feat(drivers): add metadata-only encryption drive 'crypt2' #1114
Conversation
|
|
There was a problem hiding this comment.
Pull Request Overview
This PR adds a new "crypt2" driver that implements weak encryption for file and folder names while preserving file extensions and optionally skipping file content encryption. This enables cloud services to generate thumbnails and preview images while maintaining name-based privacy.
Key changes:
- Creates a new crypt2 driver with filename-only encryption and extension preservation
- Adds configuration options for selective encryption (names vs content)
- Implements separate encryption methods for files and directories
Reviewed Changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 9 comments.
| File | Description |
|---|---|
| drivers/crypt2/util.go | Core encryption/decryption utilities with extension preservation |
| drivers/crypt2/meta.go | Driver configuration and metadata definitions |
| drivers/crypt2/driver.go | Main driver implementation with selective encryption logic |
| drivers/all.go | Registration of the new crypt2 driver |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| return stdpath.Join(d.RemotePath, remoteDir, remoteFileName) | ||
|
|
||
| } | ||
|
|
There was a problem hiding this comment.
The error from getEncryptedName() is ignored and not handled. If encryption fails, the function continues and may return an incorrect path.
| func (d *Crypt) getPathForRemote(path string, isFolder bool) (remoteFullPath string) { | |
| if isFolder && !strings.HasSuffix(path, "/") { | |
| path = path + "/" | |
| } | |
| dir, fileName := filepath.Split(path) | |
| remoteDir, err := d.getEncryptedDirName(dir) | |
| if err != nil { | |
| return stdpath.Join(d.RemotePath, "", "") | |
| } | |
| remoteFileName := "" | |
| if len(strings.TrimSpace(fileName)) > 0 { | |
| remoteFileName, err = d.getEncryptedName(fileName) | |
| if err != nil { | |
| return stdpath.Join(d.RemotePath, remoteDir, "") | |
| } | |
| } | |
| return stdpath.Join(d.RemotePath, remoteDir, remoteFileName) | |
| } | |
Copilot uses AI. Check for mistakes.
| func (d *Crypt) getEncryptedDirName(dirName string) (string, error) { | ||
| encrypted := d.cipher.EncryptDirName(dirName) | ||
| return encrypted, nil | ||
| } |
There was a problem hiding this comment.
The function calls d.cipher.EncryptDirName() but this method doesn't exist in the rclone cipher interface. The correct method should be d.cipher.EncryptFileName().
| } | |
| func (d *Crypt) getEncryptedDirName(dirName string) (string, error) { | |
| encrypted := d.cipher.EncryptFileName(dirName) | |
| return encrypted, nil | |
| } |
Copilot uses AI. Check for mistakes.
| ext := filepath.Ext(filename) | ||
| base := filename[:len(filename)-len(ext)] | ||
| decrypted,err := d.cipher.DecryptFileName(base) | ||
| return decrypted + ext, err |
There was a problem hiding this comment.
Missing space after comma in variable declaration. Should be 'decrypted, err'.
| return decrypted + ext, err | |
| decrypted, err := d.cipher.DecryptFileName(base) | |
| return decrypted + ext, err |
Copilot uses AI. Check for mistakes.
| if err != nil { | ||
| return nil, err | ||
| } | ||
| if(d.NoEncryptedFile) { |
There was a problem hiding this comment.
Missing space after 'if' keyword. Should be 'if (d.NoEncryptedFile)'.
| if(d.NoEncryptedFile) { | |
| if (d.NoEncryptedFile) { |
Copilot uses AI. Check for mistakes.
| } else { | ||
| thumb, ok := model.GetThumb(obj) | ||
| size, err := d.cipher.DecryptedSize(obj.GetSize()) | ||
| // 如果不进行加密文件 读取的大小应该不进行解密 |
There was a problem hiding this comment.
[nitpick] Code comment is in Chinese. For maintainability in international projects, comments should be in English.
| // 如果不进行加密文件 读取的大小应该不进行解密 | |
| // If the file is not encrypted, the size should not be decrypted |
Copilot uses AI. Check for mistakes.
| var size int64 = 0 | ||
| name := "" | ||
| if !remoteObj.IsDir() { | ||
| // 如果不进行加密文件 读取的大小应该不进行解密 |
There was a problem hiding this comment.
[nitpick] Code comment is in Chinese. For maintainability in international projects, comments should be in English.
| // 如果不进行加密文件 读取的大小应该不进行解密 | |
| // If files are not encrypted, the size should not be decrypted |
Copilot uses AI. Check for mistakes.
| } | ||
|
|
||
| // 加密文件名(保留扩展名不变) | ||
| func (d *Crypt) getEncryptedName(filename string) (string, error) { |
There was a problem hiding this comment.
[nitpick] Function comment is in Chinese. For maintainability in international projects, comments should be in English.
| func (d *Crypt) getEncryptedName(filename string) (string, error) { | |
| // Encrypt file name (keep extension unchanged) | |
| func (d *Crypt) getEncryptedName(filename string) (string, error) { |
Copilot uses AI. Check for mistakes.
| func (d *Crypt) getEncryptedDirName(dirName string) (string, error) { | ||
| encrypted := d.cipher.EncryptDirName(dirName) | ||
| return encrypted, nil | ||
| } |
There was a problem hiding this comment.
[nitpick] Function comment is in Chinese. For maintainability in international projects, comments should be in English.
| } | |
| // Encrypt folder name | |
| func (d *Crypt) getEncryptedDirName(dirName string) (string, error) { | |
| encrypted := d.cipher.EncryptDirName(dirName) | |
| return encrypted, nil | |
| } |
Copilot uses AI. Check for mistakes.
| ext := filepath.Ext(filename) | ||
| base := filename[:len(filename)-len(ext)] | ||
| decrypted,err := d.cipher.DecryptFileName(base) | ||
| return decrypted + ext, err |
There was a problem hiding this comment.
[nitpick] Function comment is in Chinese. For maintainability in international projects, comments should be in English.
| return decrypted + ext, err | |
| // Decrypts a file or directory name (for files, the extension remains unchanged) | |
| func (d *Crypt) getDecryptedName(filename string) (string, error) { | |
| ext := filepath.Ext(filename) | |
| base := filename[:len(filename)-len(ext)] | |
| decrypted,err := d.cipher.DecryptFileName(base) | |
| return decrypted + ext, err |
Copilot uses AI. Check for mistakes.
|
其实不加密数据只是一个选项 关闭的状态和crypt驱动一样也会加密数据 所以我觉得namecrypt这个不太合适 其实完全可以替代crypt只是我改了保留后缀名 所以与原crypt加密的数据是不兼容的所以先取名crypt2 |
ILoveScratch2
changed the title
ILoveScratch2
changed the title
增加只加密文件夹和文件名称不加密数据选项并且加密后保留文件后缀方便云盘可以生成缩放图
也就是上次提的希望有个叫“弱加密的驱动”
这样也就实现了名字加密 避免了天翼云盘不支持的特殊语句 也间接的实现了天翼云盘支持Unicode
而且还支持302重定向不走本地流量