Mercurial > hg > orthanc-object-storage

annotate Common/EncryptionHelpers.cpp @ 68:58a03fce4897

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
new option for AWS: EnableLegacyUnknownFiles
author Alain Mazy <am@osimis.io>
date Fri, 09 Jul 2021 15:40:07 +0200
parents b922ae86bbe1
children ac596874d997
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
1 /**
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
2 * Cloud storage plugins for Orthanc
37
f55b2afdf53d upgrade to year 2021
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 30
diff changeset
3 * Copyright (C) 2020-2021 Osimis S.A., Belgium
1
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
4 *
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
5 * This program is free software: you can redistribute it and/or
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
6 * modify it under the terms of the GNU Affero General Public License
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
7 * as published by the Free Software Foundation, either version 3 of
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
8 * the License, or (at your option) any later version.
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
9 *
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
10 * This program is distributed in the hope that it will be useful, but
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
13 * Affero General Public License for more details.
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
14 *
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
15 * You should have received a copy of the GNU Affero General Public License
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
17 **/
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
18
56
b922ae86bbe1 full static linking against AWS SDK
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 37
diff changeset
19
1
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
20 #include "EncryptionHelpers.h"
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
21 #include <assert.h>
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
22
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
23 #include <boost/lexical_cast.hpp>
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
24 #include <iostream>
30
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
25
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
26 #include <cryptopp/cryptlib.h>
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
27 #include <cryptopp/modes.h>
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
28 #include <cryptopp/hex.h>
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
29 #include <cryptopp/gcm.h>
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
30 #include <cryptopp/files.h>
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
31 #include <cryptopp/filters.h>
1
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
32
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
33 const std::string EncryptionHelpers::HEADER_VERSION = "A1";
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
34
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
35 using namespace CryptoPP;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
36
30
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
37 std::string EncryptionHelpers::ToHexString(const void* block, size_t size)
1
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
38 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
39 std::string blockAsString = std::string(reinterpret_cast<const char*>(block), size);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
40
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
41 return ToHexString(blockAsString);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
42 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
43
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
44 std::string EncryptionHelpers::ToHexString(const std::string& block)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
45 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
46 std::string hexString;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
47 StringSource ss(block, true,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
48 new HexEncoder(
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
49 new StringSink(hexString)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
50 ) // StreamTransformationFilter
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
51 ); // StringSource
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
52
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
53 return hexString;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
54 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
55
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
56 std::string EncryptionHelpers::ToHexString(const SecByteBlock& block)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
57 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
58 return ToHexString(ToString(block));
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
59 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
60
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
61 std::string EncryptionHelpers::ToString(const CryptoPP::SecByteBlock& block)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
62 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
63 return std::string(reinterpret_cast<const char*>(block.data()), block.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
64 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
65
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
66 std::string EncryptionHelpers::ToString(uint32_t value)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
67 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
68 return std::string(reinterpret_cast<const char*>(&value), 4);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
69 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
70
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
71 void EncryptionHelpers::ReadKey(CryptoPP::SecByteBlock& key, const std::string& path)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
72 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
73 try
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
74 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
75 FileSource fs(path.c_str(), true,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
76 new HexDecoder(
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
77 new ArraySink(key.begin(), key.size())
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
78 )
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
79 );
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
80 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
81 catch (CryptoPP::Exception& ex)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
82 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
83 throw EncryptionException("unabled to read key from file '" + path + "': " + ex.what());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
84 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
85 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
86
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
87 void EncryptionHelpers::SetCurrentMasterKey(uint32_t id, const std::string& path)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
88 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
89 SecByteBlock key(AES_KEY_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
90
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
91 ReadKey(key, path);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
92 SetCurrentMasterKey(id, key);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
93 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
94
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
95 void EncryptionHelpers::AddPreviousMasterKey(uint32_t id, const std::string& path)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
96 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
97 SecByteBlock key(AES_KEY_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
98
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
99 ReadKey(key, path);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
100 AddPreviousMasterKey(id, key);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
101 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
102
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
103 EncryptionHelpers::EncryptionHelpers(size_t maxConcurrentInputSize)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
104 : concurrentInputSizeSemaphore_(maxConcurrentInputSize),
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
105 maxConcurrentInputSize_(maxConcurrentInputSize)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
106 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
107 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
108
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
