Rename FilenameDecoder to FilenameCipher
This commit is contained in:
parent
fce791717c
commit
733237ba40
|
@ -1,49 +0,0 @@
|
||||||
use cipher::{block_padding::Pkcs7, inout::InOutBufReserved, Iv, Key, KeyIvInit};
|
|
||||||
use crate::error::FilenameDecryptError;
|
|
||||||
|
|
||||||
use super::{EmeCipher, EncodedFilename, IntoDecodable};
|
|
||||||
|
|
||||||
// TODO RENAME
|
|
||||||
pub struct DirFilenameDecoder<'a, 'b> {
|
|
||||||
filename_key: &'a Key<EmeCipher>,
|
|
||||||
iv: &'b Iv<EmeCipher>,
|
|
||||||
}
|
|
||||||
|
|
||||||
impl<'a, 'b> DirFilenameDecoder<'a, 'b> {
|
|
||||||
pub fn new(filename_key: &'a Key<EmeCipher>, iv: &'b Iv<EmeCipher>) -> Self {
|
|
||||||
Self { filename_key, iv }
|
|
||||||
}
|
|
||||||
pub fn decode_filename<S>(&self, name: S) -> Result<String, FilenameDecryptError>
|
|
||||||
where
|
|
||||||
S: IntoDecodable,
|
|
||||||
{
|
|
||||||
let cipher = EmeCipher::new(self.filename_key, self.iv);
|
|
||||||
|
|
||||||
let mut filename = base64::decode_config(name.to_decodable(), base64::URL_SAFE_NO_PAD)?;
|
|
||||||
let filename_decoded = cipher
|
|
||||||
.decrypt_padded_mut::<Pkcs7>(&mut filename)
|
|
||||||
.map_err(|_| FilenameDecryptError::DecryptError())?;
|
|
||||||
|
|
||||||
Ok(String::from_utf8_lossy(filename_decoded).to_string())
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn encrypt_filename(
|
|
||||||
&self,
|
|
||||||
plain_text_name: &str,
|
|
||||||
) -> Result<EncodedFilename, FilenameDecryptError> {
|
|
||||||
let mut cipher = EmeCipher::new(self.filename_key, self.iv);
|
|
||||||
let mut res = [0u8; 2048];
|
|
||||||
|
|
||||||
let filename_encrypted = cipher
|
|
||||||
.encrypt_padded_inout_mut::<Pkcs7>(
|
|
||||||
InOutBufReserved::from_slices(plain_text_name.as_bytes(), &mut res).unwrap(),
|
|
||||||
)
|
|
||||||
.map_err(|_| FilenameDecryptError::DecryptError())?; // TODO RENAME ERROR
|
|
||||||
|
|
||||||
// TODO LONG FILENAME
|
|
||||||
|
|
||||||
let filename = base64::encode_config(filename_encrypted, base64::URL_SAFE_NO_PAD);
|
|
||||||
|
|
||||||
Ok(filename.into())
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,5 +1,5 @@
|
||||||
use aes::Aes256;
|
use aes::Aes256;
|
||||||
use cipher::{block_padding::Pkcs7, inout::InOutBufReserved, Iv, Key, KeyIvInit};
|
use cipher::{Iv, Key};
|
||||||
use eme_mode::DynamicEme;
|
use eme_mode::DynamicEme;
|
||||||
use hkdf::Hkdf;
|
use hkdf::Hkdf;
|
||||||
|
|
||||||
|
@ -7,18 +7,17 @@ use crate::error::FilenameDecryptError;
|
||||||
|
|
||||||
pub(crate) type EmeCipher = DynamicEme<Aes256>;
|
pub(crate) type EmeCipher = DynamicEme<Aes256>;
|
||||||
|
|
||||||
mod dir_filename_decoder;
|
mod dir_filename_cipher;
|
||||||
mod filename_encoded;
|
mod filename_encoded;
|
||||||
|
|
||||||
pub use dir_filename_decoder::*;
|
pub use dir_filename_cipher::*;
|
||||||
pub use filename_encoded::*;
|
pub use filename_encoded::*;
|
||||||
|
|
||||||
// TODO RENAME
|
pub struct FilenameCipher {
|
||||||
pub struct FilenameDecoder {
|
|
||||||
filename_key: Key<Aes256>,
|
filename_key: Key<Aes256>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl FilenameDecoder {
|
impl FilenameCipher {
|
||||||
pub fn new(master_key: &[u8]) -> Result<Self, FilenameDecryptError> {
|
pub fn new(master_key: &[u8]) -> Result<Self, FilenameDecryptError> {
|
||||||
let mut key = [0u8; 32];
|
let mut key = [0u8; 32];
|
||||||
let hdkf = Hkdf::<sha2::Sha256>::new(None, &master_key);
|
let hdkf = Hkdf::<sha2::Sha256>::new(None, &master_key);
|
||||||
|
@ -29,9 +28,9 @@ impl FilenameDecoder {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn get_decoder_for_dir<'a, 'b>(&'a self, iv: &'b [u8]) -> DirFilenameDecoder<'a, 'b> {
|
pub fn get_cipher_for_dir<'a, 'b>(&'a self, iv: &'b [u8]) -> DirFilenameCipher<'a, 'b> {
|
||||||
let iv = Iv::<EmeCipher>::from_slice(iv);
|
let iv = Iv::<EmeCipher>::from_slice(iv);
|
||||||
DirFilenameDecoder::new(&self.filename_key, iv)
|
DirFilenameCipher::new(&self.filename_key, iv)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -39,15 +38,15 @@ impl FilenameDecoder {
|
||||||
mod test {
|
mod test {
|
||||||
use crate::filename::EncodedFilename;
|
use crate::filename::EncodedFilename;
|
||||||
|
|
||||||
use super::FilenameDecoder;
|
use super::FilenameCipher;
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_encrypt() {
|
fn test_encrypt() {
|
||||||
let master_key = base64::decode("9gtUW9XiiefEgEXEkbONI6rnUsd2yh5UZZLG0V8Bxgk=").unwrap();
|
let master_key = base64::decode("9gtUW9XiiefEgEXEkbONI6rnUsd2yh5UZZLG0V8Bxgk=").unwrap();
|
||||||
let dir_iv = base64::decode("6ysCeWOp2euF1x39gth8KQ==").unwrap();
|
let dir_iv = base64::decode("6ysCeWOp2euF1x39gth8KQ==").unwrap();
|
||||||
|
|
||||||
let decoder = FilenameDecoder::new(&master_key).expect("Failed to get file decoder");
|
let decoder = FilenameCipher::new(&master_key).expect("Failed to get file decoder");
|
||||||
let dir_decoder = decoder.get_decoder_for_dir(&dir_iv);
|
let dir_decoder = decoder.get_cipher_for_dir(&dir_iv);
|
||||||
|
|
||||||
let encoded = dir_decoder
|
let encoded = dir_decoder
|
||||||
.encrypt_filename("7.mp4")
|
.encrypt_filename("7.mp4")
|
||||||
|
@ -64,8 +63,8 @@ mod test {
|
||||||
let master_key = base64::decode("9gtUW9XiiefEgEXEkbONI6rnUsd2yh5UZZLG0V8Bxgk=").unwrap();
|
let master_key = base64::decode("9gtUW9XiiefEgEXEkbONI6rnUsd2yh5UZZLG0V8Bxgk=").unwrap();
|
||||||
let dir_iv = base64::decode("6ysCeWOp2euF1x39gth8KQ==").unwrap();
|
let dir_iv = base64::decode("6ysCeWOp2euF1x39gth8KQ==").unwrap();
|
||||||
|
|
||||||
let decoder = FilenameDecoder::new(&master_key).expect("Failed to get file decoder");
|
let decoder = FilenameCipher::new(&master_key).expect("Failed to get file decoder");
|
||||||
let dir_decoder = decoder.get_decoder_for_dir(&dir_iv);
|
let dir_decoder = decoder.get_cipher_for_dir(&dir_iv);
|
||||||
|
|
||||||
let decrypted = dir_decoder
|
let decrypted = dir_decoder
|
||||||
.decode_filename("vTBajRt-yCpxB7Sly0E7lQ")
|
.decode_filename("vTBajRt-yCpxB7Sly0E7lQ")
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
use std::{fs::File, path::Path};
|
use std::{fs::File, path::Path};
|
||||||
|
|
||||||
use content_enc::ContentEnc;
|
use content_enc::ContentEnc;
|
||||||
use filename::FilenameDecoder;
|
use filename::FilenameCipher;
|
||||||
|
|
||||||
pub mod config;
|
pub mod config;
|
||||||
pub mod content_enc;
|
pub mod content_enc;
|
||||||
|
@ -12,7 +12,7 @@ pub mod filename;
|
||||||
|
|
||||||
/// A GocryptFs encrypted directory
|
/// A GocryptFs encrypted directory
|
||||||
pub struct GocryptFs {
|
pub struct GocryptFs {
|
||||||
filename_decoder: FilenameDecoder,
|
filename_decoder: FilenameCipher,
|
||||||
content_decoder: ContentEnc,
|
content_decoder: ContentEnc,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -46,7 +46,7 @@ impl GocryptFs {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Get the [`filename decoder`](struct@FilenameDecoder) attached to this GocryptFs.
|
/// Get the [`filename decoder`](struct@FilenameDecoder) attached to this GocryptFs.
|
||||||
pub fn filename_decoder<'s>(&'s self) -> &'s FilenameDecoder {
|
pub fn filename_decoder<'s>(&'s self) -> &'s FilenameCipher {
|
||||||
&self.filename_decoder
|
&self.filename_decoder
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -133,7 +133,7 @@ impl Filesystem for EncryptedFs {
|
||||||
) {
|
) {
|
||||||
if let Some(parent) = &self.get_path(parent) {
|
if let Some(parent) = &self.get_path(parent) {
|
||||||
let iv = std::fs::read(parent.join("gocryptfs.diriv")).unwrap();
|
let iv = std::fs::read(parent.join("gocryptfs.diriv")).unwrap();
|
||||||
let dir_decoder = self.fs.filename_decoder().get_decoder_for_dir(&iv);
|
let dir_decoder = self.fs.filename_decoder().get_cipher_for_dir(&iv);
|
||||||
|
|
||||||
let encrypted_name = dir_decoder
|
let encrypted_name = dir_decoder
|
||||||
.encrypt_filename(&name.to_string_lossy())
|
.encrypt_filename(&name.to_string_lossy())
|
||||||
|
@ -169,7 +169,7 @@ impl Filesystem for EncryptedFs {
|
||||||
if let Some(folder_path) = &self.inode_cache.get_path(ino).cloned() {
|
if let Some(folder_path) = &self.inode_cache.get_path(ino).cloned() {
|
||||||
let iv = std::fs::read(folder_path.join("gocryptfs.diriv")).unwrap();
|
let iv = std::fs::read(folder_path.join("gocryptfs.diriv")).unwrap();
|
||||||
|
|
||||||
let dir_decoder = self.fs.filename_decoder().get_decoder_for_dir(&iv);
|
let dir_decoder = self.fs.filename_decoder().get_cipher_for_dir(&iv);
|
||||||
|
|
||||||
if offset == 0 {
|
if offset == 0 {
|
||||||
let ino_parent = if ino == FUSE_ROOT_ID {
|
let ino_parent = if ino == FUSE_ROOT_ID {
|
||||||
|
@ -295,7 +295,7 @@ impl Filesystem for EncryptedFs {
|
||||||
fn extract_name(
|
fn extract_name(
|
||||||
dir: std::fs::DirEntry,
|
dir: std::fs::DirEntry,
|
||||||
folder_path: &PathBuf,
|
folder_path: &PathBuf,
|
||||||
dir_decoder: &rustcryptfs_lib::filename::DirFilenameDecoder,
|
dir_decoder: &rustcryptfs_lib::filename::DirFilenameCipher,
|
||||||
) -> Option<(std::fs::Metadata, String, String)> {
|
) -> Option<(std::fs::Metadata, String, String)> {
|
||||||
let filename = dir.file_name();
|
let filename = dir.file_name();
|
||||||
let filename = filename.to_str().unwrap();
|
let filename = filename.to_str().unwrap();
|
||||||
|
|
|
@ -44,7 +44,7 @@ fn ls(c: &LsCommand) -> anyhow::Result<()> {
|
||||||
|
|
||||||
let iv = std::fs::read(folder_path.join("gocryptfs.diriv"))?;
|
let iv = std::fs::read(folder_path.join("gocryptfs.diriv"))?;
|
||||||
|
|
||||||
let dir_decoder = filename_decoder.get_decoder_for_dir(&iv);
|
let dir_decoder = filename_decoder.get_cipher_for_dir(&iv);
|
||||||
|
|
||||||
for dir in std::fs::read_dir(folder_path)?.flat_map(|e| e.ok()) {
|
for dir in std::fs::read_dir(folder_path)?.flat_map(|e| e.ok()) {
|
||||||
let filename = dir.file_name();
|
let filename = dir.file_name();
|
||||||
|
|
Loading…
Reference in New Issue