use simple reference instead.
use failure::*;
use std::convert::TryInto;
-use std::sync::Arc;
use proxmox::tools::io::{ReadExt, WriteExt};
/// Create a DataBlob, optionally compressed and/or encrypted
pub fn encode(
data: &[u8],
- config: Option<Arc<CryptConfig>>,
+ config: Option<&CryptConfig>,
compress: bool,
) -> Result<Self, Error> {
}
/// Decode blob data
- pub fn decode(self, config: Option<Arc<CryptConfig>>) -> Result<Vec<u8>, Error> {
+ pub fn decode(self, config: Option<&CryptConfig>) -> Result<Vec<u8>, Error> {
let magic = self.magic();
/// Create a signed DataBlob, optionally compressed
pub fn create_signed(
data: &[u8],
- config: Arc<CryptConfig>,
+ config: &CryptConfig,
compress: bool,
) -> Result<Self, Error> {
/// Main purpose is to centralize digest computation. Digest
/// computation differ for encryped chunk, and this interface ensures that
/// we always compute the correct one.
-pub struct DataChunkBuilder<'a> {
- config: Option<Arc<CryptConfig>>,
+pub struct DataChunkBuilder<'a, 'b> {
+ config: Option<&'b CryptConfig>,
orig_data: &'a [u8],
digest_computed: bool,
digest: [u8; 32],
compress: bool,
}
-impl <'a> DataChunkBuilder<'a> {
+impl <'a, 'b> DataChunkBuilder<'a, 'b> {
/// Create a new builder instance.
pub fn new(orig_data: &'a [u8]) -> Self {
/// Set encryption Configuration
///
/// If set, chunks are encrypted.
- pub fn crypt_config(mut self, value: Arc<CryptConfig>) -> Self {
+ pub fn crypt_config(mut self, value: &'b CryptConfig) -> Self {
if self.digest_computed {
panic!("unable to set crypt_config after compute_digest().");
}
let chunk = DataBlob::from_raw(raw_data)?;
chunk.verify_crc()?;
- let raw_data = chunk.decode(self.crypt_config.clone())?;
+ let raw_data = chunk.decode(self.crypt_config.as_ref().map(Arc::as_ref))?;
// fixme: verify digest?
let index_data = client.download(INDEX_BLOB_NAME, Vec::with_capacity(64*1024)).await?;
let blob = DataBlob::from_raw(index_data)?;
blob.verify_crc()?;
- blob.decode(crypt_config)
+ blob.decode(crypt_config.as_ref().map(Arc::as_ref))
}
fn verify_index_file(backup_index: &Value, name: &str, csum: &[u8; 32], size: u64) -> Result<(), Error> {
let data = file_get_contents(logfile)?;
- let blob = DataBlob::encode(&data, crypt_config, true)?;
+ let blob = DataBlob::encode(&data, crypt_config.as_ref().map(Arc::as_ref), true)?;
let raw_data = blob.into_inner();
sign_only: bool,
) -> Result<BackupStats, Error> {
- let blob = if let Some(crypt_config) = crypt_config {
+ let blob = if let Some(ref crypt_config) = crypt_config {
if sign_only {
DataBlob::create_signed(&data, crypt_config, compress)?
} else {
.await
.map_err(|err| format_err!("unable to read file {:?} - {}", src_path, err))?;
- let blob = DataBlob::encode(&contents, crypt_config, compress)?;
+ let blob = DataBlob::encode(&contents, crypt_config.as_ref().map(AsRef::as_ref), compress)?;
let raw_data = blob.into_inner();
let size = raw_data.len() as u64;
let csum = openssl::sha::sha256(&raw_data);
.compress(true);
if let Some(ref crypt_config) = crypt_config {
- chunk_builder = chunk_builder.crypt_config(crypt_config.clone());
+ chunk_builder = chunk_builder.crypt_config(crypt_config);
}
let mut known_chunks = known_chunks.lock().unwrap();
let chunk = DataBlob::from_raw(chunk_data)?;
chunk.verify_crc()?;
- let raw_data = chunk.decode(self.crypt_config.clone())?;
+ let raw_data = chunk.decode(self.crypt_config.as_ref().map(Arc::as_ref))?;
// fixme: verify chunk digest
let blob = DataBlob::from_raw(raw_data)?;
blob.verify_crc()?;
- let data = blob.decode(Some(CRYPT_CONFIG.clone()))?;
+ let data = blob.decode(Some(&CRYPT_CONFIG))?;
if data != *TEST_DATA {
bail!("blob data is wrong (decode)");
}