Add a padding step between inner encryption and outer encryption to hide the size of the cipher name that is added inbetween

2015-10-27 19:00:24 +01:00 · 2015-10-27 19:00:24 +01:00 · 5a73042c63
commit 5a73042c63
parent 08e4ae8a2e
3 changed files with 12 additions and 5 deletions
--- a/src/config/crypto/ConcreteInnerEncryptor.h
+++ b/src/config/crypto/ConcreteInnerEncryptor.h
@ -13,7 +13,7 @@ namespace cryfs {
    template<class Cipher>
    class ConcreteInnerEncryptor: public InnerEncryptor {
    public:
-        static constexpr size_t CONFIG_SIZE = 512;  // Config data is grown to this size before encryption to hide its actual size
+        static constexpr size_t CONFIG_SIZE = 512;  // Inner config data is grown to this size before encryption to hide its actual size

        ConcreteInnerEncryptor(typename Cipher::EncryptionKey key, const std::string &cipherName);

--- a/src/config/crypto/CryConfigEncryptor.cpp
+++ b/src/config/crypto/CryConfigEncryptor.cpp
@ -1,4 +1,5 @@
 #include "CryConfigEncryptor.h"
+#include "RandomPadding.h"

 using std::string;
 using cpputils::Deserializer;
@ -29,7 +30,8 @@ namespace cryfs {

    Data CryConfigEncryptor::encrypt(const Data &plaintext) {
        auto inner = _innerEncryptor->encrypt(plaintext);
-        auto ciphertext = OuterCipher::encrypt(static_cast<const uint8_t*>(inner.data()), inner.size(), _outerKey);
+        auto padded = RandomPadding::add(inner, CONFIG_SIZE);
+        auto ciphertext = OuterCipher::encrypt(static_cast<const uint8_t*>(padded.data()), padded.size(), _outerKey);
        return _serialize(ciphertext);
    }

@ -53,9 +55,9 @@ namespace cryfs {
        try {
            checkHeader(&deserializer);
            _ignoreKey(&deserializer);
-            auto configData = _loadAndDecryptConfigData(&deserializer);
+            auto result = _loadAndDecryptConfigData(&deserializer);
            deserializer.finished();
-            return configData;
+            return result;
        } catch (const std::exception &e) {
            LOG(ERROR) << "Error loading configuration: " << e.what();
            return boost::none; // This can be caused by invalid loaded data and is not necessarily a programming logic error. Don't throw exception.
@ -72,6 +74,10 @@ namespace cryfs {
        if(inner == none) {
            return none;
        }
-        return _innerEncryptor->decrypt(*inner);
+        auto depadded = RandomPadding::remove(*inner);
+        if(depadded == none) {
+            return none;
+        }
+        return _innerEncryptor->decrypt(*depadded);
    }
 }
--- a/src/config/crypto/CryConfigEncryptor.h
+++ b/src/config/crypto/CryConfigEncryptor.h
@ -17,6 +17,7 @@ namespace cryfs {
    class CryConfigEncryptor {
    public:
        using OuterCipher = blockstore::encrypted::AES256_GCM;
+        static constexpr size_t CONFIG_SIZE = 1024;  // Config data is grown to this size before encryption to hide its actual size

        CryConfigEncryptor(cpputils::unique_ref<InnerEncryptor> innerEncryptor, OuterCipher::EncryptionKey outerKey, DerivedKeyConfig keyConfig);