From 1104d2a268ba358f0f70d48dd56ab80175e73190 Mon Sep 17 00:00:00 2001 From: Wolfgang Bumiller Date: Mon, 12 Dec 2022 14:19:52 +0100 Subject: [PATCH] move pbs_config::key_config to pbs-key-config Signed-off-by: Wolfgang Bumiller --- Cargo.toml | 3 +++ pbs-config/Cargo.toml | 3 +-- pbs-config/src/lib.rs | 1 - pbs-config/src/tape_encryption_keys.rs | 2 +- pbs-datastore/Cargo.toml | 1 + pbs-datastore/src/manifest.rs | 2 +- pbs-datastore/src/paperkey.rs | 2 +- pbs-key-config/Cargo.toml | 21 +++++++++++++++++++ .../src/lib.rs | 0 proxmox-backup-client/Cargo.toml | 1 + proxmox-backup-client/src/benchmark.rs | 2 +- proxmox-backup-client/src/key.rs | 2 +- proxmox-backup-client/src/main.rs | 2 +- proxmox-backup-client/src/mount.rs | 2 +- proxmox-backup-client/src/snapshot.rs | 2 +- proxmox-file-restore/Cargo.toml | 1 + proxmox-file-restore/src/main.rs | 2 +- src/api2/config/tape_encryption_keys.rs | 2 +- src/bin/proxmox_backup_debug/diff.rs | 2 +- src/bin/proxmox_backup_debug/inspect.rs | 2 +- src/bin/proxmox_backup_debug/recover.rs | 2 +- src/bin/proxmox_tape/encryption_key.rs | 2 +- src/tape/drive/lto/mod.rs | 2 +- src/tape/drive/mod.rs | 2 +- src/tape/drive/virtual_tape.rs | 2 +- 25 files changed, 45 insertions(+), 20 deletions(-) create mode 100644 pbs-key-config/Cargo.toml rename pbs-config/src/key_config.rs => pbs-key-config/src/lib.rs (100%) diff --git a/Cargo.toml b/Cargo.toml index cd09ffd1..6fce247d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -34,6 +34,7 @@ members = [ "pbs-config", "pbs-datastore", "pbs-fuse-loop", + "pbs-key-config", "pbs-pxar-fuse", "pbs-tape", "pbs-tools", @@ -89,6 +90,7 @@ pbs-client = { path = "pbs-client" } pbs-config = { path = "pbs-config" } pbs-datastore = { path = "pbs-datastore" } pbs-fuse-loop = { path = "pbs-fuse-loop" } +pbs-key-config = { path = "pbs-key-config" } pbs-pxar-fuse = { path = "pbs-pxar-fuse" } pbs-tape = { path = "pbs-tape" } pbs-tools = { path = "pbs-tools" } @@ -225,6 +227,7 @@ pbs-buildcfg.workspace = true pbs-client.workspace = true pbs-config.workspace = true pbs-datastore.workspace = true +pbs-key-config.workspace = true pbs-tape.workspace = true pbs-tools.workspace = true proxmox-rrd.workspace = true diff --git a/pbs-config/Cargo.toml b/pbs-config/Cargo.toml index ee4fda94..7f6e303e 100644 --- a/pbs-config/Cargo.toml +++ b/pbs-config/Cargo.toml @@ -17,16 +17,15 @@ regex.workspace = true serde.workspace = true serde_json.workspace = true -proxmox-lang.workspace=true proxmox-metrics.workspace = true proxmox-router = { workspace = true, default-features = false } proxmox-schema.workspace = true proxmox-section-config.workspace = true -proxmox-serde.workspace = true proxmox-shared-memory.workspace = true proxmox-sys = { workspace = true, features = [ "acl", "crypt", "timer" ] } proxmox-time.workspace = true pbs-api-types.workspace = true pbs-buildcfg.workspace = true +pbs-key-config.workspace = true pbs-tools.workspace = true diff --git a/pbs-config/src/lib.rs b/pbs-config/src/lib.rs index a83db4e1..b81179e0 100644 --- a/pbs-config/src/lib.rs +++ b/pbs-config/src/lib.rs @@ -4,7 +4,6 @@ pub use cached_user_info::CachedUserInfo; pub mod datastore; pub