From 99846b0c61ea576dc72fdc748a7035644e747302 Mon Sep 17 00:00:00 2001 From: Dario Date: Tue, 25 Aug 2020 16:17:28 +0200 Subject: [PATCH] rename AuthenticatedEncryption to SecretKeyCryptography --- dependencies/grpc | 2 +- src/cpp/Crypto/KeyPairEd25519.cpp | 4 +- src/cpp/Crypto/KeyPairEd25519.h | 4 +- ...cryption.cpp => SecretKeyCryptography.cpp} | 16 ++-- ...edEncryption.h => SecretKeyCryptography.h} | 14 ++-- src/cpp/controller/User.cpp | 10 +-- src/cpp/controller/User.h | 6 +- .../AuthenticatedEncryptionCreateKeyTask.cpp | 78 +++++++++---------- .../crypto/TestAuthenticatedEncryption.cpp | 10 +-- 9 files changed, 72 insertions(+), 72 deletions(-) rename src/cpp/Crypto/{AuthenticatedEncryption.cpp => SecretKeyCryptography.cpp} (86%) rename src/cpp/Crypto/{AuthenticatedEncryption.h => SecretKeyCryptography.h} (85%) diff --git a/dependencies/grpc b/dependencies/grpc index f57a0619b..7d7e45676 160000 --- a/dependencies/grpc +++ b/dependencies/grpc @@ -1 +1 @@ -Subproject commit f57a0619bc5697ea98c2d5b2c983c7024f43a5db +Subproject commit 7d7e4567625db7cfebf8969a225948097a3f9f89 diff --git a/src/cpp/Crypto/KeyPairEd25519.cpp b/src/cpp/Crypto/KeyPairEd25519.cpp index ee8cabfa0..392bf5e8e 100644 --- a/src/cpp/Crypto/KeyPairEd25519.cpp +++ b/src/cpp/Crypto/KeyPairEd25519.cpp @@ -151,13 +151,13 @@ MemoryBin* KeyPairEd25519::sign(const unsigned char* message, size_t messageSize } -MemoryBin* KeyPairEd25519::getCryptedPrivKey(const Poco::AutoPtr password) const +MemoryBin* KeyPairEd25519::getCryptedPrivKey(const Poco::AutoPtr password) const { if (password.isNull()) return nullptr; if (!mSodiumSecret) return nullptr; MemoryBin* encryptedKey = nullptr; - if (AuthenticatedEncryption::AUTH_ENCRYPT_OK == password->encrypt(mSodiumSecret, &encryptedKey)) { + if (SecretKeyCryptography::AUTH_ENCRYPT_OK == password->encrypt(mSodiumSecret, &encryptedKey)) { return encryptedKey; } else { diff --git a/src/cpp/Crypto/KeyPairEd25519.h b/src/cpp/Crypto/KeyPairEd25519.h index 7b3f11d4b..75a1ce9f1 100644 --- a/src/cpp/Crypto/KeyPairEd25519.h +++ b/src/cpp/Crypto/KeyPairEd25519.h @@ -13,7 +13,7 @@ #include "sodium.h" -#include "AuthenticatedEncryption.h" +#include "SecretKeyCryptography.h" #include "Passphrase.h" class KeyPairEd25519 : public IKeyPair @@ -63,7 +63,7 @@ public: inline bool hasPrivateKey() const { return mSodiumSecret != nullptr; } //! \brief only way to get a private key.. encrypted - MemoryBin* getCryptedPrivKey(const Poco::AutoPtr password) const; + MemoryBin* getCryptedPrivKey(const Poco::AutoPtr password) const; protected: diff --git a/src/cpp/Crypto/AuthenticatedEncryption.cpp b/src/cpp/Crypto/SecretKeyCryptography.cpp similarity index 86% rename from src/cpp/Crypto/AuthenticatedEncryption.cpp rename to src/cpp/Crypto/SecretKeyCryptography.cpp index 421537a66..0685ecaff 100644 --- a/src/cpp/Crypto/AuthenticatedEncryption.cpp +++ b/src/cpp/Crypto/SecretKeyCryptography.cpp @@ -1,22 +1,22 @@ -#include "AuthenticatedEncryption.h" +#include "SecretKeyCryptography.h" #include "sodium.h" #include "../ServerConfig.h" #include #include "../lib/Profiler.h" -AuthenticatedEncryption::AuthenticatedEncryption() +SecretKeyCryptography::SecretKeyCryptography() : mOpsLimit(10), mMemLimit(33554432), mAlgo(2), mEncryptionKey(nullptr), mEncryptionKeyHash(0) { } -AuthenticatedEncryption::AuthenticatedEncryption(unsigned