Merge pull request #6583 from ThomasWaldmann/deleted-key-1.1

load_key: no key is same as empty key, fixes #6441

src/borg/crypto/key.py

@@ -1,4 +1,3 @@
-import configparser
 import getpass
 import os
 import shlex
@@ -775,11 +774,11 @@ class RepoKey(ID_HMAC_SHA_256, KeyfileKeyBase):
 
     def find_key(self):
         loc = self.repository._location.canonical_path()
-        try:
-            self.repository.load_key()
-            return loc
-        except configparser.NoOptionError:
+        key = self.repository.load_key()
+        if not key:
+            # if we got an empty key, it means there is no key.
             raise RepoKeyNotFoundError(loc) from None
+        return loc
 
     def get_new_target(self, args):
         return self.repository
@@ -792,6 +791,10 @@ class RepoKey(ID_HMAC_SHA_256, KeyfileKeyBase):
         # what we get in target is just a repo location, but we already have the repo obj:
         target = self.repository
         key_data = target.load_key()
+        if not key_data:
+            # if we got an empty key, it means there is no key.
+            loc = target._location.canonical_path()
+            raise RepoKeyNotFoundError(loc) from None
         key_data = key_data.decode('utf-8')  # remote repo: msgpack issue #99, getting bytes
         success = self._load(key_data, passphrase)
         if success:

src/borg/crypto/keymanager.py

@@ -7,7 +7,7 @@ from hashlib import sha256
 from ..helpers import Manifest, NoManifestError, Error, yes, bin_to_hex, dash_open
 from ..repository import Repository
 
-from .key import KeyfileKey, KeyfileNotFoundError, KeyBlobStorage, identify_key
+from .key import KeyfileKey, KeyfileNotFoundError, RepoKeyNotFoundError, KeyBlobStorage, identify_key
 
 
 class UnencryptedRepo(Error):
@@ -56,7 +56,12 @@ class KeyManager:
                 self.keyblob = ''.join(fd.readlines()[1:])
 
         elif self.keyblob_storage == KeyBlobStorage.REPO:
-            self.keyblob = self.repository.load_key().decode()
+            key_data = self.repository.load_key().decode()
+            if not key_data:
+                # if we got an empty key, it means there is no key.
+                loc = self.repository._location.canonical_path()
+                raise RepoKeyNotFoundError(loc) from None
+            self.keyblob = key_data
 
     def store_keyblob(self, args):
         if self.keyblob_storage == KeyBlobStorage.KEYFILE:

src/borg/repository.py

@@ -337,7 +337,8 @@ class Repository:
         self.save_config(self.path, self.config)
 
     def load_key(self):
-        keydata = self.config.get('repository', 'key')
+        keydata = self.config.get('repository', 'key', fallback='').strip()
+        # note: if we return an empty string, it means there is no repo key
         return keydata.encode('utf-8')  # remote repo: msgpack issue #99, returning bytes
 
     def get_free_nonce(self):