I have a use-case[*] in which it would be useful to be able to supply encfsctl cat the contents of an encrypted file from STDIN or some other filehandle, rather than pointing to an on-disk file. I can give encfsctl everything else it normally needs - where to find the encrypted volume & XML file, --extpass="gpg -d ..." to get the passrphase, and the unencrypted or encrypted version of the filename. But the file's encrypted contents, I want to be able to supply from STDIN or with encfsctl cat [options] <(command_that_outputs_encrypted_blob). Is this possible? Does encfsctl need to be able to seek through the file, etc., making a pipe infeasible?
I started tracking it down through encfsctl.cpp:cmd_cat->DirNode.cpp:openNode but quickly got lost.
[*] I'm experimenting with an encfs filesystem where the encrypted contents are stored in a git repo. I've written a git-wrapper that can detect when it is being run from an encfs-mounted dir, find the real encrypted backing-store git repo, and (with the help of encfsctl encode to convert file paths where necessary) do the right thing for most git commands (add, rm, commit, mv, pull, push, etc.). But git diff is a problem. If I could invoke encfsctl cat like I described, then I could do something like (very roughly):
# Examine diff between HEAD version and working copy of a file:
$ git diff foo.txt -->
diff <(git cat-file object_corresponding_to_encrypted_foo.txt | encfs-cat ...) foo.txt
# Examine diff between two existing revisions of a file:
$ git diff dead..code foo.txt -->
diff <(encfs-cat ... <(git cat-file ...dead)) <(encfs-cat ... <(git cat-file ...code))
I have a use-case[*] in which it would be useful to be able to supply
encfsctl catthe contents of an encrypted file from STDIN or some other filehandle, rather than pointing to an on-disk file. I can give encfsctl everything else it normally needs - where to find the encrypted volume & XML file,--extpass="gpg -d ..."to get the passrphase, and the unencrypted or encrypted version of the filename. But the file's encrypted contents, I want to be able to supply from STDIN or withencfsctl cat [options] <(command_that_outputs_encrypted_blob). Is this possible? Does encfsctl need to be able to seek through the file, etc., making a pipe infeasible?I started tracking it down through
encfsctl.cpp:cmd_cat->DirNode.cpp:openNodebut quickly got lost.[*] I'm experimenting with an encfs filesystem where the encrypted contents are stored in a git repo. I've written a git-wrapper that can detect when it is being run from an encfs-mounted dir, find the real encrypted backing-store git repo, and (with the help of
encfsctl encodeto convert file paths where necessary) do the right thing for most git commands (add, rm, commit, mv, pull, push, etc.). But git diff is a problem. If I could invoke encfsctl cat like I described, then I could do something like (very roughly):