Add a header to the inner config encryption so we can change the inner format later without changing the outer format
This commit is contained in:
parent
0ae9bb7fca
commit
bb507ce241
@ -54,12 +54,13 @@ namespace cryfs {
|
|||||||
boost::optional<cpputils::Data> ConcreteInnerEncryptor<Cipher>::_deserialize(const cpputils::Data &ciphertext) const {
|
boost::optional<cpputils::Data> ConcreteInnerEncryptor<Cipher>::_deserialize(const cpputils::Data &ciphertext) const {
|
||||||
cpputils::Deserializer deserializer(&ciphertext);
|
cpputils::Deserializer deserializer(&ciphertext);
|
||||||
try {
|
try {
|
||||||
|
_checkHeader(&deserializer);
|
||||||
std::string readCipherName = deserializer.readString();
|
std::string readCipherName = deserializer.readString();
|
||||||
if (readCipherName != _cipherName) {
|
if (readCipherName != _cipherName) {
|
||||||
cpputils::logging::LOG(cpputils::logging::ERROR) << "Wrong inner cipher used";
|
cpputils::logging::LOG(cpputils::logging::ERROR) << "Wrong inner cipher used";
|
||||||
return boost::none;
|
return boost::none;
|
||||||
}
|
}
|
||||||
auto result = deserializer.readData();
|
auto result = deserializer.readTailData();
|
||||||
deserializer.finished();
|
deserializer.finished();
|
||||||
return result;
|
return result;
|
||||||
} catch (const std::exception &e) {
|
} catch (const std::exception &e) {
|
||||||
@ -78,10 +79,12 @@ namespace cryfs {
|
|||||||
template<class Cipher>
|
template<class Cipher>
|
||||||
cpputils::Data ConcreteInnerEncryptor<Cipher>::_serialize(const cpputils::Data &ciphertext) const {
|
cpputils::Data ConcreteInnerEncryptor<Cipher>::_serialize(const cpputils::Data &ciphertext) const {
|
||||||
try {
|
try {
|
||||||
cpputils::Serializer serializer(cpputils::Serializer::StringSize(_cipherName)
|
cpputils::Serializer serializer(cpputils::Serializer::StringSize(HEADER)
|
||||||
+ cpputils::Serializer::DataSize(ciphertext));
|
+ cpputils::Serializer::StringSize(_cipherName)
|
||||||
|
+ ciphertext.size());
|
||||||
|
serializer.writeString(HEADER);
|
||||||
serializer.writeString(_cipherName);
|
serializer.writeString(_cipherName);
|
||||||
serializer.writeData(ciphertext);
|
serializer.writeTailData(ciphertext);
|
||||||
return serializer.finished();
|
return serializer.finished();
|
||||||
} catch (const std::exception &e) {
|
} catch (const std::exception &e) {
|
||||||
cpputils::logging::LOG(cpputils::logging::ERROR) << "Error serializing inner configuration: " << e.what();
|
cpputils::logging::LOG(cpputils::logging::ERROR) << "Error serializing inner configuration: " << e.what();
|
||||||
|
@ -11,7 +11,7 @@ using boost::none;
|
|||||||
using namespace cpputils::logging;
|
using namespace cpputils::logging;
|
||||||
|
|
||||||
namespace cryfs {
|
namespace cryfs {
|
||||||
const string CryConfigEncryptor::HEADER = "cryfs.config;0.8.1;scrypt";
|
const string CryConfigEncryptor::HEADER = "cryfs.config;0;scrypt";
|
||||||
|
|
||||||
CryConfigEncryptor::CryConfigEncryptor(unique_ref<InnerEncryptor> innerEncryptor, OuterCipher::EncryptionKey outerKey, DerivedKeyConfig keyConfig)
|
CryConfigEncryptor::CryConfigEncryptor(unique_ref<InnerEncryptor> innerEncryptor, OuterCipher::EncryptionKey outerKey, DerivedKeyConfig keyConfig)
|
||||||
: _innerEncryptor(std::move(innerEncryptor)), _outerKey(std::move(outerKey)), _keyConfig(std::move(keyConfig)) {
|
: _innerEncryptor(std::move(innerEncryptor)), _outerKey(std::move(outerKey)), _keyConfig(std::move(keyConfig)) {
|
||||||
@ -39,10 +39,10 @@ namespace cryfs {
|
|||||||
try {
