mirror
/
borg
mirror of https://github.com/borgbackup/borg.git
1
0
Fork 0
Code Issues Releases Wiki Activity

add assertion to demonstrate mac key length issue in test data

This commit is contained in:
Thomas Waldmann 2016-12-04 17:56:23 +01:00
parent 7e5ed40e2f
commit 58752c9de9
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/borg/key.py
View File

@ -226,6 +226,8 @@ class AESKeyBase(KeyBase):
self.nonce_manager.ensure_reservation(num_aes_blocks(len(chunk.data))) self.nonce_manager.ensure_reservation(num_aes_blocks(len(chunk.data)))
self.enc_cipher.reset() self.enc_cipher.reset()
data = b''.join((self.enc_cipher.iv[8:], self.enc_cipher.encrypt(chunk.data))) data = b''.join((self.enc_cipher.iv[8:], self.enc_cipher.encrypt(chunk.data)))
assert (self.MAC is blake2b_256 and len(self.enc_hmac_key) == 128 or
self.MAC is hmac_sha256 and len(self.enc_hmac_key) == 32)
hmac = self.MAC(self.enc_hmac_key, data) hmac = self.MAC(self.enc_hmac_key, data)
return b''.join((self.TYPE_STR, hmac, data)) return b''.join((self.TYPE_STR, hmac, data))
@ -236,6 +238,8 @@ class AESKeyBase(KeyBase):
raise IntegrityError('Chunk %s: Invalid encryption envelope' % id_str) raise IntegrityError('Chunk %s: Invalid encryption envelope' % id_str)
data_view = memoryview(data) data_view = memoryview(data)
hmac_given = data_view[1:33] hmac_given = data_view[1:33]
assert (self.MAC is blake2b_256 and len(self.enc_hmac_key) == 128 or
self.MAC is hmac_sha256 and len(self.enc_hmac_key) == 32)
hmac_computed = memoryview(self.MAC(self.enc_hmac_key, data_view[33:])) hmac_computed = memoryview(self.MAC(self.enc_hmac_key, data_view[33:]))
if not compare_digest(hmac_computed, hmac_given): if not compare_digest(hmac_computed, hmac_given):
id_str = bin_to_hex(id) if id is not None else '(unknown)' id_str = bin_to_hex(id) if id is not None else '(unknown)'