15 files changed, 120 insertions, 121 deletions
diff --git a/cryptfs/config_file.go b/cryptfs/config_file.go
index a3f6ba3..74eb3b2 100644
--- a/cryptfs/config_file.go
+++ b/cryptfs/config_file.go
@@ -1,8 +1,8 @@
 package cryptfs
 
 import (
-	"io/ioutil"
 	"encoding/json"
+	"io/ioutil"
 )
 import "os"
 
diff --git a/cryptfs/content_test.go b/cryptfs/content_test.go
index 8f1d48b..ab48b21 100644
--- a/cryptfs/content_test.go
+++ b/cryptfs/content_test.go
@@ -1,8 +1,8 @@
 package cryptfs
 
 import (
-	"testing"
 	"fmt"
+	"testing"
 )
 
 type testRange struct {
@@ -22,9 +22,9 @@ func TestSplitRange(t *testing.T) {
 	key := make([]byte, 16)
 	f := NewCryptFS(key, true)
 
-	for _, r := range(ranges) {
+	for _, r := range ranges {
 		parts := f.SplitRange(r.offset, r.length)
-		for _, p := range(parts) {
+		for _, p := range parts {
 			if p.Length > DEFAULT_PLAINBS || p.Skip >= DEFAULT_PLAINBS {
 				fmt.Printf("Test fail: n=%d, length=%d, offset=%d\n", p.BlockNo, p.Length, p.Skip)
 				t.Fail()
@@ -45,15 +45,15 @@ func TestCiphertextRange(t *testing.T) {
 	key := make([]byte, 16)
 	f := NewCryptFS(key, true)
 
-	for _, r := range(ranges) {
+	for _, r := range ranges {
 		alignedOffset, alignedLength, skipBytes := f.CiphertextRange(r.offset, r.length)
 		if alignedLength < r.length {
 			t.Fail()
 		}
-		if alignedOffset % f.cipherBS != 0 {
+		if alignedOffset%f.cipherBS != 0 {
 			t.Fail()
 		}
-		if r.offset % f.plainBS != 0 && skipBytes == 0 {
+		if r.offset%f.plainBS != 0 && skipBytes == 0 {
 			t.Fail()
 		}
 	}
diff --git a/cryptfs/cryptfs.go b/cryptfs/cryptfs.go
index 46f5b65..c58481c 100644
--- a/cryptfs/cryptfs.go
+++ b/cryptfs/cryptfs.go
@@ -3,23 +3,23 @@ package cryptfs
 // CryptFS is the crypto backend of GoCryptFS
 
 import (
-	"fmt"
-	"crypto/cipher"
 	"crypto/aes"
+	"crypto/cipher"
+	"fmt"
 )
 
 const (
-	KEY_LEN = 16
-	NONCE_LEN = 12
-	AUTH_TAG_LEN = 16
+	KEY_LEN         = 16
+	NONCE_LEN       = 12
+	AUTH_TAG_LEN    = 16
 	DEFAULT_PLAINBS = 4096
 )
 
 type CryptFS struct {
 	blockCipher cipher.Block
-	gcm cipher.AEAD
-	plainBS	uint64
-	cipherBS uint64
+	gcm         cipher.AEAD
+	plainBS     uint64
+	cipherBS    uint64
 	// Stores an all-zero block of size cipherBS
 	allZeroBlock []byte
 }
@@ -50,10 +50,10 @@ func NewCryptFS(key []byte, useOpenssl bool) *CryptFS {
 	cipherBS := DEFAULT_PLAINBS + NONCE_LEN + AUTH_TAG_LEN
 
 	return &CryptFS{
-		blockCipher: b,
-		gcm: gcm,
-		plainBS: DEFAULT_PLAINBS,
-		cipherBS: uint64(cipherBS),
+		blockCipher:  b,
+		gcm:          gcm,
+		plainBS:      DEFAULT_PLAINBS,
+		cipherBS:     uint64(cipherBS),
 		allZeroBlock: make([]byte, cipherBS),
 	}
 }
diff --git a/cryptfs/cryptfs_content.go b/cryptfs/cryptfs_content.go
index 761fef5..6444b8b 100644
--- a/cryptfs/cryptfs_content.go
+++ b/cryptfs/cryptfs_content.go
@@ -4,11 +4,11 @@ package cryptfs
 
 import (
 	"bytes"
-	"os"
-	"errors"
 	"crypto/cipher"
 	"crypto/md5"
 	"encoding/hex"
+	"errors"
+	"os"
 )
 
 const (
@@ -25,7 +25,7 @@ func md5sum(buf []byte) string {
 
 type CryptFile struct {
 	file *os.File
-	gcm cipher.AEAD
+	gcm  cipher.AEAD
 }
 
 // DecryptBlocks - Decrypt a number of blocks
@@ -113,7 +113,7 @@ func (be *CryptFS) SplitRange(offset uint64, length uint64) []intraBlock {
 	for length > 0 {
 		b.BlockNo = offset / be.plainBS
 		b.Skip = offset % be.plainBS
-		b.Length = be.minu64(length, be.plainBS - b.Skip)
+		b.Length = be.minu64(length, be.plainBS-b.Skip)
 		parts = append(parts, b)
 		offset += b.Length
 		length -= b.Length
@@ -131,7 +131,7 @@ func (be *CryptFS) PlainSize(size uint64) uint64 {
 
 	overhead := be.cipherBS - be.plainBS
 	nBlocks := (size + be.cipherBS - 1) / be.cipherBS
-	if nBlocks * overhead > size {
+	if nBlocks*overhead > size {
 		Warn.Printf("PlainSize: Negative size, returning 0 instead\n")
 		return 0
 	}
@@ -164,7 +164,7 @@ func (be *CryptFS) CiphertextRange(offset uint64, length uint64) (alignedOffset
 	skip := offset % be.plainBS
 
 	firstBlockNo := offset / be.plainBS
-	lastBlockNo := ( offset + length - 1 ) / be.plainBS
+	lastBlockNo := (offset + length - 1) / be.plainBS
 
 	alignedOffset = firstBlockNo * be.cipherBS
 	alignedLength = (lastBlockNo - firstBlockNo + 1) * be.cipherBS
@@ -191,10 +191,10 @@ func (be *CryptFS) CropPlaintext(plaintext []byte, blocks []intraBlock) []byte {
 	last := blocks[len(blocks)-1]
 	length := (last.BlockNo - blocks[0].BlockNo + 1) * be.plainBS
 	var cropped []byte
-	if offset + length > uint64(len(plaintext)) {
+	if offset+length > uint64(len(plaintext)) {
 		cropped = plaintext[offset:len(plaintext)]
 	} else {
-		cropped = plaintext[offset:offset+length]
+		cropped = plaintext[offset : offset+length]
 	}
 	return cropped
 }
@@ -209,7 +209,7 @@ func (be *CryptFS) MergeBlocks(oldData []byte, newData []byte, offset int) []byt
 	// Copy old and new data into it
 	copy(out, oldData)
 	l := len(newData)
-	copy(out[offset:offset + l], newData)
+	copy(out[offset:offset+l], newData)
 
 	// Crop to length
 	outLen := len(oldData)
@@ -222,10 +222,10 @@ func (be *CryptFS) MergeBlocks(oldData []byte, newData []byte, offset int) []byt
 
 // Get the block number at plain-text offset
 func (be *CryptFS) BlockNoPlainOff(plainOffset uint64) uint64 {
-		return plainOffset / be.plainBS
+	return plainOffset / be.plainBS
 }
 
 // Get the block number at ciphter-text offset
 func (be *CryptFS) BlockNoCipherOff(cipherOffset uint64) uint64 {
-		return cipherOffset / be.cipherBS
+	return cipherOffset / be.cipherBS
 }
diff --git a/cryptfs/cryptfs_names.go b/cryptfs/cryptfs_names.go
index f694fa5..5476b17 100644
--- a/cryptfs/cryptfs_names.go
+++ b/cryptfs/cryptfs_names.go
@@ -3,12 +3,12 @@ package cryptfs
 // Filename encryption / decryption function
 
 import (
-	"crypto/cipher"
 	"crypto/aes"
-	"fmt"
-	"strings"
+	"crypto/cipher"
 	"encoding/base64"
 	"errors"
+	"fmt"
+	"strings"
 )
 
 const (
@@ -30,7 +30,7 @@ func (be *CryptFS) decryptName(cipherName string) (string, error) {
 		return "", err
 	}
 
