Re: encryption/decryption on-the-fly for gvfs google drive backend



On Sun, Nov 01, 2015 at 10:07:57AM +0100, Thomas Meyer wrote:
Hi,

would it be possible to call something like this before uploading a
file to google drive?
$ openssl enc -e -bf -pass file:/path/to/pass.txt -in "$f" -out "$f"

and when download the file from google drive:
$ openssl enc -d -bf -pass file:/path/to/pass.txt -in "$f" -out "$f"

how would I implement something like this?


I can't really think of simple way of doing this at the VFS layer
(you may be able to configure certain apps to do the equivalent for
you).

If you want to get your hands dirty, you can implement it in
daemon/gvfsbackendgoogle.c.
You'd probably need to update these functions for reading:
g_vfs_backend_google_open_for_read
g_vfs_backend_google_read

And these for writing:
g_vfs_backend_google_create
g_vfs_backend_google_replace
g_vfs_backend_google_write
g_vfs_backend_google_push

It would probably be easiest to use something like libgcrypt to do the
symmetric encryption.

The trickiest bit would be dealing with streaming the data correctly
when reading and writing because gvfs does not only deal with whole
files.  It may be easiest (at least initially) to make it so that the
incoming data is buffered to a file, then encrypted and then written
entirely upon close. And for reading, read and decrypt the entire file
on open.

Hope that helps,
-- 
Ross Lagerwall

Attachment: signature.asc
Description: PGP signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]