forked from TrueCloudLab/rclone
cryptdecode: use Cipher instead of NewFs (#2087)
* crypt: extract NewCipher out of NewFs * cryptdecode: make use of crypt.NewCipher Fixes #2075
This commit is contained in:
Fabian Möller
GitHub
parent
aeefa34f62
commit
00adf40f9f
3 changed files with 40 additions and 40 deletions
|
|
@ -91,6 +91,8 @@ type Cipher interface {
|
||||||
EncryptedSize(int64) int64
|
EncryptedSize(int64) int64
|
||||||
// DecryptedSize calculates the size of the data when decrypted
|
// DecryptedSize calculates the size of the data when decrypted
|
||||||
DecryptedSize(int64) (int64, error)
|
DecryptedSize(int64) (int64, error)
|
||||||
|
// NameEncryptionMode returns the used mode for name handling
|
||||||
|
NameEncryptionMode() NameEncryptionMode
|
||||||
}
|
}
|
||||||
|
|
||||||
// NameEncryptionMode is the type of file name encryption in use
|
// NameEncryptionMode is the type of file name encryption in use
|
||||||
|
|
@ -547,6 +549,10 @@ func (c *cipher) DecryptDirName(in string) (string, error) {
|
||||||
return c.decryptFileName(in)
|
return c.decryptFileName(in)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (c *cipher) NameEncryptionMode() NameEncryptionMode {
|
||||||
|
return c.mode
|
||||||
|
}
|
||||||
|
|
||||||
// nonce is an NACL secretbox nonce
|
// nonce is an NACL secretbox nonce
|
||||||
type nonce [fileNonceSize]byte
|
type nonce [fileNonceSize]byte
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -73,8 +73,8 @@ func init() {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewFs contstructs an Fs from the path, container:path
|
// NewCipher constructs a Cipher for the given config name
|
||||||
func NewFs(name, rpath string) (fs.Fs, error) {
|
func NewCipher(name string) (Cipher, error) {
|
||||||
mode, err := NewNameEncryptionMode(config.FileGet(name, "filename_encryption", "standard"))
|
mode, err := NewNameEncryptionMode(config.FileGet(name, "filename_encryption", "standard"))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|
@ -102,6 +102,15 @@ func NewFs(name, rpath string) (fs.Fs, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, errors.Wrap(err, "failed to make cipher")
|
return nil, errors.Wrap(err, "failed to make cipher")
|
||||||
}
|
}
|
||||||
|
return cipher, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewFs contstructs an Fs from the path, container:path
|
||||||
|
func NewFs(name, rpath string) (fs.Fs, error) {
|
||||||
|
cipher, err := NewCipher(name)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
remote := config.FileGet(name, "remote")
|
remote := config.FileGet(name, "remote")
|
||||||
if strings.HasPrefix(remote, name+":") {
|
if strings.HasPrefix(remote, name+":") {
|
||||||
return nil, errors.New("can't point crypt remote at itself - check the value of the remote setting")
|
return nil, errors.New("can't point crypt remote at itself - check the value of the remote setting")
|
||||||
|
|
@ -122,12 +131,11 @@ func NewFs(name, rpath string) (fs.Fs, error) {
|
||||||
name: name,
|
name: name,
|
||||||
root: rpath,
|
root: rpath,
|
||||||
cipher: cipher,
|
cipher: cipher,
|
||||||
mode: mode,
|
|
||||||
}
|
}
|
||||||
// the features here are ones we could support, and they are
|
// the features here are ones we could support, and they are
|
||||||
// ANDed with the ones from wrappedFs
|
// ANDed with the ones from wrappedFs
|
||||||
f.features = (&fs.Features{
|
f.features = (&fs.Features{
|
||||||
CaseInsensitive: mode == NameEncryptionOff,
|
CaseInsensitive: cipher.NameEncryptionMode() == NameEncryptionOff,
|
||||||
DuplicateFiles: true,
|
DuplicateFiles: true,
|
||||||
ReadMimeType: false, // MimeTypes not supported with crypt
|
ReadMimeType: false, // MimeTypes not supported with crypt
