static bool BackupTable(LuaUtils::DataDump &d, lua_State* src, int index, int depth) {
if (depth++ > maxDepth)
return false;
const int table = PosLuaIndex(src, index);
for (lua_pushnil(src); lua_next(src, table) != 0; lua_pop(src, 1)) {
LuaUtils::DataDump dk, dv;
BackupData(dk, src, -2, depth);
BackupData(dv, src, -1, depth);
d.table.push_back(std::pair<LuaUtils::DataDump, LuaUtils::DataDump>(dk ,dv));
}
return true;
}
int LuaUtils::Backup(std::vector<LuaUtils::DataDump> &backup, lua_State* src, int count) {
const int srcTop = lua_gettop(src);
if (srcTop < count)
return 0;
const int startIndex = (srcTop - count + 1);
const int endIndex = srcTop;
for (int i = startIndex; i <= endIndex; i++) {
backup.push_back(DataDump());
BackupData(backup.back(), src, i, 0);
}
return count;
}
ClientConfiguration::BackupData ClientConfiguration::fromBackup(QString const& backup, QString const& password) {
QByteArray decodedBase32 = Base32::decodeBase32Sequence(backup);
if (decodedBase32.size() != BACKUP_DECODED_BYTES) {
throw IllegalArgumentException() << "Invalid Backup: Size of decoded Backup String is incorrect (" << decodedBase32.size() << " Bytes instead of " << BACKUP_DECODED_BYTES << " Bytes).";
}
unsigned char encryptionKey[BACKUP_ENCRYPTION_KEY_BYTES];
sodium_memzero(encryptionKey, BACKUP_ENCRYPTION_KEY_BYTES);
// The pointer to the base32-decoded Backup
unsigned char* decodedBase32Ptr = reinterpret_cast<unsigned char*>(decodedBase32.data());
// The Salt used in the PBKDF2 Key Derivation process is embedded in the first 8 bytes of the Backup.
QByteArray password8Bit = password.toUtf8();
PKCS5_PBKDF2_HMAC(reinterpret_cast<unsigned char*>(password8Bit.data()), password8Bit.size(), decodedBase32Ptr, BACKUP_SALT_BYTES, BACKUP_KEY_PBKDF_ITERATIONS, BACKUP_ENCRYPTION_KEY_BYTES, encryptionKey);
unsigned char nonceBytes[crypto_stream_NONCEBYTES];
sodium_memzero(nonceBytes, crypto_stream_NONCEBYTES);
crypto_stream_xor(&decodedBase32Ptr[BACKUP_SALT_BYTES], &decodedBase32Ptr[BACKUP_SALT_BYTES], BACKUP_IDENTITY_BYTES + PROTO_KEY_LENGTH_BYTES + BACKUP_HASH_BYTES, nonceBytes, encryptionKey);
// The last two bytes of the Backup contain the truncated SHA-256 Hash over the identity and its Private Key.
unsigned char controlHash[crypto_hash_sha256_BYTES];
sodium_memzero(controlHash, crypto_hash_sha256_BYTES);
crypto_hash_sha256(controlHash, &(decodedBase32Ptr[BACKUP_SALT_BYTES]), BACKUP_IDENTITY_BYTES + PROTO_KEY_LENGTH_BYTES);
if (sodium_memcmp(&(decodedBase32Ptr[BACKUP_SALT_BYTES + BACKUP_IDENTITY_BYTES + PROTO_KEY_LENGTH_BYTES]), controlHash, BACKUP_HASH_BYTES) != 0) {
throw IllegalArgumentException() << "Decryption of Backup failed: Invalid Control Hash (" << controlHash[0] << controlHash[1] << " vs. " << decodedBase32Ptr[BACKUP_SALT_BYTES + BACKUP_IDENTITY_BYTES + PROTO_KEY_LENGTH_BYTES] << decodedBase32Ptr[BACKUP_SALT_BYTES + BACKUP_IDENTITY_BYTES + PROTO_KEY_LENGTH_BYTES + 1] << ").";
}
unsigned char derivedPublicKey[PROTO_KEY_LENGTH_BYTES];
crypto_scalarmult_base(derivedPublicKey, &decodedBase32Ptr[BACKUP_SALT_BYTES + BACKUP_IDENTITY_BYTES]);
KeyPair kp = KeyPair::fromArrays(derivedPublicKey, &decodedBase32Ptr[BACKUP_SALT_BYTES + BACKUP_IDENTITY_BYTES]);
QString identityString(QByteArray(reinterpret_cast<char*>(&decodedBase32Ptr[BACKUP_SALT_BYTES]), BACKUP_IDENTITY_BYTES));
if (!isValidIdentity(identityString)) {
throw IllegalArgumentException() << "Invalid ClientConfiguration: Decryption of Backup failed: Not a valid Identity.";
}
return BackupData(ContactId(identityString.toUtf8()), kp);
}
