debug: Allow creating insecure repositories

Uses low-security KDF parameters for scrypt(). Do not use in production!

src/cmds/restic/global_debug.go

@@ -8,6 +8,7 @@ import (
 	_ "net/http/pprof"
 	"os"
 	"restic/errors"
+	"restic/repository"
 
 	"github.com/pkg/profile"
 )
@@ -16,6 +17,7 @@ var (
 	listenMemoryProfile string
 	memProfilePath      string
 	cpuProfilePath      string
+	insecure            bool
 
 	prof interface {
 		Stop()
@@ -27,6 +29,13 @@ func init() {
 	f.StringVar(&listenMemoryProfile, "listen-profile", "", "listen on this `address:port` for memory profiling")
 	f.StringVar(&memProfilePath, "mem-profile", "", "write memory profile to `dir`")
 	f.StringVar(&cpuProfilePath, "cpu-profile", "", "write cpu profile to `dir`")
+	f.BoolVar(&insecure, "insecure-kdf", false, "use insecure KDF settings")
+}
+
+type fakeTestingTB struct{}
+
+func (fakeTestingTB) Logf(msg string, args ...interface{}) {
+	fmt.Fprintf(os.Stderr, msg, args...)
 }
 
 func runDebug() error {
@@ -50,6 +59,10 @@ func runDebug() error {
 		prof = profile.Start(profile.Quiet, profile.CPUProfile, profile.ProfilePath(memProfilePath))
 	}
 
+	if insecure {
+		repository.TestUseLowSecurityKDFParameters(fakeTestingTB{})
+	}
+
 	return nil
 }
 

src/restic/repository/testing.go

@@ -19,8 +19,12 @@ var testKDFParams = crypto.KDFParams{
 	P: 1,
 }
 
+type logger interface {
+	Logf(format string, args ...interface{})
+}
+
 // TestUseLowSecurityKDFParameters configures low-security KDF parameters for testing.
-func TestUseLowSecurityKDFParameters(t testing.TB) {
+func TestUseLowSecurityKDFParameters(t logger) {
 	t.Logf("using low-security KDF parameters for test")
 	KDFParams = &testKDFParams
 }