-	if len(bin) % aes.BlockSize != 0 {
+	if len(bin)%aes.BlockSize != 0 {
 		return "", errors.New(fmt.Sprintf("Name len=%d is not a multiple of 16", len(bin)))
 	}
 
@@ -120,7 +120,7 @@ func (be *CryptFS) pad16(orig []byte) (padded []byte) {
 	if oldLen == 0 {
 		panic("Padding zero-length string makes no sense")
 	}
-	padLen := aes.BlockSize - oldLen % aes.BlockSize
+	padLen := aes.BlockSize - oldLen%aes.BlockSize
 	if padLen == 0 {
 		padLen = aes.BlockSize
 	}
@@ -137,11 +137,11 @@ func (be *CryptFS) pad16(orig []byte) (padded []byte) {
 // unPad16 - remove padding
 func (be *CryptFS) unPad16(orig []byte) ([]byte, error) {
 	oldLen := len(orig)
-	if oldLen % aes.BlockSize != 0 {
+	if oldLen%aes.BlockSize != 0 {
 		return nil, errors.New("Unaligned size")
 	}
 	// The last byte is always a padding byte
-	padByte := orig[oldLen -1]
+	padByte := orig[oldLen-1]
 	// The padding byte's value is the padding length
 	padLen := int(padByte)
 	// Padding must be at least 1 byte
diff --git a/cryptfs/intrablock.go b/cryptfs/intrablock.go
index 552cb3c..7f3a1eb 100644
--- a/cryptfs/intrablock.go
+++ b/cryptfs/intrablock.go
@@ -2,10 +2,10 @@ package cryptfs
 
 // intraBlock identifies a part of a file block
 type intraBlock struct {
-	BlockNo uint64  // Block number in file
-	Skip    uint64  // Offset into block plaintext
-	Length  uint64  // Length of data from this block
-	fs    *CryptFS
+	BlockNo uint64 // Block number in file
+	Skip    uint64 // Offset into block plaintext
+	Length  uint64 // Length of data from this block
+	fs      *CryptFS
 }
 
 // isPartial - is the block partial? This means we have to do read-modify-write.
@@ -29,9 +29,9 @@ func (ib *intraBlock) PlaintextRange() (offset uint64, length uint64) {
 }
 
 // CropBlock - crop a potentially larger plaintext block down to the relevant part
-func (ib *intraBlock) CropBlock(d []byte) []byte{
+func (ib *intraBlock) CropBlock(d []byte) []byte {
 	lenHave := len(d)
-	lenWant := int(ib.Skip+ib.Length)
+	lenWant := int(ib.Skip + ib.Length)
 	if lenHave < lenWant {
 		return d[ib.Skip:lenHave]
 	}
diff --git a/cryptfs/kdf.go b/cryptfs/kdf.go
index 275c72e..32870cd 100644
--- a/cryptfs/kdf.go
+++ b/cryptfs/kdf.go
@@ -12,10 +12,10 @@ const (
 )
 
 type scryptKdf struct {
-	Salt []byte
-	N int
-	R int
-	P int
+	Salt   []byte
+	N      int
+	R      int
+	P      int
 	KeyLen int
 }
 
diff --git a/cryptfs/names_test.go b/cryptfs/names_test.go
index 7e20690..dd57242 100644
--- a/cryptfs/names_test.go
+++ b/cryptfs/names_test.go
@@ -1,8 +1,8 @@
 package cryptfs
 
 import (
-	"testing"
 	"bytes"
+	"testing"
 )
 
 func TestTranslatePath(t *testing.T) {
@@ -14,7 +14,7 @@ func TestTranslatePath(t *testing.T) {
 	key := make([]byte, 16)
 	fs := NewCryptFS(key, true)
 
