Implement RSA encryption

This is to support public key encryption in the backup operation. You can use the -key option to supply the public key to the backup command, and then the same option to supply the private key when restoring a previous revision. The storage must be encrypted for this to work.
2025-12-15 15:53:26 +00:00 · 2019-09-20 14:19:18 -04:00
parent 58387c0951
commit 90833f9d86
8 changed files with 248 additions and 28 deletions
--- a/src/duplicacy_config.go
+++ b/src/duplicacy_config.go
@@ -9,6 +9,7 @@ import (
 	"crypto/hmac"
 	"crypto/rand"
 	"crypto/sha256"
+	"crypto/rsa"
 	"encoding/binary"
 	"encoding/hex"
 	"encoding/json"
@@ -65,6 +66,10 @@ type Config struct {
 	// for encrypting a non-chunk file
 	FileKey []byte `json:"-"`

+	// for RSA encryption
+	rsaPrivateKey *rsa.PrivateKey
+	rsaPublicKey *rsa.PublicKey
+
 	chunkPool      chan *Chunk
 	numberOfChunks int32
 	dryRun         bool
@@ -430,7 +435,7 @@ func UploadConfig(storage Storage, config *Config, password string, iterations i

 	if len(password) > 0 {
 		// Encrypt the config file with masterKey.  If masterKey is nil then no encryption is performed.
-		err = chunk.Encrypt(masterKey, "")
+		err = chunk.Encrypt(masterKey, "", true)
 		if err != nil {
 			LOG_ERROR("CONFIG_CREATE", "Failed to create the config file: %v", err)
 			return false