Scott E. Graves
035f830b71
Some checks are pending
BlockStorage/repertory/pipeline/head Build queued...
102 lines
3.6 KiB
C++
102 lines
3.6 KiB
C++
/*
|
|
Copyright <2018-2024> <scott.e.graves@protonmail.com>
|
|
|
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
of this software and associated documentation files (the "Software"), to deal
|
|
in the Software without restriction, including without limitation the rights
|
|
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
copies of the Software, and to permit persons to whom the Software is
|
|
furnished to do so, subject to the following conditions:
|
|
|
|
The above copyright notice and this permission notice shall be included in all
|
|
copies or substantial portions of the Software.
|
|
|
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
SOFTWARE.
|
|
*/
|
|
#include "utils/encryption.hpp"
|
|
|
|
#if defined(PROJECT_ENABLE_LIBSODIUM)
|
|
namespace {
|
|
using nonce_t =
|
|
std::array<unsigned char, crypto_aead_xchacha20poly1305_ietf_NPUBBYTES>;
|
|
|
|
static constexpr const auto nonce_size{sizeof(nonce_t)};
|
|
|
|
[[nodiscard]] static auto create_hash_256(std::string_view data)
|
|
-> repertory::utils::encryption::hash_256_t {
|
|
repertory::utils::encryption::hash_256_t hash{};
|
|
|
|
crypto_generichash_blake2b_state state{};
|
|
crypto_generichash_blake2b_init(&state, nullptr, 0U, hash.size());
|
|
crypto_generichash_blake2b_update(
|
|
&state, reinterpret_cast<const unsigned char *>(data.data()),
|
|
data.size());
|
|
crypto_generichash_blake2b_final(&state, hash.data(), hash.size());
|
|
|
|
return hash;
|
|
}
|
|
} // namespace
|
|
|
|
namespace repertory::utils::encryption {
|
|
#if defined(PROJECT_ENABLE_BOOST)
|
|
auto decrypt_data(std::string_view data, std::string_view password,
|
|
std::optional<hash_256_func_t> hasher) -> data_buffer {
|
|
auto key =
|
|
hasher.has_value() ? (*hasher)(password) : create_hash_256(password);
|
|
|
|
data_buffer buf{};
|
|
if (not decrypt_data(key,
|
|
reinterpret_cast<const unsigned char *>(data.data()),
|
|
data.size(), buf)) {
|
|
throw std::runtime_error("decryption failed");
|
|
}
|
|
|
|
return buf;
|
|
}
|
|
|
|
auto encrypt_data(std::string_view data, std::string_view password,
|
|
std::optional<hash_256_func_t> hasher) -> data_buffer {
|
|
auto key =
|
|
hasher.has_value() ? (*hasher)(password) : create_hash_256(password);
|
|
|
|
data_buffer buf{};
|
|
encrypt_data(key, reinterpret_cast<const unsigned char *>(data.data()),
|
|
data.size(), buf);
|
|
|
|
return buf;
|
|
}
|
|
#endif // defined(PROJECT_ENABLE_BOOST)
|
|
|
|
auto generate_key(std::string_view encryption_token) -> key_type {
|
|
crypto_hash_sha256_state state{};
|
|
auto res = crypto_hash_sha256_init(&state);
|
|
if (res != 0) {
|
|
throw std::runtime_error("failed to initialize sha256|" +
|
|
std::to_string(res));
|
|
}
|
|
res = crypto_hash_sha256_update(
|
|
&state, reinterpret_cast<const unsigned char *>(encryption_token.data()),
|
|
encryption_token.size());
|
|
if (res != 0) {
|
|
throw std::runtime_error("failed to update sha256|" + std::to_string(res));
|
|
}
|
|
|
|
key_type ret{};
|
|
res = crypto_hash_sha256_final(&state, ret.data());
|
|
if (res != 0) {
|
|
throw std::runtime_error("failed to finalize sha256|" +
|
|
std::to_string(res));
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
} // namespace repertory::utils::encryption
|
|
|
|
#endif // defined(PROJECT_ENABLE_LIBSODIUM)
|