iterate-ch · chenkins · Dec 6, 2024 · Jan 6, 2025 · Jan 18, 2025 · Jan 18, 2025
@@ -25,7 +25,7 @@
     <packaging>jar</packaging>
 
     <properties>
-        <cryptolib.version>2.1.2.1</cryptolib.version>
+        <cryptolib.version>2.3.0-uvfdraft-SNAPSHOT</cryptolib.version>
     </properties>
 
     <profiles>

@@ -22,16 +22,15 @@
 import ch.cyberduck.core.features.AclPermission;
 import ch.cyberduck.core.transfer.TransferStatus;
 
-import java.util.EnumSet;
 import java.util.List;
 
 public class CryptoAclPermission implements AclPermission {
 
     private final Session<?> session;
     private final AclPermission delegate;
-    private final CryptoVault cryptomator;
+    private final AbstractVault cryptomator;
 
-    public CryptoAclPermission(final Session<?> session, final AclPermission delegate, final CryptoVault cryptomator) {
+    public CryptoAclPermission(final Session<?> session, final AclPermission delegate, final AbstractVault cryptomator) {
 
         this.session = session;
         this.delegate = delegate;

@@ -27,9 +27,9 @@
 public class CryptoTransferStatus extends ProxyTransferStatus implements StreamCancelation, StreamProgress {
     private static final Logger log = LogManager.getLogger(CryptoTransferStatus.class);
 
-    private final CryptoVault vault;
+    private final AbstractVault vault;
 
-    public CryptoTransferStatus(final CryptoVault vault, final TransferStatus proxy) {
+    public CryptoTransferStatus(final AbstractVault vault, final TransferStatus proxy) {
         super(proxy);
         this.vault = vault;
         this.withLength(vault.toCiphertextSize(proxy.getOffset(), proxy.getLength()))

