From d5ee16d676ac949d5dc4840740404b29655387a9 Mon Sep 17 00:00:00 2001 From: Marian Beermann Date: Sat, 29 Jul 2017 12:22:11 +0200 Subject: [PATCH 1/3] crypto: remove AES-GCM --- src/borg/crypto/low_level.pyx | 13 ------------- src/borg/testsuite/crypto.py | 12 +++--------- 2 files changed, 3 insertions(+), 22 deletions(-) diff --git a/src/borg/crypto/low_level.pyx b/src/borg/crypto/low_level.pyx index da06c73e2..c77fe5667 100644 --- a/src/borg/crypto/low_level.pyx +++ b/src/borg/crypto/low_level.pyx @@ -67,7 +67,6 @@ cdef extern from "openssl/evp.h": pass const EVP_CIPHER *EVP_aes_256_ctr() - const EVP_CIPHER *EVP_aes_256_gcm() const EVP_CIPHER *EVP_aes_256_ocb() const EVP_CIPHER *EVP_chacha20_poly1305() @@ -668,18 +667,6 @@ cdef class _CHACHA_BASE(_AEAD_BASE): super().__init__(*args, **kwargs) -cdef class AES256_GCM(_AES_BASE): - @staticmethod - def requirements_check(): - if OPENSSL_VERSION_NUMBER < 0x10001040: - raise ValueError('AES GCM requires OpenSSL >= 1.0.1d. Detected: OpenSSL %08x' % OPENSSL_VERSION_NUMBER) - - def __init__(self, mac_key, enc_key, iv=None, header_len=1, aad_offset=1): - self.requirements_check() - self.cipher = EVP_aes_256_gcm - super().__init__(mac_key, enc_key, iv=iv, header_len=header_len, aad_offset=aad_offset) - - cdef class AES256_OCB(_AES_BASE): @staticmethod def requirements_check(): diff --git a/src/borg/testsuite/crypto.py b/src/borg/testsuite/crypto.py index a4e822c5d..407a4e9ab 100644 --- a/src/borg/testsuite/crypto.py +++ b/src/borg/testsuite/crypto.py @@ -1,6 +1,6 @@ from binascii import hexlify, unhexlify -from ..crypto.low_level import AES256_CTR_HMAC_SHA256, AES256_GCM, AES256_OCB, CHACHA20_POLY1305, UNENCRYPTED, \ +from ..crypto.low_level import AES256_CTR_HMAC_SHA256, AES256_OCB, CHACHA20_POLY1305, UNENCRYPTED, \ IntegrityError, blake2b_256, hmac_sha256, openssl10 from ..crypto.low_level import bytes_to_long, bytes_to_int, long_to_bytes from ..crypto.low_level import hkdf_hmac_sha512 @@ -97,10 +97,7 @@ class CryptoTestCase(BaseTestCase): data = b'foo' * 10 header = b'\x23' tests = [ - # ciphersuite class, exp_mac, exp_cdata - (AES256_GCM, - b'66a438843aa41a087d6a7ed1dc1f3c4c', - b'5bbb40be14e4bcbfc75715b77b1242d590d2bf9f7f8a8a910b4469888689', ) + # (ciphersuite class, exp_mac, exp_cdata) ] if not openssl10: tests += [ @@ -144,10 +141,7 @@ class CryptoTestCase(BaseTestCase): data = b'foo' * 10 header = b'\x12\x34\x56' tests = [ - # ciphersuite class, exp_mac, exp_cdata - (AES256_GCM, - b'4fb0e5b0a0bca57527352cc6240e7cca', - b'5bbb40be14e4bcbfc75715b77b1242d590d2bf9f7f8a8a910b4469888689', ) + # (ciphersuite class, exp_mac, exp_cdata) ] if not openssl10: tests += [ From 630e45b742da6d586c538117b78eb413f0ff9128 Mon Sep 17 00:00:00 2001 From: Marian Beermann Date: Sat, 29 Jul 2017 12:28:06 +0200 Subject: [PATCH 2/3] crypto: fix wrong use of const --- src/borg/crypto/low_level.pyx | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/src/borg/crypto/low_level.pyx b/src/borg/crypto/low_level.pyx index c77fe5667..b0acaadca 100644 --- a/src/borg/crypto/low_level.pyx +++ b/src/borg/crypto/low_level.pyx @@ -251,12 +251,15 @@ cdef class AES256_CTR_BASE: cdef mac_compute(self, const unsigned char *data1, int data1_len, const unsigned char *data2, int data2_len, - const unsigned char *mac_buf): + unsigned char *mac_buf): raise NotImplementedError cdef mac_verify(self, const unsigned char *data1, int data1_len, const unsigned char *data2, int data2_len, - const unsigned char *mac_buf, const unsigned char *mac_wanted): + unsigned char *mac_buf, const unsigned char *mac_wanted): + """ + Calculate MAC of *data1*, *data2*, write result to *mac_buf*, and verify against *mac_wanted.* + """ raise NotImplementedError def encrypt(self, data, header=b'', iv=None): @@ -400,7 +403,7 @@ cdef class AES256_CTR_HMAC_SHA256(AES256_CTR_BASE): cdef mac_compute(self, const unsigned char *data1, int data1_len, const unsigned char *data2, int data2_len, - const unsigned char *mac_buf): + unsigned char *mac_buf): if not HMAC_Init_ex(self.hmac_ctx, self.mac_key, self.mac_len, EVP_sha256(), NULL): raise CryptoError('HMAC_Init_ex failed') if not HMAC_Update(self.hmac_ctx, data1, data1_len): @@ -412,7 +415,7 @@ cdef class AES256_CTR_HMAC_SHA256(AES256_CTR_BASE): cdef mac_verify(self, const unsigned char *data1, int data1_len, const unsigned char *data2, int data2_len, - const unsigned char *mac_buf, const unsigned char *mac_wanted): + unsigned char *mac_buf, const unsigned char *mac_wanted): self.mac_compute(data1, data1_len, data2, data2_len, mac_buf) if CRYPTO_memcmp(mac_buf, mac_wanted, self.mac_len): raise IntegrityError('MAC Authentication failed') @@ -434,7 +437,7 @@ cdef class AES256_CTR_BLAKE2b(AES256_CTR_BASE): cdef mac_compute(self, const unsigned char *data1, int data1_len, const unsigned char *data2, int data2_len, - const unsigned char *mac_buf): + unsigned char *mac_buf): cdef blake2b_state state cdef int rc rc = blake2b_init(&state, self.mac_len) @@ -454,7 +457,7 @@ cdef class AES256_CTR_BLAKE2b(AES256_CTR_BASE): cdef mac_verify(self, const unsigned char *data1, int data1_len, const unsigned char *data2, int data2_len, - const unsigned char *mac_buf, const unsigned char *mac_wanted): + unsigned char *mac_buf, const unsigned char *mac_wanted): self.mac_compute(data1, data1_len, data2, data2_len, mac_buf) if CRYPTO_memcmp(mac_buf, mac_wanted, self.mac_len): raise IntegrityError('MAC Authentication failed') From e57dd4bc9ed33bb9706c3499922434c364e48ddb Mon Sep 17 00:00:00 2001 From: Marian Beermann Date: Sat, 29 Jul 2017 12:28:33 +0200 Subject: [PATCH 3/3] crypto: avoid bad prototype codegen from cython (-Wstrict-prototypes, Cyton forgets a "void") --- src/borg/crypto/low_level.pyx | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/borg/crypto/low_level.pyx b/src/borg/crypto/low_level.pyx index b0acaadca..82d874071 100644 --- a/src/borg/crypto/low_level.pyx +++ b/src/borg/crypto/low_level.pyx @@ -222,8 +222,8 @@ cdef class AES256_CTR_BASE: cdef unsigned char iv[16] cdef long long blocks - @staticmethod - def requirements_check(): + @classmethod + def requirements_check(cls): if OPENSSL_VERSION_NUMBER < 0x10000000: raise ValueError('AES CTR requires OpenSSL >= 1.0.0. Detected: OpenSSL %08x' % OPENSSL_VERSION_NUMBER) @@ -480,8 +480,8 @@ cdef class _AEAD_BASE: cdef unsigned char iv[12] cdef long long blocks - @staticmethod - def requirements_check(): + @classmethod + def requirements_check(cls): """check whether library requirements for this ciphersuite are satisfied""" raise NotImplemented # override / implement in child class @@ -671,8 +671,8 @@ cdef class _CHACHA_BASE(_AEAD_BASE): cdef class AES256_OCB(_AES_BASE): - @staticmethod - def requirements_check(): + @classmethod + def requirements_check(cls): if OPENSSL_VERSION_NUMBER < 0x10100000: raise ValueError('AES OCB requires OpenSSL >= 1.1.0. Detected: OpenSSL %08x' % OPENSSL_VERSION_NUMBER) @@ -683,8 +683,8 @@ cdef class AES256_OCB(_AES_BASE): cdef class CHACHA20_POLY1305(_CHACHA_BASE): - @staticmethod - def requirements_check(): + @classmethod + def requirements_check(cls): if OPENSSL_VERSION_NUMBER < 0x10100000: raise ValueError('CHACHA20-POLY1305 requires OpenSSL >= 1.1.0. Detected: OpenSSL %08x' % OPENSSL_VERSION_NUMBER)