dir/server/serverlog: stabilize root backup reference

The recently introduced root backup from local disk to storage server
intended to create a consistent per-user reference, but used ECDSA
signing which includes some randomness. The reference is desired to
be unguessable so that outsiders can't watch time and sequence.
There is no encryption or sign/verify involved. A better
cryptographic tool is HKDF (RFC 5869) already used as part of
key wrapping in pack/ee.

Add HKDF to the Factotum interface, and use it in place of the
old reference construction.

Add test that catches the old problem.

Add errors.Str in storagetest to avoid "unqualified type" complaint.

Fix #555.

Change-Id: Ibb083d9a630fd82beac835166d17144b5d97ac2a
Reviewed-on: https://upspin-review.googlesource.com/17560
Reviewed-by: Andrew Gerrand <adg@golang.org>
Reviewed-by: David Presotto <presotto@gmail.com>
5 files changed
tree: c2e819ecef7375a717aa1efce4e80f218c86eb8d
  1. .travis.yml
  3. CONDUCT.md
  6. Gopkg.lock
  7. Gopkg.toml
  10. README.binary
  11. README.md
  12. access/
  13. bind/
  14. cache/
  15. client/
  16. cloud/
  17. cmd/
  18. config/
  19. dir/
  20. doc/
  21. errors/
  22. factotum/
  23. flags/
  24. key/
  25. log/
  26. metric/
  27. pack/
  28. path/
  29. rpc/
  30. serverutil/
  31. shutdown/
  32. store/
  33. subcmd/
  34. test/
  35. transports/
  36. upbox/
  37. upspin/
  38. user/
  39. valid/
  40. vendor/
  41. version/



Documentation: upspin.io

About the project

Upspin is an experimental project to build a framework for naming and sharing files and other data securely, uniformly, and globally: a global name system of sorts.

It is not a file system, but a set of protocols and reference implementations that can be used to join things like file systems and other storage services to the name space.

Performance is not a primary goal. Uniformity and security are.

Upspin is not an official Google product.


Upspin has rough edges, and is not yet suitable for non-technical users.

Build Status


The code repository lives at upspin.googlesource.com and is mirrored to GitHub.

Note that the Upspin project does not use GitHub pull requests, and that we use the issue tracker for bug reports and proposals only.

See the Contribution Guidelines for more information on contributing to the project.

Reporting issues

Please report issues through our issue tracker.


All Upspin users should subscribe to the Upspin Announcements mailing list to receive critical information about the project.

Use the Upspin mailing list for discussion about Upspin use and development.

Code of Conduct

Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.

The Upspin mascot is Copyright 2017 Renee French. All Rights Reserved.