From ccad4582709d3dc53bbefbfbc1ded51e72245f6c Mon Sep 17 00:00:00 2001
From: Arzumify <jliwin98@danwin1210.de>
Date: Sat, 13 Jul 2024 10:07:39 +0100
Subject: [PATCH] Fixed client using unmatching hashing algorithm, added
 config.ini.examples for both sides

---
 .gitignore                    |  1 +
 bin/client/config.ini.example | 11 +++++++++++
 bin/client/main.go            | 35 +++++++++++++++++++++++++++--------
 bin/server/config.ini.example | 12 ++++++++++++
 lib/client/main.go            |  6 ++++--
 5 files changed, 55 insertions(+), 10 deletions(-)
 create mode 100644 .gitignore
 create mode 100644 bin/client/config.ini.example
 create mode 100644 bin/server/config.ini.example

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..723ef36
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.idea
\ No newline at end of file
diff --git a/bin/client/config.ini.example b/bin/client/config.ini.example
new file mode 100644
index 0000000..ea747fb
--- /dev/null
+++ b/bin/client/config.ini.example
@@ -0,0 +1,11 @@
+[config]
+# Used for authenticating the backup requests. Change to a random password, and keep the same on both the client and server.
+BACKUP_KEY=supersecretkey
+# Used for encrypting the backup files during transfer. Change to a random password, and keep the same on both the client and server.
+CRYPTO_KEY=supersecretkey
+# How often the client should backup in seconds. Default is 86400 seconds (24 hours).
+BACKUP_INTERVAL=86400
+# The URL of the server to send the backups to.
+REMOTE_URL=http://example.org:8080
+# The file to backup, relative to where the command is run.
+FILE_LOCATION=/path/to/file
\ No newline at end of file
diff --git a/bin/client/main.go b/bin/client/main.go
index 93ce8da..7f324f0 100644
--- a/bin/client/main.go
+++ b/bin/client/main.go
@@ -2,20 +2,39 @@ package main
 
 import (
 	"concord.hectabit.org/Hectabit/burgerbackup/lib/client"
+	"github.com/spf13/viper"
 	"log"
+	"os"
+	"strconv"
 	"time"
 )
 
-var (
-	backupKey      = "meow"
-	backupInterval = 43200
-	fileLocation   = "database.db"
-	remoteURL      = "http://localhost:8088/api/backup"
-)
-
 func main() {
+	if _, err := os.Stat("config.ini"); err == nil {
+		log.Println("[INFO] Config loaded at", time.Now().Unix())
+	} else if os.IsNotExist(err) {
+		log.Fatalln("[FATAL] config.ini does not exist")
+	} else {
+		log.Fatalln("[FATAL] File is in quantum uncertainty:", err)
+	}
+
+	viper.SetConfigName("config")
+	viper.AddConfigPath("./")
+	viper.AutomaticEnv()
+
+	err := viper.ReadInConfig()
+	if err != nil {
+		log.Fatalln("[FATAL] Error in config file at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
+	}
+
+	backupKey := viper.GetString("BACKUP_KEY")
+	cryptoKey := viper.GetString("CRYPTO_KEY")
+	backupInterval := viper.GetInt("BACKUP_INTERVAL")
+	fileLocation := viper.GetString("FILE_LOCATION")
+	remoteURL := viper.GetString("REMOTE_URL")
+
 	for {
-		err, errCode := client.PerformBackup(fileLocation, backupKey, remoteURL)
+		err, errCode := client.PerformBackup(fileLocation, backupKey, cryptoKey, remoteURL)
 		if err != nil {
 			if errCode == 0 {
 				log.Println("[CRITICAL] Unknown in performBackup() file read:", err)
diff --git a/bin/server/config.ini.example b/bin/server/config.ini.example
new file mode 100644
index 0000000..ed0bbcf
--- /dev/null
+++ b/bin/server/config.ini.example
@@ -0,0 +1,12 @@
+[config]
+# Used for authenticating the backup requests. Change to a random password, and keep the same on both the client and server.
+BACKUP_KEY=supersecretkey
+# Used for encrypting the backup files during transfer. Change to a random password, and keep the same on both the client and server.
+CRYPTO_KEY=supersecretkey
+# The port burgerbackup runs on. Change to Port 80 if not using a reverse proxy.
+PORT=8080
+# The host burgerbackup runs on. Change to 127.0.0.1 if using a reverse proxy.
+HOST=0.0.0.0
+# The folder where the backups are stored, relative to where the command is run.
+# It is recommended to use an absolute path
+BACKUP_FOLDER=/path/to/backup/folder
\ No newline at end of file
diff --git a/lib/client/main.go b/lib/client/main.go
index 8daa9ce..a4874fe 100644
--- a/lib/client/main.go
+++ b/lib/client/main.go
@@ -5,20 +5,22 @@ import (
 	"concord.hectabit.org/Hectabit/burgerbackup/lib/common"
 	"encoding/json"
 	"errors"
+	"golang.org/x/crypto/argon2"
 	"io"
 	"log"
 	"net/http"
 	"os"
 )
 
-func PerformBackup(fileLocation string, backupKey string, remoteURL string) (error, int) {
+func PerformBackup(fileLocation string, backupKey string, cryptoKey string, remoteURL string) (error, int) {
 	fileContent, err := os.ReadFile(fileLocation)
 	if err != nil {
 		log.Println("[CRITICAL] Unknown in performBackup() file read:", err)
 		return err, 0
 	}
 
-	encryptedContent, err := common.EncryptAES([]byte(backupKey), fileContent)
+	cryptoKeyHashed := argon2.IDKey([]byte(cryptoKey), []byte("burgerbackup"), 1, 64*1024, 4, 32)
+	encryptedContent, err := common.EncryptAES(cryptoKeyHashed, fileContent)
 	if err != nil {
 		log.Println("[CRITICAL] Unknown in performBack() content encryption", err)
 		return err, 1