From: Carl Hetherington Date: Sat, 22 Dec 2018 22:43:56 +0000 (+0000) Subject: Incomplete encryption of private keys. X-Git-Tag: v2.13.91~15 X-Git-Url: https://git.carlh.net/gitweb/?p=dcpomatic.git;a=commitdiff_plain;h=5ab0c3bc04e4aa5acd883bb8126fc6b185c6c5d6 Incomplete encryption of private keys. --- diff --git a/src/lib/config.cc b/src/lib/config.cc index ddb4bf25a..e61eea3a6 100644 --- a/src/lib/config.cc +++ b/src/lib/config.cc @@ -771,7 +771,18 @@ Config::write_config () const BOOST_FOREACH (dcp::Certificate const & i, _signer_chain->unordered()) { signer->add_child("Certificate")->add_child_text (i.certificate (true)); } +#ifdef DCPOMATIC_SWAROOP + FILE* f = fopen_boost (path("private"), "wb"); + if (!f) { + throw FileError ("Could not open file for writing", path("private")); + } + shared_array iv = dcpomatic::random_iv (); + dcp::Data encrypted_key = dcpomatic::encrypt (_signer_chain->key().get(), key, iv); + fwrite (encrypted_key.data().get(), encrypted_key.data().size(), 1, f); + fclose (f); +#else signer->add_child("PrivateKey")->add_child_text (_signer_chain->key().get ()); +#endif /* [XML] Decryption Certificate chain and private key to use when decrypting KDMs */ xmlpp::Element* decryption = root->add_child ("Decryption"); diff --git a/src/lib/crypto.cc b/src/lib/crypto.cc new file mode 100644 index 000000000..69e041cb2 --- /dev/null +++ b/src/lib/crypto.cc @@ -0,0 +1,123 @@ +/* + Copyright (C) 2018 Carl Hetherington + + This file is part of DCP-o-matic. + + DCP-o-matic is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + DCP-o-matic is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with DCP-o-matic. If not, see . + +*/ + +/* Based on code from https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption */ + +#include "crypto.h" +#include "exceptions.h" +#include +#include +#include +#include +#include + +using std::string; +using boost::shared_array; +using namespace dcpomatic; + +/** The cipher that this code uses */ +#define CIPHER EVP_aes_256_cbc() + +shared_array +dcpomatic::random_iv () +{ + EVP_CIPHER const * cipher = CIPHER; + shared_array iv (new unsigned char[EVP_CIPHER_iv_length(cipher)]); + RAND_bytes (iv.get(), EVP_CIPHER_iv_length(cipher)); + return iv; +} + +dcp::Data +dcpomatic::encrypt (string plaintext, shared_array key, shared_array iv) +{ + EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new (); + if (!ctx) { + throw CryptoError ("could not create cipher context"); + } + + int r = EVP_EncryptInit_ex (ctx, CIPHER, 0, key.get(), iv.get()); + if (r != 1) { + throw CryptoError ("could not initialise cipher context for encryption"); + } + + dcp::Data ciphertext (plaintext.size() * 2); + + int len; + r = EVP_EncryptUpdate (ctx, ciphertext.data().get(), &len, (unsigned char const *) plaintext.c_str(), plaintext.size()); + if (r != 1) { + throw CryptoError ("could not encrypt data"); + } + + int ciphertext_len = len; + + r = EVP_EncryptFinal_ex (ctx, ciphertext.data().get() + len, &len); + if (r != 1) { + throw CryptoError ("could not finish encryption"); + } + + ciphertext.set_size (ciphertext_len + len); + + EVP_CIPHER_CTX_free (ctx); + + return ciphertext; +} + +string +dcpomatic::decrypt (dcp::Data ciphertext, shared_array key, shared_array iv) +{ + EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new (); + if (!ctx) { + throw CryptoError ("could not create cipher context"); + } + + int r = EVP_DecryptInit_ex (ctx, CIPHER, 0, key.get(), iv.get()); + if (r != 