mod domains; pub mod drive; -pub mod key_config; pub mod media_pool; pub mod metrics; pub mod network; diff --git a/pbs-config/src/tape_encryption_keys.rs b/pbs-config/src/tape_encryption_keys.rs index eafed40a..010581e4 100644 --- a/pbs-config/src/tape_encryption_keys.rs +++ b/pbs-config/src/tape_encryption_keys.rs @@ -16,9 +16,9 @@ use anyhow::{bail, Error}; use serde::{Deserialize, Serialize}; use pbs_api_types::Fingerprint; +use pbs_key_config::KeyConfig; use proxmox_sys::fs::file_read_optional_string; -use crate::key_config::KeyConfig; use crate::{open_backup_lockfile, replace_backup_config, replace_secret_config}; mod hex_key { diff --git a/pbs-datastore/Cargo.toml b/pbs-datastore/Cargo.toml index 0ce0bf7e..a6f7b771 100644 --- a/pbs-datastore/Cargo.toml +++ b/pbs-datastore/Cargo.toml @@ -38,4 +38,5 @@ proxmox-sys.workspace = true pbs-api-types.workspace = true pbs-buildcfg.workspace = true pbs-config.workspace = true +pbs-key-config.workspace = true pbs-tools.workspace = true diff --git a/pbs-datastore/src/manifest.rs b/pbs-datastore/src/manifest.rs index 640fd8d2..347af933 100644 --- a/pbs-datastore/src/manifest.rs +++ b/pbs-datastore/src/manifest.rs @@ -266,7 +266,7 @@ impl TryFrom for BackupManifest { #[test] fn test_manifest_signature() -> Result<(), Error> { - use pbs_config::key_config::KeyDerivationConfig; + use pbs_key_config::KeyDerivationConfig; let pw = b"test"; diff --git a/pbs-datastore/src/paperkey.rs b/pbs-datastore/src/paperkey.rs index cd36a1be..f95cec0b 100644 --- a/pbs-datastore/src/paperkey.rs +++ b/pbs-datastore/src/paperkey.rs @@ -6,7 +6,7 @@ use serde::{Deserialize, Serialize}; use proxmox_schema::api; -use pbs_config::key_config::KeyConfig; +use pbs_key_config::KeyConfig; #[api()] #[derive(Debug, Serialize, Deserialize)] diff --git a/pbs-key-config/Cargo.toml b/pbs-key-config/Cargo.toml new file mode 100644 index 00000000..fe280c49 --- /dev/null +++ b/pbs-key-config/Cargo.toml @@ -0,0 +1,21 @@ +[package] +name = "pbs-key-config" +version = "0.1.0" +authors.workspace = true +edition.workspace = true +description = "Encryption key configuration and usage for PBS clients" + +[dependencies] +anyhow.workspace = true +nix.workspace = true +openssl.workspace = true +serde.workspace = true +serde_json.workspace = true + +proxmox-lang.workspace = true +proxmox-serde.workspace = true +proxmox-sys.workspace = true +proxmox-time.workspace = true + +pbs-api-types.workspace = true +pbs-tools.workspace = true diff --git a/pbs-config/src/key_config.rs b/pbs-key-config/src/lib.rs similarity index 100% rename from pbs-config/src/key_config.rs rename to pbs-key-config/src/lib.rs diff --git a/proxmox-backup-client/Cargo.toml b/proxmox-backup-client/Cargo.toml index d5dbb1bd..0d8783f8 100644 --- a/proxmox-backup-client/Cargo.toml +++ b/proxmox-backup-client/Cargo.toml @@ -37,5 +37,6 @@ pbs-client.workspace = true pbs-config.workspace = true pbs-datastore.workspace = true pbs-fuse-loop.workspace = true +pbs-key-config.workspace = true pbs-pxar-fuse.workspace = true pbs-tools.workspace = true diff --git a/proxmox-backup-client/src/benchmark.rs b/proxmox-backup-client/src/benchmark.rs index a306cbaa..b3047308 