From 76311b60f2e208dbd93e1e7b6e9794770c14fede Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sun, 1 Nov 2015 01:32:33 +0100
Subject: Add file header (on-disk-format change)

Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]

Quoting SECURITY.md:

* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
 * This means the position of the blocks is protected as well. The blocks
   can not be reordered or copied between different files without
   causing an decryption error.
---
 cryptfs/content_test.go | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

(limited to 'cryptfs/content_test.go')

diff --git a/cryptfs/content_test.go b/cryptfs/content_test.go
index aa6c9f3..4e1b447 100644
--- a/cryptfs/content_test.go
+++ b/cryptfs/content_test.go
@@ -1,7 +1,6 @@
 package cryptfs
 
 import (
-	"fmt"
 	"testing"
 )
 
@@ -17,6 +16,8 @@ func TestSplitRange(t *testing.T) {
 		testRange{0, 10},
 		testRange{234, 6511},
 		testRange{65444, 54},
+		testRange{0, 1024*1024},
+		testRange{0, 65536},
 		testRange{6654, 8945})
 
 	key := make([]byte, KEY_LEN)
@@ -24,10 +25,14 @@ func TestSplitRange(t *testing.T) {
 
 	for _, r := range ranges {
 		parts := f.SplitRange(r.offset, r.length)
+		var lastBlockNo uint64 = 1<<63
 		for _, p := range parts {
+			if p.BlockNo == lastBlockNo {
+				t.Errorf("Duplicate block number %d", p.BlockNo)
+			}
+			lastBlockNo = p.BlockNo
 			if p.Length > DEFAULT_PLAINBS || p.Skip >= DEFAULT_PLAINBS {
-				fmt.Printf("Test fail: n=%d, length=%d, offset=%d\n", p.BlockNo, p.Length, p.Skip)
-				t.Fail()
+				t.Errorf("Test fail: n=%d, length=%d, offset=%d\n", p.BlockNo, p.Length, p.Skip)
 			}
 		}
 	}
@@ -48,13 +53,13 @@ func TestCiphertextRange(t *testing.T) {
 	for _, r := range ranges {
 		alignedOffset, alignedLength, skipBytes := f.CiphertextRange(r.offset, r.length)
 		if alignedLength < r.length {
-			t.Fail()
+			t.Errorf("alignedLength=%s is smaller than length=%d", alignedLength, r.length)
 		}
-		if alignedOffset%f.cipherBS != 0 {
-			t.Fail()
+		if (alignedOffset - HEADER_LEN)%f.cipherBS != 0 {
+			t.Errorf("alignedOffset=%d is not aligned", alignedOffset)
 		}
 		if r.offset%f.plainBS != 0 && skipBytes == 0 {
-			t.Fail()
+			t.Errorf("skipBytes=0")
 		}
 	}
 }
@@ -67,7 +72,7 @@ func TestBlockNo(t *testing.T) {
 	if b != 0 {
 		t.Errorf("actual: %d", b)
 	}
-	b = f.BlockNoCipherOff(f.CipherBS())
+	b = f.BlockNoCipherOff(HEADER_LEN + f.CipherBS())
 	if b != 1 {
 		t.Errorf("actual: %d", b)
 	}
-- 
cgit v1.2.3