mirror of
https://github.com/borgbackup/borg.git
synced 2024-12-27 10:18:12 +00:00
keyfile: improve key sanity check, fixes #7561
check key file structure, make sure the binary key is not way too short (or zero) length. if key file looks strange, emit warnings.
This commit is contained in:
parent
ec1f2dfbf1
commit
58d3dbcec0
1 changed files with 26 additions and 1 deletions
|
@ -1,3 +1,4 @@
|
||||||
|
import binascii
|
||||||
import hmac
|
import hmac
|
||||||
import os
|
import os
|
||||||
import textwrap
|
import textwrap
|
||||||
|
@ -615,7 +616,31 @@ def sanity_check(self, filename, id):
|
||||||
raise KeyfileInvalidError(self.repository._location.canonical_path(), filename)
|
raise KeyfileInvalidError(self.repository._location.canonical_path(), filename)
|
||||||
if fd.read(len(repo_id)) != repo_id:
|
if fd.read(len(repo_id)) != repo_id:
|
||||||
raise KeyfileMismatchError(self.repository._location.canonical_path(), filename)
|
raise KeyfileMismatchError(self.repository._location.canonical_path(), filename)
|
||||||
return filename
|
# we get here if it really looks like a borg key for this repo,
|
||||||
|
# do some more checks that are close to how borg reads/parses the key.
|
||||||
|
with open(filename, "r") as fd:
|
||||||
|
lines = fd.readlines()
|
||||||
|
if len(lines) < 2:
|
||||||
|
logger.warning(f"borg key sanity check: expected 2+ lines total. [{filename}]")
|
||||||
|
raise KeyfileInvalidError(self.repository._location.canonical_path(), filename)
|
||||||
|
if len(lines[0].rstrip()) > len(file_id) + len(repo_id):
|
||||||
|
logger.warning(f"borg key sanity check: key line 1 seems too long. [{filename}]")
|
||||||
|
raise KeyfileInvalidError(self.repository._location.canonical_path(), filename)
|
||||||
|
key_b64 = "".join(lines[1:])
|
||||||
|
try:
|
||||||
|
key = a2b_base64(key_b64)
|
||||||
|
except binascii.Error:
|
||||||
|
logger.warning(f"borg key sanity check: key line 2+ does not look like base64. [{filename}]")
|
||||||
|
raise KeyfileInvalidError(self.repository._location.canonical_path(), filename)
|
||||||
|
if len(key) < 20:
|
||||||
|
# this is in no way a precise check, usually we have about 400b key data.
|
||||||
|
logger.warning(
|
||||||
|
f"borg key sanity check: binary encrypted key data from key line 2+ suspiciously short."
|
||||||
|
f" [{filename}]"
|
||||||
|
)
|
||||||
|
raise KeyfileInvalidError(self.repository._location.canonical_path(), filename)
|
||||||
|
# looks good!
|
||||||
|
return filename
|
||||||
|
|
||||||
def find_key(self):
|
def find_key(self):
|
||||||
if self.STORAGE == KeyBlobStorage.KEYFILE:
|
if self.STORAGE == KeyBlobStorage.KEYFILE:
|
||||||
|
|
Loading…
Reference in a new issue