src/backup/crypt_config.rs: simplify decode interface

2019-06-22 13:24:29 +02:00 · 2019-06-22 13:24:29 +02:00 · 9f83e0f7ee
parent 0066c6d972
commit 9f83e0f7ee
3 changed files with 33 additions and 38 deletions
--- a/src/backup/crypt_config.rs
+++ b/src/backup/crypt_config.rs
@ -106,20 +106,13 @@ impl CryptConfig {
        Ok((iv, tag))
    }

-    /// Decompress and decrypt chunk, verify MAC.
-    ///
-    /// Binrary ``data`` is expected to be in format returned by encode_chunk. The magic number
-    /// is not used here.
-    pub fn decode_compressed_chunk(&self, data: &[u8]) -> Result<Vec<u8>, Error> {
-
-        if data.len() < 44 {
-            bail!("Invalid chunk len (<44)");
-        }
-
-        // let magic = &data[0..8];
-        // let crc = &data[8..12];
-        let iv = &data[12..28];
-        let mac = &data[28..44];
+    /// Decompress and decrypt date, verify MAC.
+    pub fn decode_compressed_chunk(
+        &self,
+        data: &[u8],
+        iv: &[u8; 16],
+        tag: &[u8; 16],
+    ) -> Result<Vec<u8>, Error> {

        let dec = Vec::with_capacity(1024*1024);

@ -133,7 +126,7 @@ impl CryptConfig {
        let mut decr_buf = [0u8; BUFFER_SIZE];
        let max_decoder_input = BUFFER_SIZE - self.cipher.block_size();

-        let mut start = 44;
+        let mut start = 0;
        loop {
            let mut end = start + max_decoder_input;
            if end > data.len() { end = data.len(); }
@ -146,7 +139,7 @@ impl CryptConfig {
            }
        }

-        c.set_tag(mac)?;
+        c.set_tag(tag)?;
        let rest = c.finalize(&mut decr_buf)?;
        if rest > 0 { decompressor.write_all(&decr_buf[..rest])?; }

@ -155,28 +148,21 @@ impl CryptConfig {
        Ok(decompressor.into_inner())
    }

-    /// Decrypt chunk, verify MAC.
-    ///
-    /// Binrary ``data`` is expected to be in format returned by encode_chunk. The magic number
-    /// is not used here.
-    pub fn decode_uncompressed_chunk(&self, data: &[u8]) -> Result<Vec<u8>, Error> {
-
-        if data.len() < 44 {
-            bail!("Invalid chunk len (<44)");
-        }
-
-        // let magic = &data[0..8];
-        // let crc = &data[8..12];
-        let iv = &data[12..28];
-        let mac = &data[28..44];
+    /// Decrypt data, verify tag.
+    pub fn decode_uncompressed_chunk(
+        &self,
+        data: &[u8],
+        iv: &[u8; 16],
+        tag: &[u8; 16],
+    ) -> Result<Vec<u8>, Error> {

        let decr_data = decrypt_aead(
            self.cipher,
            &self.enc_key,
            Some(iv),
            b"", //??
-            &data[44..],
-            mac,
+            data,
+            tag,
        )?;

        Ok(decr_data)
--- a/src/backup/data_blob.rs
+++ b/src/backup/data_blob.rs
@ -1,7 +1,9 @@
 use failure::*;
 use std::convert::TryInto;

-use crate::tools::write::*;
+use crate::tools::read::ReadUtilOps;
+use crate::tools::write::WriteUtilOps;
+
 use super::*;

 /// Data blob binary storage format
@ -154,11 +156,14 @@ impl DataBlob {
            let data = zstd::block::decompress(&self.raw_data[data_start..], 16*1024*1024)?;
            return Ok(data);
        } else if magic == &ENCR_COMPR_BLOB_MAGIC_1_0 || magic == &ENCRYPTED_BLOB_MAGIC_1_0 {
+            let header_len = std::mem::size_of::<EncryptedDataBlobHeader>();
+            let head = (&self.raw_data[..header_len]).read_value::<EncryptedDataBlobHeader>()?;
+
            if let Some(config) = config  {
                let data = if magic == &ENCR_COMPR_BLOB_MAGIC_1_0 {
-                    config.decode_compressed_chunk(&self.raw_data)?
+                    config.decode_compressed_chunk(&self.raw_data[header_len..], &head.iv, &head.tag)?
                } else {
-                    config.decode_uncompressed_chunk(&self.raw_data)?
+                    config.decode_uncompressed_chunk(&self.raw_data[header_len..], &head.iv, &head.tag)?
                };
                return Ok(data);
            } else {
--- a/src/backup/data_chunk.rs
+++ b/src/backup/data_chunk.rs
@ -1,6 +1,7 @@
 use failure::*;
 use std::convert::TryInto;
-use crate::tools::write::*;
+use crate::tools::read::ReadUtilOps;
+use crate::tools::write::WriteUtilOps;

 use super::*;

@ -163,11 +164,14 @@ impl DataChunk {
            let data = zstd::block::decompress(&self.raw_data[data_start..], 16*1024*1024)?;
            return Ok(data);
        } else if magic == &ENCR_COMPR_CHUNK_MAGIC_1_0 || magic == &ENCRYPTED_CHUNK_MAGIC_1_0 {
+            let header_len = std::mem::size_of::<EncryptedDataChunkHeader>();
+            let head = (&self.raw_data[..header_len]).read_value::<EncryptedDataChunkHeader>()?;
+
            if let Some(config) = config  {
                let data = if magic == &ENCR_COMPR_CHUNK_MAGIC_1_0 {
-                    config.decode_compressed_chunk(&self.raw_data)?
+                    config.decode_compressed_chunk(&self.raw_data[header_len..], &head.iv, &head.tag)?
                } else {
-                    config.decode_uncompressed_chunk(&self.raw_data)?
+                    config.decode_uncompressed_chunk(&self.raw_data[header_len..], &head.iv, &head.tag)?
                };
                return Ok(data);
            } else {