diff options
| author | Jakob Unterwurzacher | 2015-11-01 01:32:33 +0100 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2015-11-01 01:38:27 +0100 |
| commit | 76311b60f2e208dbd93e1e7b6e9794770c14fede (patch) | |
| tree | fa71d48744fd1ad6de26aaadd03f2440e4d4103d /cryptfs/content_test.go | |
| parent | 73fa8efdb27172210b9751eb86689287db0b1170 (diff) | |
Add file header (on-disk-format change)
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]
Quoting SECURITY.md:
* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
* This means the position of the blocks is protected as well. The blocks
can not be reordered or copied between different files without
causing an decryption error.
Diffstat (limited to 'cryptfs/content_test.go')
| -rw-r--r-- | cryptfs/content_test.go | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/cryptfs/content_test.go b/cryptfs/content_test.go index aa6c9f3..4e1b447 100644 --- a/cryptfs/content_test.go +++ b/cryptfs/content_test.go @@ -1,7 +1,6 @@ package cryptfs import ( - "fmt" "testing" ) @@ -17,6 +16,8 @@ func TestSplitRange(t *testing.T) { testRange{0, 10}, testRange{234, 6511}, testRange{65444, 54}, + testRange{0, 1024*1024}, + testRange{0, 65536}, testRange{6654, 8945}) key := make([]byte, KEY_LEN) @@ -24,10 +25,14 @@ func TestSplitRange(t *testing.T) { for _, r := range ranges { parts := f.SplitRange(r.offset, r.length) + var lastBlockNo uint64 = 1<<63 for _, p := range parts { + if p.BlockNo == lastBlockNo { + t.Errorf("Duplicate block number %d", p.BlockNo) + } + lastBlockNo = p.BlockNo if p.Length > DEFAULT_PLAINBS || p.Skip >= DEFAULT_PLAINBS { - fmt.Printf("Test fail: n=%d, length=%d, offset=%d\n", p.BlockNo, p.Length, p.Skip) - t.Fail() + t.Errorf("Test fail: n=%d, length=%d, offset=%d\n", p.BlockNo, p.Length, p.Skip) } } } @@ -48,13 +53,13 @@ func TestCiphertextRange(t *testing.T) { for _, r := range ranges { alignedOffset, alignedLength, skipBytes := f.CiphertextRange(r.offset, r.length) if alignedLength < r.length { - t.Fail() + t.Errorf("alignedLength=%s is smaller than length=%d", alignedLength, r.length) } - if alignedOffset%f.cipherBS != 0 { - t.Fail() + if (alignedOffset - HEADER_LEN)%f.cipherBS != 0 { + t.Errorf("alignedOffset=%d is not aligned", alignedOffset) } if r.offset%f.plainBS != 0 && skipBytes == 0 { - t.Fail() + t.Errorf("skipBytes=0") } } } @@ -67,7 +72,7 @@ func TestBlockNo(t *testing.T) { if b != 0 { t.Errorf("actual: %d", b) } - b = f.BlockNoCipherOff(f.CipherBS()) + b = f.BlockNoCipherOff(HEADER_LEN + f.CipherBS()) if b != 1 { t.Errorf("actual: %d", b) } |