Mercurial > hg > orthanc-object-storage

annotate Common/EncryptionHelpers.cpp @ 30:662b9d3f217d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix missing definition of "byte" from CryptoPP
author Sebastien Jodogne <s.jodogne@gmail.com>
date Sat, 03 Oct 2020 10:39:45 +0200
parents b0b7eb7cff73
children f55b2afdf53d
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
1 /**
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
2 * Cloud storage plugins for Orthanc
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
3 * Copyright (C) 2017-2020 Osimis S.A., Belgium
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
4 *
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
5 * This program is free software: you can redistribute it and/or
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
6 * modify it under the terms of the GNU Affero General Public License
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
7 * as published by the Free Software Foundation, either version 3 of
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
8 * the License, or (at your option) any later version.
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
9 *
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
10 * This program is distributed in the hope that it will be useful, but
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
13 * Affero General Public License for more details.
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
14 *
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
15 * You should have received a copy of the GNU Affero General Public License
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
17 **/
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
18
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
19 #include "EncryptionHelpers.h"
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
20 #include <assert.h>
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
21
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
22 #include <boost/lexical_cast.hpp>
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
23 #include <iostream>
30
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
24
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
25 #include <cryptopp/cryptlib.h>
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
26 #include <cryptopp/modes.h>
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
27 #include <cryptopp/hex.h>
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
28 #include <cryptopp/gcm.h>
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
29 #include <cryptopp/files.h>
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
30 #include <cryptopp/filters.h>
1
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
31
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
32 const std::string EncryptionHelpers::HEADER_VERSION = "A1";
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
33
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
34 using namespace CryptoPP;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
35
30
662b9d3f217d fix missing definition of "byte" from CryptoPP
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 25
diff changeset
36 std::string EncryptionHelpers::ToHexString(const void* block, size_t size)
1
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
37 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
38 std::string blockAsString = std::string(reinterpret_cast<const char*>(block), size);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
39
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
40 return ToHexString(blockAsString);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
41 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
42
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
43 std::string EncryptionHelpers::ToHexString(const std::string& block)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
44 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
45 std::string hexString;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
46 StringSource ss(block, true,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
47 new HexEncoder(
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
48 new StringSink(hexString)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
49 ) // StreamTransformationFilter
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
50 ); // StringSource
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
51
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
52 return hexString;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
53 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
54
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
55 std::string EncryptionHelpers::ToHexString(const SecByteBlock& block)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
56 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
57 return ToHexString(ToString(block));
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
58 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
59
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
60 std::string EncryptionHelpers::ToString(const CryptoPP::SecByteBlock& block)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
61 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
62 return std::string(reinterpret_cast<const char*>(block.data()), block.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
63 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
64
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
65 std::string EncryptionHelpers::ToString(uint32_t value)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
66 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
67 return std::string(reinterpret_cast<const char*>(&value), 4);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
68 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
69
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
70 void EncryptionHelpers::ReadKey(CryptoPP::SecByteBlock& key, const std::string& path)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
71 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
72 try
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
73 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
74 FileSource fs(path.c_str(), true,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
75 new HexDecoder(
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
76 new ArraySink(key.begin(), key.size())
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
77 )
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
78 );
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
79 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
80 catch (CryptoPP::Exception& ex)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
81 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
82 throw EncryptionException("unabled to read key from file '" + path + "': " + ex.what());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
83 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
84 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
85
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
86 void EncryptionHelpers::SetCurrentMasterKey(uint32_t id, const std::string& path)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
87 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
88 SecByteBlock key(AES_KEY_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
89
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
90 ReadKey(key, path);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
91 SetCurrentMasterKey(id, key);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
92 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
93
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
94 void EncryptionHelpers::AddPreviousMasterKey(uint32_t id, const std::string& path)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
95 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
96 SecByteBlock key(AES_KEY_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
97
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
98 ReadKey(key, path);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
99 AddPreviousMasterKey(id, key);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
100 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
101
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
102 EncryptionHelpers::EncryptionHelpers(size_t maxConcurrentInputSize)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
103 : concurrentInputSizeSemaphore_(maxConcurrentInputSize),
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
104 maxConcurrentInputSize_(maxConcurrentInputSize)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
105 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
106 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
107
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
108 void EncryptionHelpers::SetCurrentMasterKey(uint32_t id, const CryptoPP::SecByteBlock& key)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
109 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
110 encryptionMasterKey_ = key;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
111 encryptionMasterKeyId_ = ToString(id);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
112 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
113
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
114 void EncryptionHelpers::AddPreviousMasterKey(uint32_t id, const CryptoPP::SecByteBlock& key)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
115 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
116 previousMasterKeys_[ToString(id)] = key;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
117 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
118
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
119 const CryptoPP::SecByteBlock& EncryptionHelpers::GetMasterKey(const std::string& keyId)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
120 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
121 if (encryptionMasterKeyId_ == keyId)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
122 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
123 return encryptionMasterKey_;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
124 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
125
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
126 if (previousMasterKeys_.find(keyId) == previousMasterKeys_.end())
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
127 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
128 throw EncryptionException("The master key whose id is '" + ToHexString(keyId) + "' could not be found. Unable to decrypt file");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
129 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
130
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
131 return previousMasterKeys_.at(keyId);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
132 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
133
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
134 void EncryptionHelpers::GenerateKey(CryptoPP::SecByteBlock& key)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
135 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
136 AutoSeededRandomPool prng;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
137
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
138 SecByteBlock tempKey(AES_KEY_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
139 prng.GenerateBlock( tempKey, tempKey.size() );
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
140 key = tempKey;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
141 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
142
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
143 void EncryptionHelpers::Encrypt(std::string &output, const std::string &input)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
144 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
145 Encrypt(output, input.data(), input.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
146 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
147
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
148 void EncryptionHelpers::Encrypt(std::string &output, const char* data, size_t size)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
149 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
150 if (size > maxConcurrentInputSize_)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
151 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
152 throw EncryptionException("The file is too large to encrypt: " + boost::lexical_cast<std::string>(size) + " bytes. Try increasing the MaxConcurrentInputSize");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
153 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
154
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
155 Orthanc::Semaphore::Locker lock(concurrentInputSizeSemaphore_, size);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
156
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
157 EncryptInternal(output, data, size, encryptionMasterKey_);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
158 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
159
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
160 void EncryptionHelpers::Decrypt(std::string &output, const std::string &input)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
161 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
162 output.resize(input.size() - OVERHEAD_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
163 Decrypt(const_cast<char*>(output.data()), input.data(), input.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
164 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
165
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
166 void EncryptionHelpers::Decrypt(char* output, const char* data, size_t size)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
167 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
168 if (size > maxConcurrentInputSize_)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
169 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
170 throw EncryptionException("The file is too large to decrypt: " + boost::lexical_cast<std::string>(size) + " bytes. Try increasing the MaxConcurrentInputSize");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
171 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
172
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
173 Orthanc::Semaphore::Locker lock(concurrentInputSizeSemaphore_, size);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
174
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
175 if (size < HEADER_VERSION_SIZE)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
176 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
177 throw EncryptionException("Unable to decrypt data, no header found");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
178 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
179
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
180 std::string version = std::string(data, HEADER_VERSION_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
181
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
182 if (version != "A1")
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
183 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
184 throw EncryptionException("Unable to decrypt data, version '" + version + "' is not supported");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
185 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
186
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
187 if (size < (HEADER_VERSION_SIZE + MASTER_KEY_ID_SIZE))
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
188 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
189 throw EncryptionException("Unable to decrypt data, no master key id found");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
190 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
191
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
192 std::string decryptionMasterKeyId = std::string(data + HEADER_VERSION_SIZE, MASTER_KEY_ID_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
193
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
194 const SecByteBlock& decryptionMasterKey = GetMasterKey(decryptionMasterKeyId);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
195 DecryptInternal(output, data, size, decryptionMasterKey);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
196 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
197
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
198 void EncryptionHelpers::EncryptPrefixSecBlock(std::string& output, const CryptoPP::SecByteBlock& input, const CryptoPP::SecByteBlock& masterKey)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
199 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
200 try
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
201 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
202 SecByteBlock iv(16);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
203 memset(iv.data(), 0, iv.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
204
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
205 CTR_Mode<AES>::Encryption e;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
206 e.SetKeyWithIV(masterKey, masterKey.size(), iv.data(), iv.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
207
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
208 std::string inputString = ToString(input);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
209
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
210 // The StreamTransformationFilter adds padding
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
211 // as required. ECB and CBC Mode must be padded
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
212 // to the block size of the cipher.
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
213 StringSource ss(inputString, true,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
214 new StreamTransformationFilter(e,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
215 new StringSink(output)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
216 ) // StreamTransformationFilter
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
217 ); // StringSource
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
218 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
219 catch (CryptoPP::Exception& e)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
220 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
221 throw EncryptionException(e.what());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
222 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
223
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
224 assert(output.size() == input.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
225 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
226
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
227 void EncryptionHelpers::DecryptPrefixSecBlock(CryptoPP::SecByteBlock& output, const std::string& input, const CryptoPP::SecByteBlock& masterKey)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
228 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
229 try
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
230 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
231 SecByteBlock iv(16);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
232 memset(iv.data(), 0, iv.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
233
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
234 CTR_Mode<AES>::Decryption d;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
235 d.SetKeyWithIV(masterKey, masterKey.size(), iv.data(), iv.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
236
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
237 std::string outputString;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
238
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
239 // The StreamTransformationFilter adds padding
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
240 // as required. ECB and CBC Mode must be padded
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
241 // to the block size of the cipher.
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
242 StringSource ss(input, true,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
243 new StreamTransformationFilter(d,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
244 new StringSink(outputString)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
245 ) // StreamTransformationFilter
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
246 ); // StringSource
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
247
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
248 output.Assign((const byte*)outputString.data(), outputString.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
249 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
250 catch (CryptoPP::Exception& e)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
251 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
252 throw EncryptionException(e.what());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
253 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
254
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
255 assert(output.size() == input.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
256 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
257
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
258
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
259 void EncryptionHelpers::EncryptInternal(std::string& output, const char* data, size_t size, const CryptoPP::SecByteBlock& masterKey)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
260 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
261 SecByteBlock iv(IV_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
262 randomGenerator_.GenerateBlock(iv, iv.size()); // with GCM, the iv is supposed to be a nonce (not a random number). However, since each dataKey is used only once, we consider a random number is fine.
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
263
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
264 SecByteBlock dataKey;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
265 GenerateKey(dataKey);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
266
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
267 // std::cout << ToHexString(dataKey) << std::endl;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
268 // std::cout << ToHexString(iv) << std::endl;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
269 std::string encryptedDataKey;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
270 std::string encryptedIv;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
271
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
272 EncryptPrefixSecBlock(encryptedIv, iv, masterKey);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
273 EncryptPrefixSecBlock(encryptedDataKey, dataKey, masterKey);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
274
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
275 std::string prefix = HEADER_VERSION + encryptionMasterKeyId_ + encryptedIv + encryptedDataKey;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
276
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
277 try
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
278 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
279 GCM<AES>::Encryption e;
25
b0b7eb7cff73 fix encryption
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 1
diff changeset
280 e.SetKeyWithIV(dataKey, dataKey.size(), iv, iv.size());
1
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
281
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
282 // the output text starts with the unencrypted prefix
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
283 output = prefix;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
284
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
285 AuthenticatedEncryptionFilter ef(e,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
286 new StringSink(output), false, INTEGRITY_CHECK_TAG_SIZE
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
287 );
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
288
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
289
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
290 // AuthenticatedEncryptionFilter::ChannelPut
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
291 // defines two channels: "" (empty) and "AAD"
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
292 // channel "" is encrypted and authenticated
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
293 // channel "AAD" is authenticated
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
294 ef.ChannelPut("AAD", (const byte*)prefix.data(), prefix.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
295 ef.ChannelMessageEnd("AAD");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
296
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
297 // Authenticated data *must* be pushed before
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
298 // Confidential/Authenticated data. Otherwise
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
299 // we must catch the BadState exception
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
300 ef.ChannelPut("", (const byte*)data, size);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
301 ef.ChannelMessageEnd("");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
302 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
303 catch(CryptoPP::Exception& e)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
304 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
305 throw EncryptionException(e.what());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
306 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
307 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
308
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
309 void EncryptionHelpers::DecryptInternal(char* output, const char* data, size_t size, const CryptoPP::SecByteBlock& masterKey)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
310 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
311 size_t prefixSize = HEADER_VERSION_SIZE + MASTER_KEY_ID_SIZE + IV_SIZE + AES_KEY_SIZE;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
312
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
313 std::string prefix = std::string(data, prefixSize);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
314 std::string mac = std::string(data + size - INTEGRITY_CHECK_TAG_SIZE, INTEGRITY_CHECK_TAG_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
315
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
316 std::string encryptedIv = prefix.substr(HEADER_VERSION_SIZE + MASTER_KEY_ID_SIZE, IV_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
317 std::string encryptedDataKey = prefix.substr(HEADER_VERSION_SIZE + MASTER_KEY_ID_SIZE + IV_SIZE, AES_KEY_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
318
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
319 SecByteBlock dataKey;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
320 SecByteBlock iv;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
321
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
322 DecryptPrefixSecBlock(iv, encryptedIv, masterKey);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
323 DecryptPrefixSecBlock(dataKey, encryptedDataKey, masterKey);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
324 // std::cout << ToHexString(dataKey) << std::endl;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
325 // std::cout << ToHexString(iv) << std::endl;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
326
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
327 GCM<AES>::Decryption d;
25
b0b7eb7cff73 fix encryption
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 1
diff changeset
328 d.SetKeyWithIV(dataKey, dataKey.size(), iv, iv.size());
1
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
329
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
330 try {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
331 AuthenticatedDecryptionFilter df(d, NULL,
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
332 AuthenticatedDecryptionFilter::MAC_AT_BEGIN |
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
333 AuthenticatedDecryptionFilter::THROW_EXCEPTION, INTEGRITY_CHECK_TAG_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
334
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
335 // The order of the following calls are important
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
336 df.ChannelPut("", (const byte*)mac.data(), mac.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
337 df.ChannelPut("AAD", (const byte*)prefix.data(), prefix.size());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
338 df.ChannelPut("", (const byte*)(data) + prefixSize, size - INTEGRITY_CHECK_TAG_SIZE - prefixSize);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
339
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
340 // If the object throws, it will most likely occur
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
341 // during ChannelMessageEnd()
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
342 df.ChannelMessageEnd("AAD");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
343 df.ChannelMessageEnd("");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
344
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
345 // If the object does not throw, here's the only
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
346 // opportunity to check the data's integrity
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
347 if (!df.GetLastResult())
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
348 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
349 throw EncryptionException("The decryption filter failed for some unknown reason. Integrity check failed ?");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
350 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
351
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
352 // Remove data from channel
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
353 size_t n = (size_t)-1;
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
354
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
355 // Recover plain text
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
356 df.SetRetrievalChannel("");
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
357 n = (size_t)df.MaxRetrievable();
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
358
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
359 if(n > 0)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
360 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
361 assert(n == size - OVERHEAD_SIZE);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
362
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
363 df.Get((byte*)output, n);
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
364 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
365 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
366 catch (CryptoPP::Exception& ex)
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
367 {
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
368 throw EncryptionException(ex.what());
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
369 }
fc26a8fc54d5 initial release
Alain Mazy <alain@mazy.be>
parents:
diff changeset
370 }