-	for _, n := range(s) {
+	for _, n := range s {
 		c := fs.EncryptPath(n)
 		d, err := fs.DecryptPath(c)
 		if err != nil {
@@ -36,13 +36,13 @@ func TestPad16(t *testing.T) {
 	key := make([]byte, 16)
 	fs := NewCryptFS(key, true)
 
-	for i := range(s) {
+	for i := range s {
 		orig := s[i]
 		padded := fs.pad16(orig)
 		if len(padded) <= len(orig) {
 			t.Errorf("Padded length not bigger than orig: %d", len(padded))
 		}
-		if len(padded) % 16 != 0 {
+		if len(padded)%16 != 0 {
 			t.Errorf("Length is not aligend: %d", len(padded))
 		}
 		unpadded, err := fs.unPad16(padded)
@@ -52,7 +52,7 @@ func TestPad16(t *testing.T) {
 		if len(unpadded) != len(orig) {
 			t.Errorf("Size mismatch: orig=%d unpadded=%d", len(s[i]), len(unpadded))
 		}
-		if ! bytes.Equal(orig, unpadded) {
+		if !bytes.Equal(orig, unpadded) {
 			t.Error("Content mismatch orig vs unpadded")
 		}
 	}
diff --git a/cryptfs/nonce.go b/cryptfs/nonce.go
index 3e464a3..80134c3 100644
--- a/cryptfs/nonce.go
+++ b/cryptfs/nonce.go
@@ -1,17 +1,17 @@
 package cryptfs
 
 import (
+	"crypto/rand"
 	"encoding/binary"
 	"encoding/hex"
 	"sync"
-	"crypto/rand"
 )
 
 type nonce96 struct {
-	lock sync.Mutex
+	lock   sync.Mutex
 	high32 uint32
-	low64 uint64
-	ready int
+	low64  uint64
+	ready  int
 }
 
 var gcmNonce nonce96
diff --git a/cryptfs/openssl_aead.go b/cryptfs/openssl_aead.go
index 02f50d8..b743a3e 100644
--- a/cryptfs/openssl_aead.go
+++ b/cryptfs/openssl_aead.go
@@ -66,8 +66,8 @@ func (be opensslGCM) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) {
 	}
 
 	l := len(ciphertext)
-	tag := ciphertext[l-AUTH_TAG_LEN:l]
-	ciphertext = ciphertext[0:l-AUTH_TAG_LEN]
+	tag := ciphertext[l-AUTH_TAG_LEN : l]
+	ciphertext = ciphertext[0 : l-AUTH_TAG_LEN]
 	plainBuf := bytes.NewBuffer(dst)
 
 	dctx, err := openssl.NewGCMDecryptionCipherCtx(128, nil, be.key[:], nonce[:])
diff --git a/main.go b/main.go
index 35f83b6..5bd3cbb 100644
--- a/main.go
+++ b/main.go
@@ -1,18 +1,18 @@
 package main
 
 import (
-	"runtime/pprof"
-	"io/ioutil"
+	"encoding/hex"
 	"flag"
 	"fmt"
+	"io/ioutil"
 	"os"
 	"path/filepath"
-	"time"
-	"encoding/hex"
 	"runtime"
+	"runtime/pprof"
+	"time"
 
-	"github.com/rfjakob/gocryptfs/pathfs_frontend"
 	"github.com/rfjakob/gocryptfs/cryptfs"
+	"github.com/rfjakob/gocryptfs/pathfs_frontend"
 
 	"golang.org/x/crypto/ssh/terminal"
 
@@ -23,41 +23,41 @@ import (
 
 const (
 	USE_CLUEFS   = false // Use cluefs or pathfs FUSE frontend
-	USE_OPENSSL  = true // 3x speed increase compared to Go's built-in GCM
+	USE_OPENSSL  = true  // 3x speed increase compared to Go's built-in GCM
 	PATHFS_DEBUG = false
 
