bool DoThisFile (const KFile * infile, EncScheme enc, ArcScheme * parc) { const KFile * Infile; ArcScheme arc; rc_t rc; *parc = arcNone; switch (enc) { default: STSMSG (1, ("not encrypted")); return false; case encEncFile: /* * this will apply to KEncFiles versions 1 and 2, maybe not 3 * but will hopefully become obsolete eventually. */ rc = KEncFileMakeRead (&Infile, infile, &Key); /* replace with VFSManagerOpenFileReadDirectoryRelativeInt */ if (rc) return false; break; case encSraEncFile: /* these are NCBIsenc instead of NCBInenc */ goto sra_enc_file; case encWGAEncFile: rc = KFileMakeWGAEncRead (&Infile, infile, Password, PasswordSize); if (rc) return false; break; } arc = ArchiveTypeCheck (Infile); KFileRelease (Infile); switch (arc) { default: return false; case arcNone: return true; case arcSRAFile: break; } sra_enc_file: *parc = arcSRAFile; STSMSG (1, ("encrypted sra archive\ndecryption%s requested", DecryptSraFlag ? "" : " not")); return DecryptSraFlag; }
rc_t OpenDatabase(KKeyRing* self) { rc_t rc; const KFile* enc_infile; assert(self); rc = KDirectoryOpenFileRead(self->wd, &enc_infile, "%s", self->path); if ( rc == 0) { rc_t rc2; const KFile* infile; KKey key; rc = KKeyInitRead(&key, kkeyAES256, self->passwd, string_measure(self->passwd, NULL)); if ( rc == 0 ) { rc = KEncFileMakeRead (&infile, enc_infile, &key); if (rc == 0) { const KDirectory* arc; rc = KDirectoryOpenArcDirRead_silent_preopened(self->wd, &arc, true, "/keyring", tocKFile, (void*)infile, KArcParseSRA, NULL, NULL); if (rc == 0) { /* Hack: we violate the KDirectory object interface in order for VDBManagerMakeUpdate to succeed, since it would refuse to open a read-only dir (i.e. archive); We will only read from the object, though. */ ((KDirectory*)arc)->read_only = false; rc = KeyRingDatabaseLoad(self->data, arc, "/keyring"); rc2 = KDirectoryRelease(arc); if (rc == 0) rc = rc2; } rc2 = KFileRelease(infile); if (rc == 0) rc = rc2; } } rc2 = KFileRelease(enc_infile); if (rc == 0) rc = rc2; } return rc; }
rc_t CC TOpenEncFile ( struct KDirectory * current_dir, const char * path, TFileOpenMode mode, const KKey * enc_key, struct KFile ** out_file ) { rc_t rc; struct KFile * pt_file, * enc_file; rc = 0; pt_file = NULL; enc_file = NULL; assert ( out_file ); * out_file = NULL; rc = TOpenPtFile (current_dir, path, mode, &pt_file); if (rc == 0) { switch (mode) { case TFileOpenMode_Read: rc = KEncFileMakeRead ( (const struct KFile **)&enc_file, (const struct KFile *)pt_file, enc_key ); break; case TFileOpenMode_Write: rc = KEncFileMakeWrite ( &enc_file, pt_file, enc_key ); break; case TFileOpenMode_ReadWrite: rc = KEncFileMakeUpdate ( &enc_file, pt_file, enc_key ); break; default: assert(false); } if (rc == 0) { *out_file = enc_file; } KFileRelease ( pt_file ); } return rc; } /* TOpenEncFile () */
rc_t CryptFile (const KFile * in, const KFile ** new_in, KFile * out, KFile ** new_out, EncScheme scheme) { const KFile * dec; rc_t rc; assert (in); assert (out); assert (new_in); assert (new_out); rc = KFileAddRef (out); if (rc) return rc; switch (scheme) { default: case encError: rc = RC (rcExe, rcFile, rcClassifying, rcFile, rcInvalid); break; case encNone: copy: rc = KFileAddRef (in); if (rc) goto fail; *new_in = in; *new_out = out; STSMSG (1, ("not encrypted just copying")); return 0; case encEncFile: rc = KEncFileMakeRead (&dec, in, &Key); made_enc: if (rc) goto fail; switch (ArchiveTypeCheck (dec)) { default: case arcError: rc = RC (rcExe, rcFile, rcClassifying, rcFile, rcInvalid); break; case arcSRAFile: if (!DecryptSraFlag) { rc = KFileRelease (dec); if (rc) { KFileRelease (dec); KFileRelease (in); goto fail; } goto copy; } /* fall through */ case arcNone: *new_out = out; *new_in = dec; return 0; } break; case encWGAEncFile: rc = KFileMakeWGAEncRead (&dec, in, Password, PasswordSize); goto made_enc; break; } fail: KFileRelease (out); *new_in = *new_out = NULL; return rc; }
/* not KDB specific - just uses vfs/krypto/kfs objects */ static rc_t KDBOpenFileAsDirectory (const KDirectory * dir, const char * path, const KDirectory ** pdir, uint32_t rcobj) { const KFile * file; const KFile * f; const KDirectory * ldir; bool encrypted = false; rc_t rc; *pdir = NULL; rc = KDirectoryOpenFileRead (dir, &file, path); if (rc == 0) { rc = KFileRandomAccess(file); if (rc) rc = RC (rcDB, rcMgr, rcOpening, rcobj, rcUnsupported); else { size_t tz; char tbuff [4096]; char pbuff [4096 + 1]; rc = KFileReadAll (file, 0, tbuff, sizeof tbuff, &tz); if (rc == 0) { if (KFileIsEnc (tbuff, tz) == 0) { encrypted = true; rc = KDBOpenFileGetPassword (pbuff, sizeof (pbuff) - 1); if (rc == 0) { KKey key; rc = KKeyInitRead (&key, kkeyAES128, pbuff, string_size (pbuff)); if (rc == 0) { rc = KEncFileMakeRead (&f, file, &key); if (rc == 0) { /* KEncFileMakeRead adds a reference */ KFileRelease (file); file = f; rc = KFileReadAll (file, 0, tbuff, sizeof tbuff, &tz); } } } } else if (KFileIsWGAEnc (tbuff, tz) == 0) { encrypted = true; rc = KDBOpenFileGetPassword (pbuff, sizeof (pbuff) - 1); if (rc == 0) { rc = KFileMakeWGAEncRead (&f, file, pbuff, string_size (pbuff)); if (rc == 0) { /* KFileMakeWGAEncRead adds a reference */ KFileRelease (file); file = f; rc = KFileReadAll (file, 0, tbuff, sizeof tbuff, &tz); } } } /* else not a handled encryption or unencrypted: we can't distinguish too much */ if (rc == 0) { if (KFileIsSRA (tbuff, tz) == 0) { rc = KDirectoryOpenSraArchiveReadUnbounded_silent_preopened (dir, &ldir, false, file, path); } else { rc = KDirectoryOpenTarArchiveRead_silent_preopened (dir, &ldir, false, file, path); } /* not an archive type we handle or a bad archive */ if (rc) { if (encrypted) rc = RC ( rcDB, rcMgr, rcOpening, rcEncryptionKey, rcIncorrect ); else rc = RC ( rcDB, rcMgr, rcOpening, rcPath, rcIncorrect ); } else { /* * release our ownership of the KFile that but archive will * keep theirs */ KFileRelease (file); *pdir = ldir; return 0; } } } } KFileRelease (file); } return rc; }