61 lines
1.3 KiB
Markdown
61 lines
1.3 KiB
Markdown
# go-afero-encfs
|
|
|
|
`go-afero-encfs` is a afero encrypted fs implementation
|
|
|
|
In stage 1 we only encrypt file content, the file name is not encrypted.
|
|
|
|
In the future we are going to encrypt the file name also.
|
|
|
|
|
|
## AES-CTR Introduction
|
|
|
|
AES-CTR algorithm is show as: https://git.hatter.ink/hatter/simple-rust-tests/src/branch/master/__crypto/aes_ctr_test/src/main.rs
|
|
|
|
|
|
Algorithm is shown as below:
|
|
```rust
|
|
let key = <Your AES encryption key>;
|
|
let iv = <Random 8 bytes>;
|
|
|
|
let plaintext = <Plaintext bytes>;
|
|
let ciphertext = <plaintext.len() bytes>;
|
|
let plaintext_block_count = ceil(plaintext / 16);
|
|
|
|
for counter in 0..plaintext_block_count {
|
|
let iv_and_counter = iv + counter.to_be_bytes();
|
|
let encrytped_iv_and_counter = aes_encrypt(key, iv_and_counter);
|
|
|
|
for i in 0..encrytped_iv_and_counter {
|
|
ciphertext[counter * 16 + i] = encrytped_iv_and_counter[i] ^ plaintext[counter * 16 + i];
|
|
}
|
|
}
|
|
```
|
|
|
|
## EncFile Spec
|
|
|
|
File ext `*.__encfile`:
|
|
|
|
```json
|
|
{
|
|
"name": "<file name>",
|
|
"iv": "<16 bytes IV in base64>"
|
|
}
|
|
```
|
|
|
|
> if `*.__encfile` not found, then file is unencrypted.
|
|
|
|
|
|
## Go Get
|
|
|
|
```shell
|
|
GOSUMDB=off GOPROXY=direct go get git.hatter.ink/hatter/go-afero-encfs/encfs
|
|
```
|
|
|
|
|
|
## Reference
|
|
|
|
Related projects:
|
|
* https://github.com/spf13/afero
|
|
* https://github.com/filebrowser/filebrowser
|
|
|