|
||||||
WriteMimeType: false,
|
WriteMimeType: false,
|
||||||
|
|
|
||||||
|
|
@ -1,13 +1,13 @@
|
||||||
package cryptdecode
|
package cryptdecode
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
|
||||||
"github.com/ncw/rclone/backend/crypt"
|
"github.com/ncw/rclone/backend/crypt"
|
||||||
"github.com/ncw/rclone/cmd"
|
"github.com/ncw/rclone/cmd"
|
||||||
"github.com/ncw/rclone/fs"
|
"github.com/ncw/rclone/fs"
|
||||||
"github.com/ncw/rclone/fs/config/flags"
|
"github.com/ncw/rclone/fs/config/flags"
|
||||||
"github.com/pkg/errors"
|
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -39,40 +39,32 @@ use it like this
|
||||||
`,
|
`,
|
||||||
Run: func(command *cobra.Command, args []string) {
|
Run: func(command *cobra.Command, args []string) {
|
||||||
cmd.CheckArgs(2, 11, command, args)
|
cmd.CheckArgs(2, 11, command, args)
|
||||||
fsrc := cmd.NewFsSrc(args)
|
cmd.Run(false, false, command, func() error {
|
||||||
if Reverse {
|
fsInfo, configName, _, err := fs.ParseRemote(args[0])
|
||||||
cmd.Run(false, false, command, func() error {
|
if err != nil {
|
||||||
return cryptEncode(fsrc, args[1:])
|
return err
|
||||||
})
|
}
|
||||||
} else {
|
if fsInfo.Name != "crypt" {
|
||||||
cmd.Run(false, false, command, func() error {
|
return errors.New("The remote needs to be of type \"crypt\"")
|
||||||
return cryptDecode(fsrc, args[1:])
|
}
|
||||||
})
|
cipher, err := crypt.NewCipher(configName)
|
||||||
}
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if Reverse {
|
||||||
|
return cryptEncode(cipher, args[1:])
|
||||||
|
}
|
||||||
|
return cryptDecode(cipher, args[1:])
|
||||||
|
})
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if fsrc is a crypt
|
|
||||||
func assertCryptFs(fsrc fs.Fs) (*crypt.Fs, error) {
|
|
||||||
fcrypt, ok := fsrc.(*crypt.Fs)
|
|
||||||
if !ok {
|
|
||||||
return nil, errors.Errorf("%s:%s is not a crypt remote", fsrc.Name(), fsrc.Root())
|
|
||||||
}
|
|
||||||
return fcrypt, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// cryptDecode returns the unencrypted file name
|
// cryptDecode returns the unencrypted file name
|
||||||
func cryptDecode(fsrc fs.Fs, args []string) error {
|
func cryptDecode(cipher crypt.Cipher, args []string) error {
|
||||||
fcrypt, err := assertCryptFs(fsrc)
|
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
output := ""
|
output := ""
|
||||||
|
|
||||||
for _, encryptedFileName := range args {
|
for _, encryptedFileName := range args {
|
||||||
fileName, err := fcrypt.DecryptFileName(encryptedFileName)
|
fileName, err := cipher.DecryptFileName(encryptedFileName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
output += fmt.Sprintln(encryptedFileName, "\t", "Failed to decrypt")
|
output += fmt.Sprintln(encryptedFileName, "\t", "Failed to decrypt")
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -86,17 +78,11 @@ func cryptDecode(fsrc fs.Fs, args []string) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// cryptEncode returns the encrypted file name
|
// cryptEncode returns the encrypted file name
|
||||||
func cryptEncode(fsrc fs.Fs, args []string) error {
|
func cryptEncode(cipher crypt.Cipher, args []string) error {
|
||||||
fcrypt, err := assertCryptFs(fsrc)
|
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
output := ""
|
output := ""
|
||||||
|
|
||||||
for _, fileName := range args {
|
for _, fileName := range args {
|
||||||
encryptedFileName := fcrypt.EncryptFileName(fileName)
|
encryptedFileName := cipher.EncryptFileName(fileName)
|
||||||
output += fmt.Sprintln(fileName, "\t", encryptedFileName)
|
output += fmt.Sprintln(fileName, "\t", encryptedFileName)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue