...and minimal comment changes.
This commit is contained in:
Jakob Unterwurzacher 2015-12-13 20:10:52 +01:00
parent 8518d6d7bd
commit 00a712b4d1
13 changed files with 25 additions and 26 deletions

View File

@ -24,7 +24,7 @@ type CryptFS struct {
plainBS uint64
cipherBS uint64
// Stores an all-zero block of size cipherBS
allZeroBlock []byte
allZeroBlock []byte
// DirIV cache for filename encryption
DirIVCacheEnc DirIVCache
}
@ -53,11 +53,11 @@ func NewCryptFS(key []byte, useOpenssl bool, plaintextNames bool) *CryptFS {
cipherBS := DEFAULT_PLAINBS + NONCE_LEN + AUTH_TAG_LEN
return &CryptFS{
blockCipher: b,
gcm: gcm,
plainBS: DEFAULT_PLAINBS,
cipherBS: uint64(cipherBS),
allZeroBlock: make([]byte, cipherBS),
blockCipher: b,
gcm: gcm,
plainBS: DEFAULT_PLAINBS,
cipherBS: uint64(cipherBS),
allZeroBlock: make([]byte, cipherBS),
}
}

View File

@ -86,7 +86,7 @@ func (be *CryptFS) DecryptBlock(ciphertext []byte, blockNo uint64, fileId []byte
}
// encryptBlock - Encrypt and add IV and MAC
func (be *CryptFS) EncryptBlock(plaintext []byte, blockNo uint64, fileId []byte) []byte {
func (be *CryptFS) EncryptBlock(plaintext []byte, blockNo uint64, fileID []byte) []byte {
// Empty block?
if len(plaintext) == 0 {
@ -96,10 +96,12 @@ func (be *CryptFS) EncryptBlock(plaintext []byte, blockNo uint64, fileId []byte)
// Get fresh nonce
nonce := gcmNonce.Get()
// Encrypt plaintext and append to nonce
// Authenticate block with block number and file ID
aData := make([]byte, 8)
binary.BigEndian.PutUint64(aData, blockNo)
aData = append(aData, fileId...)
aData = append(aData, fileID...)
// Encrypt plaintext and append to nonce
ciphertext := be.gcm.Seal(nonce, nonce, plaintext, aData)
return ciphertext

View File

@ -3,15 +3,15 @@
package cryptfs
import (
"fmt"
"crypto/cipher"
"fmt"
)
// goGCMWrapper - This wrapper makes sure gocryptfs can be compiled on Go
// versions 1.4 and lower that lack NewGCMWithNonceSize().
// 128 bit GCM IVs will not work when using built-in Go crypto, obviously, when
// compiled on 1.4.
func goGCMWrapper(bc cipher.Block, nonceSize int) (cipher.AEAD, error){
func goGCMWrapper(bc cipher.Block, nonceSize int) (cipher.AEAD, error) {
if nonceSize != 12 {
Warn.Printf("128 bit GCM IVs are not supported by Go 1.4 and lower.\n")
Warn.Printf("Please use openssl crypto or recompile using a newer Go runtime.\n")

View File

@ -10,6 +10,6 @@ import (
// versions 1.4 and lower that lack NewGCMWithNonceSize().
// 128 bit GCM IVs will not work when using built-in Go crypto, obviously, when
// compiled on 1.4.
func goGCMWrapper(bc cipher.Block, nonceSize int) (cipher.AEAD, error){
func goGCMWrapper(bc cipher.Block, nonceSize int) (cipher.AEAD, error) {
return cipher.NewGCMWithNonceSize(bc, nonceSize)
}

View File

@ -1,9 +1,9 @@
package cryptfs
import (
"encoding/json"
"fmt"
"strings"
"encoding/json"
)
type logChannel struct {

View File

@ -1,9 +1,9 @@
package cryptfs
import (
"encoding/binary"
"bytes"
"crypto/rand"
"encoding/binary"
"encoding/hex"
"fmt"
)

