move Kdf and KeyInfo to pbs_api_types workspace
This commit is contained in:
Dietmar Maurer
56
pbs-api-types/src/key_derivation.rs
Normal file
56
pbs-api-types/src/key_derivation.rs
Normal file
@ -0,0 +1,56 @@
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
use proxmox::api::api;
|
||||
|
||||
use crate::CERT_FINGERPRINT_SHA256_SCHEMA;
|
||||
|
||||
#[api(default: "scrypt")]
|
||||
#[derive(Clone, Copy, Debug, Deserialize, Serialize)]
|
||||
#[serde(rename_all = "lowercase")]
|
||||
/// Key derivation function for password protected encryption keys.
|
||||
pub enum Kdf {
|
||||
/// Do not encrypt the key.
|
||||
None,
|
||||
/// Encrypt they key with a password using SCrypt.
|
||||
Scrypt,
|
||||
/// Encrtypt the Key with a password using PBKDF2
|
||||
PBKDF2,
|
||||
}
|
||||
|
||||
impl Default for Kdf {
|
||||
#[inline]
|
||||
fn default() -> Self {
|
||||
Kdf::Scrypt
|
||||
}
|
||||
}
|
||||
|
||||
#[api(
|
||||
properties: {
|
||||
kdf: {
|
||||
type: Kdf,
|
||||
},
|
||||
fingerprint: {
|
||||
schema: CERT_FINGERPRINT_SHA256_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
},
|
||||
)]
|
||||
#[derive(Deserialize, Serialize)]
|
||||
/// Encryption Key Information
|
||||
pub struct KeyInfo {
|
||||
/// Path to key (if stored in a file)
|
||||
#[serde(skip_serializing_if="Option::is_none")]
|
||||
pub path: Option<String>,
|
||||
pub kdf: Kdf,
|
||||
/// Key creation time
|
||||
pub created: i64,
|
||||
/// Key modification time
|
||||
pub modified: i64,
|
||||
/// Key fingerprint
|
||||
#[serde(skip_serializing_if="Option::is_none")]
|
||||
pub fingerprint: Option<String>,
|
||||
/// Password hint
|
||||
#[serde(skip_serializing_if="Option::is_none")]
|
||||
pub hint: Option<String>,
|
||||
}
|
||||
|
||||
@ -34,6 +34,9 @@ macro_rules! SNAPSHOT_PATH_REGEX_STR {
|
||||
);
|
||||
}
|
||||
|
||||
mod key_derivation;
|
||||
pub use key_derivation::{Kdf, KeyInfo};
|
||||
|
||||
#[macro_use]
|
||||
mod userid;
|
||||
pub use userid::Authid;
|
||||
|
||||
@ -4,64 +4,13 @@ use std::path::Path;
|
||||
use anyhow::{bail, format_err, Context, Error};
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
use proxmox::api::api;
|
||||
use proxmox::tools::fs::{file_get_contents, replace_file, CreateOptions};
|
||||
use proxmox::try_block;
|
||||
|
||||
use pbs_api_types::CERT_FINGERPRINT_SHA256_SCHEMA;
|
||||
use pbs_api_types::{Kdf, KeyInfo};
|
||||
|
||||
use crate::crypt_config::{CryptConfig, Fingerprint};
|
||||
|
||||
#[api(default: "scrypt")]
|
||||
#[derive(Clone, Copy, Debug, Deserialize, Serialize)]
|
||||
#[serde(rename_all = "lowercase")]
|
||||
/// Key derivation function for password protected encryption keys.
|
||||
pub enum Kdf {
|
||||
/// Do not encrypt the key.
|
||||
None,
|
||||
/// Encrypt they key with a password using SCrypt.
|
||||
Scrypt,
|
||||
/// Encrtypt the Key with a password using PBKDF2
|
||||
PBKDF2,
|
||||
}
|
||||
|
||||
impl Default for Kdf {
|
||||
#[inline]
|
||||
fn default() -> Self {
|
||||
Kdf::Scrypt
|
||||
}
|
||||
}
|
||||
|
||||
#[api(
|
||||
properties: {
|
||||
kdf: {
|
||||
type: Kdf,
|
||||
},
|
||||
fingerprint: {
|
||||
schema: CERT_FINGERPRINT_SHA256_SCHEMA,
|
||||
optional: true,
|
||||
},
|
||||
},
|
||||
)]
|
||||
#[derive(Deserialize, Serialize)]
|
||||
/// Encryption Key Information
|
||||
pub struct KeyInfo {
|
||||
/// Path to key (if stored in a file)
|
||||
#[serde(skip_serializing_if="Option::is_none")]
|
||||
pub path: Option<String>,
|
||||
pub kdf: Kdf,
|
||||
/// Key creation time
|
||||
pub created: i64,
|
||||
/// Key modification time
|
||||
pub modified: i64,
|
||||
/// Key fingerprint
|
||||
#[serde(skip_serializing_if="Option::is_none")]
|
||||
pub fingerprint: Option<String>,
|
||||
/// Password hint
|
||||
#[serde(skip_serializing_if="Option::is_none")]
|
||||
pub hint: Option<String>,
|
||||
}
|
||||
|
||||
/// Key derivation function configuration
|
||||
#[derive(Deserialize, Serialize, Clone, Debug)]
|
||||
pub enum KeyDerivationConfig {
|
||||
|
||||
@ -219,6 +219,6 @@ pub use data_blob_writer::DataBlobWriter;
|
||||
pub use key_derivation::{
|
||||
decrypt_key, load_and_decrypt_key, rsa_decrypt_key_config, rsa_encrypt_key_config,
|
||||
};
|
||||
pub use key_derivation::{Kdf, KeyConfig, KeyDerivationConfig, KeyInfo};
|
||||
pub use key_derivation::{KeyConfig, KeyDerivationConfig};
|
||||
pub use manifest::BackupManifest;
|
||||
pub use store_progress::StoreProgress;
|
||||
|
||||
@ -11,8 +11,7 @@ use proxmox::{
|
||||
},
|
||||
};
|
||||
|
||||
use pbs_api_types::Fingerprint;
|
||||
use pbs_datastore::{KeyInfo, Kdf};
|
||||
use pbs_api_types::{Fingerprint, KeyInfo, Kdf};
|
||||
use pbs_datastore::key_derivation::KeyConfig;
|
||||
use pbs_config::open_backup_lockfile;
|
||||
|
||||
|
||||
@ -11,8 +11,7 @@ use proxmox::{
|
||||
sys::linux::tty,
|
||||
};
|
||||
|
||||
use pbs_api_types::Fingerprint;
|
||||
use pbs_datastore::Kdf;
|
||||
use pbs_api_types::{Fingerprint, Kdf};
|
||||
use pbs_datastore::paperkey::{PaperkeyFormat, generate_paper_key};
|
||||
|
||||
use proxmox_backup::{
|
||||
|
||||
Reference in New Issue
Block a user