aboutsummaryrefslogtreecommitdiff
path: root/cryptfs
diff options
context:
space:
mode:
Diffstat (limited to 'cryptfs')
-rw-r--r--cryptfs/config_file.go2
-rw-r--r--cryptfs/content_test.go12
-rw-r--r--cryptfs/cryptfs.go24
-rw-r--r--cryptfs/cryptfs_content.go22
-rw-r--r--cryptfs/cryptfs_names.go14
-rw-r--r--cryptfs/intrablock.go12
-rw-r--r--cryptfs/kdf.go8
-rw-r--r--cryptfs/names_test.go10
-rw-r--r--cryptfs/nonce.go8
-rw-r--r--cryptfs/openssl_aead.go4
10 files changed, 58 insertions, 58 deletions
diff --git a/cryptfs/config_file.go b/cryptfs/config_file.go
index a3f6ba3..74eb3b2 100644
--- a/cryptfs/config_file.go
+++ b/cryptfs/config_file.go
@@ -1,8 +1,8 @@
package cryptfs
import (
- "io/ioutil"
"encoding/json"
+ "io/ioutil"
)
import "os"
diff --git a/cryptfs/content_test.go b/cryptfs/content_test.go
index 8f1d48b..ab48b21 100644
--- a/cryptfs/content_test.go
+++ b/cryptfs/content_test.go
@@ -1,8 +1,8 @@
package cryptfs
import (
- "testing"
"fmt"
+ "testing"
)
type testRange struct {
@@ -22,9 +22,9 @@ func TestSplitRange(t *testing.T) {
key := make([]byte, 16)
f := NewCryptFS(key, true)
- for _, r := range(ranges) {
+ for _, r := range ranges {
parts := f.SplitRange(r.offset, r.length)
- for _, p := range(parts) {
+ for _, p := range parts {
if p.Length > DEFAULT_PLAINBS || p.Skip >= DEFAULT_PLAINBS {
fmt.Printf("Test fail: n=%d, length=%d, offset=%d\n", p.BlockNo, p.Length, p.Skip)
t.Fail()
@@ -45,15 +45,15 @@ func TestCiphertextRange(t *testing.T) {
key := make([]byte, 16)
f := NewCryptFS(key, true)
- for _, r := range(ranges) {
+ for _, r := range ranges {
alignedOffset, alignedLength, skipBytes := f.CiphertextRange(r.offset, r.length)
if alignedLength < r.length {
t.Fail()
}
- if alignedOffset % f.cipherBS != 0 {
+ if alignedOffset%f.cipherBS != 0 {
t.Fail()
}
- if r.offset % f.plainBS != 0 && skipBytes == 0 {
+ if r.offset%f.plainBS != 0 && skipBytes == 0 {
t.Fail()
}
}
diff --git a/cryptfs/cryptfs.go b/cryptfs/cryptfs.go
index 46f5b65..c58481c 100644
--- a/cryptfs/cryptfs.go
+++ b/cryptfs/cryptfs.go
@@ -3,23 +3,23 @@ package cryptfs
// CryptFS is the crypto backend of GoCryptFS
import (
- "fmt"
- "crypto/cipher"
"crypto/aes"
+ "crypto/cipher"
+ "fmt"
)
const (
- KEY_LEN = 16
- NONCE_LEN = 12
- AUTH_TAG_LEN = 16
+ KEY_LEN = 16
+ NONCE_LEN = 12
+ AUTH_TAG_LEN = 16
DEFAULT_PLAINBS = 4096
)
type CryptFS struct {
blockCipher cipher.Block
- gcm cipher.AEAD
- plainBS uint64
- cipherBS uint64
+ gcm cipher.AEAD
+ plainBS uint64
+ cipherBS uint64
// Stores an all-zero block of size cipherBS
allZeroBlock []byte
}
@@ -50,10 +50,10 @@ func NewCryptFS(key []byte, useOpenssl bool) *CryptFS {
cipherBS := DEFAULT_PLAINBS + NONCE_LEN + AUTH_TAG_LEN
return &CryptFS{
- blockCipher: b,
- gcm: gcm,
- plainBS: DEFAULT_PLAINBS,
- cipherBS: uint64(cipherBS),
+ blockCipher: b,
+ gcm: gcm,
+ plainBS: DEFAULT_PLAINBS,
+ cipherBS: uint64(cipherBS),
allZeroBlock: make([]byte, cipherBS),
}
}
diff --git a/cryptfs/cryptfs_content.go b/cryptfs/cryptfs_content.go
index 761fef5..6444b8b 100644
--- a/cryptfs/cryptfs_content.go
+++ b/cryptfs/cryptfs_content.go
@@ -4,11 +4,11 @@ package cryptfs
import (
"bytes"
- "os"
- "errors"
"crypto/cipher"
"crypto/md5"
"encoding/hex"
+ "errors"
+ "os"
)
const (
@@ -25,7 +25,7 @@ func md5sum(buf []byte) string {
type CryptFile struct {
file *os.File
- gcm cipher.AEAD
+ gcm cipher.AEAD
}
// DecryptBlocks - Decrypt a number of blocks
@@ -113,7 +113,7 @@ func (be *CryptFS) SplitRange(offset uint64, length uint64) []intraBlock {
for length > 0 {
b.BlockNo = offset / be.plainBS
b.Skip = offset % be.plainBS
- b.Length = be.minu64(length, be.plainBS - b.Skip)
+ b.Length = be.minu64(length, be.plainBS-b.Skip)
parts = append(parts, b)
offset += b.Length
length -= b.Length
@@ -131,7 +131,7 @@ func (be *CryptFS) PlainSize(size uint64) uint64 {
overhead := be.cipherBS - be.plainBS
nBlocks := (size + be.cipherBS - 1) / be.cipherBS
- if nBlocks * overhead > size {
+ if nBlocks*overhead > size {
Warn.Printf("PlainSize: Negative size, returning 0 instead\n")
return 0
}
@@ -164,7 +164,7 @@ func (be *CryptFS) CiphertextRange(offset uint64, length uint64) (alignedOffset
skip := offset % be.plainBS
firstBlockNo := offset / be.plainBS
- lastBlockNo := ( offset + length - 1 ) / be.plainBS
+ lastBlockNo := (offset + length - 1) / be.plainBS
alignedOffset = firstBlockNo * be.cipherBS
alignedLength = (lastBlockNo - firstBlockNo + 1) * be.cipherBS
@@ -191,10 +191,10 @@ func (be *CryptFS) CropPlaintext(plaintext []byte, blocks []intraBlock) []byte {
last := blocks[len(blocks)-1]
length := (last.BlockNo - blocks[0].BlockNo + 1) * be.plainBS
var cropped []byte
- if offset + length > uint64(len(plaintext)) {
+ if offset+length > uint64(len(plaintext)) {
cropped = plaintext[offset:len(plaintext)]
} else {
- cropped = plaintext[offset:offset+length]
+ cropped = plaintext[offset : offset+length]
}
return cropped
}
@@ -209,7 +209,7 @@ func (be *CryptFS) MergeBlocks(oldData []byte, newData []byte, offset int) []byt
// Copy old and new data into it
copy(out, oldData)
l := len(newData)
- copy(out[offset:offset + l], newData)
+ copy(out[offset:offset+l], newData)
// Crop to length
outLen := len(oldData)
@@ -222,10 +222,10 @@ func (be *CryptFS) MergeBlocks(oldData []byte, newData []byte, offset int) []byt
// Get the block number at plain-text offset
func (be *CryptFS) BlockNoPlainOff(plainOffset uint64) uint64 {
- return plainOffset / be.plainBS
+ return plainOffset / be.plainBS
}
// Get the block number at ciphter-text offset
func (be *CryptFS) BlockNoCipherOff(cipherOffset uint64) uint64 {
- return cipherOffset / be.cipherBS
+ return cipherOffset / be.cipherBS
}
diff --git a/cryptfs/cryptfs_names.go b/cryptfs/cryptfs_names.go
index f694fa5..5476b17 100644
--- a/cryptfs/cryptfs_names.go
+++ b/cryptfs/cryptfs_names.go
@@ -3,12 +3,12 @@ package cryptfs
// Filename encryption / decryption function
import (
- "crypto/cipher"
"crypto/aes"
- "fmt"
- "strings"
+ "crypto/cipher"
"encoding/base64"
"errors"
+ "fmt"
+ "strings"
)
const (
@@ -30,7 +30,7 @@ func (be *CryptFS) decryptName(cipherName string) (string, error) {
return "", err
}
- if len(bin) % aes.BlockSize != 0 {
+ if len(bin)%aes.BlockSize != 0 {
return "", errors.New(fmt.Sprintf("Name len=%d is not a multiple of 16", len(bin)))
}
@@ -120,7 +120,7 @@ func (be *CryptFS) pad16(orig []byte) (padded []byte) {
if oldLen == 0 {
panic("Padding zero-length string makes no sense")
}
- padLen := aes.BlockSize - oldLen % aes.BlockSize
+ padLen := aes.BlockSize - oldLen%aes.BlockSize
if padLen == 0 {
padLen = aes.BlockSize
}
@@ -137,11 +137,11 @@ func (be *CryptFS) pad16(orig []byte) (padded []byte) {
// unPad16 - remove padding
func (be *CryptFS) unPad16(orig []byte) ([]byte, error) {
oldLen := len(orig)
- if oldLen % aes.BlockSize != 0 {
+ if oldLen%aes.BlockSize != 0 {
return nil, errors.New("Unaligned size")
}
// The last byte is always a padding byte
- padByte := orig[oldLen -1]
+ padByte := orig[oldLen-1]
// The padding byte's value is the padding length
padLen := int(padByte)
// Padding must be at least 1 byte
diff --git a/cryptfs/intrablock.go b/cryptfs/intrablock.go
index 552cb3c..7f3a1eb 100644
--- a/cryptfs/intrablock.go
+++ b/cryptfs/intrablock.go
@@ -2,10 +2,10 @@ package cryptfs
// intraBlock identifies a part of a file block
type intraBlock struct {
- BlockNo uint64 // Block number in file
- Skip uint64 // Offset into block plaintext
- Length uint64 // Length of data from this block
- fs *CryptFS
+ BlockNo uint64 // Block number in file
+ Skip uint64 // Offset into block plaintext
+ Length uint64 // Length of data from this block
+ fs *CryptFS
}
// isPartial - is the block partial? This means we have to do read-modify-write.
