1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
//! A cryptree node controls read and write access to a directory or file.
/// A cryptree node controls read and write access to a directory or file.
///
/// A directory contains the following distinct symmetric read keys {base, parent}, and file contains {base == parent, data}
/// A directory or file also has a single base symmetric write key
///
/// A link node is a special node that behaves like a directory with a single child, and contains only the filename.
/// These are used when granting write access to prevent the recipient from being able to rename the file/dir to
/// potentially clash with a sibling that they cannot see. This means you cannot rename something unless you have write
/// access to the parent directory, which is in line with unix et al.
///
/// The serialized encrypted form stores a link from the base key to the other key.
/// For a directory, the base key encrypts the links to child directories and files. For a file the datakey encrypts the
/// file's data. The parent key encrypts the link to the parent directory's parent key and the metadata (FileProperties).
///
/// There are three network visible components to the serialization:
/// 1) A fixed size block encrypted with the base key, containing the second key (parent or data key), the location of
/// the next chunk, and an optional symmetric link to a signing pair
/// 2) A fragmented padded cipher text, padded to a multiple of 4096,
/// containing the relative child links of a directory, or the data of a file chunk
/// 3) A padded cipher text (to a multiple of 16 bytes) of an optional relative parent link, and file properties
/// The parent link is present on the first chunk of all files and directories except your home directory
///