mirror
/
borg
mirror of https://github.com/borgbackup/borg.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #6931 from ThomasWaldmann/copy-crypt-key 

rename --copy-ae-key into --copy-crypt-key
This commit is contained in:
TW 2022-08-04 11:56:17 +02:00 committed by GitHub
parent afa282c977 4ec17d969c
commit 23eb28d3b8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/borg/archiver/rcreate.py
View File

@ -22,7 +22,7 @@ class RCreateMixIn:
path = args.location.canonical_path() path = args.location.canonical_path()
logger.info('Initializing repository at "%s"' % path) logger.info('Initializing repository at "%s"' % path)
if other_key is not None: if other_key is not None:
other_key.copy_ae_key = args.copy_ae_key other_key.copy_crypt_key = args.copy_crypt_key
try: try:
key = key_creator(repository, args, other_key=other_key) key = key_creator(repository, args, other_key=other_key)
except (EOFError, KeyboardInterrupt): except (EOFError, KeyboardInterrupt):
@ -160,7 +160,7 @@ class RCreateMixIn:
By default, only the ID key and chunker secret will be the same (these are important By default, only the ID key and chunker secret will be the same (these are important
for deduplication) and the AE crypto keys will be newly generated random keys. for deduplication) and the AE crypto keys will be newly generated random keys.
Optionally, if you use ``--copy-ae-key`` you can also keep the same AE crypto keys Optionally, if you use ``--copy-crypt-key`` you can also keep the same crypt_key
(used for authenticated encryption). Might be desired e.g. if you want to have less (used for authenticated encryption). Might be desired e.g. if you want to have less
keys to manage. keys to manage.
@ -218,8 +218,9 @@ class RCreateMixIn:
help="create the parent directories of the repository directory, if they are missing.", help="create the parent directories of the repository directory, if they are missing.",
) )
subparser.add_argument( subparser.add_argument(
"--copy-ae-key", "--copy-crypt-key",
dest="copy_ae_key", dest="copy_crypt_key",
action="store_true", action="store_true",
help="copy the authenticated encryption (AE) key from the key of the other repo (default: new random key).", help="copy the crypt_key (used for authenticated encryption) from the key of the other repo "
"(default: new random key).",
) )

4
src/borg/crypto/key.py
View File

@ -191,7 +191,7 @@ class KeyBase:
self.compressor = Compressor("lz4") self.compressor = Compressor("lz4")
self.decompress = self.compressor.decompress self.decompress = self.compressor.decompress
self.tam_required = True self.tam_required = True
self.copy_ae_key = False self.copy_crypt_key = False
def id_hash(self, data): def id_hash(self, data):
"""Return HMAC hash using the "id" HMAC key""" """Return HMAC hash using the "id" HMAC key"""
@ -603,7 +603,7 @@ class FlexiKey:
raise Error("Copying key material to an AES-CTR based mode is insecure and unsupported.") raise Error("Copying key material to an AES-CTR based mode is insecure and unsupported.")
if not uses_same_id_hash(other_key, key): if not uses_same_id_hash(other_key, key):
raise Error("You must keep the same ID hash (HMAC-SHA256 or BLAKE2b) or deduplication will break.") raise Error("You must keep the same ID hash (HMAC-SHA256 or BLAKE2b) or deduplication will break.")
if other_key.copy_ae_key: if other_key.copy_crypt_key:
# give the user the option to use the same authenticated encryption (AE) key # give the user the option to use the same authenticated encryption (AE) key
crypt_key = other_key.crypt_key crypt_key = other_key.crypt_key
else: else: