mirror of https://github.com/borgbackup/borg.git
remove remainders of TAM support
This commit is contained in:
parent
1cf62d8fc7
commit
cb4676048a
|
@ -182,22 +182,10 @@ class KeyBase:
|
||||||
id_str = bin_to_hex(id) if id is not None else "(unknown)"
|
id_str = bin_to_hex(id) if id is not None else "(unknown)"
|
||||||
raise IntegrityError(f"Chunk {id_str}: Invalid encryption envelope")
|
raise IntegrityError(f"Chunk {id_str}: Invalid encryption envelope")
|
||||||
|
|
||||||
def _tam_key(self, salt, context):
|
|
||||||
return hkdf_hmac_sha512(
|
|
||||||
ikm=self.id_key + self.crypt_key,
|
|
||||||
salt=salt,
|
|
||||||
info=b"borg-metadata-authentication-" + context,
|
|
||||||
output_length=64,
|
|
||||||
)
|
|
||||||
|
|
||||||
def pack_metadata(self, metadata_dict):
|
def pack_metadata(self, metadata_dict):
|
||||||
metadata_dict = StableDict(metadata_dict)
|
metadata_dict = StableDict(metadata_dict)
|
||||||
return msgpack.packb(metadata_dict)
|
return msgpack.packb(metadata_dict)
|
||||||
|
|
||||||
def pack_and_authenticate_metadata(self, metadata_dict, context): # TODO: remove
|
|
||||||
metadata_dict = StableDict(metadata_dict)
|
|
||||||
return msgpack.packb(metadata_dict)
|
|
||||||
|
|
||||||
def unpack_manifest(self, data):
|
def unpack_manifest(self, data):
|
||||||
"""Unpack msgpacked *data* and return manifest."""
|
"""Unpack msgpacked *data* and return manifest."""
|
||||||
if data.startswith(b"\xc1" * 4):
|
if data.startswith(b"\xc1" * 4):
|
||||||
|
@ -248,9 +236,6 @@ class PlaintextKey(KeyBase):
|
||||||
self.assert_type(data[0], id)
|
self.assert_type(data[0], id)
|
||||||
return memoryview(data)[1:]
|
return memoryview(data)[1:]
|
||||||
|
|
||||||
def _tam_key(self, salt, context):
|
|
||||||
return salt + context
|
|
||||||
|
|
||||||
|
|
||||||
def random_blake2b_256_key():
|
def random_blake2b_256_key():
|
||||||
# This might look a bit curious, but is the same construction used in the keyed mode of BLAKE2b.
|
# This might look a bit curious, but is the same construction used in the keyed mode of BLAKE2b.
|
||||||
|
@ -749,7 +734,6 @@ class AuthenticatedKeyBase(AESKeyBase, FlexiKey):
|
||||||
self.enc_hmac_key = NOPE
|
self.enc_hmac_key = NOPE
|
||||||
self.id_key = NOPE
|
self.id_key = NOPE
|
||||||
self.chunk_seed = 0
|
self.chunk_seed = 0
|
||||||
self.tam_required = False
|
|
||||||
return True
|
return True
|
||||||
return super()._load(key_data, passphrase)
|
return super()._load(key_data, passphrase)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue