repo: removed TESTONLY_MD5 algorithm everywhere

kopia · Oct 18, 2018 · 2f8481b · 2f8481b
1 parent 09d41a2
commit 2f8481b
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 35 deletions.
diff --git a/repo/block/block_formatter.go b/repo/block/block_formatter.go
@@ -3,8 +3,7 @@ package block
 import (
 	"crypto/aes"
 	"crypto/cipher"
-	"crypto/hmac"
-	"crypto/md5" //nolint:gas
+	"crypto/hmac" //nolint:gas
 	"crypto/sha256"
 	"fmt"
 	"hash"
@@ -88,9 +87,6 @@ var FormatterFactories map[string]func(f FormattingOptions) (Formatter, error)
 
 func init() {
 	FormatterFactories = map[string]func(f FormattingOptions) (Formatter, error){
-		"TESTONLY_MD5": func(f FormattingOptions) (Formatter, error) {
-			return &unencryptedFormat{computeHash(md5.New, md5.Size)}, nil
-		},
 		"UNENCRYPTED_HMAC_SHA256": func(f FormattingOptions) (Formatter, error) {
 			return &unencryptedFormat{computeHMAC(sha256.New, f.HMACSecret, sha256.Size)}, nil
 		},
@@ -117,15 +113,6 @@ func init() {
 // DefaultFormat is the block format that should be used by default when creating new repositories.
 const DefaultFormat = "ENCRYPTED_HMAC_SHA256_AES256_SIV"
 
-// computeHash returns a digestFunction that computes a hash of a given block of bytes and truncates results to the given size.
-func computeHash(hf func() hash.Hash, truncate int) digestFunction {
-	return func(b []byte) []byte {
-		h := hf()
-		h.Write(b) // nolint:errcheck
-		return h.Sum(nil)[0:truncate]
-	}
-}
-
 // computeHMAC returns a digestFunction that computes HMAC(hash, secret) of a given block of bytes and truncates results to the given size.
 func computeHMAC(hf func() hash.Hash, secret []byte, truncate int) digestFunction {
 	return func(b []byte) []byte {

diff --git a/repo/block/block_manager_test.go b/repo/block/block_manager_test.go
@@ -3,7 +3,8 @@ package block
 import (
 	"bytes"
 	"context"
-	"crypto/md5"
+	"crypto/hmac"
+	"crypto/sha256"
 	"encoding/hex"
 	"errors"
 	"fmt"
@@ -25,6 +26,7 @@ const (
 )
 
 var fakeTime = time.Date(2017, 1, 1, 0, 0, 0, 0, time.UTC)
+var hmacSecret = []byte{1, 2, 3}
 
 func init() {
 	logging.SetLevel(logging.INFO, "")
@@ -142,7 +144,7 @@ func TestBlockManagerEmpty(t *testing.T) {
 	keyTime := map[string]time.Time{}
 	bm := newTestBlockManager(data, keyTime, nil)
 
-	noSuchBlockID := string(md5hash([]byte("foo")))
+	noSuchBlockID := string(hashValue([]byte("foo")))
 
 	b, err := bm.GetBlock(ctx, noSuchBlockID)
 	if err != storage.ErrBlockNotFound {
@@ -697,7 +699,8 @@ func newTestBlockManager(data map[string][]byte, keyTime map[string]time.Time, t
 	}
 	st := storagetesting.NewMapStorage(data, keyTime, timeFunc)
 	bm, err := newManagerWithOptions(context.Background(), st, FormattingOptions{
-		BlockFormat: "TESTONLY_MD5",
+		BlockFormat: "UNENCRYPTED_HMAC_SHA256",
+		HMACSecret:  hmacSecret,
 		MaxPackSize: maxPackSize,
 	}, CachingOptions{}, timeFunc)
 	if err != nil {
@@ -774,7 +777,7 @@ func writeBlockAndVerify(ctx context.Context, t *testing.T, bm *Manager, b []byt
 		t.Errorf("err: %v", err)
 	}
 
-	if got, want := blockID, string(md5hash(b)); got != want {
+	if got, want := blockID, string(hashValue(b)); got != want {
 		t.Errorf("invalid block ID for %x, got %v, want %v", b, got, want)
 	}
 
@@ -790,9 +793,10 @@ func seededRandomData(seed int, length int) []byte {
 	return b
 }
 
