From 8c11fc3ec9e81322ac4772750da1de21bbdeeb84 Mon Sep 17 00:00:00 2001 From: Michael Eischer Date: Sun, 12 Jun 2022 14:48:30 +0200 Subject: [PATCH] crypto: move crypto buffer helpers --- internal/archiver/testing.go | 3 ++- internal/cache/file.go | 5 +++-- internal/{restic => crypto}/buffer.go | 10 ++++------ internal/pack/pack.go | 6 +++--- internal/repository/index.go | 3 ++- internal/repository/key.go | 2 +- internal/repository/master_index_test.go | 9 +++++---- internal/repository/repository.go | 4 ++-- internal/repository/repository_test.go | 8 ++++---- internal/restic/blob.go | 3 ++- internal/restorer/filerestorer_test.go | 2 +- 11 files changed, 29 insertions(+), 26 deletions(-) rename internal/{restic => crypto}/buffer.go (69%) diff --git a/internal/archiver/testing.go b/internal/archiver/testing.go index d8ad0a9e7..0c2bd3ba6 100644 --- a/internal/archiver/testing.go +++ b/internal/archiver/testing.go @@ -11,6 +11,7 @@ import ( "testing" "time" + "github.com/restic/restic/internal/crypto" "github.com/restic/restic/internal/debug" "github.com/restic/restic/internal/fs" "github.com/restic/restic/internal/restic" @@ -225,7 +226,7 @@ func TestEnsureFileContent(ctx context.Context, t testing.TB, repo restic.Reposi return } - content := make([]byte, restic.CiphertextLength(len(file.Content))) + content := make([]byte, crypto.CiphertextLength(len(file.Content))) pos := 0 for _, id := range node.Content { part, err := repo.LoadBlob(ctx, restic.DataBlob, id, content[pos:]) diff --git a/internal/cache/file.go b/internal/cache/file.go index 2ee66f520..8ed4be77e 100644 --- a/internal/cache/file.go +++ b/internal/cache/file.go @@ -8,6 +8,7 @@ import ( "runtime" "github.com/pkg/errors" + "github.com/restic/restic/internal/crypto" "github.com/restic/restic/internal/debug" "github.com/restic/restic/internal/fs" "github.com/restic/restic/internal/restic" @@ -58,7 +59,7 @@ func (c *Cache) load(h restic.Handle, length int, offset int64) (io.ReadCloser, return nil, errors.WithStack(err) } - if fi.Size() <= int64(restic.CiphertextLength(0)) { + if fi.Size() <= int64(crypto.CiphertextLength(0)) { _ = f.Close() _ = c.remove(h) return nil, errors.Errorf("cached file %v is truncated, removing", h) @@ -116,7 +117,7 @@ func (c *Cache) Save(h restic.Handle, rd io.Reader) error { return errors.Wrap(err, "Copy") } - if n <= int64(restic.CiphertextLength(0)) { + if n <= int64(crypto.CiphertextLength(0)) { _ = f.Close() _ = fs.Remove(f.Name()) debug.Log("trying to cache truncated file %v, removing", h) diff --git a/internal/restic/buffer.go b/internal/crypto/buffer.go similarity index 69% rename from internal/restic/buffer.go rename to internal/crypto/buffer.go index 899f4ea6f..b098d5c72 100644 --- a/internal/restic/buffer.go +++ b/internal/crypto/buffer.go @@ -1,21 +1,19 @@ -package restic - -import "github.com/restic/restic/internal/crypto" +package crypto // NewBlobBuffer returns a buffer that is large enough to hold a blob of size // plaintext bytes, including the crypto overhead. func NewBlobBuffer(size int) []byte { - return make([]byte, size, size+crypto.Extension) + return make([]byte, size, size+Extension) } // PlaintextLength returns the plaintext length of a blob with ciphertextSize // bytes. func PlaintextLength(ciphertextSize int) int { - return ciphertextSize - crypto.Extension + return ciphertextSize - Extension } // CiphertextLength returns the encrypted length of a blob with plaintextSize // bytes. func CiphertextLength(plaintextSize int) int { - return plaintextSize + crypto.Extension + return plaintextSize + Extension } diff --git a/internal/pack/pack.go b/internal/pack/pack.go index 1d991ccb5..7ac06db72 100644 --- a/internal/pack/pack.go +++ b/internal/pack/pack.go @@ -79,7 +79,7 @@ func (p *Packer) Finalize() error { return err } - encryptedHeader := make([]byte, 0, restic.CiphertextLength(len(header))) + encryptedHeader := make([]byte, 0, crypto.CiphertextLength(len(header))) nonce := crypto.NewRandomNonce() encryptedHeader = append(encryptedHeader, nonce...) encryptedHeader = p.k.Seal(encryptedHeader, nonce, header, nil) @@ -107,7 +107,7 @@ func (p *Packer) Finalize() error { // HeaderOverhead returns an estimate of the number of bytes written by a call to Finalize. func (p *Packer) HeaderOverhead() int { - return restic.CiphertextLength(0) + binary.Size(uint32(0)) + return crypto.CiphertextLength(0) + binary.Size(uint32(0)) } // makeHeader constructs the header for p. @@ -275,7 +275,7 @@ func List(k *crypto.Key, rd io.ReaderAt, size int64) (entries []restic.Blob, hdr return nil, 0, err } - if len(buf) < restic.CiphertextLength(0) { + if len(buf) < crypto.CiphertextLength(0) { return nil, 0, errors.New("invalid header, too small") } diff --git a/internal/repository/index.go b/internal/repository/index.go index a35f8952e..8978b60d5 100644 --- a/internal/repository/index.go +++ b/internal/repository/index.go @@ -7,6 +7,7 @@ import ( "sync" "time" + "github.com/restic/restic/internal/crypto" "github.com/restic/restic/internal/errors" "github.com/restic/restic/internal/restic" @@ -194,7 +195,7 @@ func (idx *Index) LookupSize(bh restic.BlobHandle) (plaintextLength uint, found if e.uncompressedLength != 0 { return uint(e.uncompressedLength), true } - return uint(restic.PlaintextLength(int(e.length))), true + return uint(crypto.PlaintextLength(int(e.length))), true } // Supersedes returns the list of indexes this index supersedes, if any. diff --git a/internal/repository/key.go b/internal/repository/key.go index 8ff4c192c..4ce59a1f5 100644 --- a/internal/repository/key.go +++ b/internal/repository/key.go @@ -263,7 +263,7 @@ func AddKey(ctx context.Context, s *Repository, password, username, hostname str } nonce := crypto.NewRandomNonce() - ciphertext := make([]byte, 0, restic.CiphertextLength(len(buf))) + ciphertext := make([]byte, 0, crypto.CiphertextLength(len(buf))) ciphertext = append(ciphertext, nonce...) ciphertext = newkey.user.Seal(ciphertext, nonce, buf, nil) newkey.Data = ciphertext diff --git a/internal/repository/master_index_test.go b/internal/repository/master_index_test.go index d7e4f1678..2430c83dc 100644 --- a/internal/repository/master_index_test.go +++ b/internal/repository/master_index_test.go @@ -8,6 +8,7 @@ import ( "time" "github.com/restic/restic/internal/checker" + "github.com/restic/restic/internal/crypto" "github.com/restic/restic/internal/repository" "github.com/restic/restic/internal/restic" rtest "github.com/restic/restic/internal/test" @@ -22,7 +23,7 @@ func TestMasterIndex(t *testing.T) { PackID: restic.NewRandomID(), Blob: restic.Blob{ BlobHandle: bhInIdx1, - Length: uint(restic.CiphertextLength(10)), + Length: uint(crypto.CiphertextLength(10)), Offset: 0, }, } @@ -31,7 +32,7 @@ func TestMasterIndex(t *testing.T) { PackID: restic.NewRandomID(), Blob: restic.Blob{ BlobHandle: bhInIdx2, - Length: uint(restic.CiphertextLength(100)), + Length: uint(crypto.CiphertextLength(100)), Offset: 10, UncompressedLength: 200, }, @@ -41,7 +42,7 @@ func TestMasterIndex(t *testing.T) { PackID: restic.NewRandomID(), Blob: restic.Blob{ BlobHandle: bhInIdx12, - Length: uint(restic.CiphertextLength(123)), + Length: uint(crypto.CiphertextLength(123)), Offset: 110, }, } @@ -50,7 +51,7 @@ func TestMasterIndex(t *testing.T) { PackID: restic.NewRandomID(), Blob: restic.Blob{ BlobHandle: bhInIdx12, - Length: uint(restic.CiphertextLength(123)), + Length: uint(crypto.CiphertextLength(123)), Offset: 50, UncompressedLength: 80, }, diff --git a/internal/repository/repository.go b/internal/repository/repository.go index 84193a4f3..dc2b86919 100644 --- a/internal/repository/repository.go +++ b/internal/repository/repository.go @@ -398,7 +398,7 @@ func (r *Repository) saveAndEncrypt(ctx context.Context, t restic.BlobType, data nonce := crypto.NewRandomNonce() - ciphertext := make([]byte, 0, restic.CiphertextLength(len(data))) + ciphertext := make([]byte, 0, crypto.CiphertextLength(len(data))) ciphertext = append(ciphertext, nonce...) // encrypt blob @@ -475,7 +475,7 @@ func (r *Repository) SaveUnpacked(ctx context.Context, t restic.FileType, p []by } } - ciphertext := restic.NewBlobBuffer(len(p)) + ciphertext := crypto.NewBlobBuffer(len(p)) ciphertext = ciphertext[:0] nonce := crypto.NewRandomNonce() ciphertext = append(ciphertext, nonce...) diff --git a/internal/repository/repository_test.go b/internal/repository/repository_test.go index 38d3117a5..26b9e6244 100644 --- a/internal/repository/repository_test.go +++ b/internal/repository/repository_test.go @@ -190,7 +190,7 @@ func testLoadBlob(t *testing.T, version uint) { defer cleanup() length := 1000000 - buf := restic.NewBlobBuffer(length) + buf := crypto.NewBlobBuffer(length) _, err := io.ReadFull(rnd, buf) rtest.OK(t, err) @@ -201,7 +201,7 @@ func testLoadBlob(t *testing.T, version uint) { rtest.OK(t, err) rtest.OK(t, repo.Flush(context.Background())) - base := restic.CiphertextLength(length) + base := crypto.CiphertextLength(length) for _, testlength := range []int{0, base - 20, base - 1, base, base + 7, base + 15, base + 1000} { buf = make([]byte, 0, testlength) buf, err := repo.LoadBlob(context.TODO(), restic.DataBlob, id, buf) @@ -226,7 +226,7 @@ func benchmarkLoadBlob(b *testing.B, version uint) { defer cleanup() length := 1000000 - buf := restic.NewBlobBuffer(length) + buf := crypto.NewBlobBuffer(length) _, err := io.ReadFull(rnd, buf) rtest.OK(b, err) @@ -269,7 +269,7 @@ func benchmarkLoadUnpacked(b *testing.B, version uint) { defer cleanup() length := 1000000 - buf := restic.NewBlobBuffer(length) + buf := crypto.NewBlobBuffer(length) _, err := io.ReadFull(rnd, buf) rtest.OK(b, err) diff --git a/internal/restic/blob.go b/internal/restic/blob.go index a4fcdb1ac..4ac149adb 100644 --- a/internal/restic/blob.go +++ b/internal/restic/blob.go @@ -3,6 +3,7 @@ package restic import ( "fmt" + "github.com/restic/restic/internal/crypto" "github.com/restic/restic/internal/errors" ) @@ -23,7 +24,7 @@ func (b Blob) DataLength() uint { if b.UncompressedLength != 0 { return b.UncompressedLength } - return uint(PlaintextLength(int(b.Length))) + return uint(crypto.PlaintextLength(int(b.Length))) } func (b Blob) IsCompressed() bool { diff --git a/internal/restorer/filerestorer_test.go b/internal/restorer/filerestorer_test.go index b5b52778c..fa781f8c8 100644 --- a/internal/restorer/filerestorer_test.go +++ b/internal/restorer/filerestorer_test.go @@ -61,7 +61,7 @@ func newTestRepo(content []TestFile) *TestRepo { key := crypto.NewRandomKey() seal := func(data []byte) []byte { - ciphertext := restic.NewBlobBuffer(len(data)) + ciphertext := crypto.NewBlobBuffer(len(data)) ciphertext = ciphertext[:0] // truncate the slice nonce := crypto.NewRandomNonce() ciphertext = append(ciphertext, nonce...)