void Key::uncipherKeyData(boost::property_tree::ptree& node) { std::string data = node.get_child("Data").get_value<std::string>(); //LOG(LogLevel::INFOS) << "Unciphering data... {%s}", data.c_str()); if (!d_storeCipheredData) { //LOG(LogLevel::INFOS) << "Data was not ciphered ! Retrieving directly data..."); fromString(data); } else { LOG(LogLevel::INFOS) << "Data was ciphered ! Unciphering.."; std::string secureKey = ((d_cipherKey == "") ? Key::secureAiKey : d_cipherKey); std::vector<unsigned char> hash = openssl::SHA256Hash(secureKey); openssl::AESSymmetricKey aes = openssl::AESSymmetricKey::createFromData(hash); openssl::AESInitializationVector iv = openssl::AESInitializationVector::createNull(); openssl::AESCipher aescipher; std::vector<unsigned char> divaesbuf; std::string strdata = "Data"; std::vector<unsigned char> keynamebuf = std::vector<unsigned char>(strdata.begin(), strdata.end()); keynamebuf.resize(32, 0x00); aescipher.cipher(keynamebuf, divaesbuf, aes, iv, false); openssl::AESSymmetricKey divaes = openssl::AESSymmetricKey::createFromData(divaesbuf); std::vector<unsigned char> keybuf(data.begin(), data.end()), uncipheredkey; aescipher.decipher(BufferHelper::fromBase64(BufferHelper::getStdString(keybuf)), uncipheredkey, divaes, iv, true); //LOG(LogLevel::DEBUGS) << "Data unciphered: {%s}", uncipheredkey.toStdString().c_str()); fromString(BufferHelper::getStdString(uncipheredkey)); } }
bool XdbAppend(Transaction *t, const Vector<TOperand*> &arguments, TOperand **result) { BACKEND_ARG_COUNT(3); BACKEND_ARG_STRING(0, db_name, db_length); BACKEND_ARG_STRING(1, key_data, key_length); BACKEND_ARG_DATA(2, value_data, value_length); XdbInfo &info = GetDatabaseInfo(db_name, true); Buffer keybuf(key_data, key_length); Buffer valuebuf(value_data, value_length); info.xdb->Append(&keybuf, &valuebuf); Assert(!info.xdb->HasError()); return true; }
bool XdbLookup(Transaction *t, const Vector<TOperand*> &arguments, TOperand **result) { BACKEND_ARG_COUNT(2); BACKEND_ARG_STRING(0, db_name, db_length); BACKEND_ARG_STRING(1, key_data, key_length); XdbInfo &info = GetDatabaseInfo(db_name, false); // return empty data if the database doesn't exist if (!info.xdb->Exists()) { *result = new TOperandString(t, NULL, 0); return true; } Buffer keybuf(key_data, key_length); Buffer *valuebuf = new Buffer(); t->AddBuffer(valuebuf); bool success = info.xdb->Find(&keybuf, valuebuf); Assert(!info.xdb->HasError()); if (success) { size_t retlen = valuebuf->pos - valuebuf->base; if (retlen == 0) { logout << "ERROR: Database " << db_name << " contains an empty value for " << key_data << endl; return false; } *result = new TOperandString(t, valuebuf->base, retlen); } else { *result = new TOperandString(t, NULL, 0); } return true; }
void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters) { std::string name = GetRequiredDatum(v, "Name"); std::string test = GetRequiredDatum(v, "Test"); std::string key = GetDecodedDatum(v, "Key"); std::string plaintext = GetDecodedDatum(v, "Plaintext"); TestDataNameValuePairs testDataPairs(v); CombinedNameValuePairs pairs(overrideParameters, testDataPairs); if (test == "Encrypt" || test == "EncryptXorDigest" || test == "Resync" || test == "EncryptionMCT" || test == "DecryptionMCT") { static member_ptr<SymmetricCipher> encryptor, decryptor; static std::string lastName; if (name != lastName) { encryptor.reset(ObjectFactoryRegistry<SymmetricCipher, ENCRYPTION>::Registry().CreateObject(name.c_str())); decryptor.reset(ObjectFactoryRegistry<SymmetricCipher, DECRYPTION>::Registry().CreateObject(name.c_str())); lastName = name; } ConstByteArrayParameter iv; if (pairs.GetValue(Name::IV(), iv) && iv.size() != encryptor->IVSize()) SignalTestFailure(); if (test == "Resync") { encryptor->Resynchronize(iv.begin(), (int)iv.size()); decryptor->Resynchronize(iv.begin(), (int)iv.size()); } else { encryptor->SetKey((const byte *)key.data(), key.size(), pairs); decryptor->SetKey((const byte *)key.data(), key.size(), pairs); } int seek = pairs.GetIntValueWithDefault("Seek", 0); if (seek) { encryptor->Seek(seek); decryptor->Seek(seek); } std::string encrypted, xorDigest, ciphertext, ciphertextXorDigest; if (test == "EncryptionMCT" || test == "DecryptionMCT") { SymmetricCipher *cipher = encryptor.get(); SecByteBlock buf((byte *)plaintext.data(), plaintext.size()), keybuf((byte *)key.data(), key.size()); if (test == "DecryptionMCT") { cipher = decryptor.get(); ciphertext = GetDecodedDatum(v, "Ciphertext"); buf.Assign((byte *)ciphertext.data(), ciphertext.size()); } for (int i=0; i<400; i++) { encrypted.reserve(10000 * plaintext.size()); for (int j=0; j<10000; j++) { cipher->ProcessString(buf.begin(), buf.size()); encrypted.append((char *)buf.begin(), buf.size()); } encrypted.erase(0, encrypted.size() - keybuf.size()); xorbuf(keybuf.begin(), (const byte *)encrypted.data(), keybuf.size()); cipher->SetKey(keybuf, keybuf.size()); } encrypted.assign((char *)buf.begin(), buf.size()); ciphertext = GetDecodedDatum(v, test == "EncryptionMCT" ? "Ciphertext" : "Plaintext"); if (encrypted != ciphertext) { std::cout << "incorrectly encrypted: "; StringSource xx(encrypted, false, new HexEncoder(new FileSink(std::cout))); xx.Pump(256); xx.Flush(false); std::cout << "\n"; SignalTestFailure(); } return; } StreamTransformationFilter encFilter(*encryptor, new StringSink(encrypted), StreamTransformationFilter::NO_PADDING); RandomizedTransfer(StringStore(plaintext).Ref(), encFilter, true); encFilter.MessageEnd(); /*{ std::string z; encryptor->Seek(seek); StringSource ss(plaintext, false, new StreamTransformationFilter(*encryptor, new StringSink(z), StreamTransformationFilter::NO_PADDING)); while (ss.Pump(64)) {} ss.PumpAll(); for (int i=0; i<z.length(); i++) assert(encrypted[i] == z[i]); }*/ if (test != "EncryptXorDigest") ciphertext = GetDecodedDatum(v, "Ciphertext"); else { ciphertextXorDigest = GetDecodedDatum(v, "CiphertextXorDigest"); xorDigest.append(encrypted, 0, 64); for (size_t i=64; i<encrypted.size(); i++) xorDigest[i%64] ^= encrypted[i]; } if (test != "EncryptXorDigest" ? encrypted != ciphertext : xorDigest != ciphertextXorDigest) { std::cout << "incorrectly encrypted: "; StringSource xx(encrypted, false, new HexEncoder(new FileSink(std::cout))); xx.Pump(2048); xx.Flush(false); std::cout << "\n"; SignalTestFailure(); } std::string decrypted; StreamTransformationFilter decFilter(*decryptor, new StringSink(decrypted), StreamTransformationFilter::NO_PADDING); RandomizedTransfer(StringStore(encrypted).Ref(), decFilter, true); decFilter.MessageEnd(); if (decrypted != plaintext) { std::cout << "incorrectly decrypted: "; StringSource xx(decrypted, false, new HexEncoder(new FileSink(std::cout))); xx.Pump(256); xx.Flush(false); std::cout << "\n"; SignalTestFailure(); } } else { std::cout << "unexpected test name\n"; SignalTestError(); } }