@@ -0,0 +1,186 @@
+package ch.cyberduck.core.cryptomator;
+
+/*
+ * Copyright (c) 2002-2025 iterate GmbH. All rights reserved.
+ * https://cyberduck.io/
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ */
+
+import ch.cyberduck.core.PasswordCallback;
+import ch.cyberduck.core.Path;
+import ch.cyberduck.core.PathAttributes;
+import ch.cyberduck.core.Session;
+import ch.cyberduck.core.SimplePathPredicate;
+import ch.cyberduck.core.cryptomator.impl.CryptoDirectoryV7Provider;
+import ch.cyberduck.core.cryptomator.impl.CryptoFilenameV7Provider;
+import ch.cyberduck.core.cryptomator.random.FastSecureRandomProvider;
+import ch.cyberduck.core.exception.BackgroundException;
+import ch.cyberduck.core.vault.VaultCredentials;
+
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.cryptomator.cryptolib.api.Cryptor;
+import org.cryptomator.cryptolib.api.CryptorProvider;
+import org.cryptomator.cryptolib.api.FileContentCryptor;
+import org.cryptomator.cryptolib.api.FileHeaderCryptor;
+import org.cryptomator.cryptolib.api.UVFMasterkey;
+
+import java.util.EnumSet;
+import java.util.Objects;
+
+public class UVFVault extends AbstractVault {
+
+    private static final Logger log = LogManager.getLogger(UVFVault.class);
+
+    /**
+     * Root of vault directory
+     */
+    private final Path home;
+    private final Path vault;
+
+    private final String decrypted;
+    private Cryptor cryptor;
+    private CryptorCache fileNameCryptor;
+    private CryptoFilename filenameProvider;
+    private CryptoDirectory directoryProvider;
+
+    private int nonceSize;
+
+    public UVFVault(final Path home, final String decryptedPayload) {
+        this.home = home;
+        this.decrypted = decryptedPayload;
+        // New vault home with vault flag set for internal use
+        final EnumSet<Path.Type> type = EnumSet.copyOf(home.getType());
+        type.add(Path.Type.vault);
+        if(home.isRoot()) {
+            this.vault = new Path(home.getAbsolute(), type, new PathAttributes(home.attributes()));
+        }
+        else {
+            this.vault = new Path(home.getParent(), home.getName(), type, new PathAttributes(home.attributes()));
+        }
+    }
+
+    @Override
+    public Path create(final Session<?> session, final String region, final VaultCredentials credentials) throws BackgroundException {
+        throw new UnsupportedOperationException();
+    }
+
+    // load -> unlock -> open
+    @Override
+    public UVFVault load(final Session<?> session, final PasswordCallback prompt) throws BackgroundException {
+        UVFMasterkey masterKey = UVFMasterkey.fromDecryptedPayload(this.decrypted);
+
+        final CryptorProvider provider = CryptorProvider.forScheme(CryptorProvider.Scheme.UVF_DRAFT);
+        log.debug("Initialized crypto provider {}", provider);
+        this.cryptor = provider.provide(masterKey, FastSecureRandomProvider.get().provide());
+        this.fileNameCryptor = new CryptorCache(cryptor.fileNameCryptor());
+        this.filenameProvider = new CryptoFilenameV7Provider(/* TODO threshold was previously defined in vault.config - default now? */);
+        this.directoryProvider = new CryptoDirectoryV7Provider(vault, filenameProvider, fileNameCryptor);
+        this.nonceSize = 12;
+        return this;
+    }
+
+    @Override
+    public synchronized void close() {
+        super.close();
+        cryptor = null;
+        fileNameCryptor = null;
+    }
+
+    @Override
+    public Path getMasterkey() {
+        //TODO: implement
+        return null;
+    }
+
+    @Override
+    public Path getConfig() {
+        //TODO: implement
+        return null;
+    }
+
+    @Override
+    public Path gethHome() {
+        return home;
+    }
+
+    @Override
+    public FileHeaderCryptor getFileHeaderCryptor() {
+        return cryptor.fileHeaderCryptor();
+    }
+
+    @Override
+    public FileContentCryptor getFileContentCryptor() {
+        return cryptor.fileContentCryptor();
+    }
+
+    @Override
+    public CryptorCache getFileNameCryptor() {
+        return fileNameCryptor;
+    }
+
+    @Override
+    public CryptoFilename getFilenameProvider() {
+        return filenameProvider;
+    }
+
+    @Override
+    public CryptoDirectory getDirectoryProvider() {
+        return directoryProvider;
+    }
+
+    @Override
+    public Cryptor getCryptor() {
+        return cryptor;
+    }
+
+    @Override
+    public int getNonceSize() {
+        return nonceSize;
+    }
+
+    @Override
+    public int getVersion() {
+        return VAULT_VERSION;
+    }
+
+    @Override
+    public Path getHome() {
+        return home;
+    }
+
+    @Override
+    public boolean equals(final Object o) {
+        if(this == o) {
+            return true;
+        }
+        if(!(o instanceof UVFVault)) {
+            return false;
+        }
+        final UVFVault that = (UVFVault) o;
+        return new SimplePathPredicate(home).test(that.home);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(new SimplePathPredicate(home));
+    }
+
+    @Override
+    public String toString() {
+        final StringBuilder sb = new StringBuilder("UVFVault{");
+        sb.append("home=").append(home);
+        sb.append(", cryptor=").append(cryptor);
+        sb.append('}');
+        return sb.toString();
+    }
+}
@@ -21,7 +21,7 @@
 import ch.cyberduck.core.RandomStringService;
 import ch.cyberduck.core.Session;
 import ch.cyberduck.core.UUIDRandomStringService;
-import ch.cyberduck.core.cryptomator.CryptoVault;
+import ch.cyberduck.core.cryptomator.AbstractVault;
 import ch.cyberduck.core.cryptomator.random.RandomNonceGenerator;
 import ch.cyberduck.core.cryptomator.random.RotatingNonceGenerator;
 import ch.cyberduck.core.exception.BackgroundException;
@@ -46,9 +46,9 @@ public class CryptoBulkFeature<R> implements Bulk<R> {
 
     private final Session<?> session;
     private final Bulk<R> delegate;
-    private final CryptoVault cryptomator;
+    private final AbstractVault cryptomator;
 
