Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
mirrors
/
borg
-ын хуулбар https://github.com/borgbackup/borg
2
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Эх сурвалжийг харах

Add decompress arg to Key.decrypt

Marian Beermann 9 жил өмнө
parent
774609cd9f
commit
a80b371d09
2 өөрчлөгдсөн 25 нэмэгдсэн , 5 устгасан
Өөрчлөллтийг нэгтгэж харах Өөрчлөлтийн статистик харах
  1. 11 5
      src/borg/key.py
  2. 14 0
      src/borg/testsuite/key.py

+ 11 - 5
src/borg/key.py
Файл харах 

@@ -105,7 +105,7 @@ class KeyBase:
 
     def encrypt(self, chunk):
 
     def encrypt(self, chunk):
 
         pass
 
         pass
 
 
 
-    def decrypt(self, id, data):
 
+    def decrypt(self, id, data, decompress=True):
 
         pass
 
         pass
 
 
 
 
 
@@ -130,10 +130,13 @@ class PlaintextKey(KeyBase):
 
         chunk = self.compress(chunk)
 
         chunk = self.compress(chunk)
 
         return b''.join([self.TYPE_STR, chunk.data])
 
         return b''.join([self.TYPE_STR, chunk.data])
 
 
 
-    def decrypt(self, id, data):
 
+    def decrypt(self, id, data, decompress=True):
 
         if data[0] != self.TYPE:
 
         if data[0] != self.TYPE:
 
             raise IntegrityError('Invalid encryption envelope')
 
             raise IntegrityError('Invalid encryption envelope')
 
-        data = self.compressor.decompress(memoryview(data)[1:])
 
+        payload = memoryview(data)[1:]
 
+        if not decompress:
 
+            return Chunk(payload)
 
+        data = self.compressor.decompress(payload)
 
         if id and sha256(data).digest() != id:
 
         if id and sha256(data).digest() != id:
 
             raise IntegrityError('Chunk id verification failed')
 
             raise IntegrityError('Chunk id verification failed')
 
         return Chunk(data)
 
         return Chunk(data)
 
@@ -166,7 +169,7 @@ class AESKeyBase(KeyBase):
 
         hmac = hmac_sha256(self.enc_hmac_key, data)
 
         hmac = hmac_sha256(self.enc_hmac_key, data)
 
         return b''.join((self.TYPE_STR, hmac, data))
 
         return b''.join((self.TYPE_STR, hmac, data))
 
 
 
-    def decrypt(self, id, data):
 
+    def decrypt(self, id, data, decompress=True):
 
         if not (data[0] == self.TYPE or
 
         if not (data[0] == self.TYPE or
 
             data[0] == PassphraseKey.TYPE and isinstance(self, RepoKey)):
 
             data[0] == PassphraseKey.TYPE and isinstance(self, RepoKey)):
 
             raise IntegrityError('Invalid encryption envelope')
 
             raise IntegrityError('Invalid encryption envelope')
 
@@ -176,7 +179,10 @@ class AESKeyBase(KeyBase):
 
         if not compare_digest(hmac_computed, hmac_given):
 
         if not compare_digest(hmac_computed, hmac_given):
 
             raise IntegrityError('Encryption envelope checksum mismatch')
 
             raise IntegrityError('Encryption envelope checksum mismatch')
 
         self.dec_cipher.reset(iv=PREFIX + data[33:41])
 
         self.dec_cipher.reset(iv=PREFIX + data[33:41])
 
-        data = self.compressor.decompress(self.dec_cipher.decrypt(data_view[41:]))
 
+        payload = self.dec_cipher.decrypt(data_view[41:])
 
+        if not decompress:
 
+            return Chunk(payload)
 
+        data = self.compressor.decompress(payload)
 
         if id:
 
         if id:
 
             hmac_given = id
 
             hmac_given = id
 
             hmac_computed = hmac_sha256(self.id_key, data)
 
             hmac_computed = hmac_sha256(self.id_key, data)

+ 14 - 0
src/borg/testsuite/key.py
Файл харах 

@@ -43,6 +43,14 @@ class TestKey:
 
         monkeypatch.setenv('BORG_KEYS_DIR', tmpdir)
 
         monkeypatch.setenv('BORG_KEYS_DIR', tmpdir)
 
         return tmpdir
 
         return tmpdir
 
 
 
+    @pytest.fixture(params=(
 
+        KeyfileKey,
 
+        PlaintextKey
 
+    ))
 
+    def key(self, request, monkeypatch):
 
+        monkeypatch.setenv('BORG_PASSPHRASE', 'test')
 
+        return request.param.create(self.MockRepository(), self.MockArgs())
 
+
 
     class MockRepository:
 
     class MockRepository:
 
         class _Location:
 
         class _Location:
 
             orig = '/some/place'
 
             orig = '/some/place'
 
@@ -155,6 +163,12 @@ class TestKey:
 
             id[12] = 0
 
             id[12] = 0
 
             key.decrypt(id, data)
 
             key.decrypt(id, data)
 
 
 
+    def test_decrypt_decompress(self, key):
 
+        plaintext = Chunk(b'123456789')
 
+        encrypted = key.encrypt(plaintext)
 
+        assert key.decrypt(None, encrypted, decompress=False) != plaintext
 
+        assert key.decrypt(None, encrypted) == plaintext
 
+
 
 
 
 class TestPassphrase:
 
 class TestPassphrase:
 
     def test_passphrase_new_verification(self, capsys, monkeypatch):
 
     def test_passphrase_new_verification(self, capsys, monkeypatch):