mirror/borg
1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2025-01-04 06:21:46 +00:00
Code Issues Releases Wiki Activity

Merge pull request #8105 from ThomasWaldmann/corrupted-key-errmsg-master

Browse source 
better error msg for corrupted key data, fixes #8016
This commit is contained in:
TW 2024-02-19 23:30:38 +01:00 committed by GitHub
commit 7bed7b86d4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 12 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/internals/frontends.rst
View file

@ -628,7 +628,7 @@ Errors
Failed to encode filename "{}" into file system encoding "{}". Consider configuring the LANG environment variable. Failed to encode filename "{}" into file system encoding "{}". Consider configuring the LANG environment variable.
KeyfileInvalidError rc: 40 traceback: no KeyfileInvalidError rc: 40 traceback: no
Invalid key file for repository {} found in {}. Invalid key data for repository {} found in {}.
KeyfileMismatchError rc: 41 traceback: no KeyfileMismatchError rc: 41 traceback: no
Mismatch between repository {} and key file {}. Mismatch between repository {} and key file {}.
KeyfileNotFoundError rc: 42 traceback: no KeyfileNotFoundError rc: 42 traceback: no

16
src/borg/crypto/key.py
View file

@ -53,7 +53,7 @@ class KeyfileNotFoundError(Error):
class KeyfileInvalidError(Error): class KeyfileInvalidError(Error):
"""Invalid key file for repository {} found in {}.""" """Invalid key data for repository {} found in {}."""
exit_mcode = 40 exit_mcode = 40
@ -381,8 +381,14 @@ def detect(cls, repository, manifest_data):
return key return key
def _load(self, key_data, passphrase): def _load(self, key_data, passphrase):
cdata = binascii.a2b_base64(key_data) try:
data = self.decrypt_key_file(cdata, passphrase) key = binascii.a2b_base64(key_data)
except (ValueError, binascii.Error):
raise KeyfileInvalidError(self.repository._location.canonical_path(), "(repokey)") from None
if len(key) < 20:
# this is in no way a precise check, usually we have about 400b key data.
raise KeyfileInvalidError(self.repository._location.canonical_path(), "(repokey)")
data = self.decrypt_key_file(key, passphrase)
if data: if data:
data = msgpack.unpackb(data) data = msgpack.unpackb(data)
key = Key(internal_dict=data) key = Key(internal_dict=data)
@ -567,9 +573,9 @@ def sanity_check(self, filename, id):
key_b64 = "".join(lines[1:]) key_b64 = "".join(lines[1:])
try: try:
key = binascii.a2b_base64(key_b64) key = binascii.a2b_base64(key_b64)
except binascii.Error: except (ValueError, binascii.Error):
logger.warning(f"borg key sanity check: key line 2+ does not look like base64. [{filename}]") logger.warning(f"borg key sanity check: key line 2+ does not look like base64. [{filename}]")
raise KeyfileInvalidError(self.repository._location.canonical_path(), filename) raise KeyfileInvalidError(self.repository._location.canonical_path(), filename) from None
if len(key) < 20: if len(key) < 20:
# this is in no way a precise check, usually we have about 400b key data. # this is in no way a precise check, usually we have about 400b key data.
logger.warning( logger.warning(