1) { + throw CryptoError ("could not initialise cipher context for decryption"); + } + + dcp::Data plaintext (ciphertext.size() * 2); + + int len; + r = EVP_DecryptUpdate (ctx, plaintext.data().get(), &len, ciphertext.data().get(), ciphertext.size()); + if (r != 1) { + throw CryptoError ("could not decrypt data"); + } + + int plaintext_len = len; + + r = EVP_DecryptFinal_ex (ctx, plaintext.data().get() + len, &len); + if (r != 1) { + throw CryptoError ("could not finish decryption"); + } + + plaintext_len += len; + plaintext.set_size (plaintext_len + 1); + plaintext.data().get()[plaintext_len] = '\0'; + + EVP_CIPHER_CTX_free (ctx); + + return string ((char *) plaintext.data().get()); +} + +int +dcpomatic::crypto_key_length () +{ + return EVP_CIPHER_key_length (CIPHER); +} diff --git a/src/lib/crypto.h b/src/lib/crypto.h new file mode 100644 index 000000000..ea46162a4 --- /dev/null +++ b/src/lib/crypto.h @@ -0,0 +1,31 @@ +/* + Copyright (C) 2018 Carl Hetherington + + This file is part of DCP-o-matic. + + DCP-o-matic is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + DCP-o-matic is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with DCP-o-matic. If not, see . + +*/ + +#include + +namespace dcpomatic { + +boost::shared_array random_iv (); +dcp::Data encrypt (std::string plaintext, boost::shared_array key, boost::shared_array iv); +std::string decrypt (dcp::Data ciphertext, boost::shared_array key, boost::shared_array iv); +int crypto_key_length (); + +} + diff --git a/src/lib/exceptions.h b/src/lib/exceptions.h index eceafa105..fe87ababc 100644 --- a/src/lib/exceptions.h +++ b/src/lib/exceptions.h @@ -44,6 +44,14 @@ public: {} }; +class CryptoError : public std::runtime_error +{ +public: + explicit CryptoError (std::string s) + : std::runtime_error (s) + {} +}; + /** @class EncodeError * @brief A low-level problem with an encoder. */ diff --git a/src/lib/wscript b/src/lib/wscript index 62881e95d..b78f093cf 100644 --- a/src/lib/wscript +++ b/src/lib/wscript @@ -52,6 +52,7 @@ sources = """ content.cc content_factory.cc cross.cc + crypto.cc curl_uploader.cc dcp.cc dcp_content.cc diff --git a/test/crypto_test.cc b/test/crypto_test.cc new file mode 100644 index 000000000..576a6ebc6 --- /dev/null +++ b/test/crypto_test.cc @@ -0,0 +1,44 @@ +/* + Copyright (C) 2018 Carl Hetherington + + This file is part of DCP-o-matic. + + DCP-o-matic is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + DCP-o-matic is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with DCP-o-matic. If not, see . + +*/ + +#include "lib/crypto.h" +#include "lib/exceptions.h" +#include "test.h" +#include +#include + +using std::string; +using std::list; +using boost::shared_array; + +BOOST_AUTO_TEST_CASE (crypto_test) +{ + shared_array key (new unsigned char[dcpomatic::crypto_key_length()]); + shared_array iv = dcpomatic::random_iv (); + + RAND_bytes (key.get(), dcpomatic::crypto_key_length()); + + dcp::Data ciphertext = dcpomatic::encrypt ("Can you see any fish?", key, iv); + BOOST_REQUIRE_EQUAL (dcpomatic::decrypt (ciphertext, key, iv), "Can you see any fish?"); + + key[5]++; + BOOST_REQUIRE_THROW (dcpomatic::decrypt (ciphertext, key, iv), CryptoError); +} + diff --git a/test/wscript b/test/wscript index 47f3dc275..23f31dadc 100644 --- a/test/wscript +++ b/test/wscript @@ -57,6 +57,7 @@ def build(bld): colour_conversion_test.cc config_test.cc content_test.cc + crypto_test.cc dcpomatic_time_test.cc dcp_playback_test.cc dcp_subtitle_test.cc