mirror/borg
1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2024-12-26 01:37:20 +00:00
Code Issues Releases Wiki Activity
4690 commits 9 branches 139 tags 60 MiB
Commit graph

4690 commits

This branch
This branch
All branches
Author SHA1 Message Date
enkore
bccff3413b Merge pull request #2889 from enkore/f/mt-1b 
multithreading: item.to_optr(), Item.from_optr()
 2017-07-29 17:27:18 +02:00
Marian Beermann
d286d753cb item: item.to_optr(), Item.from_optr() 2017-07-29 17:26:39 +02:00
enkore
7b35b1ef24 Merge pull request #2888 from enkore/f/remove-gcm 
crypto: fixes & remove AES-GCM
 2017-07-29 17:24:16 +02:00
enkore
5abfa0b266 Merge pull request #2887 from enkore/f/mt-1a 
multithreading: add pyzmq dep, chunker GIL
 2017-07-29 14:36:01 +02:00
Marian Beermann
e57dd4bc9e crypto: avoid bad prototype codegen from cython 
(-Wstrict-prototypes, Cyton forgets a "void")
 2017-07-29 12:28:33 +02:00
Marian Beermann
630e45b742 crypto: fix wrong use of const 2017-07-29 12:28:06 +02:00
Marian Beermann
d5ee16d676 crypto: remove AES-GCM 2017-07-29 12:22:11 +02:00
enkore
7d02c7e453 Merge pull request #1034 from ThomasWaldmann/crypto-aead 
new crypto code, blackbox, aead internally
 2017-07-29 12:18:38 +02:00
Marian Beermann
55e0c43c53 add zeromq dependency 2017-07-29 11:58:01 +02:00
Marian Beermann
b1b66be593 fix chunker holding the GIL during blocking I/O 2017-07-29 11:58:01 +02:00
Thomas Waldmann
dc4abffbc0 remove unused bytes16 conversions 2017-07-27 23:48:30 +02:00
Thomas Waldmann
63ebfc140b remove unused extract_nonce method 2017-07-27 23:48:30 +02:00
Thomas Waldmann
e7228fa3a4 cosmetic: move some lines 2017-07-27 23:48:30 +02:00
Thomas Waldmann
68ef5e8a4b allow different MACs, implement blake2b MAC 2017-07-27 23:48:30 +02:00
Thomas Waldmann
945b5e25e2 dispatch to dummy blake2b ciphersuite 2017-07-27 23:48:30 +02:00
Thomas Waldmann
1e23291b7f post-merge: re-enabled AuthenticatedKey and tests 2017-07-27 23:48:30 +02:00
Thomas Waldmann
6090fdeef3 move the cipher internal counter overflow check to encrypt()/decrypt() 2017-07-27 23:48:30 +02:00
Thomas Waldmann
8f1678e2ba set_iv / next iv with integers 2017-07-27 23:48:30 +02:00
Thomas Waldmann
58c2dafbe0 nonce manager: remove get/set iv, make it integer based 2017-07-27 23:48:30 +02:00
Thomas Waldmann
f34092e567 move openssl version checks to staticmethod requirements_check 2017-07-27 23:48:30 +02:00
Thomas Waldmann
23959eb5bf borg.key: include chunk id in exception msgs 2017-07-27 23:48:30 +02:00
Thomas Waldmann
37cf3ef469 init ciphersuites with header_len and aad_offset 
it's needed for extract_iv already, so it should be given to init, not encrypt/decrypt
 2017-07-27 23:48:30 +02:00
Thomas Waldmann
e9bbf9307d refactor to cipher.extract_iv 
position and length of iv depends on cipher
 2017-07-27 23:48:29 +02:00
Thomas Waldmann
2d79f19263 refactor / generalize to num_cipher_blocks 2017-07-27 23:48:29 +02:00
Thomas Waldmann
310b4b7775 UNENCRYPTED (and unauthenticated) "ciphersuite" 
it can be used to integrate the plaintext mode with the AEAD modes, both use same api now.
 2017-07-27 23:48:29 +02:00
Thomas Waldmann
f76f42c2a0 use cipher.block_count() 
there are some more places where it is used.
 2017-07-27 23:48:29 +02:00
Thomas Waldmann
de0707d3dd refactor AES class to new api 2017-07-27 23:48:29 +02:00
Thomas Waldmann
fbc740427d cosmetic: s/enc_cipher/cipher/, remove comment 2017-07-27 23:48:08 +02:00
Thomas Waldmann
8752039bec integrate new crypto code 2017-07-27 23:33:15 +02:00
Thomas Waldmann
4effe40415 re-add legacy AES() crypto class 
we need it to encrypt/decrypt key files / config keys.
 2017-07-27 23:22:32 +02:00
Thomas Waldmann
ef880de64c add iv as optional encrypt() param 2017-07-27 23:22:32 +02:00
Thomas Waldmann
5287531130 make sure set_iv is called before each encrypt() call 2017-07-27 23:22:32 +02:00
Thomas Waldmann
d88c0765e7 make sure sizes are in sync 2017-07-27 23:22:32 +02:00
Thomas Waldmann
fb85d6abdc generalize intermediate classes' init 2017-07-27 23:22:32 +02:00
Thomas Waldmann
11349d1699 move IV type check to set_iv method 2017-07-27 23:22:32 +02:00
Thomas Waldmann
71b8d7fc18 generalize block count computation 
also: use block_count method for legacy ciphersuites
 2017-07-27 23:22:32 +02:00
Thomas Waldmann
ca4fc2a222 generalize next_iv comment 2017-07-27 23:22:31 +02:00
Thomas Waldmann
ce5c5781aa replace literals for iv_len/mac_len 2017-07-27 23:22:31 +02:00
Thomas Waldmann
d94f64c6d5 dedup crypto tests for AE/AEAD ciphersuites 2017-07-27 23:22:31 +02:00
Thomas Waldmann
741ab8ba05 use PyMem_Malloc / Free 
Hopefully it is better dealing with a lot of small-object allocations than malloc/free is.
Small allocs happen if the input file is small, so it results only in 1 small chunk.
 2017-07-27 23:22:31 +02:00
Thomas Waldmann
15490d520d add support for AES-OCB and chacha20-poly1305 
also: use AEAD base class
 2017-07-27 23:22:31 +02:00
Thomas Waldmann
92080f9572 crypto: add functions missing in openssl 1.0.x 2017-07-27 23:22:31 +02:00
Thomas Waldmann
ee604ab390 crypto: use OpenSSL 1.1 HMAC API 
This breaks it on OpenSSL 1.0.x as there is no HMAC_CTX_new/free() yet.