109 void EncryptionHelpers::SetCurrentMasterKey(uint32_t id, const CryptoPP::SecByteBlock& key)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
110 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
111 encryptionMasterKey_ = key;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
112 encryptionMasterKeyId_ = ToString(id);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
113 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
114
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
115 void EncryptionHelpers::AddPreviousMasterKey(uint32_t id, const CryptoPP::SecByteBlock& key)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
116 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
117 previousMasterKeys_[ToString(id)] = key;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
118 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
119
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
120 const CryptoPP::SecByteBlock& EncryptionHelpers::GetMasterKey(const std::string& keyId)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
121 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
122 if (encryptionMasterKeyId_ == keyId)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
123 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
124 return encryptionMasterKey_;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
125 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
126
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
127 if (previousMasterKeys_.find(keyId) == previousMasterKeys_.end())
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
128 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
129 throw EncryptionException("The master key whose id is '" + ToHexString(keyId) + "' could not be found. Unable to decrypt file");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
130 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
131
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
132 return previousMasterKeys_.at(keyId);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
133 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
134
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
135 void EncryptionHelpers::GenerateKey(CryptoPP::SecByteBlock& key)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
136 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
137 AutoSeededRandomPool prng;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
138
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
139 SecByteBlock tempKey(AES_KEY_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
140 prng.GenerateBlock( tempKey, tempKey.size() );
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
141 key = tempKey;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
142 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
143
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
144 void EncryptionHelpers::Encrypt(std::string &output, const std::string &input)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
145 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
146 Encrypt(output, input.data(), input.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
147 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
148
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
149 void EncryptionHelpers::Encrypt(std::string &output, const char* data, size_t size)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
150 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
151 if (size > maxConcurrentInputSize_)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
152 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
153 throw EncryptionException("The file is too large to encrypt: " + boost::lexical_cast<std::string>(size) + " bytes. Try increasing the MaxConcurrentInputSize");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
154 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
155
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
156 Orthanc::Semaphore::Locker lock(concurrentInputSizeSemaphore_, size);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
157
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
158 EncryptInternal(output, data, size, encryptionMasterKey_);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
159 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
160
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
161 void EncryptionHelpers::Decrypt(std::string &output, const std::string &input)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
162 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
163 output.resize(input.size() - OVERHEAD_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
164 Decrypt(const_cast<char*>(output.data()), input.data(), input.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
165 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
166
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
167 void EncryptionHelpers::Decrypt(char* output, const char* data, size_t size)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
168 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
169 if (size > maxConcurrentInputSize_)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
170 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
171 throw EncryptionException("The file is too large to decrypt: " + boost::lexical_cast<std::string>(size) + " bytes. Try increasing the MaxConcurrentInputSize");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
172 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
173
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
174 Orthanc::Semaphore::Locker lock(concurrentInputSizeSemaphore_, size);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
175
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
176 if (size < HEADER_VERSION_SIZE)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
177 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
178 throw EncryptionException("Unable to decrypt data, no header found");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
179 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
180
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
181 std::string version = std::string(data, HEADER_VERSION_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
182
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
183 if (version != "A1")
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
184 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
185 throw EncryptionException("Unable to decrypt data, version '" + version + "' is not supported");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
186 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
187
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
188 if (size < (HEADER_VERSION_SIZE + MASTER_KEY_ID_SIZE))
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
189 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
190 throw EncryptionException("Unable to decrypt data, no master key id found");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
191 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
192
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
193 std::string decryptionMasterKeyId = std::string(data + HEADER_VERSION_SIZE, MASTER_KEY_ID_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
194
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
195 const SecByteBlock& decryptionMasterKey = GetMasterKey(decryptionMasterKeyId);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
196 DecryptInternal(output, data, size, decryptionMasterKey);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
197 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
198
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
199 void EncryptionHelpers::EncryptPrefixSecBlock(std::string& output, const CryptoPP::SecByteBlock& input, const CryptoPP::SecByteBlock& masterKey)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
200 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
201 try
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
202 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
203 SecByteBlock iv(16);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
204 memset(iv.data(), 0, iv.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
205
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
206 CTR_Mode<AES>::Encryption e;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
207 e.SetKeyWithIV(masterKey, masterKey.size(), iv.data(), iv.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
208
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
209 std::string inputString = ToString(input);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
210
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
211 // The StreamTransformationFilter adds padding
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
212 // as required. ECB and CBC Mode must be padded
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
213 // to the block size of the cipher.