100644 --- a/proxmox-backup-client/src/benchmark.rs +++ b/proxmox-backup-client/src/benchmark.rs @@ -17,8 +17,8 @@ use proxmox_schema::{api, ApiType, ReturnType}; use pbs_api_types::{BackupNamespace, BackupType}; use pbs_client::tools::key_source::get_encryption_key_password; use pbs_client::{BackupRepository, BackupWriter}; -use pbs_config::key_config::{load_and_decrypt_key, KeyDerivationConfig}; use pbs_datastore::data_blob::{DataBlob, DataChunkBuilder}; +use pbs_key_config::{load_and_decrypt_key, KeyDerivationConfig}; use pbs_tools::crypt_config::CryptConfig; use crate::{ diff --git a/proxmox-backup-client/src/key.rs b/proxmox-backup-client/src/key.rs index ad9cb563..c8f3b6f1 100644 --- a/proxmox-backup-client/src/key.rs +++ b/proxmox-backup-client/src/key.rs @@ -17,8 +17,8 @@ use pbs_client::tools::key_source::{ find_default_encryption_key, find_default_master_pubkey, get_encryption_key_password, place_default_encryption_key, place_default_master_pubkey, }; -use pbs_config::key_config::{rsa_decrypt_key_config, KeyConfig}; use pbs_datastore::paperkey::{generate_paper_key, PaperkeyFormat}; +use pbs_key_config::{rsa_decrypt_key_config, KeyConfig}; #[api] #[derive(Deserialize, Serialize)] diff --git a/proxmox-backup-client/src/main.rs b/proxmox-backup-client/src/main.rs index 06fdab4f..55198108 100644 --- a/proxmox-backup-client/src/main.rs +++ b/proxmox-backup-client/src/main.rs @@ -46,7 +46,6 @@ use pbs_client::{ FixedChunkStream, HttpClient, PxarBackupStream, RemoteChunkReader, UploadOptions, BACKUP_SOURCE_SCHEMA, }; -use pbs_config::key_config::{decrypt_key, rsa_encrypt_key_config, KeyConfig}; use pbs_datastore::catalog::{BackupCatalogWriter, CatalogReader, CatalogWriter}; use pbs_datastore::chunk_store::verify_chunk_size; use pbs_datastore::dynamic_index::{BufferedDynamicReader, DynamicIndexReader}; @@ -57,6 +56,7 @@ use pbs_datastore::manifest::{ }; use pbs_datastore::read_chunk::AsyncReadChunk; use pbs_datastore::CATALOG_NAME; +use pbs_key_config::{decrypt_key, rsa_encrypt_key_config, KeyConfig}; use pbs_tools::crypt_config::CryptConfig; use pbs_tools::json; diff --git a/proxmox-backup-client/src/mount.rs b/proxmox-backup-client/src/mount.rs index afec2553..6810c19c 100644 --- a/proxmox-backup-client/src/mount.rs +++ b/proxmox-backup-client/src/mount.rs @@ -20,10 +20,10 @@ use proxmox_sys::sortable; use pbs_api_types::BackupNamespace; use pbs_client::tools::key_source::get_encryption_key_password; use pbs_client::{BackupReader, RemoteChunkReader}; -use pbs_config::key_config::load_and_decrypt_key; use pbs_datastore::cached_chunk_reader::CachedChunkReader; use pbs_datastore::dynamic_index::BufferedDynamicReader; use pbs_datastore::index::IndexFile; +use pbs_key_config::load_and_decrypt_key; use pbs_tools::crypt_config::CryptConfig; use pbs_tools::json::required_string_param; diff --git a/proxmox-backup-client/src/snapshot.rs b/proxmox-backup-client/src/snapshot.rs index c678e059..4ca8015f 100644 --- a/proxmox-backup-client/src/snapshot.rs +++ b/proxmox-backup-client/src/snapshot.rs @@ -9,8 +9,8 @@ use proxmox_sys::fs::file_get_contents; use pbs_api_types::{BackupGroup, BackupNamespace, CryptMode, SnapshotListItem}; use