From 7f19b686cc7b47346ba8bab89bb34188f366db10 Mon Sep 17 00:00:00 2001 From: dec05eba <0xdec05eba@gmail.com> Date: Wed, 16 May 2018 09:47:31 +0200 Subject: Store node encryption key with user data, fix encryption bug when using additional data --- include/odhtdb/Database.hpp | 6 +++--- include/odhtdb/DatabaseStorage.hpp | 16 ++++++++++++---- include/odhtdb/Encryption.hpp | 2 +- 3 files changed, 16 insertions(+), 8 deletions(-) (limited to 'include') diff --git a/include/odhtdb/Database.hpp b/include/odhtdb/Database.hpp index 87389eb..04c3b62 100644 --- a/include/odhtdb/Database.hpp +++ b/include/odhtdb/Database.hpp @@ -188,11 +188,11 @@ namespace odhtdb // Username has to be either unique or if it's the same as existing one, then password has to match. // Node has to be unique for the user. // Throws DatabaseStorageWrongPassword or SqlExecException on failure (if username is not unique in node). - void storeUserPasswordEncrypted(const Hash &nodeHash, const std::string &username, const std::string &password, const Signature::KeyPair &keyPair); + void storeNodeInfoForUserEncrypted(const DatabaseNode &nodeInfo, const std::string &username, const std::string &password, const Signature::KeyPair &keyPair); - // Returns nodes, public key and private key of encrypted user. + // Returns nodes, node encryption key, public key and private key of encrypted user. // Throws DatabaseStorageWrongPassword if password for the stored user is wrong. - MapHash getStoredUserNodeDataDecrypted(const std::string &username, const std::string &password); + MapHash getStoredNodeUserInfoDecrypted(const std::string &username, const std::string &password) const; std::vector getUserGroups(const Hash &nodeHash, const Signature::PublicKey &userPublicKey) const; diff --git a/include/odhtdb/DatabaseStorage.hpp b/include/odhtdb/DatabaseStorage.hpp index 264ab57..a618420 100644 --- a/include/odhtdb/DatabaseStorage.hpp +++ b/include/odhtdb/DatabaseStorage.hpp @@ -10,6 +10,7 @@ #include "OwnedMemory.hpp" #include "DatabaseOperation.hpp" #include "DatabaseOrder.hpp" +#include "DatabaseNode.hpp" #include "sql/SqlQuery.hpp" #include "sql/SqlExec.hpp" #include @@ -72,6 +73,12 @@ namespace odhtdb using FetchNodeUserActionGapsCallbackFunc = std::function; using FetchNodeUserLatestActionCounterCallbackFunc = std::function; + struct StoredNodeInfo + { + std::shared_ptr nodeEncryptionKey; + std::shared_ptr userKeyPair; + }; + class DatabaseStorage { public: @@ -119,12 +126,13 @@ namespace odhtdb // Username has to be either unique or if it's the same as existing one, then password has to match. // Node has to be unique for the user. // Throws DatabaseStorageWrongPassword or SqlExecException on failure (if username is not unique in node). - void storeUserPasswordEncrypted(const Hash &nodeHash, const std::string &username, const std::string &password, const Signature::KeyPair &keyPair); + void storeNodeInfoForUserEncrypted(const DatabaseNode &nodeInfo, const std::string &username, const std::string &password, const Signature::KeyPair &keyPair); - // Returns nodes, public key and private key of encrypted user. + // Returns nodes, node encryption key, public key and private key of encrypted user. // Throws DatabaseStorageWrongPassword if password for the stored user is wrong. // Throws DatabaseStorageNoSuchStoredUser if user doesn't exist. - MapHash getStoredUserNodeDataDecrypted(const std::string &username, const std::string &password); + // Otherwise throw DatabaseStorageException on other errors. + MapHash getStoredNodeUserInfoDecrypted(const std::string &username, const std::string &password) const; // Returns true and node decryption key if node exists and we have the decryption key, // otherwise return false and OwnedMemory with data set to nullptr @@ -158,7 +166,7 @@ namespace odhtdb void setNodeAddDataDecryptedData(i64 rowId, const DataView &decryptedData); // Throws DatabaseStorageNoSuchStoredUser or DatabaseStorageWrongPassword - i64 getStoredUserId(const std::string &username, const DataView &hashedPassword); + i64 getStoredUserId(const std::string &username, const DataView &hashedPassword) const; private: Database *database; sqlite3 *sqliteDb; diff --git a/include/odhtdb/Encryption.hpp b/include/odhtdb/Encryption.hpp index 2457630..b2ae67e 100644 --- a/include/odhtdb/Encryption.hpp +++ b/include/odhtdb/Encryption.hpp @@ -32,7 +32,7 @@ namespace odhtdb DISABLE_COPY(Encryption) public: // Throws EncryptionException on failure (or std::bad_alloc on failed memory allocation) - Encryption(const DataView &data, const DataView &additionalData = DataView(), const DataView &key = DataView()); + Encryption(const DataView &data, const DataView &key = DataView()); ~Encryption(); DataView getKey() const; -- cgit v1.2.3