libcryfs/implementations/encrypted/EncryptedBlock.cpp

#include "EncryptedBlock.h"
#include <cryptopp/cryptopp/modes.h>

#include "../../utils/BlockStoreUtils.h"

using CryptoPP::CFB_Mode;
using CryptoPP::AES;

using std::make_unique;

//TODO not only encryption, but also hmac

namespace blockstore {
namespace encrypted {

constexpr unsigned int EncryptedBlock::IV_SIZE;

std::unique_ptr<EncryptedBlock> EncryptedBlock::CreateNew(std::unique_ptr<Block> baseBlock, const EncryptionKey &encKey) {
  auto block = make_unique<EncryptedBlock>(std::move(baseBlock), encKey);
  //We have to explicitly fill the block with zeroes, because otherwise the encrypted version is filled with zeroes and not the plaintext version
  utils::fillWithZeroes(block.get());
  return block;
}

EncryptedBlock::EncryptedBlock(std::unique_ptr<Block> baseBlock, const EncryptionKey &encKey)
    :Block(baseBlock->key()),
     _baseBlock(std::move(baseBlock)),
     _plaintextData(USEABLE_BLOCK_SIZE(_baseBlock->size())),
     _encKey(encKey),
     _dataChanged(false) {
  _decryptFromBaseBlock();
}

EncryptedBlock::~EncryptedBlock() {
  flush();
}

const void *EncryptedBlock::data() const {
  return _plaintextData.data();
}

void EncryptedBlock::write(const void *source, uint64_t offset, uint64_t size) {
  assert(offset <= _plaintextData.size() && offset + size <= _plaintextData.size()); //Also check offset < _data->size() because of possible overflow in the addition
  std::memcpy((uint8_t*)_plaintextData.data()+offset, source, size);
  _dataChanged = true;
}

void EncryptedBlock::flush() {
  _encryptToBaseBlock();
  return _baseBlock->flush();
}

size_t EncryptedBlock::size() const {
  return _plaintextData.size();
}

void EncryptedBlock::_decryptFromBaseBlock() {
  const byte *iv = (byte*)_baseBlock->data();
  const byte *data = (byte*)_baseBlock->data() + IV_SIZE;
  auto decryption = CFB_Mode<AES>::Decryption((byte*)_encKey.data(), EncryptionKey::BINARY_LENGTH, iv);
  decryption.ProcessData((byte*)_plaintextData.data(), data, _plaintextData.size());
}

void EncryptedBlock::_encryptToBaseBlock() {
  if (_dataChanged) {
    FixedSizeData<IV_SIZE> iv = FixedSizeData<IV_SIZE>::CreateRandom();
    auto encryption = CFB_Mode<AES>::Encryption(_encKey.data(), EncryptionKey::BINARY_LENGTH, iv.data());
    //TODO More performance when not using "Data encrypted" object, but specialized CryptoPP sink
    Data encrypted(_plaintextData.size());
    encryption.ProcessData((byte*)encrypted.data(), (byte*)_plaintextData.data(), _plaintextData.size());
    _baseBlock->write(iv.data(), 0, IV_SIZE);
    _baseBlock->write(encrypted.data(), IV_SIZE, encrypted.size());
    _dataChanged = false;
  }
}

}
}
Dummy implementation for EncryptedBlockStore 2015-04-09 19:22:09 +02:00			`#include "EncryptedBlock.h"`
EncryptedBlock stores an IV 2015-04-09 21:17:28 +02:00			`#include <cryptopp/cryptopp/modes.h>`

			`#include "../../utils/BlockStoreUtils.h"`

Implemented encryption 2015-04-09 22:11:40 +02:00			`using CryptoPP::CFB_Mode;`
EncryptedBlock stores an IV 2015-04-09 21:17:28 +02:00			`using CryptoPP::AES;`

			`using std::make_unique;`
Dummy implementation for EncryptedBlockStore 2015-04-09 19:22:09 +02:00
TODOs 2015-04-10 00:57:10 +02:00			`//TODO not only encryption, but also hmac`

Dummy implementation for EncryptedBlockStore 2015-04-09 19:22:09 +02:00			`namespace blockstore {`
			`namespace encrypted {`

EncryptedBlock stores an IV 2015-04-09 21:17:28 +02:00			`constexpr unsigned int EncryptedBlock::IV_SIZE;`

