mirror of
https://github.com/octoleo/restic.git
synced 2024-12-22 10:58:55 +00:00
Rename KDFParams -> Params
This commit is contained in:
parent
f3bff12939
commit
178e946fc7
@ -12,22 +12,22 @@ import (
|
|||||||
|
|
||||||
const saltLength = 64
|
const saltLength = 64
|
||||||
|
|
||||||
// KDFParams are the default parameters used for the key derivation function KDF().
|
// Params are the default parameters used for the key derivation function KDF().
|
||||||
type KDFParams struct {
|
type Params struct {
|
||||||
N int
|
N int
|
||||||
R int
|
R int
|
||||||
P int
|
P int
|
||||||
}
|
}
|
||||||
|
|
||||||
// DefaultKDFParams are the default parameters used for Calibrate and KDF().
|
// DefaultKDFParams are the default parameters used for Calibrate and KDF().
|
||||||
var DefaultKDFParams = KDFParams{
|
var DefaultKDFParams = Params{
|
||||||
N: sscrypt.DefaultParams.N,
|
N: sscrypt.DefaultParams.N,
|
||||||
R: sscrypt.DefaultParams.R,
|
R: sscrypt.DefaultParams.R,
|
||||||
P: sscrypt.DefaultParams.P,
|
P: sscrypt.DefaultParams.P,
|
||||||
}
|
}
|
||||||
|
|
||||||
// Calibrate determines new KDF parameters for the current hardware.
|
// Calibrate determines new KDF parameters for the current hardware.
|
||||||
func Calibrate(timeout time.Duration, memory int) (KDFParams, error) {
|
func Calibrate(timeout time.Duration, memory int) (Params, error) {
|
||||||
defaultParams := sscrypt.Params{
|
defaultParams := sscrypt.Params{
|
||||||
N: DefaultKDFParams.N,
|
N: DefaultKDFParams.N,
|
||||||
R: DefaultKDFParams.R,
|
R: DefaultKDFParams.R,
|
||||||
@ -41,7 +41,7 @@ func Calibrate(timeout time.Duration, memory int) (KDFParams, error) {
|
|||||||
return DefaultKDFParams, errors.Wrap(err, "scrypt.Calibrate")
|
return DefaultKDFParams, errors.Wrap(err, "scrypt.Calibrate")
|
||||||
}
|
}
|
||||||
|
|
||||||
return KDFParams{
|
return Params{
|
||||||
N: params.N,
|
N: params.N,
|
||||||
R: params.R,
|
R: params.R,
|
||||||
P: params.P,
|
P: params.P,
|
||||||
@ -50,7 +50,7 @@ func Calibrate(timeout time.Duration, memory int) (KDFParams, error) {
|
|||||||
|
|
||||||
// KDF derives encryption and message authentication keys from the password
|
// KDF derives encryption and message authentication keys from the password
|
||||||
// using the supplied parameters N, R and P and the Salt.
|
// using the supplied parameters N, R and P and the Salt.
|
||||||
func KDF(p KDFParams, salt []byte, password string) (*Key, error) {
|
func KDF(p Params, salt []byte, password string) (*Key, error) {
|
||||||
if len(salt) != saltLength {
|
if len(salt) != saltLength {
|
||||||
return nil, errors.Errorf("scrypt() called with invalid salt bytes (len %d)", len(salt))
|
return nil, errors.Errorf("scrypt() called with invalid salt bytes (len %d)", len(salt))
|
||||||
}
|
}
|
||||||
|
@ -44,9 +44,9 @@ type Key struct {
|
|||||||
name string
|
name string
|
||||||
}
|
}
|
||||||
|
|
||||||
// KDFParams tracks the parameters used for the KDF. If not set, it will be
|
// Params tracks the parameters used for the KDF. If not set, it will be
|
||||||
// calibrated on the first run of AddKey().
|
// calibrated on the first run of AddKey().
|
||||||
var KDFParams *crypto.KDFParams
|
var Params *crypto.Params
|
||||||
|
|
||||||
var (
|
var (
|
||||||
// KDFTimeout specifies the maximum runtime for the KDF.
