bool DoThisFile (const KFile * infile, EncScheme enc, ArcScheme * parc)
{
const KFile * Infile;
ArcScheme arc;
rc_t rc;
*parc = arcNone;
switch (enc)
{
default:
STSMSG (1, ("not encrypted"));
return false;
case encEncFile:
/*
* this will apply to KEncFiles versions 1 and 2, maybe not 3
* but will hopefully become obsolete eventually.
*/
rc = KEncFileMakeRead (&Infile, infile, &Key); /* replace with VFSManagerOpenFileReadDirectoryRelativeInt */
if (rc)
return false;
break;
case encSraEncFile:
/* these are NCBIsenc instead of NCBInenc */
goto sra_enc_file;
case encWGAEncFile:
rc = KFileMakeWGAEncRead (&Infile, infile, Password, PasswordSize);
if (rc)
return false;
break;
}
arc = ArchiveTypeCheck (Infile);
KFileRelease (Infile);
switch (arc)
{
default:
return false;
case arcNone:
return true;
case arcSRAFile:
break;
}
sra_enc_file:
*parc = arcSRAFile;
STSMSG (1, ("encrypted sra archive\ndecryption%s requested",
DecryptSraFlag ? "" : " not"));
return DecryptSraFlag;
}
rc_t OpenDatabase(KKeyRing* self)
{
rc_t rc;
const KFile* enc_infile;
assert(self);
rc = KDirectoryOpenFileRead(self->wd, &enc_infile, "%s", self->path);
if ( rc == 0)
{
rc_t rc2;
const KFile* infile;
KKey key;
rc = KKeyInitRead(&key, kkeyAES256, self->passwd, string_measure(self->passwd, NULL));
if ( rc == 0 )
{
rc = KEncFileMakeRead (&infile, enc_infile, &key);
if (rc == 0)
{
const KDirectory* arc;
rc = KDirectoryOpenArcDirRead_silent_preopened(self->wd, &arc, true, "/keyring", tocKFile, (void*)infile, KArcParseSRA, NULL, NULL);
if (rc == 0)
{
/* Hack: we violate the KDirectory object interface in order for VDBManagerMakeUpdate to succeed,
since it would refuse to open a read-only dir (i.e. archive);
We will only read from the object, though.
*/
((KDirectory*)arc)->read_only = false;
rc = KeyRingDatabaseLoad(self->data, arc, "/keyring");
rc2 = KDirectoryRelease(arc);
if (rc == 0)
rc = rc2;
}
rc2 = KFileRelease(infile);
if (rc == 0)
rc = rc2;
}
}
rc2 = KFileRelease(enc_infile);
if (rc == 0)
rc = rc2;
}
return rc;
}
rc_t CC
TOpenEncFile ( struct KDirectory * current_dir, const char * path, TFileOpenMode mode, const KKey * enc_key, struct KFile ** out_file )
{
rc_t rc;
struct KFile * pt_file, * enc_file;
rc = 0;
pt_file = NULL;
enc_file = NULL;
assert ( out_file );
* out_file = NULL;
rc = TOpenPtFile (current_dir, path, mode, &pt_file);
if (rc == 0)
{
switch (mode)
{
case TFileOpenMode_Read:
rc = KEncFileMakeRead ( (const struct KFile **)&enc_file, (const struct KFile *)pt_file, enc_key );
break;
case TFileOpenMode_Write:
rc = KEncFileMakeWrite ( &enc_file, pt_file, enc_key );
break;
case TFileOpenMode_ReadWrite:
rc = KEncFileMakeUpdate ( &enc_file, pt_file, enc_key );
break;
default:
assert(false);
}
if (rc == 0)
{
*out_file = enc_file;
}
KFileRelease ( pt_file );
}
return rc;
} /* TOpenEncFile () */
rc_t CryptFile (const KFile * in, const KFile ** new_in,
KFile * out, KFile ** new_out, EncScheme scheme)
{
const KFile * dec;
rc_t rc;
assert (in);
assert (out);
assert (new_in);
assert (new_out);
rc = KFileAddRef (out);
if (rc)
return rc;
switch (scheme)
{
default:
case encError:
rc = RC (rcExe, rcFile, rcClassifying, rcFile, rcInvalid);
break;
case encNone:
copy:
rc = KFileAddRef (in);
if (rc)
goto fail;
*new_in = in;
*new_out = out;
STSMSG (1, ("not encrypted just copying"));
return 0;
case encEncFile:
rc = KEncFileMakeRead (&dec, in, &Key);
made_enc:
if (rc)
goto fail;
switch (ArchiveTypeCheck (dec))
{
default:
case arcError:
rc = RC (rcExe, rcFile, rcClassifying, rcFile, rcInvalid);
break;
case arcSRAFile:
if (!DecryptSraFlag)
{
rc = KFileRelease (dec);
if (rc)
{
KFileRelease (dec);
KFileRelease (in);
goto fail;
}
goto copy;
}
/* fall through */
case arcNone:
*new_out = out;
*new_in = dec;
return 0;
}
break;
case encWGAEncFile:
rc = KFileMakeWGAEncRead (&dec, in, Password, PasswordSize);
goto made_enc;
break;
}
fail:
KFileRelease (out);
*new_in = *new_out = NULL;
return rc;
}
/* not KDB specific - just uses vfs/krypto/kfs objects */
static
rc_t KDBOpenFileAsDirectory (const KDirectory * dir,
const char * path,
const KDirectory ** pdir,
uint32_t rcobj)
{
const KFile * file;
const KFile * f;
const KDirectory * ldir;
bool encrypted = false;
rc_t rc;
*pdir = NULL;
rc = KDirectoryOpenFileRead (dir, &file, path);
if (rc == 0)
{
rc = KFileRandomAccess(file);
if (rc)
rc = RC (rcDB, rcMgr, rcOpening, rcobj, rcUnsupported);
else
{
size_t tz;
char tbuff [4096];
char pbuff [4096 + 1];
rc = KFileReadAll (file, 0, tbuff, sizeof tbuff, &tz);
if (rc == 0)
{
if (KFileIsEnc (tbuff, tz) == 0)
{
encrypted = true;
rc = KDBOpenFileGetPassword (pbuff, sizeof (pbuff) - 1);
if (rc == 0)
{
KKey key;
rc = KKeyInitRead (&key, kkeyAES128, pbuff, string_size (pbuff));
if (rc == 0)
{
rc = KEncFileMakeRead (&f, file, &key);
if (rc == 0)
{
/* KEncFileMakeRead adds a reference */
KFileRelease (file);
file = f;
rc = KFileReadAll (file, 0, tbuff, sizeof tbuff, &tz);
}
}
}
}
else if (KFileIsWGAEnc (tbuff, tz) == 0)
{
encrypted = true;
rc = KDBOpenFileGetPassword (pbuff, sizeof (pbuff) - 1);
if (rc == 0)
{
rc = KFileMakeWGAEncRead (&f, file, pbuff, string_size (pbuff));
if (rc == 0)
{
/* KFileMakeWGAEncRead adds a reference */
KFileRelease (file);
file = f;
rc = KFileReadAll (file, 0, tbuff, sizeof tbuff, &tz);
}
}
}
/* else not a handled encryption or unencrypted: we can't distinguish too much */
if (rc == 0)
{
if (KFileIsSRA (tbuff, tz) == 0)
{
rc = KDirectoryOpenSraArchiveReadUnbounded_silent_preopened (dir,
&ldir,
false,
file,
path);
}
else
{
rc = KDirectoryOpenTarArchiveRead_silent_preopened (dir, &ldir, false,
file, path);
}
/* not an archive type we handle or a bad archive */
if (rc)
{
if (encrypted)
rc = RC ( rcDB, rcMgr, rcOpening, rcEncryptionKey, rcIncorrect );
else
rc = RC ( rcDB, rcMgr, rcOpening, rcPath, rcIncorrect );
}
else
{
/*
* release our ownership of the KFile that but archive will
* keep theirs
*/
KFileRelease (file);
*pdir = ldir;
return 0;
}
}
}
}
KFileRelease (file);
}
return rc;
}
