X-Git-Url: http://git.euphorik.ch/?a=blobdiff_plain;f=labo2-fsharp%2FCryptoFile%2FAPI.fs;h=0014c1e280bec30e027f02c74d3bcc37fb36334f;hb=0425c0fc231c8a5625bf7ac9b711e152de0eafaa;hp=2cf2167a92191d2e2eabc16fd26c60517060c5de;hpb=beda8d83dc421c479bdcf5ee626ec85ee8555a80;p=crypto_lab2.git

diff --git a/labo2-fsharp/CryptoFile/API.fs b/labo2-fsharp/CryptoFile/API.fs
index 2cf2167..0014c1e 100644
--- a/labo2-fsharp/CryptoFile/API.fs
+++ b/labo2-fsharp/CryptoFile/API.fs
@@ -1,20 +1,31 @@
 ï»¿namespace CryptoFile
 open System.IO
 
-type internal Metadata (d : (string * string) list) =
-    new (stream : Stream, size: int) =
-        let binaryReader = new BinaryReader (stream)
-        new Metadata ([])
+type internal Metadata (d: (string * string) list) =
+    new (stream : Stream) =
+        let reader = new BinaryReader (stream)
+        let length = reader.ReadByte () |> int
+        new Metadata ([for i in 1..length -> reader.ReadString (), reader.ReadString ()])
+
+    // May raise 'KeyNotFoundException'.
+    member this.get (key: string) : string =
+        List.pick (function
+                    | (k, v) when k = key -> Some (v)
+                    | _ -> None) d
+
     member this.WriteTo (stream : Stream) =
-        let binaryWriter = new BinaryWriter (stream)
-        List.iter (fun (key : string, value : string) -> binaryWriter.Write key; binaryWriter.Write value) d
+        let writer = new BinaryWriter (stream)
+        writer.Write (byte d.Length)
+        List.iter (fun (key : string, value : string) -> writer.Write key; writer.Write value) d
 
 module API =
-    let internal filename = "filename"
-    let internal creationTimeKey = "file-creation-time"
+    module internal Metadata =
+        let filename = "filename"
+        let creationTimeKey = "file-creation-time"
 
     let generatKeysPair : Key * Key = Crypto.generateRSAKeysPair
 
+    // Encrypt a given file
     let encryptFile (inputFilePath : string) (outputFilePath : string) (signaturePrivKey: Key) (cryptPubKey : Key)  =
         let keyAES, keyMAC, iv = Crypto.rand 32, Crypto.rand 32, Crypto.rand 16
         let fileInfo = new FileInfo (inputFilePath)
@@ -22,24 +33,57 @@ module API =
         use outputStream = new FileStream (outputFilePath, FileMode.Create, FileAccess.Write)
         let writer = new BinaryWriter (outputStream)
 
-        ignore <| writer.Seek (8 + 32 + 256, SeekOrigin.Current) // Skips file-content-size, mac and signature. They will be written later.
+        writer.Seek (32 + 256, SeekOrigin.Current) |> ignore // Skips mac and signature. They will be written later.
 
         Crypto.encryptRSA cryptPubKey (Array.append keyAES <| Array.append keyMAC iv) |> writer.Write
 
-        printfn "pos: %A" outputStream.Position
-
-        use cryptoStream = Crypto.encryptAES keyAES iv outputStream
+        let (hmacStream, hmac) = Crypto.HMACStream keyMAC outputStream
+        use cryptoStream = Crypto.encryptAES keyAES iv hmacStream
         let cryptoWriter = new BinaryWriter (cryptoStream)
 
-        // Write metadata.
-        let metaData = new Metadata ([filename, fileInfo.Name; creationTimeKey, fileInfo.CreationTimeUtc.Ticks.ToString ()])
-        let metaDataStream = new MemoryStream ()
-        metaData.WriteTo metaDataStream
-        cryptoWriter.Write (int metaDataStream.Length)
-        printfn "meta size: %A" (int metaDataStream.Length)
-        metaDataStream.Position <- 0L
-        metaDataStream.CopyTo cryptoStream
+        // Write the file metadata.
+        let metaData = new Metadata ([Metadata.filename, fileInfo.Name
+                                      Metadata.creationTimeKey, fileInfo.CreationTimeUtc.Ticks.ToString ()])
+        metaData.WriteTo cryptoStream
+
+        // Write the content of the file.
+        inputStream.CopyTo cryptoStream
+        cryptoStream.FlushFinalBlock ()
+
+        // Write the HMAC at the begining of the file.
+        outputStream.Position <- 0L
+        writer.Write hmac.Hash
+
+        // Write the signature.
+        Crypto.signRSA signaturePrivKey hmac.Hash |> writer.Write
         ()
 
     let decryptFile (sourceFilePath : string) (targetDirPath : string) (signaturePubKey: Key) (decryptPrivKey : Key) =
+        use inputStream = new FileStream (sourceFilePath, FileMode.Open, FileAccess.Read)
+        use reader = new BinaryReader (inputStream)
+        let mac = reader.ReadBytes 32
+        let signature = reader.ReadBytes 256
+        let keys = reader.ReadBytes 256 |> Crypto.decryptRSA decryptPrivKey
+        let keyAES = keys.[0..31]
+        let keyMAC = keys.[32..63]
+        let iv = keys.[64..79]
+
+        // Integrity validation.
+        let mac' = Crypto.ComputeHMAC keyMAC inputStream
+        if mac' <> mac then
+            raise IntegrityError
+
+        // Authentication validation.
+        if not <| Crypto.verifySignRSA signaturePubKey mac' signature then
+            raise SignatureMismatch
+
+        // Decrypt metadata.
+        inputStream.Position <- 32L + 256L + 256L
+        use cryptoStream = Crypto.decryptAES keyAES iv inputStream
+        let metadata = new Metadata (cryptoStream)
+
+        // Create the file and write.
+        let filename = metadata.get Metadata.filename
+        use outputStream = new FileStream (Path.Combine (targetDirPath, filename), FileMode.Create, FileAccess.Write)
+        cryptoStream.CopyTo outputStream
         ()