|
// KDFTimeout specifies the maximum runtime for the KDF.
|
||||||
@ -76,7 +76,7 @@ func OpenKey(ctx context.Context, s *Repository, name string, password string) (
|
|||||||
}
|
}
|
||||||
|
|
||||||
// derive user key
|
// derive user key
|
||||||
params := crypto.KDFParams{
|
params := crypto.Params{
|
||||||
N: k.N,
|
N: k.N,
|
||||||
R: k.R,
|
R: k.R,
|
||||||
P: k.P,
|
P: k.P,
|
||||||
@ -166,13 +166,13 @@ func LoadKey(ctx context.Context, s *Repository, name string) (k *Key, err error
|
|||||||
// AddKey adds a new key to an already existing repository.
|
// AddKey adds a new key to an already existing repository.
|
||||||
func AddKey(ctx context.Context, s *Repository, password string, template *crypto.Key) (*Key, error) {
|
func AddKey(ctx context.Context, s *Repository, password string, template *crypto.Key) (*Key, error) {
|
||||||
// make sure we have valid KDF parameters
|
// make sure we have valid KDF parameters
|
||||||
if KDFParams == nil {
|
if Params == nil {
|
||||||
p, err := crypto.Calibrate(KDFTimeout, KDFMemory)
|
p, err := crypto.Calibrate(KDFTimeout, KDFMemory)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, errors.Wrap(err, "Calibrate")
|
return nil, errors.Wrap(err, "Calibrate")
|
||||||
}
|
}
|
||||||
|
|
||||||
KDFParams = &p
|
Params = &p
|
||||||
debug.Log("calibrated KDF parameters are %v", p)
|
debug.Log("calibrated KDF parameters are %v", p)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -180,9 +180,9 @@ func AddKey(ctx context.Context, s *Repository, password string, template *crypt
|
|||||||
newkey := &Key{
|
newkey := &Key{
|
||||||
Created: time.Now(),
|
Created: time.Now(),
|
||||||
KDF: "scrypt",
|
KDF: "scrypt",
|
||||||
N: KDFParams.N,
|
N: Params.N,
|
||||||
R: KDFParams.R,
|
R: Params.R,
|
||||||
P: KDFParams.P,
|
P: Params.P,
|
||||||
}
|
}
|
||||||
|
|
||||||
hn, err := os.Hostname()
|
hn, err := os.Hostname()
|
||||||
@ -202,7 +202,7 @@ func AddKey(ctx context.Context, s *Repository, password string, template *crypt
|
|||||||
}
|
}
|
||||||
|
|
||||||
// call KDF to derive user key
|
// call KDF to derive user key
|
||||||
newkey.user, err = crypto.KDF(*KDFParams, newkey.Salt, password)
|
newkey.user, err = crypto.KDF(*Params, newkey.Salt, password)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -15,7 +15,7 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
// testKDFParams are the parameters for the KDF to be used during testing.
|
// testKDFParams are the parameters for the KDF to be used during testing.
|
||||||
var testKDFParams = crypto.KDFParams{
|
var testKDFParams = crypto.Params{
|
||||||
N: 128,
|
N: 128,
|
||||||
R: 1,
|
R: 1,
|
||||||
P: 1,
|
P: 1,
|
||||||
@ -28,7 +28,7 @@ type logger interface {
|
|||||||
// TestUseLowSecurityKDFParameters configures low-security KDF parameters for testing.
|
// TestUseLowSecurityKDFParameters configures low-security KDF parameters for testing.
|
||||||
func TestUseLowSecurityKDFParameters(t logger) {
|
func TestUseLowSecurityKDFParameters(t logger) {
|
||||||
t.Logf("using low-security KDF parameters for test")
|
t.Logf("using low-security KDF parameters for test")
|
||||||
KDFParams = &testKDFParams
|
Params = &testKDFParams
|
||||||
}
|
}
|
||||||
|
|
||||||
// TestBackend returns a fully configured in-memory backend.
|
// TestBackend returns a fully configured in-memory backend.
|
||||||
|
Loading…
Reference in New Issue
Block a user