const bool have_libz = false;
#endif
+typedef struct restore_cipher_ctx {
+ CIPHER_CONTEXT *cipher;
+ uint32_t block_size;
+
+ POOLMEM *buf; /* Pointer to descryption buffer */
+ int32_t buf_len; /* Count of bytes currently in buf */
+ int32_t packet_len; /* Total bytes in packet */
+} RESTORE_CIPHER_CTX;
+
int verify_signature(JCR *jcr, SIGNATURE *sig);
int32_t extract_data(JCR *jcr, BFILE *bfd, POOLMEM *buf, int32_t buflen,
- uint64_t *addr, int flags, CIPHER_CONTEXT *cipher, uint32_t cipher_block_size);
-bool flush_cipher(JCR *jcr, BFILE *bfd, uint64_t *addr, int flags, CIPHER_CONTEXT *cipher,
- uint32_t cipher_block_size);
+ uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx);
+bool flush_cipher(JCR *jcr, BFILE *bfd, uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx);
#define RETRY 10 /* retry wait time */
uint32_t VolSessionId, VolSessionTime;
bool extract = false;
int32_t file_index;
- char ec1[50]; /* Buffer printing huge values */
- BFILE bfd; /* File content */
- uint64_t fileAddr = 0; /* file write address */
- uint32_t size; /* Size of file */
- BFILE altbfd; /* Alternative data stream */
- uint64_t alt_addr = 0; /* Write address for alternative stream */
- intmax_t alt_size = 0; /* Size of alternate stream */
- SIGNATURE *sig = NULL; /* Cryptographic signature (if any) for file */
- CRYPTO_SESSION *cs = NULL; /* Cryptographic session data (if any) for file */
- CIPHER_CONTEXT *cipher_ctx = NULL; /* Cryptographic cipher context (if any) for file */
- uint32_t cipher_block_size = 0; /* Cryptographic algorithm block size for file */
- int flags = 0; /* Options for extract_data() */
+ char ec1[50]; /* Buffer printing huge values */
+ BFILE bfd; /* File content */
+ uint64_t fileAddr = 0; /* file write address */
+ uint32_t size; /* Size of file */
+ BFILE altbfd; /* Alternative data stream */
+ uint64_t alt_addr = 0; /* Write address for alternative stream */
+ intmax_t alt_size = 0; /* Size of alternate stream */
+ SIGNATURE *sig = NULL; /* Cryptographic signature (if any) for file */
+ CRYPTO_SESSION *cs = NULL; /* Cryptographic session data (if any) for file */
+ RESTORE_CIPHER_CTX cipher_ctx; /* Cryptographic restore context (if any) for file */
+ RESTORE_CIPHER_CTX alt_cipher_ctx; /* Cryptographic restore context (if any) for alternative stream */
+ int flags = 0; /* Options for extract_data() */
+ int alt_flags = 0; /* Options for extract_data() */
int stat;
ATTR *attr;
}
if (have_crypto) {
- jcr->crypto_buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
- jcr->crypto_buf_len = 0;
- jcr->crypto_packet_len = 0;
+ cipher_ctx.cipher = NULL;
+ cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
+ cipher_ctx.buf_len = 0;
+ cipher_ctx.packet_len = 0;
+
+ cipher_ctx.cipher = NULL;
+ alt_cipher_ctx.buf = get_memory(CRYPTO_CIPHER_MAX_BLOCK_SIZE);
+ alt_cipher_ctx.buf_len = 0;
+ alt_cipher_ctx.packet_len = 0;
}
/*
/* If we change streams, close and reset alternate data streams */
if (prev_stream != stream) {
if (is_bopen(&altbfd)) {
+ if (alt_cipher_ctx.cipher) {
+ flush_cipher(jcr, &altbfd, &alt_addr, alt_flags, &alt_cipher_ctx);
+ crypto_cipher_free(alt_cipher_ctx.cipher);
+ alt_cipher_ctx.cipher = NULL;
+ }
bclose_chksize(jcr, &altbfd, alt_size);
}
alt_size = -1; /* Use an impossible value and set a proper one below */
Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
}
