From 9f83e0f7ee3ca359e298a9b02df522e68cf24c50 Mon Sep 17 00:00:00 2001 From: Dietmar Maurer Date: Sat, 22 Jun 2019 13:24:29 +0200 Subject: [PATCH] src/backup/crypt_config.rs: simplify decode interface --- src/backup/crypt_config.rs | 50 ++++++++++++++------------------------ src/backup/data_blob.rs | 11 ++++++--- src/backup/data_chunk.rs | 10 +++++--- 3 files changed, 33 insertions(+), 38 deletions(-) diff --git a/src/backup/crypt_config.rs b/src/backup/crypt_config.rs index 49aab44b..d49335a6 100644 --- a/src/backup/crypt_config.rs +++ b/src/backup/crypt_config.rs @@ -106,20 +106,13 @@ impl CryptConfig { Ok((iv, tag)) } - /// Decompress and decrypt chunk, verify MAC. - /// - /// Binrary ``data`` is expected to be in format returned by encode_chunk. The magic number - /// is not used here. - pub fn decode_compressed_chunk(&self, data: &[u8]) -> Result, Error> { - - if data.len() < 44 { - bail!("Invalid chunk len (<44)"); - } - - // let magic = &data[0..8]; - // let crc = &data[8..12]; - let iv = &data[12..28]; - let mac = &data[28..44]; + /// Decompress and decrypt date, verify MAC. + pub fn decode_compressed_chunk( + &self, + data: &[u8], + iv: &[u8; 16], + tag: &[u8; 16], + ) -> Result, Error> { let dec = Vec::with_capacity(1024*1024); @@ -133,7 +126,7 @@ impl CryptConfig { let mut decr_buf = [0u8; BUFFER_SIZE]; let max_decoder_input = BUFFER_SIZE - self.cipher.block_size(); - let mut start = 44; + let mut start = 0; loop { let mut end = start + max_decoder_input; if end > data.len() { end = data.len(); } @@ -146,7 +139,7 @@ impl CryptConfig { } } - c.set_tag(mac)?; + c.set_tag(tag)?; let rest = c.finalize(&mut decr_buf)?; if rest > 0 { decompressor.write_all(&decr_buf[..rest])?; } @@ -155,28 +148,21 @@ impl CryptConfig { Ok(decompressor.into_inner()) } - /// Decrypt chunk, verify MAC. - /// - /// Binrary ``data`` is expected to be in format returned by encode_chunk. The magic number - /// is not used here. - pub fn decode_uncompressed_chunk(&self, data: &[u8]) -> Result, Error> { - - if data.len() < 44 { - bail!("Invalid chunk len (<44)"); - } - - // let magic = &data[0..8]; - // let crc = &data[8..12]; - let iv = &data[12..28]; - let mac = &data[28..44]; + /// Decrypt data, verify tag. + pub fn decode_uncompressed_chunk( + &self, + data: &[u8], + iv: &[u8; 16], + tag: &[u8; 16], + ) -> Result, Error> { let decr_data = decrypt_aead( self.cipher, &self.enc_key, Some(iv), b"", //?? - &data[44..], - mac, + data, + tag, )?; Ok(decr_data) diff --git a/src/backup/data_blob.rs b/src/backup/data_blob.rs index 9842f650..3bf00923 100644 --- a/src/backup/data_blob.rs +++ b/src/backup/data_blob.rs @@ -1,7 +1,9 @@ use failure::*; use std::convert::TryInto; -use crate::tools::write::*; +use crate::tools::read::ReadUtilOps; +use crate::tools::write::WriteUtilOps; + use super::*; /// Data blob binary storage format @@ -154,11 +156,14 @@ impl DataBlob { let data = zstd::block::decompress(&self.raw_data[data_start..], 16*1024*1024)?; return Ok(data); } else if magic == &ENCR_COMPR_BLOB_MAGIC_1_0 || magic == &ENCRYPTED_BLOB_MAGIC_1_0 { + let header_len = std::mem::size_of::(); + let head = (&self.raw_data[..header_len]).read_value::()?; + if let Some(config) = config { let data = if magic == &ENCR_COMPR_BLOB_MAGIC_1_0 { - config.decode_compressed_chunk(&self.raw_data)? + config.decode_compressed_chunk(&self.raw_data[header_len..], &head.iv, &head.tag)? } else { - config.decode_uncompressed_chunk(&self.raw_data)? + config.decode_uncompressed_chunk(&self.raw_data[header_len..], &head.iv, &head.tag)? }; return Ok(data); } else { diff --git a/src/backup/data_chunk.rs b/src/backup/data_chunk.rs index 608e2ff0..301da925 100644 --- a/src/backup/data_chunk.rs +++ b/src/backup/data_chunk.rs @@ -1,6 +1,7 @@ use failure::*; use std::convert::TryInto; -use crate::tools::write::*; +use crate::tools::read::ReadUtilOps; +use crate::tools::write::WriteUtilOps; use super::*; @@ -163,11 +164,14 @@ impl DataChunk { let data = zstd::block::decompress(&self.raw_data[data_start..], 16*1024*1024)?; return Ok(data); } else if magic == &ENCR_COMPR_CHUNK_MAGIC_1_0 || magic == &ENCRYPTED_CHUNK_MAGIC_1_0 { + let header_len = std::mem::size_of::(); + let head = (&self.raw_data[..header_len]).read_value::()?; + if let Some(config) = config { let data = if magic == &ENCR_COMPR_CHUNK_MAGIC_1_0 { - config.decode_compressed_chunk(&self.raw_data)? + config.decode_compressed_chunk(&self.raw_data[header_len..], &head.iv, &head.tag)? } else { - config.decode_uncompressed_chunk(&self.raw_data)? + config.decode_uncompressed_chunk(&self.raw_data[header_len..], &head.iv, &head.tag)? }; return Ok(data); } else {