go/sqlite3
1
0
Fork 0
mirror of https://github.com/ncruces/go-sqlite3.git synced 2026-01-12 05:59:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Checksum VFS. (#176)

Browse Source
This commit is contained in:
Nuno Cruces
2024-10-25 00:12:29 +01:00
committed by GitHub
parent 64e2500ca8
commit 75c1dbb052
24 changed files with 499 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
vfs/xts/aes_test.go
View File

@@ -21,7 +21,7 @@ var testDB string
func Test_fileformat(t *testing.T) {
readervfs.Create("test.db", ioutil.NewSizeReaderAt(strings.NewReader(testDB)))
xts.Register("rxts", vfs.Find("reader"), nil)
vfs.Register("rxts", xts.Wrap(vfs.Find("reader"), nil))
db, err := driver.Open("file:test.db?vfs=rxts")
if err != nil {

13
vfs/xts/api.go
View File

@@ -40,25 +40,26 @@ import (
)
func init() {
Register("xts", vfs.Find(""), nil)
vfs.Register("xts", Wrap(vfs.Find(""), nil))
}
// Register registers an encrypting VFS, wrapping a base VFS,
// and possibly using a custom XTS cipher construction.
// Wrap wraps a base VFS to create an encrypting VFS,
// possibly using a custom XTS cipher construction.
//
// To use the default AES-XTS construction, set cipher to nil.
//
// The default construction uses AES-128, AES-192, or AES-256
// if the key/hexkey is 32, 48, or 64 bytes, respectively.
// If a textkey is provided, the default KDF is PBKDF2-HMAC-SHA512
// with 10,000 iterations, always producing a 32 byte key.
func Register(name string, base vfs.VFS, cipher XTSCreator) {
func Wrap(base vfs.VFS, cipher XTSCreator) vfs.VFS {
if cipher == nil {
cipher = aesCreator{}
}
vfs.Register(name, &xtsVFS{
return &xtsVFS{
VFS: base,
init: cipher,
})
}
}
// XTSCreator creates an [xts.Cipher]

9
vfs/xts/xts.go
View File

@@ -23,11 +23,7 @@ func (x *xtsVFS) Open(name string, flags vfs.OpenFlag) (vfs.File, vfs.OpenFlag,
}
func (x *xtsVFS) OpenFilename(name *vfs.Filename, flags vfs.OpenFlag) (file vfs.File, _ vfs.OpenFlag, err error) {
if hf, ok := x.VFS.(vfs.VFSFilename); ok {
file, flags, err = hf.OpenFilename(name, flags)
} else {
file, flags, err = x.VFS.Open(name.String(), flags)
}
file, flags, err = vfsutil.WrapOpenFilename(x.VFS, name, flags)
// Encrypt everything except super journals and memory files.
if err != nil || flags&(vfs.OPEN_SUPER_JOURNAL|vfs.OPEN_MEMORY) != 0 {
@@ -48,13 +44,14 @@ func (x *xtsVFS) OpenFilename(name *vfs.Filename, flags vfs.OpenFlag) (file vfs.
} else if t, ok := params["textkey"]; ok && len(t[0]) > 0 {
key = x.init.KDF(t[0])
} else if flags&vfs.OPEN_MAIN_DB != 0 {
// Main datatabases may have their key specified as a PRAGMA.
// Main databases may have their key specified as a PRAGMA.
return &xtsFile{File: file, init: x.init}, flags, nil
}
cipher = x.init.XTS(key)
}
if cipher == nil {
file.Close()
return nil, flags, sqlite3.CANTOPEN
}
return &xtsFile{File: file, cipher: cipher, init: x.init}, flags, nil