long long opslimit, size_t memlimit, int algo) +SecretKeyCryptography::SecretKeyCryptography(unsigned long long opslimit, size_t memlimit, int algo) : mOpsLimit(opslimit), mMemLimit(memlimit), mAlgo(algo), mEncryptionKey(nullptr), mEncryptionKeyHash(0) { } -AuthenticatedEncryption::~AuthenticatedEncryption() +SecretKeyCryptography::~SecretKeyCryptography() { if (mEncryptionKey) { MemoryManager::getInstance()->releaseMemory(mEncryptionKey); @@ -24,7 +24,7 @@ AuthenticatedEncryption::~AuthenticatedEncryption() } } -AuthenticatedEncryption::ResultType AuthenticatedEncryption::createKey(const std::string& salt_parameter, const std::string& passwd) +SecretKeyCryptography::ResultType SecretKeyCryptography::createKey(const std::string& salt_parameter, const std::string& passwd) { assert(crypto_hash_sha512_BYTES >= crypto_pwhash_SALTBYTES); @@ -79,7 +79,7 @@ AuthenticatedEncryption::ResultType AuthenticatedEncryption::createKey(const std return AUTH_ENCRYPT_OK; } -AuthenticatedEncryption::ResultType AuthenticatedEncryption::encrypt(const MemoryBin* message, MemoryBin** encryptedMessage) const +SecretKeyCryptography::ResultType SecretKeyCryptography::encrypt(const MemoryBin* message, MemoryBin** encryptedMessage) const { assert(message && encryptedMessage); std::shared_lock _lock(mWorkingMutex); @@ -111,7 +111,7 @@ AuthenticatedEncryption::ResultType AuthenticatedEncryption::encrypt(const Memor return AUTH_ENCRYPT_OK; } -AuthenticatedEncryption::ResultType AuthenticatedEncryption::decrypt(const unsigned char* encryptedMessage, size_t encryptedMessageSize, MemoryBin** message) const +SecretKeyCryptography::ResultType SecretKeyCryptography::decrypt(const unsigned char* encryptedMessage, size_t encryptedMessageSize, MemoryBin** message) const { assert(message); std::shared_lock _lock(mWorkingMutex); @@ -139,7 +139,7 @@ AuthenticatedEncryption::ResultType AuthenticatedEncryption::decrypt(const unsig return AUTH_DECRYPT_OK; } -const char* AuthenticatedEncryption::getErrorMessage(ResultType type) +const char* SecretKeyCryptography::getErrorMessage(ResultType type) { switch (type) { case AUTH_ENCRYPT_OK: return "everything is ok"; diff --git a/src/cpp/Crypto/AuthenticatedEncryption.h b/src/cpp/Crypto/SecretKeyCryptography.h similarity index 85% rename from src/cpp/Crypto/AuthenticatedEncryption.h rename to src/cpp/Crypto/SecretKeyCryptography.h index a19e0f856..0a0a16072 100644 --- a/src/cpp/Crypto/AuthenticatedEncryption.h +++ b/src/cpp/Crypto/SecretKeyCryptography.h @@ -17,13 +17,13 @@ * * \date: 07-06-2020 * - * \brief: Wrapper Class for make using libsodium authenticated encryption easy, used for encrypt private keys for user + * \brief: Wrapper Class for make using libsodium secret key encryption easy, used for encrypt private keys for user with pwhash * */ typedef Poco::UInt64 KeyHashed; -class AuthenticatedEncryption : public AutoPtrContainer +class SecretKeyCryptography : public AutoPtrContainer { public: @@ -37,20 +37,20 @@ public: }; //! \brief init with default algorithms parameter - AuthenticatedEncryption(); + SecretKeyCryptography(); //! \brief init with custom algorithms parameter //! //! details see in libsodium crypto_pwhash - AuthenticatedEncryption(unsigned long long opslimit, size_t memlimit, int algo); + SecretKeyCryptography(unsigned long long opslimit, size_t memlimit, int algo); - ~AuthenticatedEncryption(); + ~SecretKeyCryptography(); inline KeyHashed getKeyHashed() const { std::shared_lock _lock(mWorkingMutex); return mEncryptionKeyHash; } - inline bool operator == (const Poco::AutoPtr& b) const { + inline bool operator == (const Poco::AutoPtr& b) const { return isTheSame(b); } - inline bool isTheSame(const Poco::AutoPtr& b) const { + inline bool isTheSame(const Poco::AutoPtr& b) const { std::shared_lock _lock(mWorkingMutex); if (b.isNull()) return false; return mEncryptionKeyHash == b->getKeyHashed(); diff --git a/src/cpp/controller/User.cpp b/src/cpp/controller/User.cpp index 7aedbb701..32a3ab700 100644 --- a/src/cpp/controller/User.cpp +++ b/src/cpp/controller/User.cpp @@ -144,7 +144,7 @@ namespace controller { return -3; } observer->addTask(email_hash, TASK_OBSERVER_PASSWORD_CREATION); - Poco::AutoPtr authenticated_encryption(new AuthenticatedEncryption); + Poco::AutoPtr authenticated_encryption(new SecretKeyCryptography); assert(!authenticated_encryption.isNull() && model); authenticated_encryption->createKey(model->getEmail(), password); @@ -163,7 +163,7 @@ namespace controller { } else { - if (AuthenticatedEncryption::AUTH_DECRYPT_OK == authenticated_encryption->decrypt(model->getPrivateKeyEncrypted(), &clear_private_key)) { + if (SecretKeyCryptography::AUTH_DECRYPT_OK == authenticated_encryption->decrypt(model->getPrivateKeyEncrypted(), &clear_private_key)) { if (mGradidoKeyPair) { if (mGradidoKeyPair->isTheSame(clear_private_key) == 0) { mCanDecryptPrivateKey = true; @@ -225,7 +225,7 @@ namespace controller { auto email_hash = observer->makeHash(model->getEmail()); observer->addTask(email_hash, TASK_OBSERVER_PASSWORD_CREATION); - Poco::AutoPtr authenticated_encryption(new AuthenticatedEncryption); + Poco::AutoPtr authenticated_encryption(new SecretKeyCryptography); assert(!authenticated_encryption.isNull() && model); authenticated_encryption->createKey(model->getEmail(), password); @@ -234,7 +234,7 @@ namespace controller { } - int User::setNewPassword(Poco::AutoPtr passwd) + int User::setNewPassword(Poco::AutoPtr passwd) { std::unique_lock _lock(mSharedMutex); auto model = getModel(); @@ -249,7 +249,7 @@ namespace controller { if ((!mGradidoKeyPair || !mGradidoKeyPair->hasPrivateKey()) && model->hasPrivateKeyEncrypted()) { //if (!mGradidoKeyPair) mGradidoKeyPair = new KeyPairEd25519; MemoryBin* clear_private_key = nullptr; - if (AuthenticatedEncryption::AUTH_DECRYPT_OK == mPassword->decrypt(model->getPrivateKeyEncrypted(), &clear_private_key)) { + if (SecretKeyCryptography::AUTH_DECRYPT_OK == mPassword->decrypt(model->getPrivateKeyEncrypted(), &clear_private_key)) { if (mGradidoKeyPair && mGradidoKeyPair->isTheSame(clear_private_key) != 0) { delete mGradidoKeyPair; diff --git a/src/cpp/controller/User.h b/src/cpp/controller/User.h index 33daa9eda..5eb7c8ef6 100644 --- a/src/cpp/controller/User.h +++ b/src/cpp/controller/User.h @@ -80,7 +80,7 @@ namespace controller { //! \return 1 = password changed, private key re-encrypted and saved into db //! \return 2 = password changed, only hash stored in db, couldn't load private key for re-encryption //! \return -1 = stored pubkey and private key didn't match - int setNewPassword(Poco::AutoPtr passwd); + int setNewPassword(Poco::AutoPtr passwd); //! \brief set authenticated encryption and save hash in db, also re encrypt private key if exist @@ -92,7 +92,7 @@ namespace controller { int setNewPassword(const std::string& password); //! \brief return AuthenticatedEncryption Auto Pointer - inline const Poco::AutoPtr getPassword() { + inline const Poco::AutoPtr getPassword() { std::shared_lock _lock(mSharedMutex); return mPassword; } @@ -128,7 +128,7 @@ namespace controller { std::string mPublicHex; - Poco::AutoPtr mPassword; + Poco::AutoPtr mPassword; KeyPairEd25519* mGradidoKeyPair; bool mCanDecryptPrivateKey; diff --git a/src/cpp/tasks/AuthenticatedEncryptionCreateKeyTask.cpp b/src/cpp/tasks/AuthenticatedEncryptionCreateKeyTask.cpp index fa8048e6a..9cc2338a1 100644 --- a/src/cpp/tasks/AuthenticatedEncryptionCreateKeyTask.cpp +++ b/src/cpp/tasks/AuthenticatedEncryptionCreateKeyTask.cpp @@ -1,40 +1,40 @@ -#include "AuthenticatedEncryptionCreateKeyTask.h" - -#include "../ServerConfig.h" -#include "../SingletonManager/SingletonTaskObserver.h" -#include "../SingletonManager/ErrorManager.h" - -#include "../lib/Profiler.h" - -AuthenticatedEncryptionCreateKeyTask::AuthenticatedEncryptionCreateKeyTask(Poco::AutoPtr user, const std::string& passwd) - : UniLib::controller::CPUTask(ServerConfig::g_CryptoCPUScheduler), mUser(user), mPassword(passwd) -{ - assert(!mUser.isNull()); - SingletonTaskObserver::getInstance()->addTask(mUser->getModel()->getEmail(), TASK_OBSERVER_PASSWORD_CREATION); -} - -AuthenticatedEncryptionCreateKeyTask::~AuthenticatedEncryptionCreateKeyTask() -{ - SingletonTaskObserver::getInstance()->removeTask(mUser->getModel()->getEmail(), TASK_OBSERVER_PASSWORD_CREATION); -} - -int AuthenticatedEncryptionCreateKeyTask::run() -{ - auto em = ErrorManager::getInstance(); - const static char* function_name = "AuthenticatedEncryptionCreateKeyTask::run"; - auto authenticated_encryption = new AuthenticatedEncryption; - Profiler timeUsed; - if (AuthenticatedEncryption::AUTH_ENCRYPT_OK != authenticated_encryption->createKey(mUser->getModel()->getEmail(), mPassword)) { - em->addError(new Error(function_name, "error creating key")); - em->addError(new ParamError(function_name, "for email", mUser->getModel()->getEmail())); - em->addError(new ParamError(function_name, "strerror: ", strerror(errno))); - em->sendErrorsAsEmail(); - return -1; - } - //printf("create password time: %s\n", timeUsed.string().data()); - timeUsed.reset(); - mUser->setNewPassword(authenticated_encryption); - //printf("set password time: %s\n", timeUsed.string().data()); - - return 0; +#include "AuthenticatedEncryptionCreateKeyTask.h" + +#include "../ServerConfig.h" +#include "../SingletonManager/SingletonTaskObserver.h" +#include "../SingletonManager/ErrorManager.h" + +#include "../lib/Profiler.h" + +AuthenticatedEncryptionCreateKeyTask::AuthenticatedEncryptionCreateKeyTask(Poco::AutoPtr user, const std::string& passwd) + : UniLib::controller::CPUTask(ServerConfig::g_CryptoCPUScheduler), mUser(user), mPassword(passwd) +{ + assert(!mUser.isNull()); + SingletonTaskObserver::getInstance()->addTask(mUser->getModel()->getEmail(), TASK_OBSERVER_PASSWORD_CREATION); +} + +AuthenticatedEncryptionCreateKeyTask::~AuthenticatedEncryptionCreateKeyTask() +{ + SingletonTaskObserver::getInstance()->removeTask(mUser->getModel()->getEmail(), TASK_OBSERVER_PASSWORD_CREATION); +} + +int AuthenticatedEncryptionCreateKeyTask::run() +{ + auto em = ErrorManager::getInstance(); + const static char* function_name = "AuthenticatedEncryptionCreateKeyTask::run"; + auto authenticated_encryption = new SecretKeyCryptography; + Profiler timeUsed; + if (SecretKeyCryptography::AUTH_ENCRYPT_OK != authenticated_encryption->createKey(mUser->getModel()->getEmail(), mPassword)) { + em->addError(new Error(function_name, "error creating key")); + em->addError(new ParamError(function_name, "for email", mUser->getModel()->getEmail())); + em->addError(new ParamError(function_name, "strerror: ", strerror(errno))); + em->sendErrorsAsEmail(); + return -1; + } + printf("create password time: %s\n", timeUsed.string().data()); + timeUsed.reset(); + mUser->setNewPassword(authenticated_encryption); + printf("set password time: %s\n", timeUsed.string().data()); + + return 0; } \ No newline at end of file diff --git a/src/cpp/test/crypto/TestAuthenticatedEncryption.cpp b/src/cpp/test/crypto/TestAuthenticatedEncryption.cpp index 93c19bc9b..e863e773d 100644 --- a/src/cpp/test/crypto/TestAuthenticatedEncryption.cpp +++ b/src/cpp/test/crypto/TestAuthenticatedEncryption.cpp @@ -1,6 +1,6 @@ #include "TestAuthenticatedEncryption.h" -#include "../../Crypto/AuthenticatedEncryption.h" +#include "../../Crypto/SecretKeyCryptography.h" #include "../../lib/Profiler.h" #include "../../lib/DataTypeConverter.h" @@ -12,12 +12,12 @@ void TestAuthenticatedEncryption::SetUp() } TEST_F(TestAuthenticatedEncryption, encryptDecryptTest) { - AuthenticatedEncryption authenticated_encryption; + SecretKeyCryptography authenticated_encryption; EXPECT_FALSE(authenticated_encryption.hasKey()); EXPECT_EQ(authenticated_encryption.getKeyHashed(), 0); Profiler time_used; - EXPECT_EQ(authenticated_encryption.createKey("dariofrodo@gmx.de", "r3an7d_spassw"), AuthenticatedEncryption::AUTH_ENCRYPT_OK); + EXPECT_EQ(authenticated_encryption.createKey("dariofrodo@gmx.de", "r3an7d_spassw"), SecretKeyCryptography::AUTH_ENCRYPT_OK); printf("create key duration: %s\n", time_used.string().data()); EXPECT_TRUE(authenticated_encryption.hasKey()); @@ -29,12 +29,12 @@ TEST_F(TestAuthenticatedEncryption, encryptDecryptTest) { memcpy(*test_message_bin, test_message.data(), test_message.size()); time_used.reset(); - EXPECT_EQ(authenticated_encryption.encrypt(test_message_bin, &encrypted_message), AuthenticatedEncryption::AUTH_ENCRYPT_OK); + EXPECT_EQ(authenticated_encryption.encrypt(test_message_bin, &encrypted_message), SecretKeyCryptography::AUTH_ENCRYPT_OK); printf("encrypt message duration: %s\n", time_used.string().data()); MemoryBin* decrypted_message = nullptr; time_used.reset(); - EXPECT_EQ(authenticated_encryption.decrypt(encrypted_message, &decrypted_message), AuthenticatedEncryption::AUTH_DECRYPT_OK); + EXPECT_EQ(authenticated_encryption.decrypt(encrypted_message, &decrypted_message), SecretKeyCryptography::AUTH_DECRYPT_OK); printf("decrypt message duration: %s\n", time_used.string().data()); EXPECT_EQ(std::string((const char*)*decrypted_message, decrypted_message->size()), test_message);