updated build system
This commit is contained in:
@@ -28,6 +28,53 @@
|
||||
#include "utils/path.hpp"
|
||||
|
||||
namespace repertory::utils::encryption {
|
||||
|
||||
auto kdf_config::generate_checksum() const -> std::uint64_t {
|
||||
REPERTORY_USES_FUNCTION_NAME();
|
||||
|
||||
kdf_config tmp = *this;
|
||||
tmp.checksum = 0;
|
||||
|
||||
auto hdr = tmp.to_header();
|
||||
|
||||
std::uint64_t ret{0};
|
||||
if (crypto_generichash(reinterpret_cast<unsigned char *>(&ret), sizeof(ret),
|
||||
hdr.data(), hdr.size(), nullptr, 0) != 0) {
|
||||
throw utils::error::create_exception(function_name,
|
||||
{
|
||||
"failed to calculate checksum",
|
||||
});
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
void kdf_config::generate_salt() {
|
||||
randombytes_buf(salt.data(), salt.size());
|
||||
checksum = generate_checksum();
|
||||
}
|
||||
|
||||
auto kdf_config::from_header(std::span<const unsigned char> data,
|
||||
kdf_config &cfg) -> bool {
|
||||
if (data.size() < kdf_config::size()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
std::memcpy(&cfg, data.data(), kdf_config::size());
|
||||
cfg.magic = boost::endian::big_to_native(cfg.magic);
|
||||
if (cfg.magic != repertory_magic) {
|
||||
return false;
|
||||
}
|
||||
|
||||
cfg.checksum = boost::endian::big_to_native(cfg.checksum);
|
||||
return cfg.version == kdf_version::v1 && cfg.kdf == kdf_type::argon2id &&
|
||||
cfg.memlimit >= memlimit_level::level1 &&
|
||||
cfg.memlimit <= memlimit_level::level4 &&
|
||||
cfg.opslimit >= opslimit_level::level1 &&
|
||||
cfg.opslimit <= opslimit_level::level3 &&
|
||||
cfg.checksum == cfg.generate_checksum();
|
||||
}
|
||||
|
||||
auto decrypt_file_path(std::string_view encryption_token,
|
||||
std::string &file_path) -> bool {
|
||||
std::vector<std::string> decrypted_parts;
|
||||
@@ -49,6 +96,27 @@ auto decrypt_file_path(std::string_view encryption_token,
|
||||
return true;
|
||||
}
|
||||
|
||||
auto decrypt_file_path(std::string_view encryption_token, const kdf_config &cfg,
|
||||
std::string &file_path) -> bool {
|
||||
std::vector<std::string> decrypted_parts;
|
||||
for (const auto &part : std::filesystem::path(file_path)) {
|
||||
auto file_name = part.string();
|
||||
if (file_name == "/") {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (not decrypt_file_name(encryption_token, cfg, file_name)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
decrypted_parts.push_back(file_name);
|
||||
}
|
||||
|
||||
file_path =
|
||||
utils::path::create_api_path(utils::string::join(decrypted_parts, '/'));
|
||||
return true;
|
||||
}
|
||||
|
||||
auto decrypt_file_name(std::string_view encryption_token,
|
||||
std::string &file_name) -> bool {
|
||||
data_buffer buffer;
|
||||
@@ -60,10 +128,26 @@ auto decrypt_file_name(std::string_view encryption_token,
|
||||
return utils::encryption::decrypt_data(encryption_token, buffer, file_name);
|
||||
}
|
||||
|
||||
auto decrypt_file_name(std::string_view encryption_token, const kdf_config &cfg,
|
||||
std::string &file_name) -> bool {
|
||||
data_buffer buffer;
|
||||
if (not utils::collection::from_hex_string(file_name, buffer)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
file_name.clear();
|
||||
return utils::encryption::decrypt_data(encryption_token, cfg, buffer,
|
||||
file_name);
|
||||
}
|
||||
|
||||
template <typename data_t>
|
||||
auto read_encrypted_range(const http_range &range,
|
||||
const utils::encryption::hash_256_t &key,
|
||||
const utils::hash::hash_256_t &key,
|
||||
reader_func_t reader_func, std::uint64_t total_size,
|
||||
data_buffer &data) -> bool {
|
||||
data_t &data, std::uint8_t file_header_size,
|
||||
std::size_t &bytes_read) -> bool {
|
||||
bytes_read = 0U;
|
||||
|
||||
auto encrypted_chunk_size =
|
||||
utils::encryption::encrypting_reader::get_encrypted_chunk_size();
|
||||
auto data_chunk_size =
|
||||
@@ -76,7 +160,7 @@ auto read_encrypted_range(const http_range &range,
|
||||
|
||||
for (std::size_t chunk = start_chunk; chunk <= end_chunk; chunk++) {
|
||||
data_buffer cypher;
|
||||
auto start_offset = chunk * encrypted_chunk_size;
|
||||
auto start_offset = (chunk * encrypted_chunk_size) + file_header_size;
|
||||
auto end_offset = std::min(
|
||||
start_offset + (total_size - (chunk * data_chunk_size)) +
|
||||
encryption_header_size - 1U,
|
||||
@@ -98,58 +182,7 @@ auto read_encrypted_range(const http_range &range,
|
||||
static_cast<std::int64_t>(source_offset)),
|
||||
std::next(source_buffer.begin(),
|
||||
static_cast<std::int64_t>(source_offset + data_size)),
|
||||
std::back_inserter(data));
|
||||
remain -= data_size;
|
||||
source_offset = 0U;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
auto read_encrypted_range(const http_range &range,
|
||||
const utils::encryption::hash_256_t &key,
|
||||
reader_func_t reader_func, std::uint64_t total_size,
|
||||
unsigned char *data, std::size_t size,
|
||||
std::size_t &bytes_read) -> bool {
|
||||
bytes_read = 0U;
|
||||
|
||||
auto encrypted_chunk_size =
|
||||
utils::encryption::encrypting_reader::get_encrypted_chunk_size();
|
||||
auto data_chunk_size =
|
||||
utils::encryption::encrypting_reader::get_data_chunk_size();
|
||||
|
||||
auto start_chunk = static_cast<std::size_t>(range.begin / data_chunk_size);
|
||||
auto end_chunk = static_cast<std::size_t>(range.end / data_chunk_size);
|
||||
auto remain = range.end - range.begin + 1U;
|
||||
auto source_offset = static_cast<std::size_t>(range.begin % data_chunk_size);
|
||||
|
||||
std::span dest_buffer(data, size);
|
||||
for (std::size_t chunk = start_chunk; chunk <= end_chunk; chunk++) {
|
||||
data_buffer cypher;
|
||||
auto start_offset = chunk * encrypted_chunk_size;
|
||||
auto end_offset = std::min(
|
||||
start_offset + (total_size - (chunk * data_chunk_size)) +
|
||||
encryption_header_size - 1U,
|
||||
static_cast<std::uint64_t>(start_offset + encrypted_chunk_size - 1U));
|
||||
|
||||
if (not reader_func(cypher, start_offset, end_offset)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
data_buffer source_buffer;
|
||||
if (not utils::encryption::decrypt_data(key, cypher, source_buffer)) {
|
||||
return false;
|
||||
}
|
||||
cypher.clear();
|
||||
|
||||
auto data_size = static_cast<std::size_t>(std::min(
|
||||
remain, static_cast<std::uint64_t>(data_chunk_size - source_offset)));
|
||||
std::copy(
|
||||
std::next(source_buffer.begin(),
|
||||
static_cast<std::int64_t>(source_offset)),
|
||||
std::next(source_buffer.begin(),
|
||||
static_cast<std::int64_t>(source_offset + data_size)),
|
||||
std::next(dest_buffer.begin(), static_cast<std::int64_t>(bytes_read)));
|
||||
std::next(data.begin(), static_cast<std::int64_t>(bytes_read)));
|
||||
remain -= data_size;
|
||||
bytes_read += data_size;
|
||||
source_offset = 0U;
|
||||
@@ -157,6 +190,26 @@ auto read_encrypted_range(const http_range &range,
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
auto read_encrypted_range(const http_range &range,
|
||||
const utils::hash::hash_256_t &key, bool uses_kdf,
|
||||
reader_func_t reader_func, std::uint64_t total_size,
|
||||
data_buffer &data) -> bool {
|
||||
std::size_t bytes_read{};
|
||||
return read_encrypted_range<data_buffer>(
|
||||
range, key, reader_func, total_size, data,
|
||||
uses_kdf ? kdf_config::size() : 0U, bytes_read);
|
||||
}
|
||||
|
||||
[[nodiscard]] auto read_encrypted_range(
|
||||
const http_range &range, const utils::hash::hash_256_t &key, bool uses_kdf,
|
||||
reader_func_t reader_func, std::uint64_t total_size, unsigned char *data,
|
||||
std::size_t size, std::size_t &bytes_read) -> bool {
|
||||
std::span dest_buffer(data, size);
|
||||
return read_encrypted_range<std::span<unsigned char>>(
|
||||
range, key, reader_func, total_size, dest_buffer,
|
||||
uses_kdf ? kdf_config::size() : 0U, bytes_read);
|
||||
}
|
||||
} // namespace repertory::utils::encryption
|
||||
|
||||
#endif // defined(PROJECT_ENABLE_LIBSODIUM) && defined (PROJECT_ENABLE_BOOST)
|
||||
|
||||
Reference in New Issue
Block a user