@@ -29,9 +29,9 @@ func (ib *intraBlock) PlaintextRange() (offset uint64, length uint64) {
}
// CropBlock - crop a potentially larger plaintext block down to the relevant part
-func (ib *intraBlock) CropBlock(d []byte) []byte{
+func (ib *intraBlock) CropBlock(d []byte) []byte {
lenHave := len(d)
- lenWant := int(ib.Skip+ib.Length)
+ lenWant := int(ib.Skip + ib.Length)
if lenHave < lenWant {
return d[ib.Skip:lenHave]
}
diff --git a/cryptfs/kdf.go b/cryptfs/kdf.go
index 275c72e..32870cd 100644
--- a/cryptfs/kdf.go
+++ b/cryptfs/kdf.go
@@ -12,10 +12,10 @@ const (
)
type scryptKdf struct {
- Salt []byte
- N int
- R int
- P int
+ Salt []byte
+ N int
+ R int
+ P int
KeyLen int
}
diff --git a/cryptfs/names_test.go b/cryptfs/names_test.go
index 7e20690..dd57242 100644
--- a/cryptfs/names_test.go
+++ b/cryptfs/names_test.go
@@ -1,8 +1,8 @@
package cryptfs
import (
- "testing"
"bytes"
+ "testing"
)
func TestTranslatePath(t *testing.T) {
@@ -14,7 +14,7 @@ func TestTranslatePath(t *testing.T) {
key := make([]byte, 16)
fs := NewCryptFS(key, true)
- for _, n := range(s) {
+ for _, n := range s {
c := fs.EncryptPath(n)
d, err := fs.DecryptPath(c)
if err != nil {
@@ -36,13 +36,13 @@ func TestPad16(t *testing.T) {
key := make([]byte, 16)
fs := NewCryptFS(key, true)
- for i := range(s) {
+ for i := range s {
orig := s[i]
padded := fs.pad16(orig)
if len(padded) <= len(orig) {
t.Errorf("Padded length not bigger than orig: %d", len(padded))
}
- if len(padded) % 16 != 0 {
+ if len(padded)%16 != 0 {
t.Errorf("Length is not aligend: %d", len(padded))
}
unpadded, err := fs.unPad16(padded)
@@ -52,7 +52,7 @@ func TestPad16(t *testing.T) {
if len(unpadded) != len(orig) {
t.Errorf("Size mismatch: orig=%d unpadded=%d", len(s[i]), len(unpadded))
}
- if ! bytes.Equal(orig, unpadded) {
+ if !bytes.Equal(orig, unpadded) {
t.Error("Content mismatch orig vs unpadded")
}
}
diff --git a/cryptfs/nonce.go b/cryptfs/nonce.go
index 3e464a3..80134c3 100644
--- a/cryptfs/nonce.go
+++ b/cryptfs/nonce.go
@@ -1,17 +1,17 @@
package cryptfs
import (
+ "crypto/rand"
"encoding/binary"
"encoding/hex"
"sync"
- "crypto/rand"
)
type nonce96 struct {
- lock sync.Mutex
+ lock sync.Mutex
high32 uint32
- low64 uint64
- ready int
+ low64 uint64
+ ready int
}
var gcmNonce nonce96
diff --git a/cryptfs/openssl_aead.go b/cryptfs/openssl_aead.go
index 02f50d8..b743a3e 100644
--- a/cryptfs/openssl_aead.go
+++ b/cryptfs/openssl_aead.go
@@ -66,8 +66,8 @@ func (be opensslGCM) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) {
}
l := len(ciphertext)
- tag := ciphertext[l-AUTH_TAG_LEN:l]
- ciphertext = ciphertext[0:l-AUTH_TAG_LEN]
+ tag := ciphertext[l-AUTH_TAG_LEN : l]
+ ciphertext = ciphertext[0 : l-AUTH_TAG_LEN]
plainBuf := bytes.NewBuffer(dst)
dctx, err := openssl.NewGCMDecryptionCipherCtx(128, nil, be.key[:], nonce[:])