Rooba
/
perkeep
mirror of https://github.com/perkeep/perkeep.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

encrypt: stat support. 

Can now upload encrypted blobs.

Change-Id: Ib39e3b3218c99f139b0ed2b6d4a232160b4e1e64
This commit is contained in:
Brad Fitzpatrick 2013-06-15 16:44:49 -07:00
parent c3b87326c8
commit 537005fa32
2 changed files with 56 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
pkg/blobserver/encrypt/encrypt.go
View File

@ -26,13 +26,26 @@ import (
"fmt" "fmt"
"io" "io"
"io/ioutil" "io/ioutil"
"strconv"
"strings"
"time" "time"
"camlistore.org/pkg/blobref" "camlistore.org/pkg/blobref"
"camlistore.org/pkg/blobserver" "camlistore.org/pkg/blobserver"
"camlistore.org/pkg/index"
"camlistore.org/pkg/jsonconfig" "camlistore.org/pkg/jsonconfig"
) )
/*
Dev notes:
$ ./dev-camput --path=/enc/ blob dev-camput
$ find /tmp/camliroot-$USER/port3179/encblob/
$ ./dev-camtool sync --src=http://localhost:3179/enc/ --dest=stdout
*/
// TODO: // TODO:
// http://godoc.org/code.google.com/p/go.crypto/scrypt // http://godoc.org/code.google.com/p/go.crypto/scrypt
// crypto/aes // crypto/aes
@ -58,6 +71,7 @@ type storage struct {
*blobserver.SimpleBlobHubPartitionMap *blobserver.SimpleBlobHubPartitionMap
block cipher.Block block cipher.Block
index index.Storage // meta index
// Encryption key. // Encryption key.
key []byte key []byte
@ -95,7 +109,25 @@ func (s *storage) RemoveBlobs(blobs []*blobref.BlobRef) error {
} }
func (s *storage) StatBlobs(dest chan<- blobref.SizedBlobRef, blobs []*blobref.BlobRef, wait time.Duration) error { func (s *storage) StatBlobs(dest chan<- blobref.SizedBlobRef, blobs []*blobref.BlobRef, wait time.Duration) error {
panic("TODO: implement") for _, br := range blobs {
v, err := s.index.Get(br.String())
if err == index.ErrNotFound {
continue
}
if err != nil {
return err
}
slash := strings.Index(v, "/")
if slash < 0 {
continue
}
plainSize, err := strconv.Atoi(v[:slash])
if err != nil {
continue
}
dest <- blobref.SizedBlobRef{br, int64(plainSize)}
}
return nil
} }
func (s *storage) ReceiveBlob(plainBR *blobref.BlobRef, source io.Reader) (sb blobref.SizedBlobRef, err error) { func (s *storage) ReceiveBlob(plainBR *blobref.BlobRef, source io.Reader) (sb blobref.SizedBlobRef, err error) {
@ -104,15 +136,13 @@ func (s *storage) ReceiveBlob(plainBR *blobref.BlobRef, source io.Reader) (sb bl
hash := plainBR.Hash() hash := plainBR.Hash()
var buf bytes.Buffer var buf bytes.Buffer
// TODO: compress before encrypting?
buf.Write(iv) // TODO: write more structured header w/ version & IV length? or does that weaken it? buf.Write(iv) // TODO: write more structured header w/ version & IV length? or does that weaken it?
sw := cipher.StreamWriter{S: stream, W: &buf} sw := cipher.StreamWriter{S: stream, W: &buf}
n, err := io.Copy(io.MultiWriter(sw, hash), source) plainSize, err := io.Copy(io.MultiWriter(sw, hash), source)
if err != nil { if err != nil {
return sb, err return sb, err
} }
if err := sw.Close(); err != nil {
return sb, err
}
if !plainBR.HashMatches(hash) { if !plainBR.HashMatches(hash) {
return sb, blobserver.ErrCorruptBlob return sb, blobserver.ErrCorruptBlob
} }
@ -122,11 +152,20 @@ func (s *storage) ReceiveBlob(plainBR *blobref.BlobRef, source io.Reader) (sb bl
if err != nil { if err != nil {
return sb, fmt.Errorf("encrypt: error writing encrypted %v (plaintext %v): %v", encBR, plainBR, err) return sb, fmt.Errorf("encrypt: error writing encrypted %v (plaintext %v): %v", encBR, plainBR, err)
} }
// TODO: upload buf.Bytes() to s.blobs
// TODO: upload meta blob with two blobrefs & IV to s.meta
// TODO: update index with mapping
return blobref.SizedBlobRef{plainBR, n}, nil // TODO: upload meta blob with two blobrefs & IV to s.meta
// ....
err = s.index.Set(plainBR.String(), encodeMetaValue(plainSize, iv, encBR, buf.Len()))
if err != nil {
return sb, fmt.Errorf("encrypt: error updating index for encrypted %v (plaintext %v): %v", err)
}
return blobref.SizedBlobRef{plainBR, plainSize}, nil
}
func encodeMetaValue(plainSize int64, iv []byte, encBR *blobref.BlobRef, encSize int) string {
return fmt.Sprintf("%d/%x/%s/%d", plainSize, iv, encBR, encSize)
} }
func (s *storage) FetchStreaming(b *blobref.BlobRef) (file io.ReadCloser, size int64, err error) { func (s *storage) FetchStreaming(b *blobref.BlobRef) (file io.ReadCloser, size int64, err error) {
@ -144,6 +183,7 @@ func init() {
func newFromConfig(ld blobserver.Loader, config jsonconfig.Obj) (bs blobserver.Storage, err error) { func newFromConfig(ld blobserver.Loader, config jsonconfig.Obj) (bs blobserver.Storage, err error) {
sto := &storage{ sto := &storage{
SimpleBlobHubPartitionMap: &blobserver.SimpleBlobHubPartitionMap{}, SimpleBlobHubPartitionMap: &blobserver.SimpleBlobHubPartitionMap{},
index: index.NewMemoryStorage(), // TODO: temporary for development; let be configurable (mysql, etc)
} }
key := config.OptionalString("key", "") key := config.OptionalString("key", "")

9
pkg/index/memindex.go
View File

@ -34,9 +34,14 @@ func init() {
// NewMemoryIndex returns an Index backed only by memory, for use in tests. // NewMemoryIndex returns an Index backed only by memory, for use in tests.
func NewMemoryIndex() *Index { func NewMemoryIndex() *Index {
return New(NewMemoryStorage())
}
// NewMemoryStorage returns an index Storage implementation that's backed only
// by memory, for use in tests.
func NewMemoryStorage() Storage {
db := memdb.New(nil) db := memdb.New(nil)
memStorage := &memKeys{db: db} return &memKeys{db: db}
return New(memStorage)
} }
func newMemoryIndexFromConfig(ld blobserver.Loader, config jsonconfig.Obj) (blobserver.Storage, error) { func newMemoryIndexFromConfig(ld blobserver.Loader, config jsonconfig.Obj) (blobserver.Storage, error) {