			`std::unique_ptr<EncryptedBlock> EncryptedBlock::CreateNew(std::unique_ptr<Block> baseBlock, const EncryptionKey &encKey) {`
			`auto block = make_unique<EncryptedBlock>(std::move(baseBlock), encKey);`
			`//We have to explicitly fill the block with zeroes, because otherwise the encrypted version is filled with zeroes and not the plaintext version`
			`utils::fillWithZeroes(block.get());`
			`return block;`
			`}`

EncryptedBlockStore handles encryption keys 2015-04-09 20:14:12 +02:00			`EncryptedBlock::EncryptedBlock(std::unique_ptr<Block> baseBlock, const EncryptionKey &encKey)`
EncryptedBlock stores an IV 2015-04-09 21:17:28 +02:00			`:Block(baseBlock->key()),`
			`_baseBlock(std::move(baseBlock)),`
			`_plaintextData(USEABLE_BLOCK_SIZE(_baseBlock->size())),`
			`_encKey(encKey),`
			`_dataChanged(false) {`
			`_decryptFromBaseBlock();`
			`}`

			`EncryptedBlock::~EncryptedBlock() {`
			`flush();`
Dummy implementation for EncryptedBlockStore 2015-04-09 19:22:09 +02:00			`}`

			`const void *EncryptedBlock::data() const {`
EncryptedBlock stores an IV 2015-04-09 21:17:28 +02:00			`return _plaintextData.data();`
Dummy implementation for EncryptedBlockStore 2015-04-09 19:22:09 +02:00			`}`

			`void EncryptedBlock::write(const void *source, uint64_t offset, uint64_t size) {`
EncryptedBlock stores an IV 2015-04-09 21:17:28 +02:00			`assert(offset <= _plaintextData.size() && offset + size <= _plaintextData.size()); //Also check offset < _data->size() because of possible overflow in the addition`
			`std::memcpy((uint8_t*)_plaintextData.data()+offset, source, size);`
			`_dataChanged = true;`
Dummy implementation for EncryptedBlockStore 2015-04-09 19:22:09 +02:00			`}`

			`void EncryptedBlock::flush() {`
EncryptedBlock stores an IV 2015-04-09 21:17:28 +02:00			`_encryptToBaseBlock();`
Dummy implementation for EncryptedBlockStore 2015-04-09 19:22:09 +02:00			`return _baseBlock->flush();`
			`}`

			`size_t EncryptedBlock::size() const {`
EncryptedBlock stores an IV 2015-04-09 21:17:28 +02:00			`return _plaintextData.size();`
			`}`

			`void EncryptedBlock::_decryptFromBaseBlock() {`
			`const byte iv = (byte)_baseBlock->data();`
			`const byte data = (byte)_baseBlock->data() + IV_SIZE;`
Implemented encryption 2015-04-09 22:11:40 +02:00			`auto decryption = CFB_Mode<AES>::Decryption((byte*)_encKey.data(), EncryptionKey::BINARY_LENGTH, iv);`
			`decryption.ProcessData((byte*)_plaintextData.data(), data, _plaintextData.size());`
EncryptedBlock stores an IV 2015-04-09 21:17:28 +02:00			`}`

			`void EncryptedBlock::_encryptToBaseBlock() {`
			`if (_dataChanged) {`
			`FixedSizeData<IV_SIZE> iv = FixedSizeData<IV_SIZE>::CreateRandom();`
Implemented encryption 2015-04-09 22:11:40 +02:00			`auto encryption = CFB_Mode<AES>::Encryption(_encKey.data(), EncryptionKey::BINARY_LENGTH, iv.data());`
			`//TODO More performance when not using "Data encrypted" object, but specialized CryptoPP sink`
			`Data encrypted(_plaintextData.size());`
			`encryption.ProcessData((byte)encrypted.data(), (byte)_plaintextData.data(), _plaintextData.size());`
EncryptedBlock stores an IV 2015-04-09 21:17:28 +02:00			`_baseBlock->write(iv.data(), 0, IV_SIZE);`
Implemented encryption 2015-04-09 22:11:40 +02:00			`_baseBlock->write(encrypted.data(), IV_SIZE, encrypted.size());`
EncryptedBlock stores an IV 2015-04-09 21:17:28 +02:00			`_dataChanged = false;`
			`}`
Dummy implementation for EncryptedBlockStore 2015-04-09 19:22:09 +02:00			`}`

			`}`
			`}`