void Key::uncipherKeyData(boost::property_tree::ptree& node)
{
std::string data = node.get_child("Data").get_value<std::string>();
//LOG(LogLevel::INFOS) << "Unciphering data... {%s}", data.c_str());
if (!d_storeCipheredData)
{
//LOG(LogLevel::INFOS) << "Data was not ciphered ! Retrieving directly data...");
fromString(data);
}
else
{
LOG(LogLevel::INFOS) << "Data was ciphered ! Unciphering..";
std::string secureKey = ((d_cipherKey == "") ? Key::secureAiKey : d_cipherKey);
std::vector<unsigned char> hash = openssl::SHA256Hash(secureKey);
openssl::AESSymmetricKey aes = openssl::AESSymmetricKey::createFromData(hash);
openssl::AESInitializationVector iv = openssl::AESInitializationVector::createNull();
openssl::AESCipher aescipher;
std::vector<unsigned char> divaesbuf;
std::string strdata = "Data";
std::vector<unsigned char> keynamebuf = std::vector<unsigned char>(strdata.begin(), strdata.end());
keynamebuf.resize(32, 0x00);
aescipher.cipher(keynamebuf, divaesbuf, aes, iv, false);
openssl::AESSymmetricKey divaes = openssl::AESSymmetricKey::createFromData(divaesbuf);
std::vector<unsigned char> keybuf(data.begin(), data.end()), uncipheredkey;
aescipher.decipher(BufferHelper::fromBase64(BufferHelper::getStdString(keybuf)), uncipheredkey, divaes, iv, true);
//LOG(LogLevel::DEBUGS) << "Data unciphered: {%s}", uncipheredkey.toStdString().c_str());
fromString(BufferHelper::getStdString(uncipheredkey));
}
}
bool XdbAppend(Transaction *t, const Vector<TOperand*> &arguments,
TOperand **result)
{
BACKEND_ARG_COUNT(3);
BACKEND_ARG_STRING(0, db_name, db_length);
BACKEND_ARG_STRING(1, key_data, key_length);
BACKEND_ARG_DATA(2, value_data, value_length);
XdbInfo &info = GetDatabaseInfo(db_name, true);
Buffer keybuf(key_data, key_length);
Buffer valuebuf(value_data, value_length);
info.xdb->Append(&keybuf, &valuebuf);
Assert(!info.xdb->HasError());
return true;
}
bool XdbLookup(Transaction *t, const Vector<TOperand*> &arguments,
TOperand **result)
{
BACKEND_ARG_COUNT(2);
BACKEND_ARG_STRING(0, db_name, db_length);
BACKEND_ARG_STRING(1, key_data, key_length);
XdbInfo &info = GetDatabaseInfo(db_name, false);
// return empty data if the database doesn't exist
if (!info.xdb->Exists()) {
*result = new TOperandString(t, NULL, 0);
return true;
}
Buffer keybuf(key_data, key_length);
Buffer *valuebuf = new Buffer();
t->AddBuffer(valuebuf);
bool success = info.xdb->Find(&keybuf, valuebuf);
Assert(!info.xdb->HasError());
if (success) {
size_t retlen = valuebuf->pos - valuebuf->base;
if (retlen == 0) {
logout << "ERROR: Database " << db_name
<< " contains an empty value for " << key_data << endl;
return false;
}
*result = new TOperandString(t, valuebuf->base, retlen);
}
else {
*result = new TOperandString(t, NULL, 0);
}
return true;
}
void TestSymmetricCipher(TestData &v, const NameValuePairs &overrideParameters)
{
std::string name = GetRequiredDatum(v, "Name");
std::string test = GetRequiredDatum(v, "Test");
std::string key = GetDecodedDatum(v, "Key");
std::string plaintext = GetDecodedDatum(v, "Plaintext");
TestDataNameValuePairs testDataPairs(v);
CombinedNameValuePairs pairs(overrideParameters, testDataPairs);
if (test == "Encrypt" || test == "EncryptXorDigest" || test == "Resync" || test == "EncryptionMCT" || test == "DecryptionMCT")
{
static member_ptr<SymmetricCipher> encryptor, decryptor;
static std::string lastName;
if (name != lastName)
{
encryptor.reset(ObjectFactoryRegistry<SymmetricCipher, ENCRYPTION>::Registry().CreateObject(name.c_str()));
decryptor.reset(ObjectFactoryRegistry<SymmetricCipher, DECRYPTION>::Registry().CreateObject(name.c_str()));
lastName = name;
}
ConstByteArrayParameter iv;
if (pairs.GetValue(Name::IV(), iv) && iv.size() != encryptor->IVSize())
SignalTestFailure();
if (test == "Resync")
{
encryptor->Resynchronize(iv.begin(), (int)iv.size());
decryptor->Resynchronize(iv.begin(), (int)iv.size());
}
else
{
encryptor->SetKey((const byte *)key.data(), key.size(), pairs);
decryptor->SetKey((const byte *)key.data(), key.size(), pairs);
}
int seek = pairs.GetIntValueWithDefault("Seek", 0);
if (seek)
{
encryptor->Seek(seek);
decryptor->Seek(seek);
}
std::string encrypted, xorDigest, ciphertext, ciphertextXorDigest;
if (test == "EncryptionMCT" || test == "DecryptionMCT")
{
SymmetricCipher *cipher = encryptor.get();
SecByteBlock buf((byte *)plaintext.data(), plaintext.size()), keybuf((byte *)key.data(), key.size());
if (test == "DecryptionMCT")
{
cipher = decryptor.get();
ciphertext = GetDecodedDatum(v, "Ciphertext");
buf.Assign((byte *)ciphertext.data(), ciphertext.size());
}
for (int i=0; i<400; i++)
{
encrypted.reserve(10000 * plaintext.size());
for (int j=0; j<10000; j++)
{
cipher->ProcessString(buf.begin(), buf.size());
encrypted.append((char *)buf.begin(), buf.size());
}
encrypted.erase(0, encrypted.size() - keybuf.size());
xorbuf(keybuf.begin(), (const byte *)encrypted.data(), keybuf.size());
cipher->SetKey(keybuf, keybuf.size());
}
encrypted.assign((char *)buf.begin(), buf.size());
ciphertext = GetDecodedDatum(v, test == "EncryptionMCT" ? "Ciphertext" : "Plaintext");
if (encrypted != ciphertext)
{
std::cout << "incorrectly encrypted: ";
StringSource xx(encrypted, false, new HexEncoder(new FileSink(std::cout)));
xx.Pump(256); xx.Flush(false);
std::cout << "\n";
SignalTestFailure();
}
return;
}
StreamTransformationFilter encFilter(*encryptor, new StringSink(encrypted), StreamTransformationFilter::NO_PADDING);
RandomizedTransfer(StringStore(plaintext).Ref(), encFilter, true);
encFilter.MessageEnd();
/*{
std::string z;
encryptor->Seek(seek);
StringSource ss(plaintext, false, new StreamTransformationFilter(*encryptor, new StringSink(z), StreamTransformationFilter::NO_PADDING));
while (ss.Pump(64)) {}
ss.PumpAll();
for (int i=0; i<z.length(); i++)
assert(encrypted[i] == z[i]);
}*/
if (test != "EncryptXorDigest")
ciphertext = GetDecodedDatum(v, "Ciphertext");
else
{
ciphertextXorDigest = GetDecodedDatum(v, "CiphertextXorDigest");
xorDigest.append(encrypted, 0, 64);
for (size_t i=64; i<encrypted.size(); i++)
xorDigest[i%64] ^= encrypted[i];
}
if (test != "EncryptXorDigest" ? encrypted != ciphertext : xorDigest != ciphertextXorDigest)
{
std::cout << "incorrectly encrypted: ";
StringSource xx(encrypted, false, new HexEncoder(new FileSink(std::cout)));
xx.Pump(2048); xx.Flush(false);
std::cout << "\n";
SignalTestFailure();
}
std::string decrypted;
StreamTransformationFilter decFilter(*decryptor, new StringSink(decrypted), StreamTransformationFilter::NO_PADDING);
RandomizedTransfer(StringStore(encrypted).Ref(), decFilter, true);
decFilter.MessageEnd();
if (decrypted != plaintext)
{
std::cout << "incorrectly decrypted: ";
StringSource xx(decrypted, false, new HexEncoder(new FileSink(std::cout)));
xx.Pump(256); xx.Flush(false);
std::cout << "\n";
SignalTestFailure();
}
}
else
{
std::cout << "unexpected test name\n";
SignalTestError();
}
}
