptFileName

func (f *Fs) EncryptFileName(fileName string) string

EncryptFileName returns an encrypted file name

func (*Fs) Features

func (f *Fs) Features() *fs.Features

Features returns the optional features of this Fs

func (*Fs) Hashes

func (f *Fs) Hashes() hash.Set

Hashes returns the supported hash sets.

func (*Fs) List

func (f *Fs) List(ctx context.Context, dir string) (entries fs.DirEntries, err error)

List the objects and directories in dir into entries. The entries can be returned in any order but should be for a complete directory.

dir should be "" to list the root, and should not have trailing slashes.

This should return ErrDirNotFound if the directory isn't found.

func (*Fs) ListR

func (f *Fs) ListR(ctx context.Context, dir string, callback fs.ListRCallback) (err error)

ListR lists the objects and directories of the Fs starting from dir recursively into out.

dir should be "" to start from the root, and should not have trailing slashes.

This should return ErrDirNotFound if the directory isn't found.

It should call callback for each tranche of entries read. These need not be returned in any particular order. If callback returns an error then the listing will stop immediately.

Don't implement this unless you have a more efficient way of listing recursively that doing a directory traversal.

func (*Fs) MergeDirs

func (f *Fs) MergeDirs(ctx context.Context, dirs []fs.Directory) error

MergeDirs merges the contents of all the directories passed in into the first one and rmdirs the other directories.

func (*Fs) Mkdir

func (f *Fs) Mkdir(ctx context.Context, dir string) error

Mkdir makes the directory (container, bucket)

Shouldn't return an error if it already exists

func (*Fs) Move

func (f *Fs) Move(ctx context.Context, src fs.Object, remote string) (fs.Object, error)

Move src to this remote using server side move operations.

This is stored with the remote path given

It returns the destination Object and a possible error

Will only be called if src.Fs().Name() == f.Name()

If it isn't possible then return fs.ErrorCantMove

func (*Fs) Name

func (f *Fs) Name() string

Name of the remote (as passed into NewFs)

func (*Fs) NewObject

func (f *Fs) NewObject(ctx context.Context, remote string) (fs.Object, error)

NewObject finds the Object at remote.

func (f *Fs) PublicLink(ctx context.Context, remote string) (string, error)

PublicLink generates a public link to the remote path (usually readable by anyone)

func (*Fs) Purge

func (f *Fs) Purge(ctx context.Context) error

Purge all files in the root and the root directory

Implement this if you have a way of deleting all the files quicker than just running Remove() on the result of List()

Return an error if it doesn't exist

func (*Fs) Put

func (f *Fs) Put(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error)

Put in to the remote path with the modTime given of the given size

May create the object even if it returns an error - if so will return the object and the error, otherwise will return nil and the error

func (*Fs) PutStream

func (f *Fs) PutStream(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error)

PutStream uploads to the remote path with the modTime given of indeterminate size

func (*Fs) PutUnchecked

func (f *Fs) PutUnchecked(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error)

PutUnchecked uploads the object

This will create a duplicate if we upload a new file without checking to see if there is one already - use Put() for that.

func (*Fs) Rmdir

func (f *Fs) Rmdir(ctx context.Context, dir string) error

Rmdir removes the directory (container, bucket) if empty

Return an error if it doesn't exist or isn't empty

func (*Fs) Root

func (f *Fs) Root() string

Root of the remote (as passed into NewFs)

func (*Fs) SetWrapper

func (f *Fs) SetWrapper(wrapper fs.Fs)

SetWrapper sets the Fs that is wrapping this Fs

func (*Fs) String

func (f *Fs) String() string

String returns a description of the FS

func (*Fs) UnWrap

func (f *Fs) UnWrap() fs.Fs

UnWrap returns the Fs that this Fs is wrapping

func (*Fs) UserInfo

func (f *Fs) UserInfo(ctx context.Context) (map[string]string, error)