/* Flush and deallocate previous stream's cipher context */
- if (cipher_ctx && prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
- flush_cipher(jcr, &bfd, &fileAddr, flags, cipher_ctx, cipher_block_size);
- crypto_cipher_free(cipher_ctx);
- cipher_ctx = NULL;
+ if (cipher_ctx.cipher && prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
+ flush_cipher(jcr, &bfd, &fileAddr, flags, &cipher_ctx);
+ crypto_cipher_free(cipher_ctx.cipher);
+ cipher_ctx.cipher = NULL;
+ }
+
+ /* Flush and deallocate previous stream's alt cipher context */
+ if (alt_cipher_ctx.cipher && prev_stream != STREAM_ENCRYPTED_SESSION_DATA) {
+ flush_cipher(jcr, &altbfd, &alt_addr, alt_flags, &alt_cipher_ctx);
+ crypto_cipher_free(alt_cipher_ctx.cipher);
+ alt_cipher_ctx.cipher = NULL;
}
set_attributes(jcr, attr, &bfd);
extract = false;
crypto_session_free(cs);
cs = NULL;
}
+ jcr->ff->flags = 0;
Dmsg0(30, "Stop extracting.\n");
} else if (is_bopen(&bfd)) {
Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should not be open\n"));
}
/* Set up a decryption context */
- if ((cipher_ctx = crypto_cipher_new(cs, false, &cipher_block_size)) == NULL) {
+ if ((cipher_ctx.cipher = crypto_cipher_new(cs, false, &cipher_ctx.block_size)) == NULL) {
Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
crypto_session_free(cs);
cs = NULL;
flags |= FO_WIN32DECOMP; /* "decompose" BackupWrite data */
}
- if (extract_data(jcr, &bfd, sd->msg, sd->msglen, &fileAddr, flags,
- cipher_ctx, cipher_block_size) < 0) {
+ if (extract_data(jcr, &bfd, sd->msg, sd->msglen, &fileAddr, flags,
+ &cipher_ctx) < 0) {
extract = false;
bclose(&bfd);
continue;
/* Resource fork stream - only recorded after a file to be restored */
/* Silently ignore if we cannot write - we already reported that */
case STREAM_ENCRYPTED_MACOS_FORK_DATA:
- flags |= FO_ENCRYPT;
case STREAM_MACOS_FORK_DATA:
#ifdef HAVE_DARWIN_OS
+ alt_flags = 0;
+ jcr->ff->flags |= FO_HFSPLUS;
+
+ if (stream == STREAM_ENCRYPTED_MACOS_FORK_DATA) {
+ alt_flags |= FO_ENCRYPT;
+
+ /* Set up a decryption context */
+ if (!alt_cipher_ctx.cipher) {
+ if ((alt_cipher_ctx.cipher = crypto_cipher_new(cs, false, &alt_cipher_ctx.block_size)) == NULL) {
+ Jmsg1(jcr, M_ERROR, 0, _("Failed to initialize decryption context for %s\n"), jcr->last_fname);
+ crypto_session_free(cs);
+ cs = NULL;
+ extract = false;
+ continue;
+ }
+ }
+ }
+
if (extract) {
if (prev_stream != stream) {
if (bopen_rsrc(&altbfd, jcr->last_fname, O_WRONLY | O_TRUNC | O_BINARY, 0) < 0) {
extract = false;
continue;
}
+
alt_size = rsrc_len;
Dmsg0(30, "Restoring resource fork\n");
}
- flags = 0;
- if (extract_data(jcr, &altbfd, sd->msg, sd->msglen, &alt_addr, flags,
- cipher_ctx, cipher_block_size) < 0) {
+
+ if (extract_data(jcr, &altbfd, sd->msg, sd->msglen, &alt_addr, alt_flags,
+ &alt_cipher_ctx) < 0) {
extract = false;
bclose(&altbfd);
continue;
case STREAM_HFSPLUS_ATTRIBUTES:
#ifdef HAVE_DARWIN_OS
Dmsg0(30, "Restoring Finder Info\n");
+ jcr->ff->flags |= FO_HFSPLUS;
if (sd->msglen != 32) {
Jmsg(jcr, M_ERROR, 0, _(" Invalid length of Finder Info (got %d, not 32)\n"), sd->msglen);
continue;
#else
non_support_finfo++;
#endif
+ break;
case STREAM_UNIX_ATTRIBUTES_ACCESS_ACL:
#ifdef HAVE_ACL
Jmsg0(jcr, M_ERROR, 0, _("Logic error: output file should be open\n"));
}
/* Flush and deallocate cipher context */
- if (cipher_ctx) {
- flush_cipher(jcr, &bfd, &fileAddr, flags, cipher_ctx, cipher_block_size);