pbs_client::tools::key_source::get_encryption_key_password; -use pbs_config::key_config::decrypt_key; use pbs_datastore::DataBlob; +use pbs_key_config::decrypt_key; use pbs_tools::crypt_config::CryptConfig; use pbs_tools::json::required_string_param; diff --git a/proxmox-file-restore/Cargo.toml b/proxmox-file-restore/Cargo.toml index fc0e5612..cd92acb3 100644 --- a/proxmox-file-restore/Cargo.toml +++ b/proxmox-file-restore/Cargo.toml @@ -32,4 +32,5 @@ pbs-buildcfg.workspace = true pbs-client.workspace = true pbs-config.workspace = true pbs-datastore.workspace = true +pbs-key-config.workspace = true pbs-tools.workspace = true diff --git a/proxmox-file-restore/src/main.rs b/proxmox-file-restore/src/main.rs index 7f35bd5d..87caadc4 100644 --- a/proxmox-file-restore/src/main.rs +++ b/proxmox-file-restore/src/main.rs @@ -31,11 +31,11 @@ use pbs_client::tools::{ REPO_URL_SCHEMA, }; use pbs_client::{BackupReader, BackupRepository, RemoteChunkReader}; -use pbs_config::key_config::decrypt_key; use pbs_datastore::catalog::{ArchiveEntry, CatalogReader, DirEntryAttribute}; use pbs_datastore::dynamic_index::{BufferedDynamicReader, LocalDynamicReadAt}; use pbs_datastore::index::IndexFile; use pbs_datastore::CATALOG_NAME; +use pbs_key_config::decrypt_key; use pbs_tools::crypt_config::CryptConfig; pub mod block_driver; diff --git a/src/api2/config/tape_encryption_keys.rs b/src/api2/config/tape_encryption_keys.rs index de709f20..4a604c1c 100644 --- a/src/api2/config/tape_encryption_keys.rs +++ b/src/api2/config/tape_encryption_keys.rs @@ -12,11 +12,11 @@ use pbs_api_types::{ use pbs_config::CachedUserInfo; -use pbs_config::key_config::KeyConfig; use pbs_config::open_backup_lockfile; use pbs_config::tape_encryption_keys::{ insert_key, load_key_configs, load_keys, save_key_configs, save_keys, TAPE_KEYS_LOCKFILE, }; +use pbs_key_config::KeyConfig; #[api( input: { diff --git a/src/bin/proxmox_backup_debug/diff.rs b/src/bin/proxmox_backup_debug/diff.rs index b9296a2e..288d35ce 100644 --- a/src/bin/proxmox_backup_debug/diff.rs +++ b/src/bin/proxmox_backup_debug/diff.rs @@ -21,9 +21,9 @@ use pbs_client::tools::{ REPO_URL_SCHEMA, }; use pbs_client::{BackupReader, BackupRepository, RemoteChunkReader}; -use pbs_config::key_config::decrypt_key; use pbs_datastore::dynamic_index::{BufferedDynamicReader, DynamicIndexReader, LocalDynamicReadAt}; use pbs_datastore::index::IndexFile; +use pbs_key_config::decrypt_key; use pbs_tools::crypt_config::CryptConfig; use pxar::accessor::ReadAt; use pxar::EntryKind; diff --git a/src/bin/proxmox_backup_debug/inspect.rs b/src/bin/proxmox_backup_debug/inspect.rs index 339bfc26..29265e26 100644 --- a/src/bin/proxmox_backup_debug/inspect.rs +++ b/src/bin/proxmox_backup_debug/inspect.rs @@ -15,7 +15,6 @@ use proxmox_router::cli::{ use proxmox_schema::api; use pbs_client::tools::key_source::get_encryption_key_password; -use pbs_config::key_config::load_and_decrypt_key; use pbs_datastore::dynamic_index::DynamicIndexReader; use pbs_datastore::file_formats::{ COMPRESSED_BLOB_MAGIC_1_0, DYNAMIC_SIZED_CHUNK_INDEX_1_0, ENCRYPTED_BLOB_MAGIC_1_0, @@ -24,6 +23,7 @@ use pbs_datastore::file_formats::{ use pbs_datastore::fixed_index::FixedIndexReader; use pbs_datastore::index::IndexFile; use pbs_datastore::DataBlob; +use pbs_key_config::load_and_decrypt_key; use pbs_tools::crypt_config::CryptConfig; /// Decodes a blob and writes its content either to stdout or into a file diff --git a/src/bin/proxmox_backup_debug/recover.rs b/src/bin/proxmox_backup_debug/recover.rs index 43ece96a..113da6da 100644 --- a/src/bin/proxmox_backup_debug/recover.rs +++ b/src/bin/proxmox_backup_debug/recover.rs @@ -8,12 +8,12 @@ use proxmox_router::cli::{CliCommand, CliCommandMap, CommandLineInterface}; use proxmox_schema::api; use pbs_client::tools::key_source::get_encryption_key_password; -use pbs_config::key_config::load_and_decrypt_key; use pbs_datastore::dynamic_index::DynamicIndexReader; use pbs_datastore::file_formats::{DYNAMIC_SIZED_CHUNK_INDEX_1_0, FIXED_SIZED_CHUNK_INDEX_1_0}; use pbs_datastore::fixed_index::FixedIndexReader; use pbs_datastore::index::IndexFile; use pbs_datastore::DataBlob; +use pbs_key_config::load_and_decrypt_key; use pbs_tools::crypt_config::CryptConfig; #[api( diff --git a/src/bin/proxmox_tape/encryption_key.rs b/src/bin/proxmox_tape/encryption_key.rs index 2e2c0430..4cd88e64 100644 --- a/src/bin/proxmox_tape/encryption_key.rs +++ b/src/bin/proxmox_tape/encryption_key.rs @@ -10,9 +10,9 @@ use pbs_api_types::{ TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA, }; -use pbs_config::key_config::KeyConfig; use pbs_config::tape_encryption_keys::{complete_key_fingerprint, load_key_configs}; use pbs_datastore::paperkey::{generate_paper_key, PaperkeyFormat}; +use pbs_key_config::KeyConfig; use proxmox_backup::api2; diff --git a/src/tape/drive/lto/mod.rs b/src/tape/drive/lto/mod.rs index 66878411..e571f4e5 100644 --- a/src/tape/drive/lto/mod.rs +++ b/src/tape/drive/lto/mod.rs @@ -21,7 +21,7 @@ use proxmox_uuid::Uuid; use pbs_api_types::{ Fingerprint, Lp17VolumeStatistics, LtoDriveAndMediaStatus, LtoTapeDrive, MamAttribute, }; -use pbs_config::key_config::KeyConfig; +use pbs_key_config::KeyConfig; use pbs_tape::{ linux_list_drives::open_lto_tape_device, sg_tape::{SgTape, TapeAlertFlags}, diff --git a/src/tape/drive/mod.rs b/src/tape/drive/mod.rs index 2ab79b31..c69ebc63 100644 --- a/src/tape/drive/mod.rs +++ b/src/tape/drive/mod.rs @@ -23,7 +23,7 @@ use proxmox_sys::{task_log, WorkerTaskContext}; use proxmox_uuid::Uuid; use pbs_api_types::{Fingerprint, LtoTapeDrive, VirtualTapeDrive}; -use pbs_config::key_config::KeyConfig; +use pbs_key_config::KeyConfig; use pbs_tape::{sg_tape::TapeAlertFlags, BlockReadError, MediaContentHeader, TapeRead, TapeWrite}; diff --git a/src/tape/drive/virtual_tape.rs b/src/tape/drive/virtual_tape.rs index 74099f6b..d3b7b0f3 100644 --- a/src/tape/drive/virtual_tape.rs +++ b/src/tape/drive/virtual_tape.rs @@ -8,7 +8,7 @@ use serde::{Deserialize, Serialize}; use proxmox_sys::fs::{replace_file, CreateOptions}; -use pbs_config::key_config::KeyConfig; +use pbs_key_config::KeyConfig; use pbs_tape::{ BlockReadError, BlockedReader, BlockedWriter, DriveStatus, ElementStatus, EmulateTapeReader, EmulateTapeWriter, MediaContentHeader, MtxStatus, StorageElementStatus, TapeRead, TapeWrite,