|
try {
|
||||||
Serializer serializer(Serializer::StringSize(HEADER)
|
Serializer serializer(Serializer::StringSize(HEADER)
|
||||||
+ _keyConfig.serializedSize()
|
+ _keyConfig.serializedSize()
|
||||||
+ Serializer::DataSize(ciphertext));
|
+ ciphertext.size());
|
||||||
writeHeader(&serializer);
|
writeHeader(&serializer);
|
||||||
_keyConfig.serialize(&serializer);
|
_keyConfig.serialize(&serializer);
|
||||||
serializer.writeData(ciphertext);
|
serializer.writeTailData(ciphertext);
|
||||||
return serializer.finished();
|
return serializer.finished();
|
||||||
} catch (const std::exception &e) {
|
} catch (const std::exception &e) {
|
||||||
cpputils::logging::LOG(cpputils::logging::ERROR) << "Error serializing CryConfigEncryptor: " << e.what();
|
cpputils::logging::LOG(cpputils::logging::ERROR) << "Error serializing CryConfigEncryptor: " << e.what();
|
||||||
@ -69,7 +69,7 @@ namespace cryfs {
|
|||||||
}
|
}
|
||||||
|
|
||||||
optional<Data> CryConfigEncryptor::_loadAndDecryptConfigData(Deserializer *deserializer) {
|
optional<Data> CryConfigEncryptor::_loadAndDecryptConfigData(Deserializer *deserializer) {
|
||||||
auto ciphertext = deserializer->readData();
|
auto ciphertext = deserializer->readTailData();
|
||||||
auto inner = OuterCipher::decrypt(static_cast<const uint8_t*>(ciphertext.data()), ciphertext.size(), _outerKey);
|
auto inner = OuterCipher::decrypt(static_cast<const uint8_t*>(ciphertext.data()), ciphertext.size(), _outerKey);
|
||||||
if(inner == none) {
|
if(inner == none) {
|
||||||
return none;
|
return none;
|
||||||
|
@ -1 +1,21 @@
|
|||||||
#include "InnerEncryptor.h"
|
#include "InnerEncryptor.h"
|
||||||
|
|
||||||
|
using std::string;
|
||||||
|
using cpputils::Deserializer;
|
||||||
|
using cpputils::Serializer;
|
||||||
|
|
||||||
|
namespace cryfs {
|
||||||
|
const string InnerEncryptor::HEADER = "cryfs.config.inner;0";
|
||||||
|
|
||||||
|
void InnerEncryptor::_checkHeader(Deserializer *deserializer) {
|
||||||
|
string header = deserializer->readString();
|
||||||
|
if (header != HEADER) {
|
||||||
|
throw std::runtime_error("Invalid header");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void InnerEncryptor::_writeHeader(Serializer *serializer) {
|
||||||
|
serializer->writeString(HEADER);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -5,12 +5,21 @@
|
|||||||
#include <messmer/cpp-utils/data/Data.h>
|
#include <messmer/cpp-utils/data/Data.h>
|
||||||
#include <messmer/cpp-utils/pointer/unique_ref.h>
|
#include <messmer/cpp-utils/pointer/unique_ref.h>
|
||||||
#include <boost/optional.hpp>
|
#include <boost/optional.hpp>
|
||||||
|
#include <messmer/cpp-utils/data/Deserializer.h>
|
||||||
|
#include <messmer/cpp-utils/data/Serializer.h>
|
||||||
|
|
||||||
namespace cryfs {
|
namespace cryfs {
|
||||||
class InnerEncryptor {
|
class InnerEncryptor {
|
||||||
public:
|
public:
|
||||||
virtual cpputils::Data encrypt(const cpputils::Data &plaintext) const = 0;
|
virtual cpputils::Data encrypt(const cpputils::Data &plaintext) const = 0;
|
||||||
virtual boost::optional <cpputils::Data> decrypt(const cpputils::Data &plaintext) const = 0;
|
virtual boost::optional <cpputils::Data> decrypt(const cpputils::Data &plaintext) const = 0;
|
||||||
|
|
||||||
|
protected:
|
||||||
|
static void _checkHeader(cpputils::Deserializer *deserializer);
|
||||||
|
static void _writeHeader(cpputils::Serializer *serializer);
|
||||||
|
|
||||||
|
private:
|
||||||
|
static const std::string HEADER;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user