forked from TrueCloudLab/restic
Compare commits
2 commits
master
...
debug-wron
Author | SHA1 | Date | |
---|---|---|---|
|
271eabd239 | ||
|
0333ef3325 |
2 changed files with 155 additions and 7 deletions
|
@ -2,11 +2,14 @@ package checker
|
|||
|
||||
import (
|
||||
"context"
|
||||
cryptosha256 "crypto/sha256"
|
||||
"fmt"
|
||||
"io"
|
||||
"os"
|
||||
"sync"
|
||||
|
||||
simdsha256 "github.com/minio/sha256-simd"
|
||||
|
||||
"github.com/restic/restic/internal/debug"
|
||||
"github.com/restic/restic/internal/errors"
|
||||
"github.com/restic/restic/internal/pack"
|
||||
|
@ -756,10 +759,100 @@ func checkPack(ctx context.Context, r restic.Repository, id restic.ID) error {
|
|||
continue
|
||||
}
|
||||
|
||||
// inject error for testing
|
||||
// if i == 23 {
|
||||
// plaintext[0] ^= 0x01
|
||||
// }
|
||||
|
||||
hash := restic.Hash(plaintext)
|
||||
if !hash.Equal(blob.ID) {
|
||||
debug.Log(" Blob ID does not match, want %v, got %v", blob.ID, hash)
|
||||
errs = append(errs, errors.Errorf("Blob ID does not match, want %v, got %v", blob.ID.Str(), hash.Str()))
|
||||
|
||||
fmt.Fprintf(os.Stderr, "pack %v: blob %v (offset %v, length %v): ID does not match\n", id.String(), i, blob.Offset, blob.Length)
|
||||
fmt.Fprintf(os.Stderr, " want %v\n", blob.ID)
|
||||
fmt.Fprintf(os.Stderr, " got %v\n", hash)
|
||||
fmt.Fprintf(os.Stderr, " crypto/sha256 %02x\n", cryptosha256.Sum256(plaintext))
|
||||
fmt.Fprintf(os.Stderr, " SIMD sha256 %02x\n", simdsha256.Sum256(plaintext))
|
||||
|
||||
// save the blob's plaintext to a temp file
|
||||
f, err := os.OpenFile(fmt.Sprintf("/tmp/%s.plaintext", blob.ID), os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0600)
|
||||
if err != nil {
|
||||
panic("unable to create tempfile: " + err.Error())
|
||||
}
|
||||
|
||||
_, err = f.Write(plaintext)
|
||||
if err != nil {
|
||||
panic("write error: " + err.Error())
|
||||
}
|
||||
|
||||
err = f.Close()
|
||||
if err != nil {
|
||||
panic("close error: " + err.Error())
|
||||
}
|
||||
|
||||
// save the raw buffer
|
||||
f, err = os.OpenFile(fmt.Sprintf("/tmp/%s.buf", blob.ID), os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0600)
|
||||
if err != nil {
|
||||
panic("unable to create tempfile: " + err.Error())
|
||||
}
|
||||
|
||||
_, err = f.Write(buf)
|
||||
if err != nil {
|
||||
panic("write error: " + err.Error())
|
||||
}
|
||||
|
||||
err = f.Close()
|
||||
if err != nil {
|
||||
panic("close error: " + err.Error())
|
||||
}
|
||||
|
||||
// extract the encrypted blob again
|
||||
f, err = os.OpenFile(fmt.Sprintf("/tmp/%s.raw", blob.ID), os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0600)
|
||||
if err != nil {
|
||||
panic("unable to create tempfile: " + err.Error())
|
||||
}
|
||||
|
||||
_, err = packfile.Seek(int64(blob.Offset), 0)
|
||||
if err != nil {
|
||||
panic(errors.Errorf("Seek(%v): %v", blob.Offset, err).Error())
|
||||
}
|
||||
|
||||
_, err = io.CopyN(f, packfile, int64(blob.Length))
|
||||
if err != nil {
|
||||
panic("copyN error: " + err.Error())
|
||||
}
|
||||
|
||||
err = f.Close()
|
||||
if err != nil {
|
||||
panic("close error: " + err.Error())
|
||||
}
|
||||
|
||||
// save the raw pack file
|
||||
