IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

use only one implementation of decryption, call from all input parameter variants via inline functions

Browse Source
This commit is contained in:
Dario 2020-06-24 10:20:10 +02:00
parent dcfed9bb12
commit 337bf554f5
2 changed files with 11 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
src/cpp/Crypto/AuthenticatedEncryption.cpp
View File

@ -100,35 +100,7 @@ AuthenticatedEncryption::ResultType AuthenticatedEncryption::encrypt(const Memor
return AUTH_ENCRYPT_OK; return AUTH_ENCRYPT_OK;
} }
AuthenticatedEncryption::ResultType AuthenticatedEncryption::decrypt(const MemoryBin* encryptedMessage, MemoryBin** message) const AuthenticatedEncryption::ResultType AuthenticatedEncryption::decrypt(const unsigned char* encryptedMessage, size_t encryptedMessageSize, MemoryBin** message) const
{
assert(message && encryptedMessage);
std::shared_lock<std::shared_mutex> _lock(mWorkingMutex);
if (!mEncryptionKey) {
return AUTH_NO_KEY;
}
size_t decryptSize = encryptedMessage->size() - crypto_secretbox_MACBYTES;
//unsigned char* decryptBuffer = (unsigned char*)malloc(decryptSize);
auto mm = MemoryManager::getInstance();
//ObfusArray* decryptedData = new ObfusArray(decryptSize);
auto decryptedData = mm->getFreeMemory(decryptSize);
unsigned char nonce[crypto_secretbox_NONCEBYTES];
// we use a hardcoded value for nonce
// TODO: use a dynamic value, save it along with the other parameters
memset(nonce, 31, crypto_secretbox_NONCEBYTES);
if (crypto_secretbox_open_easy(*decryptedData, *encryptedMessage, encryptedMessage->size(), nonce, *mEncryptionKey)) {
mm->releaseMemory(decryptedData);
return AUTH_DECRYPT_MESSAGE_FAILED;
}
*message = decryptedData;
return AUTH_DECRYPT_OK;
}
AuthenticatedEncryption::ResultType AuthenticatedEncryption::decrypt(const std::vector<unsigned char>& encryptedMessage, MemoryBin** message) const
{ {
assert(message); assert(message);
std::shared_lock<std::shared_mutex> _lock(mWorkingMutex); std::shared_lock<std::shared_mutex> _lock(mWorkingMutex);
@ -137,7 +109,7 @@ AuthenticatedEncryption::ResultType AuthenticatedEncryption::decrypt(const std::
return AUTH_NO_KEY; return AUTH_NO_KEY;
} }
size_t decryptSize = encryptedMessage.size() - crypto_secretbox_MACBYTES; size_t decryptSize = encryptedMessageSize - crypto_secretbox_MACBYTES;
//unsigned char* decryptBuffer = (unsigned char*)malloc(decryptSize); //unsigned char* decryptBuffer = (unsigned char*)malloc(decryptSize);
auto mm = MemoryManager::getInstance(); auto mm = MemoryManager::getInstance();
//ObfusArray* decryptedData = new ObfusArray(decryptSize); //ObfusArray* decryptedData = new ObfusArray(decryptSize);
@ -147,7 +119,7 @@ AuthenticatedEncryption::ResultType AuthenticatedEncryption::decrypt(const std::
// TODO: use a dynamic value, save it along with the other parameters // TODO: use a dynamic value, save it along with the other parameters
memset(nonce, 31, crypto_secretbox_NONCEBYTES); memset(nonce, 31, crypto_secretbox_NONCEBYTES);
if (crypto_secretbox_open_easy(*decryptedData, encryptedMessage.data(), encryptedMessage.size(), nonce, *mEncryptionKey)) { if (crypto_secretbox_open_easy(*decryptedData, encryptedMessage, encryptedMessageSize, nonce, *mEncryptionKey)) {
mm->releaseMemory(decryptedData); mm->releaseMemory(decryptedData);
return AUTH_DECRYPT_MESSAGE_FAILED; return AUTH_DECRYPT_MESSAGE_FAILED;
} }

13
src/cpp/Crypto/AuthenticatedEncryption.h
View File

@ -3,7 +3,6 @@
#include "../SingletonManager/MemoryManager.h" #include "../SingletonManager/MemoryManager.h"
#include <shared_mutex> #include <shared_mutex>
#include <vector> #include <vector>
@ -62,12 +61,16 @@ public:
ResultType encrypt(const MemoryBin* message, MemoryBin** encryptedMessage) const; ResultType encrypt(const MemoryBin* message, MemoryBin** encryptedMessage) const;
ResultType decrypt(const MemoryBin* encryptedMessage, MemoryBin** message) const; inline ResultType decrypt(const MemoryBin* encryptedMessage, MemoryBin** message) const {
return decrypt(encryptedMessage->data(), encryptedMessage->size(), message);
}
//! \brief same as the other decrypt only in other format //! \brief same as the other decrypt only in other format
//! \param encryptedMessage format from Poco Binary Data from DB, like returned from model/table/user for encrypted private key //! \param encryptedMessage format from Poco Binary Data from DB, like returned from model/table/user for encrypted private key
//! inline ResultType decrypt(const std::vector<unsigned char>& encryptedMessage, MemoryBin** message) const {
//! double code, I don't know how to prevent without unnecessary copy of encryptedMessage return decrypt(encryptedMessage.data(), encryptedMessage.size(), message);
ResultType decrypt(const std::vector<unsigned char>& encryptedMessage, MemoryBin** message) const; }
//! \brief raw decrypt function, actual implementation
ResultType decrypt(const unsigned char* encryptedMessage, size_t encryptedMessageSize, MemoryBin** message) const;
static const char* getErrorMessage(ResultType type); static const char* getErrorMessage(ResultType type);