-    public CryptoBulkFeature(final Session<?> session, final Bulk<R> delegate, final Delete delete, final CryptoVault cryptomator) {
+    public CryptoBulkFeature(final Session<?> session, final Bulk<R> delegate, final Delete delete, final AbstractVault cryptomator) {
         this.session = session;
         this.delegate = delegate.withDelete(cryptomator.getFeature(session, Delete.class, delete));
         this.cryptomator = cryptomator;

@@ -15,8 +15,8 @@
  * GNU General Public License for more details.
  */
 
+import ch.cyberduck.core.cryptomator.AbstractVault;
 import ch.cyberduck.core.cryptomator.CryptoOutputStream;
-import ch.cyberduck.core.cryptomator.CryptoVault;
 import ch.cyberduck.core.cryptomator.random.RandomNonceGenerator;
 import ch.cyberduck.core.cryptomator.random.RotatingNonceGenerator;
 import ch.cyberduck.core.exception.BackgroundException;
@@ -55,11 +55,11 @@
 public class CryptoChecksumCompute extends AbstractChecksumCompute {
     private static final Logger log = LogManager.getLogger(CryptoChecksumCompute.class);
 
-    private final CryptoVault cryptomator;
+    private final AbstractVault cryptomator;
     private final ChecksumCompute delegate;
 
-    public CryptoChecksumCompute(final ChecksumCompute delegate, final CryptoVault vault) {
-        this.cryptomator = vault;
+    public CryptoChecksumCompute(final ChecksumCompute delegate, final AbstractVault CryptoVaultInterface) {
+        this.cryptomator = CryptoVaultInterface;
         this.delegate = delegate;
     }
 

@@ -19,7 +19,7 @@
 import ch.cyberduck.core.Path;
 import ch.cyberduck.core.PathAttributes;
 import ch.cyberduck.core.Session;
-import ch.cyberduck.core.cryptomator.CryptoVault;
+import ch.cyberduck.core.cryptomator.AbstractVault;
 import ch.cyberduck.core.cryptomator.random.RandomNonceGenerator;
 import ch.cyberduck.core.cryptomator.random.RotatingNonceGenerator;
 import ch.cyberduck.core.exception.BackgroundException;
@@ -36,11 +36,11 @@ public class CryptoCopyFeature implements Copy {
 
     private final Session<?> session;
     private final Copy proxy;
-    private final CryptoVault vault;
+    private final AbstractVault vault;
 
     private Session<?> target;
 
-    public CryptoCopyFeature(final Session<?> session, final Copy proxy, final CryptoVault vault) {
+    public CryptoCopyFeature(final Session<?> session, final Copy proxy, final AbstractVault vault) {
         this.session = session;
         this.target = session;
         this.proxy = proxy;

@@ -20,8 +20,8 @@
 import ch.cyberduck.core.PasswordCallback;
 import ch.cyberduck.core.Path;
 import ch.cyberduck.core.Session;
+import ch.cyberduck.core.cryptomator.AbstractVault;
 import ch.cyberduck.core.cryptomator.CryptoFilename;
-import ch.cyberduck.core.cryptomator.CryptoVault;
 import ch.cyberduck.core.exception.AccessDeniedException;
 import ch.cyberduck.core.exception.BackgroundException;
 import ch.cyberduck.core.exception.NotfoundException;
@@ -44,10 +44,10 @@ public class CryptoDeleteV6Feature implements Delete, Trash {
 
     private final Session<?> session;
     private final Delete proxy;
-    private final CryptoVault vault;
+    private final AbstractVault vault;
     private final CryptoFilename filenameProvider;
 
