mirror of
https://github.com/servalproject/serval-dna.git
synced 2025-02-06 11:09:13 +00:00
Add support for encrypted journals with tail>0
This commit is contained in:
Jeremy Lakeman
parent
3d9d54c793
commit
f9bc9d1913
@ -396,6 +396,7 @@ struct rhizome_write{
|
|||||||
char id[SHA512_DIGEST_STRING_LENGTH+1];
|
char id[SHA512_DIGEST_STRING_LENGTH+1];
|
||||||
char id_known;
|
char id_known;
|
||||||
|
|
||||||
|
int64_t tail;
|
||||||
int64_t file_offset;
|
int64_t file_offset;
|
||||||
int64_t written_offset;
|
int64_t written_offset;
|
||||||
int64_t file_length;
|
int64_t file_length;
|
||||||
@ -425,6 +426,7 @@ struct rhizome_read{
|
|||||||
int64_t blob_rowid;
|
int64_t blob_rowid;
|
||||||
int blob_fd;
|
int blob_fd;
|
||||||
|
|
||||||
|
int64_t tail;
|
||||||
int64_t offset;
|
int64_t offset;
|
||||||
int64_t length;
|
int64_t length;
|
||||||
};
|
};
|
||||||
|
|||||||
@ -266,6 +266,11 @@ int rhizome_opendb()
|
|||||||
sqlite_exec_void_loglevel(LOG_LEVEL_WARN, "PRAGMA user_version=3;");
|
sqlite_exec_void_loglevel(LOG_LEVEL_WARN, "PRAGMA user_version=3;");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (version<4){
|
||||||
|
sqlite_exec_void_loglevel(LOG_LEVEL_WARN, "ALTER TABLE MANIFESTS ADD COLUMN tail integer;");
|
||||||
|
sqlite_exec_void_loglevel(LOG_LEVEL_WARN, "PRAGMA user_version=4;");
|
||||||
|
}
|
||||||
|
|
||||||
// TODO recreate tables with collate nocase on hex columns
|
// TODO recreate tables with collate nocase on hex columns
|
||||||
|
|
||||||
/* Future schema updates should be performed here.
|
/* Future schema updates should be performed here.
|
||||||
@ -918,7 +923,24 @@ int rhizome_store_bundle(rhizome_manifest *m)
|
|||||||
return WHY("Failed to begin transaction");
|
return WHY("Failed to begin transaction");
|
||||||
|
|
||||||
sqlite3_stmt *stmt;
|
sqlite3_stmt *stmt;
|
||||||
if ((stmt = sqlite_prepare(&retry, "INSERT OR REPLACE INTO MANIFESTS(id,manifest,version,inserttime,bar,filesize,filehash,author,service,name,sender,recipient) VALUES(?,?,?,?,?,?,?,?,?,?,?,?);")) == NULL)
|
if ((stmt = sqlite_prepare(&retry,
|
||||||
|
"INSERT OR REPLACE INTO MANIFESTS("
|
||||||
|
"id,"
|
||||||
|
"manifest,"
|
||||||
|
"version,"
|
||||||
|
"inserttime,"
|
||||||
|
"bar,"
|
||||||
|
"filesize,"
|
||||||
|
"filehash,"
|
||||||
|
"author,"
|
||||||
|
"service,"
|
||||||
|
"name,"
|
||||||
|
"sender,"
|
||||||
|
"recipient,"
|
||||||
|
"tail"
|
||||||
|
") VALUES("
|
||||||
|
"?,?,?,?,?,?,?,?,?,?,?,?,?"
|
||||||
|
");")) == NULL)
|
||||||
goto rollback;
|
goto rollback;
|
||||||
if (!( sqlite_code_ok(sqlite3_bind_text(stmt, 1, manifestid, -1, SQLITE_STATIC))
|
if (!( sqlite_code_ok(sqlite3_bind_text(stmt, 1, manifestid, -1, SQLITE_STATIC))
|
||||||
&& sqlite_code_ok(sqlite3_bind_blob(stmt, 2, m->manifestdata, m->manifest_bytes, SQLITE_STATIC))
|
&& sqlite_code_ok(sqlite3_bind_blob(stmt, 2, m->manifestdata, m->manifest_bytes, SQLITE_STATIC))
|
||||||
@ -932,6 +954,7 @@ int rhizome_store_bundle(rhizome_manifest *m)
|
|||||||
&& sqlite_code_ok(sqlite3_bind_text(stmt, 10, name, -1, SQLITE_STATIC))
|
&& sqlite_code_ok(sqlite3_bind_text(stmt, 10, name, -1, SQLITE_STATIC))
|
||||||
&& sqlite_code_ok(sqlite3_bind_text(stmt, 11, sender, -1, SQLITE_STATIC))
|
&& sqlite_code_ok(sqlite3_bind_text(stmt, 11, sender, -1, SQLITE_STATIC))
|
||||||
&& sqlite_code_ok(sqlite3_bind_text(stmt, 12, recipient, -1, SQLITE_STATIC))
|
&& sqlite_code_ok(sqlite3_bind_text(stmt, 12, recipient, -1, SQLITE_STATIC))
|
||||||
|
&& sqlite_code_ok(sqlite3_bind_int64(stmt, 13, m->journalTail))
|
||||||
)) {
|
)) {
|
||||||
WHYF("query failed, %s: %s", sqlite3_errmsg(rhizome_db), sqlite3_sql(stmt));
|
WHYF("query failed, %s: %s", sqlite3_errmsg(rhizome_db), sqlite3_sql(stmt));
|
||||||
goto rollback;
|
goto rollback;
|
||||||
|
|||||||
@ -143,7 +143,10 @@ static int prepare_data(struct rhizome_write *write_state, unsigned char *buffer
|
|||||||
write_state->file_offset, data_size, write_state->file_length);
|
write_state->file_offset, data_size, write_state->file_length);
|
||||||
|
|
||||||
if (write_state->crypt){
|
if (write_state->crypt){
|
||||||
if (rhizome_crypt_xor_block(buffer, data_size, write_state->file_offset, write_state->key, write_state->nonce))
|
if (rhizome_crypt_xor_block(
|
||||||
|
buffer, data_size,
|
||||||
|
write_state->file_offset + write_state->tail,
|
||||||
|
write_state->key, write_state->nonce))
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -588,6 +591,8 @@ static int rhizome_write_derive_key(rhizome_manifest *m, rhizome_bk_t *bsk, stru
|
|||||||
DEBUGF("Encrypting payload contents");
|
DEBUGF("Encrypting payload contents");
|
||||||
|
|
||||||
write->crypt=1;
|
write->crypt=1;
|
||||||
|
write->tail = m->journalTail;
|
||||||
|
|
||||||
bcopy(m->payloadKey, write->key, sizeof(write->key));
|
bcopy(m->payloadKey, write->key, sizeof(write->key));
|
||||||
bcopy(m->payloadNonce, write->nonce, sizeof(write->nonce));
|
bcopy(m->payloadNonce, write->nonce, sizeof(write->nonce));
|
||||||
return 0;
|
return 0;
|
||||||
@ -723,7 +728,10 @@ int rhizome_read(struct rhizome_read *read_state, unsigned char *buffer, int buf
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (read_state->crypt && buffer && bytes_read>0){
|
if (read_state->crypt && buffer && bytes_read>0){
|
||||||
if(rhizome_crypt_xor_block(buffer, bytes_read, read_state->offset, read_state->key, read_state->nonce)){
|
if(rhizome_crypt_xor_block(
|
||||||
|
buffer, bytes_read,
|
||||||
|
read_state->offset + read_state->tail,
|
||||||
|
read_state->key, read_state->nonce)){
|
||||||
RETURN(-1);
|
RETURN(-1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -786,6 +794,8 @@ static int read_derive_key(rhizome_manifest *m, rhizome_bk_t *bsk, struct rhizom
|
|||||||
}
|
}
|
||||||
if (config.debug.rhizome)
|
if (config.debug.rhizome)
|
||||||
DEBUGF("Decrypting file contents");
|
DEBUGF("Decrypting file contents");
|
||||||
|
|
||||||
|
read_state->tail = m->journalTail;
|
||||||
bcopy(m->payloadKey, read_state->key, sizeof(read_state->key));
|
bcopy(m->payloadKey, read_state->key, sizeof(read_state->key));
|
||||||
bcopy(m->payloadNonce, read_state->nonce, sizeof(read_state->nonce));
|
bcopy(m->payloadNonce, read_state->nonce, sizeof(read_state->nonce));
|
||||||
}
|
}
|
||||||
@ -793,7 +803,6 @@ static int read_derive_key(rhizome_manifest *m, rhizome_bk_t *bsk, struct rhizom
|
|||||||
}
|
}
|
||||||
|
|
||||||
int rhizome_open_decrypt_read(rhizome_manifest *m, rhizome_bk_t *bsk, struct rhizome_read *read_state, int hash){
|
int rhizome_open_decrypt_read(rhizome_manifest *m, rhizome_bk_t *bsk, struct rhizome_read *read_state, int hash){
|
||||||
|
|
||||||
// for now, always hash the file
|
// for now, always hash the file
|
||||||
int ret = rhizome_open_read(read_state, m->fileHexHash, hash);
|
int ret = rhizome_open_read(read_state, m->fileHexHash, hash);
|
||||||
if (ret == 0)
|
if (ret == 0)
|
||||||
@ -872,6 +881,7 @@ int rhizome_write_open_journal(struct rhizome_write *write, rhizome_manifest *m,
|
|||||||
|
|
||||||
uint64_t old_length = m->fileLength;
|
uint64_t old_length = m->fileLength;
|
||||||
uint64_t copy_length = old_length - advance_by;
|
uint64_t copy_length = old_length - advance_by;
|
||||||
|
|
||||||
m->fileLength = m->fileLength + new_size - advance_by;
|
m->fileLength = m->fileLength + new_size - advance_by;
|
||||||
rhizome_manifest_set_ll(m, "filesize", m->fileLength);
|
rhizome_manifest_set_ll(m, "filesize", m->fileLength);
|
||||||
|
|
||||||
@ -905,7 +915,7 @@ int rhizome_write_open_journal(struct rhizome_write *write, rhizome_manifest *m,
|
|||||||
ret = rhizome_write_derive_key(m, bsk, write);
|
ret = rhizome_write_derive_key(m, bsk, write);
|
||||||
if (ret)
|
if (ret)
|
||||||
goto failure;
|
goto failure;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
failure:
|
failure:
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user