IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

use KeyPairEd25519 and AuthenticatedEncryption in controller/User

Browse Source
This commit is contained in:
Dario 2020-06-08 13:42:37 +02:00
parent d08ab28394
commit e7624382ae
7 changed files with 53 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/cpp/Crypto/AuthenticatedEncryption.cpp
View File

@ -68,7 +68,7 @@ AuthenticatedEncryption::ResultType AuthenticatedEncryption::createKey(const std
return AUTH_ENCRYPT_OK; return AUTH_ENCRYPT_OK;
} }
AuthenticatedEncryption::ResultType AuthenticatedEncryption::encrypt(const MemoryBin* message, MemoryBin** encryptedMessage) AuthenticatedEncryption::ResultType AuthenticatedEncryption::encrypt(const MemoryBin* message, MemoryBin** encryptedMessage) const
{ {
assert(message && encryptedMessage); assert(message && encryptedMessage);
std::shared_lock<std::shared_mutex> _lock(mWorkingMutex); std::shared_lock<std::shared_mutex> _lock(mWorkingMutex);
@ -100,7 +100,7 @@ AuthenticatedEncryption::ResultType AuthenticatedEncryption::encrypt(const Memor
return AUTH_ENCRYPT_OK; return AUTH_ENCRYPT_OK;
} }
AuthenticatedEncryption::ResultType AuthenticatedEncryption::decrypt(const MemoryBin* encryptedMessage, MemoryBin** message) AuthenticatedEncryption::ResultType AuthenticatedEncryption::decrypt(const MemoryBin* encryptedMessage, MemoryBin** message) const
{ {
assert(message && encryptedMessage); assert(message && encryptedMessage);
std::shared_lock<std::shared_mutex> _lock(mWorkingMutex); std::shared_lock<std::shared_mutex> _lock(mWorkingMutex);

8
src/cpp/Crypto/AuthenticatedEncryption.h
View File

@ -56,11 +56,11 @@ public:
//! \return AUTH_CREATE_ENCRYPTION_KEY_FAILED call strerror(errno) for more details //! \return AUTH_CREATE_ENCRYPTION_KEY_FAILED call strerror(errno) for more details
ResultType createKey(const std::string& salt_parameter, const std::string& passwd); ResultType createKey(const std::string& salt_parameter, const std::string& passwd);
ResultType encrypt(const MemoryBin* message, MemoryBin** encryptedMessage); ResultType encrypt(const MemoryBin* message, MemoryBin** encryptedMessage) const;
ResultType decrypt(const MemoryBin* encryptedMessage, MemoryBin** message); ResultType decrypt(const MemoryBin* encryptedMessage, MemoryBin** message) const;
const char* getErrorMessage(ResultType type); static const char* getErrorMessage(ResultType type);
protected: protected:
// algorithms parameter // algorithms parameter
@ -75,4 +75,6 @@ protected:
mutable std::shared_mutex mWorkingMutex; mutable std::shared_mutex mWorkingMutex;
}; };
#endif //__GRADIDO_LOGIN_SERVER_CRYPTO_AUTHENTICATED_ENCRYPTION_H #endif //__GRADIDO_LOGIN_SERVER_CRYPTO_AUTHENTICATED_ENCRYPTION_H

2
src/cpp/Crypto/IKeyPair.h
View File

@ -17,7 +17,7 @@ class IKeyPair
{ {
public: public:
//! \return caller take ownership of return value //! \return caller take ownership of return value
virtual MemoryBin* sign(const MemoryBin* message) = 0; virtual MemoryBin* sign(const MemoryBin* message) const = 0 ;
}; };

17
src/cpp/Crypto/KeyPairEd25519.cpp
View File

@ -105,7 +105,7 @@ KeyPairEd25519* KeyPairEd25519::create(const Passphrase* passphrase)
// using // using
} }
MemoryBin* KeyPairEd25519::sign(const MemoryBin* message) MemoryBin* KeyPairEd25519::sign(const MemoryBin* message) const
{ {
if (!message || !message->size()) return nullptr; if (!message || !message->size()) return nullptr;
@ -147,3 +147,18 @@ MemoryBin* KeyPairEd25519::sign(const MemoryBin* message)
return signBinBuffer; return signBinBuffer;
} }
MemoryBin* KeyPairEd25519::getCryptedPrivKey(const AuthenticatedEncryption* password) const
{
if (!password) return nullptr;
if (!mSodiumSecret) return nullptr;
MemoryBin* encryptedKey = nullptr;
if (AuthenticatedEncryption::AUTH_ENCRYPT_OK == password->encrypt(mSodiumSecret, &encryptedKey)) {
return encryptedKey;
}
else {
return nullptr;
}
}

7
src/cpp/Crypto/KeyPairEd25519.h
View File

@ -12,6 +12,7 @@
*/ */
#include "sodium.h" #include "sodium.h"
#include "AuthenticatedEncryption.h"
class Passphrase; class Passphrase;
@ -30,7 +31,7 @@ public:
static KeyPairEd25519* create(const Passphrase* passphrase); static KeyPairEd25519* create(const Passphrase* passphrase);
//! \return caller take ownership of return value //! \return caller take ownership of return value
MemoryBin* sign(const MemoryBin* message); MemoryBin* sign(const MemoryBin* message) const;
inline const unsigned char* getPublicKey() const { return mSodiumPublic; } inline const unsigned char* getPublicKey() const { return mSodiumPublic; }
@ -43,7 +44,11 @@ public:
inline bool hasPrivateKey() const { return mSodiumSecret != nullptr; } inline bool hasPrivateKey() const { return mSodiumSecret != nullptr; }
//! \brief only way to get a private key.. encrypted
MemoryBin* getCryptedPrivKey(const AuthenticatedEncryption* password) const;
protected: protected:
KeyPairEd25519(); KeyPairEd25519();

4
src/cpp/controller/User.cpp
View File

@ -6,12 +6,16 @@
namespace controller { namespace controller {
User::User(model::table::User* dbModel) User::User(model::table::User* dbModel)
: mPassword(nullptr)
{ {
mDBModel = dbModel; mDBModel = dbModel;
} }
User::~User() User::~User()
{ {
if (mPassword) {
delete mPassword;
}
} }

19
src/cpp/controller/User.h
View File

@ -2,7 +2,9 @@
#define GRADIDO_LOGIN_SERVER_CONTROLLER_USER_INCLUDE #define GRADIDO_LOGIN_SERVER_CONTROLLER_USER_INCLUDE
#include "../model/table/User.h" #include "../model/table/User.h"
#include "../Crypto/AuthenticatedEncryption.h"
#include <shared_mutex>
#include "TableControllerBase.h" #include "TableControllerBase.h"
@ -34,17 +36,32 @@ namespace controller {
inline Poco::AutoPtr<model::table::User> getModel() { return _getModel<model::table::User>(); } inline Poco::AutoPtr<model::table::User> getModel() { return _getModel<model::table::User>(); }
inline const model::table::User* getModel() const { return _getModel<model::table::User>(); } inline const model::table::User* getModel() const { return _getModel<model::table::User>(); }
std::string getEmailWithNames(); std::string getEmailWithNames();
const std::string& getPublicHex(); const std::string& getPublicHex();
// ***********************************************************************************
// password related
//! \brief
//! \param passwd take owner ship
inline void setPassword(AuthenticatedEncryption* passwd) {
std::unique_lock<std::shared_mutex> _lock(mSharedMutex);
if (mPassword) delete passwd;
mPassword = passwd;
}
inline const AuthenticatedEncryption* getPassword() {
std::shared_lock<std::shared_mutex> _lock(mSharedMutex);
return mPassword;
}
protected: protected:
User(model::table::User* dbModel); User(model::table::User* dbModel);
std::string mPublicHex; std::string mPublicHex;
AuthenticatedEncryption* mPassword;
mutable std::shared_mutex mSharedMutex;
}; };
} }