View File

@ -104,7 +104,7 @@ func TestInitPlaintextNames(t *testing.T) {
if err == nil {
t.Errorf("gocryptfs.diriv should not have been created with -plaintextnames")
}
_, cf, err := cryptfs.LoadConfFile(dir + cryptfs.ConfDefaultName, "test")
_, cf, err := cryptfs.LoadConfFile(dir+cryptfs.ConfDefaultName, "test")
if err != nil {
t.Fatal(err)
}

View File

@ -1,13 +1,13 @@
package integration_tests
import (
"syscall"
"crypto/md5"
"encoding/hex"
"fmt"
"io/ioutil"
"os"
"os/exec"
"syscall"
"testing"
"github.com/rfjakob/gocryptfs/cryptfs"
@ -143,7 +143,7 @@ func testMkdirRmdir(t *testing.T, plainDir string) {
if errno != syscall.ENOTEMPTY {
t.Errorf("Should have gotten ENOTEMPTY, go %v", errno)
}
if syscall.Unlink(dir + "/file") != nil {
if syscall.Unlink(dir+"/file") != nil {
t.Fatal(err)
}
if syscall.Rmdir(dir) != nil {
@ -164,8 +164,8 @@ func testMkdirRmdir(t *testing.T, plainDir string) {
// Create and rename a file
func testRename(t *testing.T, plainDir string) {
file1 := plainDir+"rename1"
file2 := plainDir+"rename2"
file1 := plainDir + "rename1"
file2 := plainDir + "rename2"
err := ioutil.WriteFile(file1, []byte("content"), 0777)
if err != nil {
t.Fatal(err)

View File

@ -333,7 +333,6 @@ func TestRename(t *testing.T) {
testRename(t, defaultPlainDir)
}
// Overwrite an empty directory with another directory
func TestDirOverwrite(t *testing.T) {
dir1 := defaultPlainDir + "DirOverwrite1"

View File

@ -261,7 +261,6 @@ func (f *file) doWrite(data []byte, off int64) (uint32, fuse.Status) {
cryptfs.Debug.Printf("len(oldData)=%d len(blockData)=%d\n", len(oldData), len(blockData))
}
// Write
blockOffset, blockLen := b.CiphertextRange()
blockData = f.cfs.EncryptBlock(blockData, b.BlockNo, f.header.Id)
cryptfs.Debug.Printf("ino%d: Writing %d bytes to block #%d, md5=%s\n",
@ -276,6 +275,8 @@ func (f *file) doWrite(data []byte, off int64) (uint32, fuse.Status) {
status = fuse.ToStatus(err)
break
}
// Write
f.fdLock.Lock()
_, err = f.fd.WriteAt(blockData, int64(blockOffset))
f.fdLock.Unlock()

View File

@ -244,8 +244,6 @@ func (fs *FS) Readlink(path string, context *fuse.Context) (out string, status f
return string(target), fuse.OK
}
func (fs *FS) Unlink(path string, context *fuse.Context) (code fuse.Status) {
if fs.isFiltered(path) {
return fuse.EPERM

View File

@ -1,10 +1,10 @@
package pathfs_frontend
import (
"fmt"
"os"
"path/filepath"
"syscall"
"fmt"
"github.com/hanwen/go-fuse/fuse"
"github.com/rfjakob/gocryptfs/cryptfs"
@ -85,7 +85,7 @@ func (fs *FS) Rmdir(name string, context *fuse.Context) (code fuse.Status) {
cryptfs.Debug.Printf("Rmdir: Chmod failed: %v\n", err2)
return fuse.ToStatus(err)
}
defer func () {
defer func() {
if code != fuse.OK {
// Undo the chmod if removing the directory failed
err3 := os.Chmod(encPath, origMode)

View File

@ -24,7 +24,6 @@ func (fs *FS) isFiltered(path string) bool {
return false
}
// encryptPath - encrypt relative plaintext path
func (fs *FS) encryptPath(plainPath string) (string, error) {
if fs.args.PlaintextNames {