Documentation
¶
Overview ¶
Package nametransform encrypts and decrypts filenames.
Index ¶
- Constants
- func DeleteLongName(dirfd *os.File, hashName string) error
- func HashLongName(name string) string
- func IsLongContent(cName string) bool
- func NameType(cName string) int
- func ReadDirIV(dir string) (iv []byte, err error)
- func ReadDirIVAt(dirfd *os.File) (iv []byte, err error)
- func ReadLongName(path string) (string, error)
- func WriteDirIV(dir string) error
- type NameTransform
- func (n *NameTransform) DecryptName(cipherName string, iv []byte) (string, error)
- func (n *NameTransform) EncryptName(plainName string, iv []byte) (cipherName64 string)
- func (be *NameTransform) EncryptPathDirIV(plainPath string, rootDir string) (cipherPath string, err error)
- func (n *NameTransform) WriteLongName(dirfd *os.File, hashName string, plainName string) (err error)
Constants ¶
const ( // DirIVLen is identical to AES block size DirIVLen = 16 // DirIVFilename is the filename used to store directory IV. // Exported because we have to ignore this name in directory listing. DirIVFilename = "gocryptfs.diriv" )
const ( // LongNameContent is the file that stores the file content. // Example: gocryptfs.longname.URrM8kgxTKYMgCk4hKk7RO9Lcfr30XQof4L_5bD9Iro= LongNameContent = iota // LongNameFilename is the file that stores the full encrypted filename. // Example: gocryptfs.longname.URrM8kgxTKYMgCk4hKk7RO9Lcfr30XQof4L_5bD9Iro=.name LongNameFilename = iota // LongNameNone is used when the file does not have a long name. // Example: i1bpTaVLZq7sRNA9mL_2Ig== LongNameNone = iota )
Values returned by IsLongName
const ( // HaveRaw64 is true when Go is new enough to have base64.RawURLEncoding HaveRaw64 = true )
const ( // LongNameSuffix is the suffix used for files with long names. // Files with long names are stored in two files: // gocryptfs.longname.[sha256] <--- File content, prefix = gocryptfs.longname. // gocryptfs.longname.[sha256].name <--- File name, suffix = .name LongNameSuffix = ".name" )
Variables ¶
This section is empty.
Functions ¶
func DeleteLongName ¶
DeleteLongName deletes "hashName.name".
func HashLongName ¶
HashLongName - take the hash of a long string "name" and return "gocryptfs.longname.sha256"
func IsLongContent ¶
IsLongContent returns true if "cName" is the content store of a long name file (looks like "gocryptfs.longname.sha256").
func NameType ¶
NameType - detect if cName is gocryptfs.longname.sha256 ........ LongNameContent (content of a long name file) gocryptfs.longname.sha256.name .... LongNameFilename (full file name of a long name file) else ................................ LongNameNone (normal file)
func ReadDirIV ¶
ReadDirIV - read the "gocryptfs.diriv" file from "dir" (absolute ciphertext path) This function is exported because it allows for an efficient readdir implementation.
func ReadDirIVAt ¶
ReadDirIVAt reads "gocryptfs.diriv" from the directory that is opened as "dirfd". Using the dirfd makes it immune to concurrent renames of the directory.
func WriteDirIV ¶
WriteDirIV - create diriv file inside "dir" (absolute ciphertext path) This function is exported because it is used from pathfs_frontend, main, and also the automated tests.
Types ¶
type NameTransform ¶
type NameTransform struct {
DirIVCache dirIVCache
// contains filtered or unexported fields
}
NameTransform is used to transform filenames.
func New ¶
func New(c *cryptocore.CryptoCore, longNames bool, raw64 bool) *NameTransform
New returns a new NameTransform instance.
func (*NameTransform) DecryptName ¶
func (n *NameTransform) DecryptName(cipherName string, iv []byte) (string, error)
DecryptName - decrypt base64-encoded encrypted filename "cipherName"
This function is exported because it allows for a very efficient readdir implementation (read IV once, decrypt all names using this function).
func (*NameTransform) EncryptName ¶
func (n *NameTransform) EncryptName(plainName string, iv []byte) (cipherName64 string)
EncryptName encrypts "plainName", returns a base64-encoded "cipherName64". Used internally by EncryptPathDirIV(). The encryption is either CBC or EME, depending on "useEME".
This function is exported because fusefrontend needs access to the full (not hashed) name if longname is used. Otherwise you should use EncryptPathDirIV()
func (*NameTransform) EncryptPathDirIV ¶
func (be *NameTransform) EncryptPathDirIV(plainPath string, rootDir string) (cipherPath string, err error)
EncryptPathDirIV - encrypt relative plaintext path using EME with DirIV. Components that are longer than 255 bytes are hashed if be.longnames == true.
func (*NameTransform) WriteLongName ¶
func (n *NameTransform) WriteLongName(dirfd *os.File, hashName string, plainName string) (err error)
WriteLongName encrypts plainName and writes it into "hashName.name". For the convenience of the caller, plainName may also be a path and will be converted internally.
Source Files