Incomplete encryption of private keys.

diff --git a/src/lib/config.cc b/src/lib/config.cc
index ddb4bf25a22346f8f3a6e5f7fd8ab742fcdfa43d..e61eea3a6f89f7cd916be30b9cb8a54aa595dc95 100644 (file)
--- a/src/lib/config.cc
+++ b/src/lib/config.cc
@@ -771,7 +771,18 @@ Config::write_config () const
        BOOST_FOREACH (dcp::Certificate const & i, _signer_chain->unordered()) {
                signer->add_child("Certificate")->add_child_text (i.certificate (true));
        }
+#ifdef DCPOMATIC_SWAROOP
+       FILE* f = fopen_boost (path("private"), "wb");
+       if (!f) {
+               throw FileError ("Could not open file for writing", path("private"));
+       }
+       shared_array<uint8_t> iv = dcpomatic::random_iv ();
+       dcp::Data encrypted_key = dcpomatic::encrypt (_signer_chain->key().get(), key, iv);
+       fwrite (encrypted_key.data().get(), encrypted_key.data().size(), 1, f);
+       fclose (f);
+#else  
        signer->add_child("PrivateKey")->add_child_text (_signer_chain->key().get ());
+#endif 
 
        /* [XML] Decryption Certificate chain and private key to use when decrypting KDMs */
        xmlpp::Element* decryption = root->add_child ("Decryption");

diff --git a/src/lib/crypto.cc b/src/lib/crypto.cc
new file mode 100644 (file)
index 0000000..69e041c
--- /dev/null
+++ b/src/lib/crypto.cc
@@ -0,0 +1,123 @@
+/*
+    Copyright (C) 2018 Carl Hetherington <cth@carlh.net>
+
+    This file is part of DCP-o-matic.
+
+    DCP-o-matic is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    DCP-o-matic is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with DCP-o-matic.  If not, see <http://www.gnu.org/licenses/>.
+
+*/
+
+/* Based on code from https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption */
+
+#include "crypto.h"
+#include "exceptions.h"
+#include <openssl/conf.h>
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#include <boost/scoped_array.hpp>
+
+using std::string;
+using boost::shared_array;
+using namespace dcpomatic;
+
+/** The cipher that this code uses */
+#define CIPHER EVP_aes_256_cbc()
+
+shared_array<unsigned char>
+dcpomatic::random_iv ()
+{
+       EVP_CIPHER const * cipher = CIPHER;
+       shared_array<unsigned char> iv (new unsigned char[EVP_CIPHER_iv_length(cipher)]);
+       RAND_bytes (iv.get(), EVP_CIPHER_iv_length(cipher));
+       return iv;
+}
+       
+dcp::Data
+dcpomatic::encrypt (string plaintext, shared_array<unsigned char const> key, shared_array<unsigned char const> iv)
+{
+       EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new ();
+       if (!ctx) {
+               throw CryptoError ("could not create cipher context");
+       }
+
+       int r = EVP_EncryptInit_ex (ctx, CIPHER, 0, key.get(), iv.get());
+       if (r != 1) {
+               throw CryptoError ("could not initialise cipher context for encryption");
+       }
+
+       dcp::Data ciphertext (plaintext.size() * 2);
+
+       int len;
+       r = EVP_EncryptUpdate (ctx, ciphertext.data().get(), &len, (unsigned char const *) plaintext.c_str(), plaintext.size());
+       if (r != 1) {
+               throw CryptoError ("could not encrypt data");
+       }
+
+       int ciphertext_len = len;
+
+       r = EVP_EncryptFinal_ex (ctx, ciphertext.data().get() + len, &len);
+       if (r != 1) {
+               throw CryptoError ("could not finish encryption");
+       }
+
+       ciphertext.set_size (ciphertext_len + len);
+
+       EVP_CIPHER_CTX_free (ctx);
+
+       return ciphertext;
+}
+
+string
+dcpomatic::decrypt (dcp::Data ciphertext, shared_array<unsigned char const> key, shared_array<unsigned char const> iv)
+{
+       EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new ();
+       if (!ctx) {
+               throw CryptoError ("could not create cipher context");
+       }
+
+       int r = EVP_DecryptInit_ex (ctx, CIPHER, 0, key.get(), iv.get());
+       if (r != 1) {
+               throw CryptoError ("could not initialise cipher context for decryption");
+       }
+
+       dcp::Data plaintext (ciphertext.size() * 2);
+
+       int len;
+       r = EVP_DecryptUpdate (ctx, plaintext.data().get(), &len, ciphertext.data().get(), ciphertext.size());
+       if (r != 1) {
+               throw CryptoError ("could not decrypt data");
+       }
+
+       int plaintext_len = len;
+       
+       r = EVP_DecryptFinal_ex (ctx, plaintext.data().get() + len, &len);
+       if (r != 1) {
+               throw CryptoError ("could not finish decryption");
+       }
+
+       plaintext_len += len;
+       plaintext.set_size (plaintext_len + 1);
+       plaintext.data().get()[plaintext_len] = '\0';
+
+       EVP_CIPHER_CTX_free (ctx);
+
+       return string ((char *) plaintext.data().get());
+}
+
+int
+dcpomatic::crypto_key_length ()
+{
+       return EVP_CIPHER_key_length (CIPHER);
+}

diff --git a/src/lib/crypto.h b/src/lib/crypto.h
new file mode 100644 (file)
index 0000000..ea46162
--- /dev/null
+++ b/src/lib/crypto.h
@@ -0,0 +1,31 @@
+/*
+    Copyright (C) 2018 Carl Hetherington <cth@carlh.net>
+
+    This file is part of DCP-o-matic.
+
+    DCP-o-matic is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    DCP-o-matic is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with DCP-o-matic.  If not, see <http://www.gnu.org/licenses/>.
+
+*/
+
+#include <dcp/data.h>
+
+namespace dcpomatic {
+       
+boost::shared_array<unsigned char> random_iv ();
+dcp::Data encrypt (std::string plaintext, boost::shared_array<unsigned char const> key, boost::shared_array<unsigned char const> iv);
+std::string decrypt (dcp::Data ciphertext, boost::shared_array<unsigned char const> key, boost::shared_array<unsigned char const> iv);
+int crypto_key_length ();      
+
+}
+

diff --git a/src/lib/exceptions.h b/src/lib/exceptions.h
index eceafa10501d656a55ef78961590ecaff72108b7..fe87ababcad292335b52ed07d0328c19484420bb 100644 (file)
--- a/src/lib/exceptions.h
+++ b/src/lib/exceptions.h
@@ -44,6 +44,14 @@ public:
        {}
 };
 
+class CryptoError : public std::runtime_error
+{
+public:
+       explicit CryptoError (std::string s)
+               : std::runtime_error (s)
+       {}
+};
+
 /** @class EncodeError
  *  @brief A low-level problem with an encoder.
  */

diff --git a/src/lib/wscript b/src/lib/wscript
index 62881e95d4c00e82081928d678e0897f08f094c4..b78f093cfcaa32bc4bb785a6292cac15c2c82068 100644 (file)
--- a/src/lib/wscript
+++ b/src/lib/wscript
@@ -52,6 +52,7 @@ sources = """
           content.cc
           content_factory.cc
           cross.cc
+          crypto.cc
           curl_uploader.cc
           dcp.cc
           dcp_content.cc

diff --git a/test/crypto_test.cc b/test/crypto_test.cc
new file mode 100644 (file)
index 0000000..576a6eb
--- /dev/null
+++ b/test/crypto_test.cc
@@ -0,0 +1,44 @@
+/*
+    Copyright (C) 2018 Carl Hetherington <cth@carlh.net>
+
+    This file is part of DCP-o-matic.
+
+    DCP-o-matic is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    DCP-o-matic is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with DCP-o-matic.  If not, see <http://www.gnu.org/licenses/>.
+
+*/
+
+#include "lib/crypto.h"
+#include "lib/exceptions.h"
+#include "test.h"
+#include <openssl/rand.h>
+#include <boost/test/unit_test.hpp>
+
+using std::string;
+using std::list;
+using boost::shared_array;
+
+BOOST_AUTO_TEST_CASE (crypto_test)
+{
+       shared_array<unsigned char> key (new unsigned char[dcpomatic::crypto_key_length()]);
+       shared_array<unsigned char> iv = dcpomatic::random_iv ();
+
+       RAND_bytes (key.get(), dcpomatic::crypto_key_length());
+
+       dcp::Data ciphertext = dcpomatic::encrypt ("Can you see any fish?", key, iv);
+       BOOST_REQUIRE_EQUAL (dcpomatic::decrypt (ciphertext, key, iv), "Can you see any fish?");
+
+       key[5]++;
+       BOOST_REQUIRE_THROW (dcpomatic::decrypt (ciphertext, key, iv), CryptoError);
+}
+

diff --git a/test/wscript b/test/wscript
index 47f3dc275e3d46bbbf504a1b80a0fa0b5cc34a9c..23f31dadcb82dd65864c321f552fac7d96c4c5af 100644 (file)
--- a/test/wscript
+++ b/test/wscript
@@ -57,6 +57,7 @@ def build(bld):
                  colour_conversion_test.cc
                  config_test.cc
                  content_test.cc
+                 crypto_test.cc
                  dcpomatic_time_test.cc
                  dcp_playback_test.cc
                  dcp_subtitle_test.cc