 	PROGRAM_NAME = "gocryptfs"
 
 	// Exit codes
-	ERREXIT_USAGE  = 1
-	ERREXIT_NEWFS  = 2
-	ERREXIT_MOUNT  = 3
-	ERREXIT_SERVE  = 4
-	ERREXIT_MOUNT2 = 5
+	ERREXIT_USAGE     = 1
+	ERREXIT_NEWFS     = 2
+	ERREXIT_MOUNT     = 3
+	ERREXIT_SERVE     = 4
+	ERREXIT_MOUNT2    = 5
 	ERREXIT_CIPHERDIR = 6
-	ERREXIT_INIT = 7
-	ERREXIT_LOADCONF = 8
-	ERREXIT_PASSWORD = 9
+	ERREXIT_INIT      = 7
+	ERREXIT_LOADCONF  = 8
+	ERREXIT_PASSWORD  = 9
 )
 
 func initDir(dirArg string) {
-		dir, _ := filepath.Abs(dirArg)
+	dir, _ := filepath.Abs(dirArg)
 
-		if dirEmpty(dir) == false {
-			fmt.Printf("Error: Directory \"%s\" is not empty\n", dirArg)
-			os.Exit(ERREXIT_INIT)
-		}
+	if dirEmpty(dir) == false {
+		fmt.Printf("Error: Directory \"%s\" is not empty\n", dirArg)
+		os.Exit(ERREXIT_INIT)
+	}
 
-		confName := filepath.Join(dir, cryptfs.ConfDefaultName)
-		fmt.Printf("Choose a password for protecting your files.\n")
-		password := readPasswordTwice()
-		err := cryptfs.CreateConfFile(confName, password)
-		if err != nil {
-			fmt.Println(err)
-			os.Exit(ERREXIT_INIT)
-		}
-		fmt.Printf("The filesystem is now ready for mounting.\n")
-		os.Exit(0)
+	confName := filepath.Join(dir, cryptfs.ConfDefaultName)
+	fmt.Printf("Choose a password for protecting your files.\n")
+	password := readPasswordTwice()
+	err := cryptfs.CreateConfFile(confName, password)
+	if err != nil {
+		fmt.Println(err)
+		os.Exit(ERREXIT_INIT)
+	}
+	fmt.Printf("The filesystem is now ready for mounting.\n")
+	os.Exit(0)
 }
 
 func main() {
@@ -74,15 +74,15 @@ func main() {
 
 	flag.Parse()
 	if *cpuprofile != "" {
-        f, err := os.Create(*cpuprofile)
-        if err != nil {
-            fmt.Println(err)
+		f, err := os.Create(*cpuprofile)
+		if err != nil {
+			fmt.Println(err)
 			os.Exit(ERREXIT_INIT)
-        }
+		}
 		fmt.Printf("Writing CPU profile to %s\n", *cpuprofile)
-        pprof.StartCPUProfile(f)
-        defer pprof.StopCPUProfile()
-    }
+		pprof.StartCPUProfile(f)
+		defer pprof.StopCPUProfile()
+	}
 	if debug {
 		cryptfs.Debug.Enable()
 		cryptfs.Debug.Printf("Debug output enabled\n")
@@ -206,9 +206,9 @@ func pathfsFrontend(key []byte, cipherdir string, mountpoint string, debug bool)
 	mOpts.AllowOther = false
 	// Set values shown in "df -T" and friends
 	// First column, "Filesystem"
-	mOpts.Options = append(mOpts.Options, "fsname=" + cipherdir)
+	mOpts.Options = append(mOpts.Options, "fsname="+cipherdir)
 	// Second column, "Type", will be shown as "fuse." + Name
-	mOpts.Name="gocryptfs"
+	mOpts.Name = "gocryptfs"
 
