Add a header to the inner config encryption so we can change the inner format later without changing the outer format
This commit is contained in:
parent
0ae9bb7fca
commit
bb507ce241
@ -54,12 +54,13 @@ namespace cryfs {
|
||||
boost::optional<cpputils::Data> ConcreteInnerEncryptor<Cipher>::_deserialize(const cpputils::Data &ciphertext) const {
|
||||
cpputils::Deserializer deserializer(&ciphertext);
|
||||
try {
|
||||
_checkHeader(&deserializer);
|
||||
std::string readCipherName = deserializer.readString();
|
||||
if (readCipherName != _cipherName) {
|
||||
cpputils::logging::LOG(cpputils::logging::ERROR) << "Wrong inner cipher used";
|
||||
return boost::none;
|
||||
}
|
||||
auto result = deserializer.readData();
|
||||
auto result = deserializer.readTailData();
|
||||
deserializer.finished();
|
||||
return result;
|
||||
} catch (const std::exception &e) {
|
||||
@ -78,10 +79,12 @@ namespace cryfs {
|
||||
template<class Cipher>
|
||||
cpputils::Data ConcreteInnerEncryptor<Cipher>::_serialize(const cpputils::Data &ciphertext) const {
|
||||
try {
|
||||
cpputils::Serializer serializer(cpputils::Serializer::StringSize(_cipherName)
|
||||
+ cpputils::Serializer::DataSize(ciphertext));
|
||||
cpputils::Serializer serializer(cpputils::Serializer::StringSize(HEADER)
|
||||
+ cpputils::Serializer::StringSize(_cipherName)
|
||||
+ ciphertext.size());
|
||||
serializer.writeString(HEADER);
|
||||
serializer.writeString(_cipherName);
|
||||
serializer.writeData(ciphertext);
|
||||
serializer.writeTailData(ciphertext);
|
||||
return serializer.finished();
|
||||
} catch (const std::exception &e) {
|
||||
cpputils::logging::LOG(cpputils::logging::ERROR) << "Error serializing inner configuration: " << e.what();
|
||||
|
@ -11,7 +11,7 @@ using boost::none;
|
||||
using namespace cpputils::logging;
|
||||
|
||||
namespace cryfs {
|
||||
const string CryConfigEncryptor::HEADER = "cryfs.config;0.8.1;scrypt";
|
||||
const string CryConfigEncryptor::HEADER = "cryfs.config;0;scrypt";
|
||||
|
||||
CryConfigEncryptor::CryConfigEncryptor(unique_ref<InnerEncryptor> innerEncryptor, OuterCipher::EncryptionKey outerKey, DerivedKeyConfig keyConfig)
|
||||
: _innerEncryptor(std::move(innerEncryptor)), _outerKey(std::move(outerKey)), _keyConfig(std::move(keyConfig)) {
|
||||
@ -39,10 +39,10 @@ namespace cryfs {
|
||||
try {
|
||||
Serializer serializer(Serializer::StringSize(HEADER)
|
||||
+ _keyConfig.serializedSize()
|
||||
+ Serializer::DataSize(ciphertext));
|
||||
+ ciphertext.size());
|
||||
writeHeader(&serializer);
|
||||
_keyConfig.serialize(&serializer);
|
||||
serializer.writeData(ciphertext);
|
||||
serializer.writeTailData(ciphertext);
|
||||
return serializer.finished();
|
||||
} catch (const std::exception &e) {
|
||||
cpputils::logging::LOG(cpputils::logging::ERROR) << "Error serializing CryConfigEncryptor: " << e.what();
|
||||
@ -69,7 +69,7 @@ namespace cryfs {
|
||||
}
|
||||
|
||||
optional<Data> CryConfigEncryptor::_loadAndDecryptConfigData(Deserializer *deserializer) {
|
||||
auto ciphertext = deserializer->readData();
|
||||
auto ciphertext = deserializer->readTailData();
|
||||
auto inner = OuterCipher::decrypt(static_cast<const uint8_t*>(ciphertext.data()), ciphertext.size(), _outerKey);
|
||||
if(inner == none) {
|
||||
return none;
|
||||
|
@ -1 +1,21 @@
|
||||
#include "InnerEncryptor.h"
|
||||
|
||||
using std::string;
|
||||
using cpputils::Deserializer;
|
||||
using cpputils::Serializer;
|
||||
|
||||
namespace cryfs {
|
||||
const string InnerEncryptor::HEADER = "cryfs.config.inner;0";
|
||||
|
||||
void InnerEncryptor::_checkHeader(Deserializer *deserializer) {
|
||||
string header = deserializer->readString();
|
||||
if (header != HEADER) {
|
||||
throw std::runtime_error("Invalid header");
|
||||
}
|
||||
}
|
||||
|
||||
void InnerEncryptor::_writeHeader(Serializer *serializer) {
|
||||
serializer->writeString(HEADER);
|
||||
}
|
||||
|
||||
}
|
@ -5,12 +5,21 @@
|
||||
#include <messmer/cpp-utils/data/Data.h>
|
||||
#include <messmer/cpp-utils/pointer/unique_ref.h>
|
||||
#include <boost/optional.hpp>
|
||||
#include <messmer/cpp-utils/data/Deserializer.h>
|
||||
#include <messmer/cpp-utils/data/Serializer.h>
|
||||
|
||||
namespace cryfs {
|
||||
class InnerEncryptor {
|
||||
public:
|
||||
virtual cpputils::Data encrypt(const cpputils::Data &plaintext) const = 0;
|
||||
virtual boost::optional <cpputils::Data> decrypt(const cpputils::Data &plaintext) const = 0;
|
||||
|
||||
protected:
|
||||
static void _checkHeader(cpputils::Deserializer *deserializer);
|
||||
static void _writeHeader(cpputils::Serializer *serializer);
|
||||
|
||||
private:
|
||||
static const std::string HEADER;
|
||||
};
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user