13 files changed, 25 insertions, 26 deletions
diff --git a/cryptfs/cryptfs.go b/cryptfs/cryptfs.go
index 5832e36..58cca74 100644
--- a/cryptfs/cryptfs.go
+++ b/cryptfs/cryptfs.go
@@ -24,7 +24,7 @@ type CryptFS struct {
 	plainBS     uint64
 	cipherBS    uint64
 	// Stores an all-zero block of size cipherBS
-	allZeroBlock   []byte
+	allZeroBlock []byte
 	// DirIV cache for filename encryption
 	DirIVCacheEnc DirIVCache
 }
@@ -53,11 +53,11 @@ func NewCryptFS(key []byte, useOpenssl bool, plaintextNames bool) *CryptFS {
 	cipherBS := DEFAULT_PLAINBS + NONCE_LEN + AUTH_TAG_LEN
 
 	return &CryptFS{
-		blockCipher:    b,
-		gcm:            gcm,
-		plainBS:        DEFAULT_PLAINBS,
-		cipherBS:       uint64(cipherBS),
-		allZeroBlock:   make([]byte, cipherBS),
+		blockCipher:  b,
+		gcm:          gcm,
+		plainBS:      DEFAULT_PLAINBS,
+		cipherBS:     uint64(cipherBS),
+		allZeroBlock: make([]byte, cipherBS),
 	}
 }
 
diff --git a/cryptfs/cryptfs_content.go b/cryptfs/cryptfs_content.go
index cfd488b..25293a7 100644
--- a/cryptfs/cryptfs_content.go
+++ b/cryptfs/cryptfs_content.go
@@ -86,7 +86,7 @@ func (be *CryptFS) DecryptBlock(ciphertext []byte, blockNo uint64, fileId []byte
 }
 
 // encryptBlock - Encrypt and add IV and MAC
-func (be *CryptFS) EncryptBlock(plaintext []byte, blockNo uint64, fileId []byte) []byte {
+func (be *CryptFS) EncryptBlock(plaintext []byte, blockNo uint64, fileID []byte) []byte {
 
 	// Empty block?
 	if len(plaintext) == 0 {
@@ -96,10 +96,12 @@ func (be *CryptFS) EncryptBlock(plaintext []byte, blockNo uint64, fileId []byte)
 	// Get fresh nonce
 	nonce := gcmNonce.Get()
 
-	// Encrypt plaintext and append to nonce
+	// Authenticate block with block number and file ID
 	aData := make([]byte, 8)
 	binary.BigEndian.PutUint64(aData, blockNo)
-	aData = append(aData, fileId...)
+	aData = append(aData, fileID...)
+
+	// Encrypt plaintext and append to nonce
 	ciphertext := be.gcm.Seal(nonce, nonce, plaintext, aData)
 
 	return ciphertext
diff --git a/cryptfs/gcm_go14.go b/cryptfs/gcm_go14.go
index 4629df3..b675b51 100644
--- a/cryptfs/gcm_go14.go
+++ b/cryptfs/gcm_go14.go
@@ -3,15 +3,15 @@
 package cryptfs
 
 import (
-	"fmt"
 	"crypto/cipher"
+	"fmt"
 )
 
 // goGCMWrapper - This wrapper makes sure gocryptfs can be compiled on Go
 // versions 1.4 and lower that lack NewGCMWithNonceSize().
 // 128 bit GCM IVs will not work when using built-in Go crypto, obviously, when
 // compiled on 1.4.
-func goGCMWrapper(bc cipher.Block, nonceSize int) (cipher.AEAD, error){
+func goGCMWrapper(bc cipher.Block, nonceSize int) (cipher.AEAD, error) {
 	if nonceSize != 12 {
 		Warn.Printf("128 bit GCM IVs are not supported by Go 1.4 and lower.\n")
 		Warn.Printf("Please use openssl crypto or recompile using a newer Go runtime.\n")
diff --git a/cryptfs/gcm_go15.go b/cryptfs/gcm_go15.go
index 7696437..3a8055e 100644
--- a/cryptfs/gcm_go15.go
+++ b/cryptfs/gcm_go15.go
@@ -10,6 +10,6 @@ import (
 // versions 1.4 and lower that lack NewGCMWithNonceSize().
 // 128 bit GCM IVs will not work when using built-in Go crypto, obviously, when
 // compiled on 1.4.
-func goGCMWrapper(bc cipher.Block, nonceSize int) (cipher.AEAD, error){
+func goGCMWrapper(bc cipher.Block, nonceSize int) (cipher.AEAD, error) {
 	return cipher.NewGCMWithNonceSize(bc, nonceSize)
 }
diff --git a/cryptfs/log.go b/cryptfs/log.go
index a7fe579..8a6ace8 100644
--- a/cryptfs/log.go
+++ b/cryptfs/log.go
@@ -1,9 +1,9 @@
 package cryptfs
 
 import (
+	"encoding/json"
 	"fmt"
 	"strings"
-	"encoding/json"
 )
 
 type logChannel struct {
diff --git a/cryptfs/nonce.go b/cryptfs/nonce.go
index a122ea5..3abfefa 100644
--- a/cryptfs/nonce.go
+++ b/cryptfs/nonce.go
@@ -1,9 +1,9 @@
 package cryptfs
 