OTOH, this change is consistent with the previous change done for
EVP_CIPHER_CTX (which works on 1.0 and 1.1).
 2017-07-27 23:22:31 +02:00
Thomas Waldmann
67567fc432 new crypto api, blackbox/AEAD. also adds AES256-GCM. 
includes:

- aes256-ctr-hmac-sha256 (attic/borg legacy, optional aad support)

- aes256-gcm (new, optional aad support)
  uses 96bits for iv, 128bit for auth tag.

- header support
  the caller-provided header will be just copied in front of the rest -
  this avoids expensive operations (memcpy, garbage collection) in Python.
  the first bytes in the header may be non-authenticated data if aad_offset > 0.
  this is to support legacy attic/borg envelope layout, where the type byte
  is not authenticated.

- aad support
  additional authenticated data - it just contributes to the computed mac,
  but is not encrypted). the current api assumes that aad starts at some
  aad_offset inside the given header and extends to the end of it.

- iv handling helpers, compute next iv based on amount of processed data

- unit tests

Note: the changes are intentionally kept isolated / not integrated into the
      rest of the code, so this has to be done later.
 2017-07-27 23:22:19 +02:00
enkore
8d89ee981c Merge pull request #2882 from enkore/docs/minor-fixes 
docs: minor formatting fixes
 2017-07-26 14:01:49 +02:00
Marian Beermann
405e5ac9e1 docs: common options: don't wrap options 2017-07-26 13:57:48 +02:00
Marian Beermann
8727b79325 docs: don't narrow right margin in sidebar toc 
avoids overly narrow text in the FAQ toc
 2017-07-26 13:54:55 +02:00
enkore
153da8a9e6 Merge pull request #2881 from enkore/docs/tarpipe 
docs: tar: tarpipe example
 2017-07-26 10:41:10 +02:00
Marian Beermann
2ff4550d4b docs: tar: tarpipe example 2017-07-26 10:40:35 +02:00
enkore
daa88e07f2 Merge pull request #2877 from Alexander-N/pylint-rules 
Activate more linting rules in .coafile
 2017-07-25 09:56:25 +02:00