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
214 StringSource ss(inputString, true,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
215 new StreamTransformationFilter(e,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
216 new StringSink(output)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
217 ) // StreamTransformationFilter
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
218 ); // StringSource
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
219 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
220 catch (CryptoPP::Exception& e)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
221 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
222 throw EncryptionException(e.what());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
223 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
224
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
225 assert(output.size() == input.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
226 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
227
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
228 void EncryptionHelpers::DecryptPrefixSecBlock(CryptoPP::SecByteBlock& output, const std::string& input, const CryptoPP::SecByteBlock& masterKey)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
229 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
230 try
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
231 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
232 SecByteBlock iv(16);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
233 memset(iv.data(), 0, iv.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
234
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
235 CTR_Mode<AES>::Decryption d;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
236 d.SetKeyWithIV(masterKey, masterKey.size(), iv.data(), iv.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
237
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
238 std::string outputString;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
239
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
240 // The StreamTransformationFilter adds padding
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
241 // as required. ECB and CBC Mode must be padded
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
242 // to the block size of the cipher.
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
243 StringSource ss(input, true,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
244 new StreamTransformationFilter(d,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
245 new StringSink(outputString)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
246 ) // StreamTransformationFilter
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
247 ); // StringSource
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
248
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
249 output.Assign((const byte*)outputString.data(), outputString.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
250 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
251 catch (CryptoPP::Exception& e)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
252 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
253 throw EncryptionException(e.what());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
254 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
255
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
256 assert(output.size() == input.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
257 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
258
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
259
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
260 void EncryptionHelpers::EncryptInternal(std::string& output, const char* data, size_t size, const CryptoPP::SecByteBlock& masterKey)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
261 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
262 SecByteBlock iv(IV_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
263 randomGenerator_.GenerateBlock(iv, iv.size()); // with GCM, the iv is supposed to be a nonce (not a random number). However, since each dataKey is used only once, we consider a random number is fine.
