use of org.cryptomator.cryptolib.api.Cryptor in project cryptofs by cryptomator.
the class CryptoFileSystemModule method provideCryptor.
@Provides
@PerFileSystem
public Cryptor provideCryptor(CryptorProvider cryptorProvider, @PathToVault Path pathToVault, CryptoFileSystemProperties properties) {
return rethrowUnchecked(IOException.class).from(() -> {
Path masterKeyPath = pathToVault.resolve(properties.masterkeyFilename());
Path backupKeyPath = pathToVault.resolve(properties.masterkeyFilename() + Constants.MASTERKEY_BACKUP_SUFFIX);
// since 1.3.0 a file system can only be created for existing vaults. initialization is done before.
assert Files.exists(masterKeyPath);
byte[] keyFileContents = Files.readAllBytes(masterKeyPath);
Cryptor cryptor = cryptorProvider.createFromKeyFile(KeyFile.parse(keyFileContents), properties.passphrase(), properties.pepper(), Constants.VAULT_VERSION);
Files.copy(masterKeyPath, backupKeyPath, REPLACE_EXISTING);
return cryptor;
});
}
use of org.cryptomator.cryptolib.api.Cryptor in project cryptofs by cryptomator.
the class CryptoFileSystemProvider method initialize.
/**
* Creates a new vault at the given directory path.
*
* @param pathToVault Path to a not yet existing directory
* @param masterkeyFilename Name of the masterkey file
* @param pepper Application-specific pepper used during key derivation
* @param passphrase Passphrase that should be used to unlock the vault
* @throws NotDirectoryException If the given path is not an existing directory.
* @throws IOException If the vault structure could not be initialized due to I/O errors
* @since 1.3.2
*/
public static void initialize(Path pathToVault, String masterkeyFilename, byte[] pepper, CharSequence passphrase) throws NotDirectoryException, IOException {
if (!Files.isDirectory(pathToVault)) {
throw new NotDirectoryException(pathToVault.toString());
}
try (Cryptor cryptor = CRYPTOR_PROVIDER.createNew()) {
// save masterkey file:
Path masterKeyPath = pathToVault.resolve(masterkeyFilename);
byte[] keyFileContents = cryptor.writeKeysToMasterkeyFile(Normalizer.normalize(passphrase, Form.NFC), pepper, Constants.VAULT_VERSION).serialize();
Files.write(masterKeyPath, keyFileContents, CREATE_NEW, WRITE);
// create "d/RO/OTDIRECTORY":
String rootDirHash = cryptor.fileNameCryptor().hashDirectoryId(Constants.ROOT_DIR_ID);
Path rootDirPath = pathToVault.resolve(Constants.DATA_DIR_NAME).resolve(rootDirHash.substring(0, 2)).resolve(rootDirHash.substring(2));
Files.createDirectories(rootDirPath);
// create "m":
Files.createDirectory(pathToVault.resolve(Constants.METADATA_DIR_NAME));
}
assert containsVault(pathToVault, masterkeyFilename);
}
Aggregations