 	state, err := fuse.NewServer(conn.RawFS(), mountpoint, &mOpts)
 	if err != nil {
diff --git a/main_test.go b/main_test.go
index dba3ef1..de433c7 100644
--- a/main_test.go
+++ b/main_test.go
@@ -227,12 +227,12 @@ func BenchmarkStreamRead(t *testing.B) {
 	if t.N > mb {
 		// Grow file so we can satisfy the test
 		fmt.Printf("Growing file to %d MB... ", t.N)
-		f2, err := os.OpenFile(fn, os.O_WRONLY | os.O_APPEND, 0666)
+		f2, err := os.OpenFile(fn, os.O_WRONLY|os.O_APPEND, 0666)
 		if err != nil {
 			fmt.Println(err)
 			t.FailNow()
 		}
-		for h := 0; h < t.N - mb ; h++ {
+		for h := 0; h < t.N-mb; h++ {
 			_, err = f2.Write(buf)
 			if err != nil {
 				fmt.Println(err)
diff --git a/openssl_benchmark/openssl_test.go b/openssl_benchmark/openssl_test.go
index f0b7bc5..e80410f 100644
--- a/openssl_benchmark/openssl_test.go
+++ b/openssl_benchmark/openssl_test.go
@@ -7,10 +7,10 @@ package benchmark
 
 import (
 	"bytes"
-	"testing"
-	"github.com/spacemonkeygo/openssl"
 	"crypto/aes"
 	"crypto/cipher"
+	"github.com/spacemonkeygo/openssl"
+	"testing"
 )
 
 func BenchmarkAESGCMSeal4K(b *testing.B) {
@@ -86,7 +86,7 @@ func BenchmarkOpensslGCMenc4K(b *testing.B) {
 
 func BenchmarkOpensslGCMdec4K(b *testing.B) {
 	buf := makeOpensslCiphertext()
-	b.SetBytes(int64(1024*4))
+	b.SetBytes(int64(1024 * 4))
 
 	tag := buf[4096:]
 	buf = buf[0:4096]
diff --git a/pathfs_frontend/file.go b/pathfs_frontend/file.go
index cc8de17..43114b2 100644
--- a/pathfs_frontend/file.go
+++ b/pathfs_frontend/file.go
@@ -1,9 +1,9 @@
 package pathfs_frontend
 
 import (
-	"io"
 	"bytes"
 	"fmt"
+	"io"
 	"os"
 	"sync"
 	"syscall"
@@ -40,10 +40,10 @@ func NewFile(fd *os.File, writeOnly bool, cfs *cryptfs.CryptFS) nodefs.File {
 	syscall.Fstat(int(fd.Fd()), &st)
 
 	return &file{
-		fd: fd,
+		fd:        fd,
 		writeOnly: writeOnly,
-		cfs: cfs,
-		ino: st.Ino,
+		cfs:       cfs,
+		ino:       st.Ino,
 	}
 }
 
@@ -101,7 +101,7 @@ func (f *file) doRead(off uint64, length uint64) ([]byte, fuse.Status) {
 	lenHave := len(plaintext)
 	lenWant := skip + int(length)
 	if lenHave > lenWant {
-		out = plaintext[skip:skip +  int(length)]
+		out = plaintext[skip : skip+int(length)]
 	} else if lenHave > skip {
 		out = plaintext[skip:lenHave]
 	} else {
@@ -139,7 +139,7 @@ func (f *file) doWrite(data []byte, off int64) (uint32, fuse.Status) {
 	status := fuse.OK
 	dataBuf := bytes.NewBuffer(data)
 	blocks := f.cfs.SplitRange(uint64(off), uint64(len(data)))
-	for _, b := range(blocks) {
+	for _, b := range blocks {
 
 		blockData := dataBuf.Next(int(b.Length))
 
@@ -180,7 +180,7 @@ func (f *file) doWrite(data []byte, off int64) (uint32, fuse.Status) {
 
 // Write - FUSE call
 func (f *file) Write(data []byte, off int64) (uint32, fuse.Status) {
-	cryptfs.Debug.Printf("ino%d: FUSE Write %s: offset=%d length=%d\n", f.ino, off, len(data))
+	cryptfs.Debug.Printf("ino%d: FUSE Write: offset=%d length=%d\n", f.ino, off, len(data))
 
 	fi, err := f.fd.Stat()
 	if err != nil {
@@ -248,8 +248,8 @@ func (f *file) Truncate(newSize uint64) fuse.Status {
 
 	// File grows
 	if newSize > oldSize {
-		blocks := f.cfs.SplitRange(oldSize, newSize - oldSize)
-		for _, b := range(blocks) {
+		blocks := f.cfs.SplitRange(oldSize, newSize-oldSize)
+		for _, b := range blocks {
 			// First and last block may be partial
 			if b.IsPartial() {
 				off, _ := b.PlaintextRange()
@@ -261,7 +261,7 @@ func (f *file) Truncate(newSize uint64) fuse.Status {
 			} else {
 				off, length := b.CiphertextRange()
 				f.lock.Lock()
-				err := syscall.Ftruncate(int(f.fd.Fd()), int64(off + length))
+				err := syscall.Ftruncate(int(f.fd.Fd()), int64(off+length))
 				f.lock.Unlock()
 				if err != nil {
 					cryptfs.Warn.Printf("grow Ftruncate returned error: %v", err)
@@ -270,7 +270,7 @@ func (f *file) Truncate(newSize uint64) fuse.Status {
 			}
 		}
 		return fuse.OK
-	// File shrinks
+		// File shrinks
 	} else {
 		blockNo := f.cfs.BlockNoPlainOff(newSize)
 		lastBlockOff := blockNo * f.cfs.PlainBS()
diff --git a/pathfs_frontend/fs.go b/pathfs_frontend/fs.go
index 247b69e..ba46309 100644
--- a/pathfs_frontend/fs.go
+++ b/pathfs_frontend/fs.go
@@ -1,10 +1,10 @@
 package pathfs_frontend
 
 import (
+	"fmt"
 	"os"
 	"path/filepath"
 	"time"
-	"fmt"
 
 	"github.com/hanwen/go-fuse/fuse"
 	"github.com/hanwen/go-fuse/fuse/nodefs"
@@ -14,17 +14,16 @@ import (
 
 type FS struct {
 	*cryptfs.CryptFS
-	pathfs.FileSystem    // loopbackFileSystem
-	backing string       // Backing directory
+	pathfs.FileSystem        // loopbackFileSystem
+	backing           string // Backing directory
 }
 
 // Encrypted FUSE overlay filesystem
 func NewFS(key []byte, backing string, useOpenssl bool) *FS {
 	return &FS{
-		CryptFS:     cryptfs.NewCryptFS(key, useOpenssl),
-		FileSystem:  pathfs.NewLoopbackFileSystem(backing),
-		backing:     backing,
-
+		CryptFS:    cryptfs.NewCryptFS(key, useOpenssl),
+		FileSystem: pathfs.NewLoopbackFileSystem(backing),
+		backing:    backing,
 	}
 }
 
@@ -52,7 +51,7 @@ func (fs *FS) GetAttr(name string, context *fuse.Context) (*fuse.Attr, fuse.Stat
 
 func (fs *FS) OpenDir(dirName string, context *fuse.Context) ([]fuse.DirEntry, fuse.Status) {
 	cryptfs.Debug.Printf("OpenDir(%s)\n", dirName)
-	cipherEntries, status := fs.FileSystem.OpenDir(fs.EncryptPath(dirName), context);
+	cipherEntries, status := fs.FileSystem.OpenDir(fs.EncryptPath(dirName), context)
 	var plain []fuse.DirEntry
 	if cipherEntries != nil {
 		for i := range cipherEntries {
@@ -76,7 +75,7 @@ func (fs *FS) OpenDir(dirName string, context *fuse.Context) ([]fuse.DirEntry, f
 // We always need read access to do read-modify-write cycles
 func (fs *FS) mangleOpenFlags(flags uint32) (newFlags int, writeOnly bool) {
 	newFlags = int(flags)
-	if newFlags & os.O_WRONLY > 0 {
+	if newFlags&os.O_WRONLY > 0 {
 		writeOnly = true
 		newFlags = newFlags ^ os.O_WRONLY | os.O_RDWR
 	}