added it for all classes there, so the caller just give it.
for the legacy AES-CTR based classes, the given aad is completely ignored.
this is to stay compatible with repo data of borg < 1.3.
for the new AEAD based classes:
encrypt: the aad is fed into the auth tag computation
decrypt: same. decrypt will fail on auth tag mismatch.
we already have .decrypt(id, data, ...).
i changed .encrypt(chunk) to .encrypt(id, data).
the old borg crypto won't really need or use the id,
but the new AEAD crypto will authenticate the id in future.
if we just have a pointer to a bytes object which might go out of scope, we can lose it.
also: cython can directly assign a bytes object into a same-size char array.
if we just have a pointer to a bytes object which might go out of scope, we can lose it.
also: cython can directly assign a bytes object into a same-size char array.
encrypt used to "patch" the IV into the header,
decrypt used to fetch it from there.
encrypt now takes the header just "as is" and
also decrypt expects that the IV is already set.
also:
cleanup class structure: less inheritance, more mixins.
define type bytes using the 4:4 split
upper 4 bits are ciphersuite:
0 == legacy AES-CTR based stuff
1+ == new AEAD stuff
lower 4 bits are keytype:
legacy: a bit mixed up, as it was...
new stuff: 0=keyfile 1=repokey, ...
`borg benchmark cpu` fails on OpenBSD with the error below, which is
caused by LibreSSL currently not supporting AES256_OCB and
CHACHA20_POLY1305.
Work around this by checking if borg is used with LibreSSL. Tested on
OpenBSD.
```
Chunkers =======================================================
buzhash,19,23,21,4095 1GB 14.294s
fixed,1048576 1GB 0.244s
Non-cryptographic checksums / hashes ===========================
crc32 (libdeflate, used) 1GB 0.724s
crc32 (zlib) 1GB 1.953s
xxh64 1GB 0.361s
Cryptographic hashes / MACs ====================================
hmac-sha256 1GB 7.039s
blake2b-256 1GB 9.845s
Encryption =====================================================
aes-256-ctr-hmac-sha256 1GB 18.312s
aes-256-ctr-blake2b 1GB 21.213s
Local Exception
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/borg/archiver.py", line 5241, in main
exit_code = archiver.run(args)
File "/usr/local/lib/python3.9/site-packages/borg/archiver.py", line 5172, in run
return set_ec(func(args))
File "/usr/local/lib/python3.9/site-packages/borg/archiver.py", line 607, in do_benchmark_cpu
print(f"{spec:<24} {size:<10} {timeit(func, number=100):.3f}s")
File "/usr/local/lib/python3.9/timeit.py", line 233, in timeit
return Timer(stmt, setup, timer, globals).timeit(number)
File "/usr/local/lib/python3.9/timeit.py", line 177, in timeit
timing = self.inner(it, self.timer)
File "<timeit-src>", line 6, in inner
File "/usr/local/lib/python3.9/site-packages/borg/archiver.py", line 602, in <lambda>
("aes-256-ocb", lambda: AES256_OCB(
File "src/borg/crypto/low_level.pyx", line 636, in borg.crypto.low_level.AES256_OCB.__init__
File "src/borg/crypto/low_level.pyx", line 633, in borg.crypto.low_level.AES256_OCB.requirements_check
ValueError: AES OCB is not implemented by LibreSSL (yet?).
Platform: OpenBSD gateway.lan 7.1 GENERIC.MP#418 amd64
Borg: 1.2.1.dev98+gebaf0c32 Python: CPython 3.9.10 msgpack: 1.0.3 fuse: None [pyfuse3,llfuse]
PID: 38614 CWD: /storage/8899fc1454db04de.a/home/code/git/ports/sysutils/borg
sys.argv: ['/usr/local/bin/borg', 'benchmark', 'cpu']
SSH_ORIGINAL_COMMAND: None
```