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
264
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
265 SecByteBlock dataKey;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
266 GenerateKey(dataKey);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
267
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
268 // std::cout << ToHexString(dataKey) << std::endl;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
269 // std::cout << ToHexString(iv) << std::endl;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
270 std::string encryptedDataKey;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
271 std::string encryptedIv;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
272
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
273 EncryptPrefixSecBlock(encryptedIv, iv, masterKey);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
274 EncryptPrefixSecBlock(encryptedDataKey, dataKey, masterKey);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
275
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
276 std::string prefix = HEADER_VERSION + encryptionMasterKeyId_ + encryptedIv + encryptedDataKey;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
277
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
278 try
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
279 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
280 GCM<AES>::Encryption e;
25
b0b7eb7cff73 fix encryption
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 1
diff changeset
281 e.SetKeyWithIV(dataKey, dataKey.size(), iv, iv.size());
1
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
282
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
283 // the output text starts with the unencrypted prefix
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
284 output = prefix;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
285
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
286 AuthenticatedEncryptionFilter ef(e,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
287 new StringSink(output), false, INTEGRITY_CHECK_TAG_SIZE
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
288 );
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
289
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
290
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
291 // AuthenticatedEncryptionFilter::ChannelPut
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
292 // defines two channels: "" (empty) and "AAD"
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
293 // channel "" is encrypted and authenticated
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
294 // channel "AAD" is authenticated
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
295 ef.ChannelPut("AAD", (const byte*)prefix.data(), prefix.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
296 ef.ChannelMessageEnd("AAD");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
297
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
298 // Authenticated data *must* be pushed before
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
299 // Confidential/Authenticated data. Otherwise
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
300 // we must catch the BadState exception
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
301 ef.ChannelPut("", (const byte*)data, size);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
302 ef.ChannelMessageEnd("");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
303 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
304 catch(CryptoPP::Exception& e)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
305 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
306 throw EncryptionException(e.what());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
307 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
308 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
309
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
310 void EncryptionHelpers::DecryptInternal(char* output, const char* data, size_t size, const CryptoPP::SecByteBlock& masterKey)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
311 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
312 size_t prefixSize = HEADER_VERSION_SIZE + MASTER_KEY_ID_SIZE + IV_SIZE + AES_KEY_SIZE;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
313
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
314 std::string prefix = std::string(data, prefixSize);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
315 std::string mac = std::string(data + size - INTEGRITY_CHECK_TAG_SIZE, INTEGRITY_CHECK_TAG_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
316
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
317 std::string encryptedIv = prefix.substr(HEADER_VERSION_SIZE + MASTER_KEY_ID_SIZE, IV_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
318 std::string encryptedDataKey = prefix.substr(HEADER_VERSION_SIZE + MASTER_KEY_ID_SIZE + IV_SIZE, AES_KEY_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
319
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
320 SecByteBlock dataKey;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
321 SecByteBlock iv;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
322
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
323 DecryptPrefixSecBlock(iv, encryptedIv, masterKey);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
324 DecryptPrefixSecBlock(dataKey, encryptedDataKey, masterKey);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
325 // std::cout << ToHexString(dataKey) << std::endl;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
326 // std::cout << ToHexString(iv) << std::endl;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
327
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
328 GCM<AES>::Decryption d;
25
b0b7eb7cff73 fix encryption
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 1
diff changeset
329 d.SetKeyWithIV(dataKey, dataKey.size(), iv, iv.size());
1
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
330
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
331 try {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
332 AuthenticatedDecryptionFilter df(d, NULL,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
333 AuthenticatedDecryptionFilter::MAC_AT_BEGIN |
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
334 AuthenticatedDecryptionFilter::THROW_EXCEPTION, INTEGRITY_CHECK_TAG_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
335
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
336 // The order of the following calls are important
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
337 df.ChannelPut("", (const byte*)mac.data(), mac.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
338 df.ChannelPut("AAD", (const byte*)prefix.data(), prefix.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
339 df.ChannelPut("", (const byte*)(data) + prefixSize, size - INTEGRITY_CHECK_TAG_SIZE - prefixSize);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
340
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
341 // If the object throws, it will most likely occur
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
342 // during ChannelMessageEnd()
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
343 df.ChannelMessageEnd("AAD");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
344 df.ChannelMessageEnd("");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
345
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
346 // If the object does not throw, here's the only
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
347 // opportunity to check the data's integrity
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
348 if (!df.GetLastResult())
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
349 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
350 throw EncryptionException("The decryption filter failed for some unknown reason. Integrity check failed ?");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
351 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
352
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
353 // Remove data from channel
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
354 size_t n = (size_t)-1;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
355
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
356 // Recover plain text
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
357 df.SetRetrievalChannel("");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
358 n = (size_t)df.MaxRetrievable();
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
359
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
360 if(n > 0)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
361 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
362 assert(n == size - OVERHEAD_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
363
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
364 df.Get((byte*)output, n);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
365 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
366 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
367 catch (CryptoPP::Exception& ex)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
368 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
369 throw EncryptionException(ex.what());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
370 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
371 }