mirror/borg
1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2024-12-26 17:57:59 +00:00
Code Issues Releases Wiki Activity
4616 commits 9 branches 139 tags 61 MiB
Commit graph

4616 commits

This branch
This branch
All branches
Author SHA1 Message Date
Thomas Waldmann
310b4b7775 UNENCRYPTED (and unauthenticated) "ciphersuite" 
it can be used to integrate the plaintext mode with the AEAD modes, both use same api now.
 2017-07-27 23:48:29 +02:00
Thomas Waldmann
f76f42c2a0 use cipher.block_count() 
there are some more places where it is used.
 2017-07-27 23:48:29 +02:00
Thomas Waldmann
de0707d3dd refactor AES class to new api 2017-07-27 23:48:29 +02:00
Thomas Waldmann
fbc740427d cosmetic: s/enc_cipher/cipher/, remove comment 2017-07-27 23:48:08 +02:00
Thomas Waldmann
8752039bec integrate new crypto code 2017-07-27 23:33:15 +02:00
Thomas Waldmann
4effe40415 re-add legacy AES() crypto class 
we need it to encrypt/decrypt key files / config keys.
 2017-07-27 23:22:32 +02:00
Thomas Waldmann
ef880de64c add iv as optional encrypt() param 2017-07-27 23:22:32 +02:00
Thomas Waldmann
5287531130 make sure set_iv is called before each encrypt() call 2017-07-27 23:22:32 +02:00
Thomas Waldmann
d88c0765e7 make sure sizes are in sync 2017-07-27 23:22:32 +02:00
Thomas Waldmann
fb85d6abdc generalize intermediate classes' init 2017-07-27 23:22:32 +02:00
Thomas Waldmann
11349d1699 move IV type check to set_iv method 2017-07-27 23:22:32 +02:00
Thomas Waldmann
71b8d7fc18 generalize block count computation 
also: use block_count method for legacy ciphersuites
 2017-07-27 23:22:32 +02:00
Thomas Waldmann
ca4fc2a222 generalize next_iv comment 2017-07-27 23:22:31 +02:00
Thomas Waldmann
ce5c5781aa replace literals for iv_len/mac_len 2017-07-27 23:22:31 +02:00
Thomas Waldmann
d94f64c6d5 dedup crypto tests for AE/AEAD ciphersuites 2017-07-27 23:22:31 +02:00
Thomas Waldmann
741ab8ba05 use PyMem_Malloc / Free 
Hopefully it is better dealing with a lot of small-object allocations than malloc/free is.
Small allocs happen if the input file is small, so it results only in 1 small chunk.
 2017-07-27 23:22:31 +02:00
Thomas Waldmann
15490d520d add support for AES-OCB and chacha20-poly1305 
also: use AEAD base class
 2017-07-27 23:22:31 +02:00
Thomas Waldmann
92080f9572 crypto: add functions missing in openssl 1.0.x 2017-07-27 23:22:31 +02:00
Thomas Waldmann
ee604ab390 crypto: use OpenSSL 1.1 HMAC API 
This breaks it on OpenSSL 1.0.x as there is no HMAC_CTX_new/free() yet.

OTOH, this change is consistent with the previous change done for
EVP_CIPHER_CTX (which works on 1.0 and 1.1).
 2017-07-27 23:22:31 +02:00
Thomas Waldmann
67567fc432 new crypto api, blackbox/AEAD. also adds AES256-GCM. 
includes:

- aes256-ctr-hmac-sha256 (attic/borg legacy, optional aad support)

- aes256-gcm (new, optional aad support)
  uses 96bits for iv, 128bit for auth tag.

- header support
  the caller-provided header will be just copied in front of the rest -
  this avoids expensive operations (memcpy, garbage collection) in Python.
  the first bytes in the header may be non-authenticated data if aad_offset > 0.
  this is to support legacy attic/borg envelope layout, where the type byte
  is not authenticated.

- aad support
  additional authenticated data - it just contributes to the computed mac,
  but is not encrypted). the current api assumes that aad starts at some
  aad_offset inside the given header and extends to the end of it.

