Fixed a bug that caused all copied chunks to be RSA encrypted

The field encryptionVersion in the Chunk struct is supposed to pass the status of RSA encrytpion from a source chunk to a destination chunk in a copy command. This field needs to be a 3-state boolean in order to pass the status correctly.
2025-12-31 07:33:32 +00:00 · 2020-02-13 14:03:07 -05:00
parent e888b6d7e5
commit cc88abd547
2 changed files with 17 additions and 3 deletions
--- a/src/duplicacy_backupmanager.go
+++ b/src/duplicacy_backupmanager.go
@@ -1732,7 +1732,11 @@ func (manager *BackupManager) CopySnapshots(otherManager *BackupManager, snapsho
 			newChunk := otherManager.config.GetChunk()
 			newChunk.Reset(true)
 			newChunk.Write(chunk.GetBytes())
-			newChunk.encryptionVersion = chunk.encryptionVersion
+			if chunk.encryptionVersion == ENCRYPTION_VERSION_RSA {
+				newChunk.encryptionVersion = CHUNK_RSA_ENCRYPTION_ENABLED
+			} else {
+				newChunk.encryptionVersion = CHUNK_RSA_ENCRYPTION_DISABLED
+			}
 			chunkUploader.StartChunk(newChunk, chunkIndex)
 			totalCopied++
 		} else {
--- a/src/duplicacy_chunk.go
+++ b/src/duplicacy_chunk.go
@@ -63,14 +63,21 @@ type Chunk struct {
 	config *Config // Every chunk is associated with a Config object.  Which hashing algorithm to use is determined
 	// by the config

-	encryptionVersion byte // The version type in the encrytion header
+	encryptionVersion byte // The version type in the encrytion header; for a chunk to be copied, this field contains
+	// one of the CHUNK_RSA_ENCRYPTION_* constants to indicate how the new chunk should be encrypted
 }

 // Magic word to identify a duplicacy format encrypted file, plus a version number.
 var ENCRYPTION_HEADER = "duplicacy\000"

+// RSA encrypted chunks start with "duplicacy\002"
 var ENCRYPTION_VERSION_RSA byte = 2

+// These constants are used to control how a new chunk should be encrypted by the copy command
+var CHUNK_RSA_ENCRYPTION_DEFAULT byte = 0   // No RSA encryption explicitly requested
+var CHUNK_RSA_ENCRYPTION_DISABLED byte = 1  // The RSA encryption should be turned off
+var CHUNK_RSA_ENCRYPTION_ENABLED byte = 2   // The RSA encryption should be forced on
+
 // CreateChunk creates a new chunk.
 func CreateChunk(config *Config, bufferNeeded bool) *Chunk {

@@ -193,7 +200,10 @@ func (chunk *Chunk) Encrypt(encryptionKey []byte, derivationKey string, isSnapsh

 		key := encryptionKey
 		usingRSA := false
-		if chunk.config.rsaPublicKey != nil && (!isSnapshot || chunk.encryptionVersion == ENCRYPTION_VERSION_RSA) {
+		// If encryptionVersion is not set, use the default setting (RSA for file chunks only);
+		// otherwise, enable RSA encryption only when explicitly requested
+		if chunk.config.rsaPublicKey != nil &&
+		    ((!isSnapshot && chunk.encryptionVersion == CHUNK_RSA_ENCRYPTION_DEFAULT) || chunk.encryptionVersion == CHUNK_RSA_ENCRYPTION_ENABLED) {
 			// If the chunk is not a snpashot chunk, we attempt to encrypt it with the RSA publick key if there is one
 			randomKey := make([]byte, 32)
 			_, err := rand.Read(randomKey)