forcedecode: tighten checks

...and fix a few golint issues and print a scary warning message on mount. Also, force the fs to ro,noexec.
author: Jakob Unterwurzacher 2017-04-24 00:25:02 +0200
committer: Jakob Unterwurzacher 2017-04-24 00:25:02 +0200
commit: 3409ade2723d931097560fbbe35e461553c5912c (patch)
tree: c12f3eb3fa93eba352170ab597d70d6a72498ce2 /internal/stupidgcm/stupidgcm.go
parent: f1945c4daae65074cfca8f0ab5b97ac5a50c24a0 (diff)
1 files changed, 2 insertions, 7 deletions
diff --git a/internal/stupidgcm/stupidgcm.go b/internal/stupidgcm/stupidgcm.go
index 133ee1a..5cc6c3c 100644
--- a/internal/stupidgcm/stupidgcm.go
+++ b/internal/stupidgcm/stupidgcm.go
@@ -10,7 +10,6 @@ import "C"
 
 import (
 	"crypto/cipher"
-	"fmt"
 	"log"
 	"unsafe"
 )
@@ -30,9 +29,6 @@ type stupidGCM struct {
 	forceDecode bool
 }
 
-//authentication error
-var AuthError error = fmt.Errorf("stupidgcm: message authentication failed")
-
 var _ cipher.AEAD = &stupidGCM{}
 
 // New returns a new cipher.AEAD implementation..
@@ -193,10 +189,9 @@ func (g stupidGCM) Open(dst, iv, in, authData []byte) ([]byte, error) {
 		// The error code must always be checked by the calling function, because the decrypted buffer
 		// may contain corrupted data that we are returning in case the user forced reads
 		if g.forceDecode == true {
-			return append(dst, buf...), AuthError
-		} else {
-			return nil, AuthError
+			return append(dst, buf...), ErrAuth
 		}
+		return nil, ErrAuth
 	}
 
 	return append(dst, buf...), nil
author	Jakob Unterwurzacher	2017-04-24 00:25:02 +0200
committer	Jakob Unterwurzacher	2017-04-24 00:25:02 +0200
commit	3409ade2723d931097560fbbe35e461553c5912c (patch)
tree	c12f3eb3fa93eba352170ab597d70d6a72498ce2 /internal/stupidgcm/stupidgcm.go
parent	f1945c4daae65074cfca8f0ab5b97ac5a50c24a0 (diff)