- iv handling helpers, compute next iv based on amount of processed data

- unit tests

Note: the changes are intentionally kept isolated / not integrated into the
      rest of the code, so this has to be done later.
 2017-07-27 23:22:19 +02:00
enkore
8d89ee981c Merge pull request #2882 from enkore/docs/minor-fixes 
docs: minor formatting fixes
 2017-07-26 14:01:49 +02:00
Marian Beermann
405e5ac9e1 docs: common options: don't wrap options 2017-07-26 13:57:48 +02:00
Marian Beermann
8727b79325 docs: don't narrow right margin in sidebar toc 
avoids overly narrow text in the FAQ toc
 2017-07-26 13:54:55 +02:00
enkore
153da8a9e6 Merge pull request #2881 from enkore/docs/tarpipe 
docs: tar: tarpipe example
 2017-07-26 10:41:10 +02:00
Marian Beermann
2ff4550d4b docs: tar: tarpipe example 2017-07-26 10:40:35 +02:00
enkore
daa88e07f2 Merge pull request #2877 from Alexander-N/pylint-rules 
Activate more linting rules in .coafile
 2017-07-25 09:56:25 +02:00
enkore
c1d7cd9b90 Merge pull request #2873 from enkore/issue/2869 
with-lock, info docs
 2017-07-24 23:50:51 +02:00
Marian Beermann
b4b58e7225 info: explain max. archive size 2017-07-24 23:50:18 +02:00
Marian Beermann
24de8514fa with-lock: fix help text 2017-07-24 23:50:18 +02:00
enkore
836bc33a4d Merge pull request #2876 from enkore/issue/2628 
cache: write_archive_index: truncate_and_unlink on error
 2017-07-24 21:22:24 +02:00
enkore
3c0f8b7943 Merge pull request #2875 from enkore/issue/2863 
umount: try fusermount, then try umount
 2017-07-24 21:08:44 +02:00
Marian Beermann
2fe37dba7f umount: try fusermount, then try umount 2017-07-24 13:55:32 +02:00
Alexander-N
eff492a8d8 Replace assert_true(False) with fail and don't ignore pylint rule W1503 
assert_true(False) violates W1503 (redundant-unittest-assert) and is less clear than using fail().
 2017-07-24 13:30:35 +02:00
Alexander-N
61b53f8995 Remove several linting rules from ignored list in .coafile 
These rules are not violated and don't need to be ignored.
 2017-07-24 13:26:21 +02:00
enkore
77797a2fbf Merge pull request #2837 from milkey-mouse/fix392 
Detail how to use macOS/GNOME/KDE keyrings for repo passwords (fixes #392)
 2017-07-24 11:03:00 +02:00
Marian Beermann
2623e330a4 cache: write_archive_index: truncate_and_unlink on error 2017-07-24 10:45:57 +02:00
TW
b85076db6f Merge pull request #2867 from ThomasWaldmann/rel110rc1 
WIP: release 1.1.0rc1
 2017-07-24 01:27:19 +02:00
Thomas Waldmann
43ecde1bde python setup.py build_usage 2017-07-23 17:12:01 +02:00
Thomas Waldmann
6b08ec78bb add release date to CHANGES 2017-07-23 17:07:43 +02:00
TW
090d2fead9 Merge pull request #2804 from ThomasWaldmann/update-changes 
update CHANGES (master)
 2017-07-23 17:04:55 +02:00
Thomas Waldmann
6c39c1c515 update CHANGES (master) 2017-07-23 17:00:56 +02:00
enkore
eb3e7604d8 Merge pull request #2836 from enkore/docs/installation 
Cleanup installation
 2017-07-23 16:04:47 +02:00
Marian Beermann
b3e0dd3761 docs: file system requirements, update segs per dir 2017-07-23 16:03:45 +02:00
TW
22bbe45f98 Merge pull request #2860 from ThomasWaldmann/fix-2853 
give known chunk size to chunk_incref, fixes #2853
 2017-07-23 14:31:07 +02:00
Thomas Waldmann
2edbcd7703 chunk_incref: compute "_size or size" only once 2017-07-23 13:53:48 +02:00
Thomas Waldmann
fc3498ac53 chunk_incref: use "size" for public api 2017-07-23 13:53:48 +02:00
Thomas Waldmann
663d3c544a chunk_incref size assertion: fail early 2017-07-23 13:53:48 +02:00
Thomas Waldmann
186123cb68 give known chunk size to chunk_incref, fixes #2853 
chunk_incref was called when dealing with part files without giving the
known chunk size in the size_ parameter.

adjusted LocalCache.chunk_incref to have same signature.
 2017-07-23 13:53:47 +02:00
TW
1d008e87ab Merge pull request #2855 from lfos/add-mailmap 
Add .mailmap
 2017-07-23 02:02:07 +02:00
TW
4fa8805407 Merge pull request #2852 from ThomasWaldmann/lgtm-fixes 
lgtm fixes
 2017-07-23 02:01:29 +02:00