-func md5hash(b []byte) string {
-	h := md5.Sum(b)
-	return hex.EncodeToString(h[:])
+func hashValue(b []byte) string {
+	h := hmac.New(sha256.New, hmacSecret)
+	h.Write(b)
+	return hex.EncodeToString(h.Sum(nil))
 }
 
 func dumpBlockManagerData(t *testing.T, data map[string][]byte) {

diff --git a/repo/manifest/manifest_manager_test.go b/repo/manifest/manifest_manager_test.go
@@ -182,7 +182,7 @@ func newManagerForTesting(ctx context.Context, t *testing.T, data map[string][]b
 	st := storagetesting.NewMapStorage(data, nil, nil)
 
 	bm, err := block.NewManager(ctx, st, block.FormattingOptions{
-		BlockFormat: "TESTONLY_MD5",
+		BlockFormat: "UNENCRYPTED_HMAC_SHA256_128",
 		MaxPackSize: 100000,
 	}, block.CachingOptions{})
 	if err != nil {

diff --git a/repo/object/object_manager_test.go b/repo/object/object_manager_test.go
@@ -3,8 +3,8 @@ package object
 import (
 	"bytes"
 	"context"
-	"crypto/md5"
 	cryptorand "crypto/rand"
+	"crypto/sha256"
 	"encoding/hex"
 	"fmt"
 	"io"
@@ -39,7 +39,7 @@ func (f *fakeBlockManager) GetBlock(ctx context.Context, blockID string) ([]byte
 }
 
 func (f *fakeBlockManager) WriteBlock(ctx context.Context, data []byte, prefix string) (string, error) {
-	h := md5.New()
+	h := sha256.New()
 	h.Write(data)
 	blockID := prefix + string(hex.EncodeToString(h.Sum(nil)))
 
@@ -74,7 +74,7 @@ func setupTestWithData(t *testing.T, data map[string][]byte, opts ManagerOptions
 		FormattingOptions: block.FormattingOptions{
 			Version: 1,
 		},
-		MaxBlockSize: 200,
+		MaxBlockSize: 400,
 		Splitter:     "FIXED",
 	}, opts)
 	if err != nil {
@@ -92,9 +92,9 @@ func TestWriters(t *testing.T) {
 	}{
 		{
 			[]byte("the quick brown fox jumps over the lazy dog"),
-			"77add1d5f41223d5582fca736a5cb335",
+			"05c6e08f1d9fdafa03147fcb8f82f124c76d2f70e3d989dc8aadb5e7d7450bec",
 		},
-		{make([]byte, 100), "6d0bb00954ceb7fbee436bb55a8397a9"}, // 100 zero bytes
+		{make([]byte, 100), "cd00e292c5970d3c5e2f0ffa5171e555bc46bfc4faddfb4a418b6840b86e79a3"}, // 100 zero bytes
 	}
 
 	for _, c := range cases {
@@ -142,7 +142,7 @@ func TestWriterCompleteChunkInTwoWrites(t *testing.T) {
 	writer.Write(bytes[0:50])
 	writer.Write(bytes[0:50])
 	result, err := writer.Result()
-	if !objectIDsEqual(result, "6d0bb00954ceb7fbee436bb55a8397a9") {
+	if !objectIDsEqual(result, "cd00e292c5970d3c5e2f0ffa5171e555bc46bfc4faddfb4a418b6840b86e79a3") {
 		t.Errorf("unexpected result: %v err: %v", result, err)
 	}
 }
@@ -182,12 +182,11 @@ func TestIndirection(t *testing.T) {
 		expectedIndirection int
 	}{
 		{dataLength: 200, expectedBlockCount: 1, expectedIndirection: 0},
-		{dataLength: 250, expectedBlockCount: 3, expectedIndirection: 1},
-		{dataLength: 1400, expectedBlockCount: 7, expectedIndirection: 3},
-		{dataLength: 2000, expectedBlockCount: 8, expectedIndirection: 3},
-		{dataLength: 3000, expectedBlockCount: 9, expectedIndirection: 3},
-		{dataLength: 4000, expectedBlockCount: 14, expectedIndirection: 4},
-		{dataLength: 10000, expectedBlockCount: 24, expectedIndirection: 4},
+		{dataLength: 1400, expectedBlockCount: 3, expectedIndirection: 1},
+		{dataLength: 2000, expectedBlockCount: 4, expectedIndirection: 2},
+		{dataLength: 3000, expectedBlockCount: 5, expectedIndirection: 2},
+		{dataLength: 4000, expectedBlockCount: 5, expectedIndirection: 2},
+		{dataLength: 10000, expectedBlockCount: 10, expectedIndirection: 3},
 	}
 
 	for _, c := range cases {
@@ -247,7 +246,7 @@ func TestHMAC(t *testing.T) {
 	w := om.NewWriter(ctx, WriterOptions{})
 	w.Write(content)
 	result, err := w.Result()
-	if result.String() != "999732b72ceff665b3f7608411db66a4" {
+	if result.String() != "cad29ff89951a3c085c86cb7ed22b82b51f7bdfda24f932c7f9601f51d5975ba" {
 		t.Errorf("unexpected result: %v err: %v", result.String(), err)
 	}
 }