 import (
-	"encoding/binary"
 	"bytes"
 	"crypto/rand"
+	"encoding/binary"
 	"encoding/hex"
 	"fmt"
 )
diff --git a/integration_tests/cli_test.go b/integration_tests/cli_test.go
index dec28a2..5e8902d 100644
--- a/integration_tests/cli_test.go
+++ b/integration_tests/cli_test.go
@@ -104,7 +104,7 @@ func TestInitPlaintextNames(t *testing.T) {
 	if err == nil {
 		t.Errorf("gocryptfs.diriv should not have been created with -plaintextnames")
 	}
-	_, cf, err := cryptfs.LoadConfFile(dir + cryptfs.ConfDefaultName, "test")
+	_, cf, err := cryptfs.LoadConfFile(dir+cryptfs.ConfDefaultName, "test")
 	if err != nil {
 		t.Fatal(err)
 	}
diff --git a/integration_tests/helpers.go b/integration_tests/helpers.go
index 7c4aeef..8eb5379 100644
--- a/integration_tests/helpers.go
+++ b/integration_tests/helpers.go
@@ -1,13 +1,13 @@
 package integration_tests
 
 import (
-	"syscall"
 	"crypto/md5"
 	"encoding/hex"
 	"fmt"
 	"io/ioutil"
 	"os"
 	"os/exec"
+	"syscall"
 	"testing"
 
 	"github.com/rfjakob/gocryptfs/cryptfs"
@@ -143,7 +143,7 @@ func testMkdirRmdir(t *testing.T, plainDir string) {
 	if errno != syscall.ENOTEMPTY {
 		t.Errorf("Should have gotten ENOTEMPTY, go %v", errno)
 	}
-	if syscall.Unlink(dir + "/file") != nil {
+	if syscall.Unlink(dir+"/file") != nil {
 		t.Fatal(err)
 	}
 	if syscall.Rmdir(dir) != nil {
@@ -164,8 +164,8 @@ func testMkdirRmdir(t *testing.T, plainDir string) {
 
 // Create and rename a file
 func testRename(t *testing.T, plainDir string) {
-	file1 := plainDir+"rename1"
-	file2 := plainDir+"rename2"
+	file1 := plainDir + "rename1"
+	file2 := plainDir + "rename2"
 	err := ioutil.WriteFile(file1, []byte("content"), 0777)
 	if err != nil {
 		t.Fatal(err)
diff --git a/integration_tests/main_test.go b/integration_tests/main_test.go
index cfa481d..f4ff544 100644
--- a/integration_tests/main_test.go
+++ b/integration_tests/main_test.go
@@ -333,7 +333,6 @@ func TestRename(t *testing.T) {
 	testRename(t, defaultPlainDir)
 }
 
-
 // Overwrite an empty directory with another directory
 func TestDirOverwrite(t *testing.T) {
 	dir1 := defaultPlainDir + "DirOverwrite1"
diff --git a/pathfs_frontend/file.go b/pathfs_frontend/file.go
index 1470da2..cf6b192 100644
--- a/pathfs_frontend/file.go
+++ b/pathfs_frontend/file.go
@@ -261,7 +261,6 @@ func (f *file) doWrite(data []byte, off int64) (uint32, fuse.Status) {
 			cryptfs.Debug.Printf("len(oldData)=%d len(blockData)=%d\n", len(oldData), len(blockData))
 		}
 
-		// Write
 		blockOffset, blockLen := b.CiphertextRange()
 		blockData = f.cfs.EncryptBlock(blockData, b.BlockNo, f.header.Id)
 		cryptfs.Debug.Printf("ino%d: Writing %d bytes to block #%d, md5=%s\n",
@@ -276,6 +275,8 @@ func (f *file) doWrite(data []byte, off int64) (uint32, fuse.Status) {
 			status = fuse.ToStatus(err)
 			break
 		}
+
+		// Write
 		f.fdLock.Lock()
 		_, err = f.fd.WriteAt(blockData, int64(blockOffset))
 		f.fdLock.Unlock()
diff --git a/pathfs_frontend/fs.go b/pathfs_frontend/fs.go
index c7a9888..f853556 100644
--- a/pathfs_frontend/fs.go
+++ b/pathfs_frontend/fs.go
@@ -244,8 +244,6 @@ func (fs *FS) Readlink(path string, context *fuse.Context) (out string, status f
 	return string(target), fuse.OK
 }
 
-
-
 func (fs *FS) Unlink(path string, context *fuse.Context) (code fuse.Status) {
 	if fs.isFiltered(path) {
 		return fuse.EPERM
diff --git a/pathfs_frontend/fs_dir.go b/pathfs_frontend/fs_dir.go
index 95257bb..9b319f8 100644
--- a/pathfs_frontend/fs_dir.go
+++ b/pathfs_frontend/fs_dir.go
@@ -1,10 +1,10 @@
 package pathfs_frontend
 
 import (
+	"fmt"
 	"os"
 	"path/filepath"
 	"syscall"
-	"fmt"
 
 	"github.com/hanwen/go-fuse/fuse"
 	"github.com/rfjakob/gocryptfs/cryptfs"
@@ -85,7 +85,7 @@ func (fs *FS) Rmdir(name string, context *fuse.Context) (code fuse.Status) {
 			cryptfs.Debug.Printf("Rmdir: Chmod failed: %v\n", err2)
 			return fuse.ToStatus(err)
 		}
-		defer func () {
+		defer func() {
 			if code != fuse.OK {
 				// Undo the chmod if removing the directory failed
 				err3 := os.Chmod(encPath, origMode)
diff --git a/pathfs_frontend/names.go b/pathfs_frontend/names.go
index e1783a6..219942e 100644
--- a/pathfs_frontend/names.go
+++ b/pathfs_frontend/names.go
@@ -24,7 +24,6 @@ func (fs *FS) isFiltered(path string) bool {
 	return false
 }
 
-
 // encryptPath - encrypt relative plaintext path
 func (fs *FS) encryptPath(plainPath string) (string, error) {
 	if fs.args.PlaintextNames {