(
passphrase: str,
output_len_in_bytes: int,
salt: bytes,
time_cost: int,
memory_cost: int,
parallelism: int,
type: Literal["i", "d", "id"],
)
| 453 | |
| 454 | @staticmethod |
| 455 | def argon2( |
| 456 | passphrase: str, |
| 457 | output_len_in_bytes: int, |
| 458 | salt: bytes, |
| 459 | time_cost: int, |
| 460 | memory_cost: int, |
| 461 | parallelism: int, |
| 462 | type: Literal["i", "d", "id"], |
| 463 | ) -> bytes: |
| 464 | if os.environ.get("BORG_TESTONLY_WEAKEN_KDF") == "1": |
| 465 | time_cost = 1 |
| 466 | parallelism = 1 |
| 467 | # 8 is the smallest value that avoids the "Memory cost is too small" exception |
| 468 | memory_cost = 8 |
| 469 | type_map = {"i": argon2.low_level.Type.I, "d": argon2.low_level.Type.D, "id": argon2.low_level.Type.ID} |
| 470 | key = argon2.low_level.hash_secret_raw( |
| 471 | secret=passphrase.encode("utf-8"), |
| 472 | hash_len=output_len_in_bytes, |
| 473 | salt=salt, |
| 474 | time_cost=time_cost, |
| 475 | memory_cost=memory_cost, |
| 476 | parallelism=parallelism, |
| 477 | type=type_map[type], |
| 478 | ) |
| 479 | return key |
| 480 | |
| 481 | def decrypt_key_file_pbkdf2(self, encrypted_key, passphrase): |
| 482 | key = self.pbkdf2(passphrase, encrypted_key.salt, encrypted_key.iterations, 32) |
no test coverage detected