- crypto_cipher_free(cipher_ctx);
- cipher_ctx = NULL;
+ if (cipher_ctx.cipher) {
+ flush_cipher(jcr, &bfd, &fileAddr, flags, &cipher_ctx);
+ crypto_cipher_free(cipher_ctx.cipher);
+ cipher_ctx.cipher = NULL;
+ }
+
+ /* Flush and deallocate alt cipher context */
+ if (alt_cipher_ctx.cipher) {
+ flush_cipher(jcr, &altbfd, &alt_addr, alt_flags, &alt_cipher_ctx);
+ crypto_cipher_free(alt_cipher_ctx.cipher);
+ alt_cipher_ctx.cipher = NULL;
}
+
set_attributes(jcr, attr, &bfd);
/* Verify the cryptographic signature if any */
}
if (extract) {
/* Flush and deallocate cipher context */
- if (cipher_ctx) {
- flush_cipher(jcr, &bfd, &fileAddr, flags, cipher_ctx, cipher_block_size);
- crypto_cipher_free(cipher_ctx);
- cipher_ctx = NULL;
+ if (cipher_ctx.cipher) {
+ flush_cipher(jcr, &bfd, &fileAddr, flags, &cipher_ctx);
+ crypto_cipher_free(cipher_ctx.cipher);
+ cipher_ctx.cipher = NULL;
}
+
+ /* Flush and deallocate alt cipher context */
+ if (alt_cipher_ctx.cipher) {
+ flush_cipher(jcr, &altbfd, &alt_addr, alt_flags, &alt_cipher_ctx);
+ crypto_cipher_free(alt_cipher_ctx.cipher);
+ alt_cipher_ctx.cipher = NULL;
+ }
+
set_attributes(jcr, attr, &bfd);
/* Verify the cryptographic signature on the last file, if any */
crypto_session_free(cs);
cs = NULL;
}
- if (cipher_ctx) {
- crypto_cipher_free(cipher_ctx);
- cipher_ctx = NULL;
+
+ /* Free file cipher restore context */
+ if (cipher_ctx.cipher) {
+ crypto_cipher_free(cipher_ctx.cipher);
+ cipher_ctx.cipher = NULL;
+ }
+ if (cipher_ctx.buf) {
+ free_pool_memory(cipher_ctx.buf);
+ cipher_ctx.buf = NULL;
+ }
+
+ /* Free alternate stream cipher restore context */
+ if (alt_cipher_ctx.cipher) {
+ crypto_cipher_free(alt_cipher_ctx.cipher);
+ alt_cipher_ctx.cipher = NULL;
}
+ if (alt_cipher_ctx.buf) {
+ free_pool_memory(alt_cipher_ctx.buf);
+ alt_cipher_ctx.buf = NULL;
+ }
+
if (jcr->compress_buf) {
free(jcr->compress_buf);
jcr->compress_buf = NULL;
jcr->compress_buf_size = 0;
}
- if (jcr->crypto_buf) {
- free_pool_memory(jcr->crypto_buf);
- jcr->crypto_buf = NULL;
- }
bclose(&altbfd);
bclose(&bfd);
free_attr(attr);
/* Checksum the entire file */
if (find_one_file(jcr, jcr->ff, do_file_digest, jcr, jcr->last_fname, (dev_t)-1, 1) != 0) {
- Qmsg(jcr, M_ERROR, 0, _("Signature validation failed for %s: \n"), jcr->last_fname);
+ Jmsg(jcr, M_ERROR, 0, _("Signature validation failed for %s: \n"), jcr->last_fname);
return false;
}
/* Verify the signature */
if ((err = crypto_sign_verify(sig, keypair, digest)) != CRYPTO_ERROR_NONE) {
Dmsg1(100, "Bad signature on %s\n", jcr->last_fname);
- Qmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
+ Jmsg2(jcr, M_ERROR, 0, _("Signature validation failed for %s: %s\n"), jcr->last_fname, crypto_strerror(err));
crypto_digest_free(digest);
return false;
}
#endif
}
-static void unser_crypto_packet_len(JCR *jcr)
+static void unser_crypto_packet_len(RESTORE_CIPHER_CTX *ctx)
{
unser_declare;
- if (jcr->crypto_packet_len == 0 && jcr->crypto_buf_len >= CRYPTO_LEN_SIZE) {
- unser_begin(&jcr->crypto_buf[0], CRYPTO_LEN_SIZE);
- unser_uint32(jcr->crypto_packet_len);
- jcr->crypto_packet_len += CRYPTO_LEN_SIZE;
+ if (ctx->packet_len == 0 && ctx->buf_len >= CRYPTO_LEN_SIZE) {
+ unser_begin(&ctx->buf[0], CRYPTO_LEN_SIZE);
+ unser_uint32(ctx->packet_len);
+ ctx->packet_len += CRYPTO_LEN_SIZE;
}
}
* Return value is the number of bytes written, or -1 on errors.
