tyler
/
proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

src/backup/crypt_config.rs: simplify decode interface

This commit is contained in:
Dietmar Maurer 2019-06-22 13:24:29 +02:00
parent 0066c6d972
commit 9f83e0f7ee
3 changed files with 33 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
src/backup/crypt_config.rs
View File

@ -106,20 +106,13 @@ impl CryptConfig {
Ok((iv, tag)) Ok((iv, tag))
} }
/// Decompress and decrypt chunk, verify MAC. /// Decompress and decrypt date, verify MAC.
/// pub fn decode_compressed_chunk(
/// Binrary ``data`` is expected to be in format returned by encode_chunk. The magic number &self,
/// is not used here. data: &[u8],
pub fn decode_compressed_chunk(&self, data: &[u8]) -> Result<Vec<u8>, Error> { iv: &[u8; 16],
tag: &[u8; 16],
if data.len() < 44 { ) -> Result<Vec<u8>, Error> {
bail!("Invalid chunk len (<44)");
}
// let magic = &data[0..8];
// let crc = &data[8..12];
let iv = &data[12..28];
let mac = &data[28..44];
let dec = Vec::with_capacity(1024*1024); let dec = Vec::with_capacity(1024*1024);
@ -133,7 +126,7 @@ impl CryptConfig {
let mut decr_buf = [0u8; BUFFER_SIZE]; let mut decr_buf = [0u8; BUFFER_SIZE];
let max_decoder_input = BUFFER_SIZE - self.cipher.block_size(); let max_decoder_input = BUFFER_SIZE - self.cipher.block_size();
let mut start = 44; let mut start = 0;
loop { loop {
let mut end = start + max_decoder_input; let mut end = start + max_decoder_input;
if end > data.len() { end = data.len(); } if end > data.len() { end = data.len(); }
@ -146,7 +139,7 @@ impl CryptConfig {
} }
} }
c.set_tag(mac)?; c.set_tag(tag)?;
let rest = c.finalize(&mut decr_buf)?; let rest = c.finalize(&mut decr_buf)?;
if rest > 0 { decompressor.write_all(&decr_buf[..rest])?; } if rest > 0 { decompressor.write_all(&decr_buf[..rest])?; }
@ -155,28 +148,21 @@ impl CryptConfig {
Ok(decompressor.into_inner()) Ok(decompressor.into_inner())
} }
/// Decrypt chunk, verify MAC. /// Decrypt data, verify tag.
/// pub fn decode_uncompressed_chunk(
/// Binrary ``data`` is expected to be in format returned by encode_chunk. The magic number &self,
/// is not used here. data: &[u8],
pub fn decode_uncompressed_chunk(&self, data: &[u8]) -> Result<Vec<u8>, Error> { iv: &[u8; 16],
tag: &[u8; 16],
if data.len() < 44 { ) -> Result<Vec<u8>, Error> {
bail!("Invalid chunk len (<44)");
}
// let magic = &data[0..8];
// let crc = &data[8..12];
let iv = &data[12..28];
let mac = &data[28..44];
let decr_data = decrypt_aead( let decr_data = decrypt_aead(
self.cipher, self.cipher,
&self.enc_key, &self.enc_key,
Some(iv), Some(iv),
b"", //?? b"", //??
&data[44..], data,
mac, tag,
)?; )?;
Ok(decr_data) Ok(decr_data)

11
src/backup/data_blob.rs
View File

@ -1,7 +1,9 @@
use failure::*; use failure::*;
use std::convert::TryInto; use std::convert::TryInto;
use crate::tools::write::*; use crate::tools::read::ReadUtilOps;
use crate::tools::write::WriteUtilOps;
use super::*; use super::*;
/// Data blob binary storage format /// Data blob binary storage format
@ -154,11 +156,14 @@ impl DataBlob {
let data = zstd::block::decompress(&self.raw_data[data_start..], 16*1024*1024)?; let data = zstd::block::decompress(&self.raw_data[data_start..], 16*1024*1024)?;
return Ok(data); return Ok(data);
} else if magic == &ENCR_COMPR_BLOB_MAGIC_1_0 || magic == &ENCRYPTED_BLOB_MAGIC_1_0 { } else if magic == &ENCR_COMPR_BLOB_MAGIC_1_0 || magic == &ENCRYPTED_BLOB_MAGIC_1_0 {
let header_len = std::mem::size_of::<EncryptedDataBlobHeader>();
let head = (&self.raw_data[..header_len]).read_value::<EncryptedDataBlobHeader>()?;
if let Some(config) = config { if let Some(config) = config {
let data = if magic == &ENCR_COMPR_BLOB_MAGIC_1_0 { let data = if magic == &ENCR_COMPR_BLOB_MAGIC_1_0 {
config.decode_compressed_chunk(&self.raw_data)? config.decode_compressed_chunk(&self.raw_data[header_len..], &head.iv, &head.tag)?
} else { } else {
config.decode_uncompressed_chunk(&self.raw_data)? config.decode_uncompressed_chunk(&self.raw_data[header_len..], &head.iv, &head.tag)?
}; };
return Ok(data); return Ok(data);
} else { } else {

10
src/backup/data_chunk.rs
View File

@ -1,6 +1,7 @@
use failure::*; use failure::*;
use std::convert::TryInto; use std::convert::TryInto;
use crate::tools::write::*; use crate::tools::read::ReadUtilOps;
use crate::tools::write::WriteUtilOps;
use super::*; use super::*;
@ -163,11 +164,14 @@ impl DataChunk {
let data = zstd::block::decompress(&self.raw_data[data_start..], 16*1024*1024)?; let data = zstd::block::decompress(&self.raw_data[data_start..], 16*1024*1024)?;
return Ok(data); return Ok(data);
} else if magic == &ENCR_COMPR_CHUNK_MAGIC_1_0 || magic == &ENCRYPTED_CHUNK_MAGIC_1_0 { } else if magic == &ENCR_COMPR_CHUNK_MAGIC_1_0 || magic == &ENCRYPTED_CHUNK_MAGIC_1_0 {
let header_len = std::mem::size_of::<EncryptedDataChunkHeader>();
let head = (&self.raw_data[..header_len]).read_value::<EncryptedDataChunkHeader>()?;
if let Some(config) = config { if let Some(config) = config {
let data = if magic == &ENCR_COMPR_CHUNK_MAGIC_1_0 { let data = if magic == &ENCR_COMPR_CHUNK_MAGIC_1_0 {
config.decode_compressed_chunk(&self.raw_data)? config.decode_compressed_chunk(&self.raw_data[header_len..], &head.iv, &head.tag)?
} else { } else {
config.decode_uncompressed_chunk(&self.raw_data)? config.decode_uncompressed_chunk(&self.raw_data[header_len..], &head.iv, &head.tag)?
}; };
return Ok(data); return Ok(data);
} else { } else {