UserInfo returns info about the connected user

func (*Fs) WrapFs

func (f *Fs) WrapFs() fs.Fs

WrapFs returns the Fs that is wrapping this Fs

type NameEncryptionMode

type NameEncryptionMode int

NameEncryptionMode is the type of file name encryption in use

const (
	NameEncryptionOff NameEncryptionMode = iota
	NameEncryptionStandard
	NameEncryptionObfuscated
)

NameEncryptionMode levels

func NewNameEncryptionMode

func NewNameEncryptionMode(s string) (mode NameEncryptionMode, err error)

NewNameEncryptionMode turns a string into a NameEncryptionMode

func (NameEncryptionMode) String

func (mode NameEncryptionMode) String() (out string)

String turns mode into a human readable string

type Object

type Object struct {
	fs.Object
	// contains filtered or unexported fields
}

Object describes a wrapped for being read from the Fs

This decrypts the remote name and decrypts the data

func (*Object) Fs

func (o *Object) Fs() fs.Info

Fs returns read only access to the Fs that this object is part of

func (*Object) GetTier

func (o *Object) GetTier() string

GetTier returns storage tier or class of the Object

func (*Object) Hash

func (o *Object) Hash(ctx context.Context, ht hash.Type) (string, error)

Hash returns the selected checksum of the file If no checksum is available it returns ""

func (*Object) ID

func (o *Object) ID() string

ID returns the ID of the Object if known, or "" if not

func (*Object) Open

func (o *Object) Open(ctx context.Context, options ...fs.OpenOption) (rc io.ReadCloser, err error)

Open opens the file for read. Call Close() on the returned io.ReadCloser

func (*Object) Remote

func (o *Object) Remote() string

Remote returns the remote path

func (*Object) SetTier

func (o *Object) SetTier(tier string) error

SetTier performs changing storage tier of the Object if multiple storage classes supported

func (*Object) Size

func (o *Object) Size() int64

Size returns the size of the file

func (*Object) String

func (o *Object) String() string

Return a string version

func (*Object) UnWrap

func (o *Object) UnWrap() fs.Object

UnWrap returns the wrapped Object

func (*Object) Update

func (o *Object) Update(ctx context.Context, in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) error

Update in to the object with the modTime given of the given size

type ObjectInfo

type ObjectInfo struct {
	fs.ObjectInfo
	// contains filtered or unexported fields
}

ObjectInfo describes a wrapped fs.ObjectInfo for being the source

This encrypts the remote name and adjusts the size

func (*ObjectInfo) Fs

func (o *ObjectInfo) Fs() fs.Info

Fs returns read only access to the Fs that this object is part of

func (*ObjectInfo) Hash

func (o *ObjectInfo) Hash(ctx context.Context, hash hash.Type) (string, error)

Hash returns the selected checksum of the file If no checksum is available it returns ""

func (*ObjectInfo) Remote

func (o *ObjectInfo) Remote() string

Remote returns the remote path

func (*ObjectInfo) Size

func (o *ObjectInfo) Size() int64

Size returns the size of the file

type OpenRangeSeek

type OpenRangeSeek func(ctx context.Context, offset, limit int64) (io.ReadCloser, error)

OpenRangeSeek opens the file handle at the offset with the limit given

type Options

type Options struct {
	Remote                  string `config:"remote"`
	FilenameEncryption      string `config:"filename_encryption"`
	DirectoryNameEncryption bool   `config:"directory_name_encryption"`
	Password                string `config:"password"`
	Password2               string `config:"password2"`
	ShowMapping             bool   `config:"show_mapping"`
}

Options defines the configuration for this backend

type ReadSeekCloser

type ReadSeekCloser interface {
	io.Reader
	io.Seeker
	io.Closer
	fs.RangeSeeker
}

ReadSeekCloser is the interface of the read handles

Directories

Path Synopsis
Package pkcs7 implements PKCS#7 padding This is a standard way of encoding variable length buffers into buffers which are a multiple of an underlying crypto block size.
Package pkcs7 implements PKCS#7 padding This is a standard way of encoding variable length buffers into buffers which are a multiple of an underlying crypto block size.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL