forked from TrueCloudLab/restic
debug: Save raw decrypt (disregarding signature)
This commit is contained in:
parent
ce4b6d0874
commit
b3c3121622
1 changed files with 50 additions and 0 deletions
|
@ -4,6 +4,8 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/aes"
|
||||||
|
"crypto/cipher"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
|
@ -292,6 +294,35 @@ outer:
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func sliceForAppend(in []byte, n int) (head, tail []byte) {
|
||||||
|
if total := len(in) + n; cap(in) >= total {
|
||||||
|
head = in[:total]
|
||||||
|
} else {
|
||||||
|
head = make([]byte, total)
|
||||||
|
copy(head, in)
|
||||||
|
}
|
||||||
|
tail = head[len(in):]
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
func decryptUnsigned(ctx context.Context, k *crypto.Key, buf []byte) []byte {
|
||||||
|
// strip signature at the end
|
||||||
|
l := len(buf)
|
||||||
|
nonce, ct := buf[:16], buf[16:l-16]
|
||||||
|
dst := make([]byte, 0, len(ct))
|
||||||
|
|
||||||
|
ret, out := sliceForAppend(dst, len(ct))
|
||||||
|
|
||||||
|
c, err := aes.NewCipher(k.EncryptionKey[:])
|
||||||
|
if err != nil {
|
||||||
|
panic(fmt.Sprintf("unable to create cipher: %v", err))
|
||||||
|
}
|
||||||
|
e := cipher.NewCTR(c, nonce)
|
||||||
|
e.XORKeyStream(out, ct)
|
||||||
|
|
||||||
|
return ret
|
||||||
|
}
|
||||||
|
|
||||||
func loadBlobs(ctx context.Context, repo restic.Repository, pack string, list []restic.Blob) error {
|
func loadBlobs(ctx context.Context, repo restic.Repository, pack string, list []restic.Blob) error {
|
||||||
be := repo.Backend()
|
be := repo.Backend()
|
||||||
for _, blob := range list {
|
for _, blob := range list {
|
||||||
|
@ -323,6 +354,25 @@ func loadBlobs(ctx context.Context, repo restic.Repository, pack string, list []
|
||||||
if tryRepair || repairByte {
|
if tryRepair || repairByte {
|
||||||
tryRepairWithBitflip(ctx, key, buf, repairByte)
|
tryRepairWithBitflip(ctx, key, buf, repairByte)
|
||||||
}
|
}
|
||||||
|
plain := decryptUnsigned(ctx, key, buf)
|
||||||
|
filename := fmt.Sprintf("%s.bin", blob.ID.String())
|
||||||
|
f, err := os.Create(filename)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
_, err = f.Write(plain)
|
||||||
|
if err != nil {
|
||||||
|
_ = f.Close()
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
err = f.Close()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
fmt.Printf("decrypt of blob %v stored at %v\n", blob.ID.Str(), filename)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue