Here is another detail for your consideration when working on this patch: Security
If the backup is encrypted - then you shouldn't do the test-restore on the backup media - I assume the test restore will leak unencrypted data into whatever filesystem is being used for testing.
At least on my system, where the backup is on a remote network server, the unencrypted signature files were leaked into the temporary file system.
You might consider to always use the user's home directory for the testing, because that's the only place you can assume to have sufficient protection. For example, on my system, /home is encrypted, but /tmp and /var/tmp are not.
Here is another detail for your consideration when working on this patch: Security
If the backup is encrypted - then you shouldn't do the test-restore on the backup media - I assume the test restore will leak unencrypted data into whatever filesystem is being used for testing.
At least on my system, where the backup is on a remote network server, the unencrypted signature files were leaked into the temporary file system.
You might consider to always use the user's home directory for the testing, because that's the only place you can assume to have sufficient protection. For example, on my system, /home is encrypted, but /tmp and /var/tmp are not.