*/
int32_t extract_data(JCR *jcr, BFILE *bfd, POOLMEM *buf, int32_t buflen,
- uint64_t *addr, int flags, CIPHER_CONTEXT *cipher, uint32_t cipher_block_size)
+ uint64_t *addr, int flags, RESTORE_CIPHER_CTX *cipher_ctx)
{
char *wbuf; /* write buffer */
uint32_t wsize; /* write size */
wbuf = buf;
if (flags & FO_ENCRYPT) {
- ASSERT(cipher);
+ ASSERT(cipher_ctx->cipher);
/* NOTE: We must implement block preserving semantics for the
* non-streaming compression and sparse code. */
* crypto_cipher_update() will process only whole blocks,
* buffering the remaining input.
*/
- jcr->crypto_buf = check_pool_memory_size(jcr->crypto_buf,
- jcr->crypto_buf_len + wsize + cipher_block_size);
+ cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf,
+ cipher_ctx->buf_len + wsize + cipher_ctx->block_size);
/* Decrypt the input block */
- if (!crypto_cipher_update(cipher,
+ if (!crypto_cipher_update(cipher_ctx->cipher,
(const u_int8_t *)wbuf,
wsize,
- (u_int8_t *)&jcr->crypto_buf[jcr->crypto_buf_len],
+ (u_int8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
&decrypted_len)) {
/* Decryption failed. Shouldn't happen. */
Jmsg(jcr, M_FATAL, 0, _("Decryption error\n"));
Dmsg2(100, "decrypted len=%d encrypted len=%d\n", decrypted_len, wsize);
- jcr->crypto_buf_len += decrypted_len;
- wbuf = jcr->crypto_buf;
+ cipher_ctx->buf_len += decrypted_len;
+ wbuf = cipher_ctx->buf;
/* If one full preserved block is available, write it to disk,
* and then buffer any remaining data. This should be effecient
* as long as Bacula's block size is not significantly smaller than the
* encryption block size (extremely unlikely!) */
- unser_crypto_packet_len(jcr);
- Dmsg1(500, "Crypto unser block size=%d\n", jcr->crypto_packet_len - CRYPTO_LEN_SIZE);
+ unser_crypto_packet_len(cipher_ctx);
+ Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
- if (jcr->crypto_packet_len == 0 || jcr->crypto_buf_len < jcr->crypto_packet_len) {
+ if (cipher_ctx->packet_len == 0 || cipher_ctx->buf_len < cipher_ctx->packet_len) {
/* No full preserved block is available. */
return 0;
}
/* We have one full block, set up the filter input buffers */
- wsize = jcr->crypto_packet_len - CRYPTO_LEN_SIZE;
+ wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
wbuf = &wbuf[CRYPTO_LEN_SIZE]; /* Skip the block length header */
- jcr->crypto_buf_len -= jcr->crypto_packet_len;
- Dmsg2(30, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, jcr->crypto_buf_len);
+ cipher_ctx->buf_len -= cipher_ctx->packet_len;
+ Dmsg2(30, "Encryption writing full block, %u bytes, remaining %u bytes in buffer\n", wsize, cipher_ctx->buf_len);
}
if (flags & FO_SPARSE) {
/* Clean up crypto buffers */
if (flags & FO_ENCRYPT) {
/* Move any remaining data to start of buffer */
- if (jcr->crypto_buf_len > 0) {
- Dmsg1(30, "Moving %u buffered bytes to start of buffer\n", jcr->crypto_buf_len);
- memmove(jcr->crypto_buf, &jcr->crypto_buf[jcr->crypto_packet_len],
- jcr->crypto_buf_len);
+ if (cipher_ctx->buf_len > 0) {
+ Dmsg1(30, "Moving %u buffered bytes to start of buffer\n", cipher_ctx->buf_len);
+ memmove(cipher_ctx->buf, &cipher_ctx->buf[cipher_ctx->packet_len],
+ cipher_ctx->buf_len);
}
/* The packet was successfully written, reset the length so that the next
* packet length may be re-read by unser_crypto_packet_len() */
- jcr->crypto_packet_len = 0;
+ cipher_ctx->packet_len = 0;
}
return wsize;
* writing it to bfd.
