mirror of
https://github.com/borgbackup/borg.git
synced 2024-12-24 00:37:56 +00:00
Remove hashing from PlaintextKey.
Not needed since silent disk corruption will be detected by the repository segment checksum.
This commit is contained in:
parent
a887fa2065
commit
e578d28184
1 changed files with 2 additions and 9 deletions
11
darc/key.py
11
darc/key.py
|
@ -73,19 +73,12 @@ def id_hash(self, data):
|
|||
return sha256(data).digest()
|
||||
|
||||
def encrypt(self, data):
|
||||
cdata = zlib.compress(data)
|
||||
hash = sha256(cdata).digest()
|
||||
return b''.join([self.TYPE_STR, hash, cdata])
|
||||
return b''.join([self.TYPE_STR, zlib.compress(data)])
|
||||
|
||||
def decrypt(self, id, data):
|
||||
if data[0] != self.TYPE:
|
||||
raise IntegrityError('Invalid encryption envelope')
|
||||
# This is just a hash and not a hmac but it will at least
|
||||
# stop unintentionally corrupted data from hitting zlib.decompress()
|
||||
hash = memoryview(data)[1:33]
|
||||
if memoryview(sha256(memoryview(data)[33:]).digest()) != hash:
|
||||
raise IntegrityError('Payload checksum mismatch')
|
||||
data = zlib.decompress(memoryview(data)[33:])
|
||||
data = zlib.decompress(memoryview(data)[1:])
|
||||
if id and sha256(data).digest() != id:
|
||||
raise IntegrityError('Chunk id verification failed')
|
||||
return data
|
||||
|
|
Loading…
Reference in a new issue