-    public CryptoDeleteV6Feature(final Session<?> session, final Delete proxy, final CryptoVault vault) {
+    public CryptoDeleteV6Feature(final Session<?> session, final Delete proxy, final AbstractVault vault) {
         this.session = session;
         this.proxy = proxy;
         this.vault = vault;

@@ -21,8 +21,8 @@
 import ch.cyberduck.core.PasswordCallback;
 import ch.cyberduck.core.Path;
 import ch.cyberduck.core.Session;
+import ch.cyberduck.core.cryptomator.AbstractVault;
 import ch.cyberduck.core.cryptomator.CryptoFilename;
-import ch.cyberduck.core.cryptomator.CryptoVault;
 import ch.cyberduck.core.cryptomator.impl.CryptoDirectoryV7Provider;
 import ch.cyberduck.core.exception.AccessDeniedException;
 import ch.cyberduck.core.exception.BackgroundException;
@@ -46,10 +46,10 @@ public class CryptoDeleteV7Feature implements Delete, Trash {
 
     private final Session<?> session;
     private final Delete proxy;
-    private final CryptoVault vault;
+    private final AbstractVault vault;
     private final CryptoFilename filenameProvider;
 
-    public CryptoDeleteV7Feature(final Session<?> session, final Delete proxy, final CryptoVault vault) {
+    public CryptoDeleteV7Feature(final Session<?> session, final Delete proxy, final AbstractVault vault) {
         this.session = session;
         this.proxy = proxy;
         this.vault = vault;

@@ -19,8 +19,8 @@
 import ch.cyberduck.core.RandomStringService;
 import ch.cyberduck.core.Session;
 import ch.cyberduck.core.UUIDRandomStringService;
+import ch.cyberduck.core.cryptomator.AbstractVault;
 import ch.cyberduck.core.cryptomator.ContentWriter;
-import ch.cyberduck.core.cryptomator.CryptoVault;
 import ch.cyberduck.core.cryptomator.random.RandomNonceGenerator;
 import ch.cyberduck.core.exception.BackgroundException;
 import ch.cyberduck.core.features.Directory;
@@ -40,11 +40,11 @@ public class CryptoDirectoryV6Feature<Reply> implements Directory<Reply> {
     private final Session<?> session;
     private final Write<Reply> writer;
     private final Directory<Reply> delegate;
-    private final CryptoVault vault;
+    private final AbstractVault vault;
     private final RandomStringService random = new UUIDRandomStringService();
 
     public CryptoDirectoryV6Feature(final Session<?> session, final Directory<Reply> delegate,
-                                    final Write<Reply> writer, final CryptoVault cryptomator) {
+                                    final Write<Reply> writer, final AbstractVault cryptomator) {
         this.session = session;
         this.writer = writer;
         this.delegate = delegate;

@@ -19,8 +19,8 @@
 import ch.cyberduck.core.RandomStringService;
 import ch.cyberduck.core.Session;
 import ch.cyberduck.core.UUIDRandomStringService;
+import ch.cyberduck.core.cryptomator.AbstractVault;
 import ch.cyberduck.core.cryptomator.ContentWriter;
-import ch.cyberduck.core.cryptomator.CryptoVault;
 import ch.cyberduck.core.cryptomator.impl.CryptoDirectoryV7Provider;
 import ch.cyberduck.core.cryptomator.random.RandomNonceGenerator;
 import ch.cyberduck.core.exception.BackgroundException;
@@ -42,11 +42,11 @@ public class CryptoDirectoryV7Feature<Reply> implements Directory<Reply> {
     private final Session<?> session;
     private final Write<Reply> writer;
     private final Directory<Reply> delegate;
-    private final CryptoVault vault;
+    private final AbstractVault vault;
     private final RandomStringService random = new UUIDRandomStringService();
 
     public CryptoDirectoryV7Feature(final Session<?> session, final Directory<Reply> delegate,
-                                    final Write<Reply> writer, final CryptoVault cryptomator) {
+                                    final Write<Reply> writer, final AbstractVault cryptomator) {
         this.session = session;
         this.writer = writer;
         this.delegate = delegate;