* Return value is true on success, false on failure.
*/
-bool flush_cipher(JCR *jcr, BFILE *bfd, uint64_t *addr, int flags, CIPHER_CONTEXT *cipher,
- uint32_t cipher_block_size)
+bool flush_cipher(JCR *jcr, BFILE *bfd, uint64_t *addr, int flags,
+ RESTORE_CIPHER_CTX *cipher_ctx)
{
uint32_t decrypted_len;
char *wbuf; /* write buffer */
char ec1[50]; /* Buffer printing huge values */
/* Write out the remaining block and free the cipher context */
- jcr->crypto_buf = check_pool_memory_size(jcr->crypto_buf, jcr->crypto_buf_len +
- cipher_block_size);
+ cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf, cipher_ctx->buf_len +
+ cipher_ctx->block_size);
- if (!crypto_cipher_finalize(cipher, (uint8_t *)&jcr->crypto_buf[jcr->crypto_buf_len],
+ if (!crypto_cipher_finalize(cipher_ctx->cipher, (uint8_t *)&cipher_ctx->buf[cipher_ctx->buf_len],
&decrypted_len)) {
/* Writing out the final, buffered block failed. Shouldn't happen. */
Jmsg1(jcr, M_FATAL, 0, _("Decryption error for %s\n"), jcr->last_fname);
}
/* If nothing new was decrypted, and our output buffer is empty, return */
- if (decrypted_len == 0 && jcr->crypto_buf_len == 0) {
+ if (decrypted_len == 0 && cipher_ctx->buf_len == 0) {
return true;
}
- jcr->crypto_buf_len += decrypted_len;
+ cipher_ctx->buf_len += decrypted_len;
- unser_crypto_packet_len(jcr);
- Dmsg1(500, "Crypto unser block size=%d\n", jcr->crypto_packet_len - CRYPTO_LEN_SIZE);
- wsize = jcr->crypto_packet_len - CRYPTO_LEN_SIZE;
- wbuf = &jcr->crypto_buf[CRYPTO_LEN_SIZE]; /* Decrypted, possibly decompressed output here. */
+ unser_crypto_packet_len(cipher_ctx);
+ Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE);
+ wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE;
+ wbuf = &cipher_ctx->buf[CRYPTO_LEN_SIZE]; /* Decrypted, possibly decompressed output here. */
- if (jcr->crypto_buf_len != jcr->crypto_packet_len) {
+ if (cipher_ctx->buf_len != cipher_ctx->packet_len) {
Jmsg2(jcr, M_FATAL, 0,
_("Unexpected number of bytes remaining at end of file, received %u, expected %u\n"),
- jcr->crypto_packet_len, jcr->crypto_buf_len);
+ cipher_ctx->packet_len, cipher_ctx->buf_len);
return false;
}
- jcr->crypto_buf_len = 0;
- jcr->crypto_packet_len = 0;
+ cipher_ctx->buf_len = 0;
+ cipher_ctx->packet_len = 0;
if (flags & FO_SPARSE) {
if (!sparse_data(jcr, bfd, addr, &wbuf, &wsize)) {