diff options
author | dec05eba <dec05eba@protonmail.com> | 2018-05-16 09:47:31 +0200 |
---|---|---|
committer | dec05eba <dec05eba@protonmail.com> | 2020-08-18 23:25:46 +0200 |
commit | 97c9ff702f002925dcd33869d0e22eda18390e2e (patch) | |
tree | 88096d36e2b20d63ff3e5add42a7053c5b85c8a5 /include | |
parent | 2326b2da65624e921ee79b56324c59de4a885fde (diff) |
Store node encryption key with user data, fix encryption bug when using additional data
Diffstat (limited to 'include')
-rw-r--r-- | include/odhtdb/Database.hpp | 6 | ||||
-rw-r--r-- | include/odhtdb/DatabaseStorage.hpp | 16 | ||||
-rw-r--r-- | include/odhtdb/Encryption.hpp | 2 |
3 files changed, 16 insertions, 8 deletions
diff --git a/include/odhtdb/Database.hpp b/include/odhtdb/Database.hpp index 87389eb..04c3b62 100644 --- a/include/odhtdb/Database.hpp +++ b/include/odhtdb/Database.hpp @@ -188,11 +188,11 @@ namespace odhtdb // Username has to be either unique or if it's the same as existing one, then password has to match. // Node has to be unique for the user. // Throws DatabaseStorageWrongPassword or SqlExecException on failure (if username is not unique in node). - void storeUserPasswordEncrypted(const Hash &nodeHash, const std::string &username, const std::string &password, const Signature::KeyPair &keyPair); + void storeNodeInfoForUserEncrypted(const DatabaseNode &nodeInfo, const std::string &username, const std::string &password, const Signature::KeyPair &keyPair); - // Returns nodes, public key and private key of encrypted user. + // Returns nodes, node encryption key, public key and private key of encrypted user. // Throws DatabaseStorageWrongPassword if password for the stored user is wrong. - MapHash<Signature::KeyPair> getStoredUserNodeDataDecrypted(const std::string &username, const std::string &password); + MapHash<StoredNodeInfo> getStoredNodeUserInfoDecrypted(const std::string &username, const std::string &password) const; std::vector<OwnedMemory> getUserGroups(const Hash &nodeHash, const Signature::PublicKey &userPublicKey) const; diff --git a/include/odhtdb/DatabaseStorage.hpp b/include/odhtdb/DatabaseStorage.hpp index 264ab57..a618420 100644 --- a/include/odhtdb/DatabaseStorage.hpp +++ b/include/odhtdb/DatabaseStorage.hpp @@ -10,6 +10,7 @@ #include "OwnedMemory.hpp" #include "DatabaseOperation.hpp" #include "DatabaseOrder.hpp" +#include "DatabaseNode.hpp" #include "sql/SqlQuery.hpp" #include "sql/SqlExec.hpp" #include <vector> @@ -72,6 +73,12 @@ namespace odhtdb using FetchNodeUserActionGapsCallbackFunc = std::function<void(const DataView userPublicKey, u64 start, u64 range)>; using FetchNodeUserLatestActionCounterCallbackFunc = std::function<void(const DataView userPublicKey, u64 latestActionCounter)>; + struct StoredNodeInfo + { + std::shared_ptr<OwnedMemory> nodeEncryptionKey; + std::shared_ptr<Signature::KeyPair> userKeyPair; + }; + class DatabaseStorage { public: @@ -119,12 +126,13 @@ namespace odhtdb // Username has to be either unique or if it's the same as existing one, then password has to match. // Node has to be unique for the user. // Throws DatabaseStorageWrongPassword or SqlExecException on failure (if username is not unique in node). - void storeUserPasswordEncrypted(const Hash &nodeHash, const std::string &username, const std::string &password, const Signature::KeyPair &keyPair); + void storeNodeInfoForUserEncrypted(const DatabaseNode &nodeInfo, const std::string &username, const std::string &password, const Signature::KeyPair &keyPair); - // Returns nodes, public key and private key of encrypted user. + // Returns nodes, node encryption key, public key and private key of encrypted user. // Throws DatabaseStorageWrongPassword if password for the stored user is wrong. // Throws DatabaseStorageNoSuchStoredUser if user doesn't exist. - MapHash<Signature::KeyPair> getStoredUserNodeDataDecrypted(const std::string &username, const std::string &password); + // Otherwise throw DatabaseStorageException on other errors. + MapHash<StoredNodeInfo> getStoredNodeUserInfoDecrypted(const std::string &username, const std::string &password) const; // Returns true and node decryption key if node exists and we have the decryption key, // otherwise return false and OwnedMemory with data set to nullptr @@ -158,7 +166,7 @@ namespace odhtdb void setNodeAddDataDecryptedData(i64 rowId, const DataView &decryptedData); // Throws DatabaseStorageNoSuchStoredUser or DatabaseStorageWrongPassword - i64 getStoredUserId(const std::string &username, const DataView &hashedPassword); + i64 getStoredUserId(const std::string &username, const DataView &hashedPassword) const; private: Database *database; sqlite3 *sqliteDb; diff --git a/include/odhtdb/Encryption.hpp b/include/odhtdb/Encryption.hpp index 2457630..b2ae67e 100644 --- a/include/odhtdb/Encryption.hpp +++ b/include/odhtdb/Encryption.hpp @@ -32,7 +32,7 @@ namespace odhtdb DISABLE_COPY(Encryption) public: // Throws EncryptionException on failure (or std::bad_alloc on failed memory allocation) - Encryption(const DataView &data, const DataView &additionalData = DataView(), const DataView &key = DataView()); + Encryption(const DataView &data, const DataView &key = DataView()); ~Encryption(); DataView getKey() const; |