f, err = os.OpenFile(fmt.Sprintf("/tmp/%s.pack", id), os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0600)
|
||||
if err != nil {
|
||||
panic("unable to create tempfile: " + err.Error())
|
||||
}
|
||||
|
||||
_, err = packfile.Seek(0, 0)
|
||||
if err != nil {
|
||||
panic(errors.Errorf("Seek(%v): %v", 0, err).Error())
|
||||
}
|
||||
|
||||
_, err = io.Copy(f, packfile)
|
||||
if err != nil {
|
||||
panic("copyN error: " + err.Error())
|
||||
}
|
||||
|
||||
if err == io.EOF {
|
||||
err = nil
|
||||
}
|
||||
|
||||
err = f.Close()
|
||||
if err != nil {
|
||||
panic("close error: " + err.Error())
|
||||
}
|
||||
|
||||
continue
|
||||
}
|
||||
}
|
||||
|
|
|
@ -3,11 +3,15 @@ package crypto_test
|
|||
import (
|
||||
"bytes"
|
||||
"crypto/rand"
|
||||
"encoding/json"
|
||||
"io"
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
"github.com/restic/restic/internal/crypto"
|
||||
"github.com/restic/restic/internal/errors"
|
||||
rtest "github.com/restic/restic/internal/test"
|
||||
"golang.org/x/sync/errgroup"
|
||||
|
||||
"github.com/restic/chunker"
|
||||
)
|
||||
|
@ -279,24 +283,75 @@ func BenchmarkEncrypt(b *testing.B) {
|
|||
}
|
||||
}
|
||||
|
||||
func writeTempfile(name string, data []byte) {
|
||||
f, err := os.Create("/tmp/" + name)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
_, err = f.Write(data)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
err = f.Close()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
func writeJSON(name string, data interface{}) {
|
||||
buf, err := json.Marshal(data)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
writeTempfile(name, buf)
|
||||
}
|
||||
|
||||
func BenchmarkDecrypt(b *testing.B) {
|
||||
size := 8 << 20 // 8MiB
|
||||
data := make([]byte, size)
|
||||
data := rtest.Random(42, size)
|
||||
|
||||
k := crypto.NewRandomKey()
|
||||
|
||||
plaintext := make([]byte, 0, size)
|
||||
ciphertext := make([]byte, 0, size+crypto.Extension)
|
||||
nonce := crypto.NewRandomNonce()
|
||||
ciphertext = k.Seal(ciphertext, nonce, data, nil)
|
||||
|
||||
var err error
|
||||
|
||||
b.ResetTimer()
|
||||
b.SetBytes(int64(size))
|
||||
|
||||
for i := 0; i < b.N; i++ {
|
||||
_, err = k.Open(plaintext, nonce, ciphertext, nil)
|
||||
rtest.OK(b, err)
|
||||
var wg errgroup.Group
|
||||
|
||||
for i := 0; i < 5; i++ {
|
||||
wg.Go(func() error {
|
||||
buf := make([]byte, len(ciphertext))
|
||||
|
||||
for i := 0; i < b.N; i++ {
|
||||
buf = buf[:cap(buf)]
|
||||
copy(buf, ciphertext)
|
||||
result, err := k.Open(buf[:0], nonce, buf, nil)
|
||||
rtest.OK(b, err)
|
||||
|
||||
if !bytes.Equal(data, result) {
|
||||
writeJSON("benchmark-decrypt-encryption-key.raw", k.EncryptionKey)
|
||||
writeJSON("benchmark-decrypt-mac-key.raw", k.MACKey)
|
||||
writeTempfile("benchmark-decrypt-nonce.raw", nonce)
|
||||
writeTempfile("benchmark-decrypt-ciphertext.raw", ciphertext)
|
||||
writeTempfile("benchmark-decrypt-plaintext.raw", data)
|
||||
writeTempfile("benchmark-decrypt-result.raw", result)
|
||||
|
||||
return errors.New("wrong plaintext")
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
})
|
||||
}
|
||||
|
||||
err := wg.Wait()
|
||||
if err != nil {
|
||||
b.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue