CryConfig CryConfigCreator::create(const optional<string> &cipherFromCommandLine) { CryConfig config; config.SetCipher(_generateCipher(cipherFromCommandLine)); config.SetEncryptionKey(_generateEncKey(config.Cipher())); config.SetRootBlob(_generateRootBlobKey()); return config; }
CryConfig CryConfigCreator::create(const optional<string> &cipherFromCommandLine, const optional<uint32_t> &blocksizeBytesFromCommandLine) { CryConfig config; config.SetCipher(_generateCipher(cipherFromCommandLine)); config.SetVersion(gitversion::VersionString()); config.SetCreatedWithVersion(gitversion::VersionString()); config.SetBlocksizeBytes(_generateBlocksizeBytes(blocksizeBytesFromCommandLine)); config.SetRootBlob(_generateRootBlobKey()); config.SetEncryptionKey(_generateEncKey(config.Cipher())); config.SetFilesystemId(_generateFilesystemID()); return config; }
TEST_P(CryConfigCreatorTest_ChooseCipher, ChoosesCipherCorrectly) { if (cipherWarning == none) { EXPECT_DONT_SHOW_WARNING(); } else { EXPECT_SHOW_WARNING(*cipherWarning); } EXPECT_ASK_FOR_CIPHER().WillOnce(ChooseCipher(cipherName)); CryConfig config = creator.create(none); EXPECT_EQ(cipherName, config.Cipher()); }
optional<CryConfigFile> CryConfigFile::load(const bf::path &path, const string &password) { auto encryptedConfigData = Data::LoadFromFile(path); if (encryptedConfigData == none) { LOG(ERROR) << "Config file not found"; return none; } auto encryptor = CryConfigEncryptorFactory::loadKey(*encryptedConfigData, password); if (encryptor == none) { return none; } auto decrypted = (*encryptor)->decrypt(*encryptedConfigData); if (decrypted == none) { return none; } CryConfig config = CryConfig::load(decrypted->data); if (config.Cipher() != decrypted->cipherName) { LOG(ERROR) << "Inner cipher algorithm used to encrypt config file doesn't match config value"; return none; } return CryConfigFile(path, std::move(config), std::move(*encryptor)); }
TEST_F(CryConfigTest, Cipher_AfterSaveAndLoad) { cfg.SetCipher("mycipher"); CryConfig loaded = SaveAndLoad(std::move(cfg)); EXPECT_EQ("mycipher", loaded.Cipher()); }
TEST_F(CryConfigTest, Cipher_AfterMove) { cfg.SetCipher("mycipher"); CryConfig moved = std::move(cfg); EXPECT_EQ("mycipher", moved.Cipher()); }
void CryConfigLoader::_checkCipher(const CryConfig &config) const { if (_cipherFromCommandLine != none && config.Cipher() != *_cipherFromCommandLine) { throw std::runtime_error(string() + "Filesystem uses " + config.Cipher() + " cipher and not " + *_cipherFromCommandLine + " as specified."); } }
cpputils::unique_ref<blockstore::BlockStore> CryDevice::CreateEncryptedBlockStore(const CryConfig &config, unique_ref<BlockStore> baseBlockStore) { //TODO Test that CryFS is using the specified cipher return CryCiphers::find(config.Cipher()).createEncryptedBlockstore(std::move(baseBlockStore), config.EncryptionKey()); }