The highest tagged major version is v2.

nametransform

package

v1.8.0 Latest Latest Go to latest Published: May 9, 2020 License: MIT Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/rfjakob/gocryptfs

Links

Open Source Insights

Documentation ¶

Overview ¶

Package nametransform encrypts and decrypts filenames.

Index ¶

Constants
func DeleteLongNameAt(dirfd int, hashName string) error
func Dir(path string) string
func IsLongContent(cName string) bool
func NameType(cName string) int
func ReadDirIVAt(dirfd int) (iv []byte, err error)
func ReadLongNameAt(dirfd int, cName string) (string, error)
func RemoveLongNameSuffix(cName string) string
func WriteDirIVAt(dirfd int) error
type NameTransform
- func New(e *eme.EMECipher, longNames bool, raw64 bool) *NameTransform
type NameTransformer

Constants ¶

View Source

const (
	// DirIVLen is identical to AES block size
	DirIVLen = 16
	// DirIVFilename is the filename used to store directory IV.
	// Exported because we have to ignore this name in directory listing.
	DirIVFilename = "gocryptfs.diriv"
)

View Source

const (
	// LongNameContent is the file that stores the file content.
	// Example: gocryptfs.longname.URrM8kgxTKYMgCk4hKk7RO9Lcfr30XQof4L_5bD9Iro=
	LongNameContent = iota
	// LongNameFilename is the file that stores the full encrypted filename.
	// Example: gocryptfs.longname.URrM8kgxTKYMgCk4hKk7RO9Lcfr30XQof4L_5bD9Iro=.name
	LongNameFilename = iota
	// LongNameNone is used when the file does not have a long name.
	// Example: i1bpTaVLZq7sRNA9mL_2Ig==
	LongNameNone = iota
)

Values returned by IsLongName

View Source

const (
	// LongNameSuffix is the suffix used for files with long names.
	// Files with long names are stored in two files:
	// gocryptfs.longname.[sha256]       <--- File content, prefix = gocryptfs.longname.
	// gocryptfs.longname.[sha256].name  <--- File name, suffix = .name
	LongNameSuffix = ".name"
)

View Source

const (
	// Like ext4, we allow at most 255 bytes for a file name.
	NameMax = 255
)

Variables ¶

This section is empty.

Functions ¶

func DeleteLongNameAt ¶ added in v1.7.1

func DeleteLongNameAt(dirfd int, hashName string) error

DeleteLongName deletes "hashName.name" in the directory opened at "dirfd".

This function is symlink-safe through the use of Unlinkat().

func Dir ¶ added in v1.4.1

func Dir(path string) string

Dir is like filepath.Dir but returns "" instead of ".".

func IsLongContent ¶

func IsLongContent(cName string) bool

IsLongContent returns true if "cName" is the content store of a long name file (looks like "gocryptfs.longname.sha256").

This function does not do any I/O.

func NameType ¶

func NameType(cName string) int

NameType - detect if cName is gocryptfs.longname.sha256 ........ LongNameContent (content of a long name file) gocryptfs.longname.sha256.name .... LongNameFilename (full file name of a long name file) else ................................ LongNameNone (normal file)

This function does not do any I/O.

func ReadDirIVAt ¶

func ReadDirIVAt(dirfd int) (iv []byte, err error)

ReadDirIVAt reads "gocryptfs.diriv" from the directory that is opened as "dirfd". Using the dirfd makes it immune to concurrent renames of the directory.

func ReadLongNameAt ¶ added in v1.7.1

func ReadLongNameAt(dirfd int, cName string) (string, error)

ReadLongName - read cName + ".name" from the directory opened as dirfd.

Symlink-safe through Openat().

func RemoveLongNameSuffix ¶ added in v1.7.1

func RemoveLongNameSuffix(cName string) string

RemoveLongNameSuffix removes the ".name" suffix from cName, returning the corresponding content file name. No check is made if cName actually is a LongNameFilename.

func WriteDirIVAt ¶ added in v1.7.1

func WriteDirIVAt(dirfd int) error

WriteDirIVAt - create a new gocryptfs.diriv file in the directory opened at "dirfd". On error we try to delete the incomplete file. This function is exported because it is used from fusefrontend, main, and also the automated tests.

Types ¶

type NameTransform ¶

type NameTransform struct {

	// B64 = either base64.URLEncoding or base64.RawURLEncoding, depending
	// on the Raw64 feature flag
	B64 *base64.Encoding
	// Patterns to bypass decryption
	BadnamePatterns []string
	// contains filtered or unexported fields
}

NameTransform is used to transform filenames.

func New ¶

func New(e *eme.EMECipher, longNames bool, raw64 bool) *NameTransform

New returns a new NameTransform instance.

func (*NameTransform) B64DecodeString ¶ added in v1.7.1

func (n *NameTransform) B64DecodeString(s string) ([]byte, error)

B64DecodeString decodes a Base64-encoded string

func (*NameTransform) B64EncodeToString ¶ added in v1.7.1

func (n *NameTransform) B64EncodeToString(src []byte) string

B64EncodeToString returns a Base64-encoded string

func (*NameTransform) DecryptName ¶

func (n *NameTransform) DecryptName(cipherName string, iv []byte) (string, error)

DecryptName calls decryptName to try and decrypt a base64-encoded encrypted filename "cipherName", and failing that checks if it can be bypassed

func (*NameTransform) EncryptAndHashName ¶ added in v1.7.1

func (be *NameTransform) EncryptAndHashName(name string, iv []byte) (string, error)

encryptAndHashName encrypts "name" and hashes it to a longname if it is too long. Returns ENAMETOOLONG if "name" is longer than 255 bytes.

func (*NameTransform) EncryptName ¶

func (n *NameTransform) EncryptName(plainName string, iv []byte) (cipherName64 string)

EncryptName encrypts "plainName", returns a base64-encoded "cipherName64", encrypted using EME (https://github.com/rfjakob/eme).

This function is exported because in some cases, fusefrontend needs access to the full (not hashed) name if longname is used.

func (*NameTransform) HashLongName ¶ added in v1.4.1

func (n *NameTransform) HashLongName(name string) string

HashLongName - take the hash of a long string "name" and return "gocryptfs.longname.sha256"

This function does not do any I/O.

func (*NameTransform) WriteLongNameAt ¶ added in v1.7.1

func (n *NameTransform) WriteLongNameAt(dirfd int, hashName string, plainName string) (err error)

WriteLongName encrypts plainName and writes it into "hashName.name". For the convenience of the caller, plainName may also be a path and will be Base()named internally.

This function is symlink-safe through the use of Openat().

type NameTransformer ¶ added in v1.7.1

type NameTransformer interface {
	DecryptName(cipherName string, iv []byte) (string, error)
	EncryptName(plainName string, iv []byte) string
	EncryptAndHashName(name string, iv []byte) (string, error)
	HashLongName(name string) string
	WriteLongNameAt(dirfd int, hashName string, plainName string) error
	B64EncodeToString(src []byte) string
	B64DecodeString(s string) ([]byte, error)
}

NameTransformer is an interface used to transform filenames.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL