X-Git-Url: http://git.euphorik.ch/?a=blobdiff_plain;f=labo2-fsharp%2FCryptoFile%2FAPI.fs;h=925f933b7b6f48ee165e69358927abd52dce7842;hb=57d7ae8d75a854296718cb1056efbeb476309908;hp=1601c97a8fb4fbb00e37d762c378f75f507c6832;hpb=19a9446e4042d5e451f1ae0534ffba242d33879e;p=crypto_lab2.git

diff --git a/labo2-fsharp/CryptoFile/API.fs b/labo2-fsharp/CryptoFile/API.fs
index 1601c97..925f933 100644
--- a/labo2-fsharp/CryptoFile/API.fs
+++ b/labo2-fsharp/CryptoFile/API.fs
@@ -3,52 +3,62 @@
 open System
 open System.IO
 
-// To read and write metadata.
+/// To read and write metadata.
 type internal Metadata (d: (string * string) list) =
-    // Read metadata from a stream.
+    /// Read metadata from a stream.
     new (stream : Stream) =
         let reader = new BinaryReader (stream)
         let length = reader.ReadByte () |> int
-        new Metadata ([for i in 1..length -> reader.ReadString (), reader.ReadString ()])
+        Metadata ([for _ in 1 .. length -> reader.ReadString (), reader.ReadString ()])
 
-    // Write metadata to a stream.
+    /// Write metadata to a stream.
     member this.WriteTo (stream : Stream) =
         let writer = new BinaryWriter (stream)
         writer.Write (byte d.Length)
         List.iter (fun (key : string, value : string) -> writer.Write key; writer.Write value) d
 
-    // May raise 'KeyNotFoundException'.
+    /// May raise 'KeyNotFoundException'.
     member this.get (key: string) : string =
         List.pick (function
                     | (k, v) when k = key -> Some (v)
                     | _ -> None) d
 
 module API =
-    module internal Metadata =
-        let filenameKey = "filename"
-        let modificationTimeKey = "file-modification-time"
+    module internal MetadataKeys =
+        let filename = "filename"
+        let modificationTime = "file-modification-time"
 
-    let generatKeysPair : Key * Key = Crypto.generateRSAKeysPair
+    let internal (@@) a1 a2 = Array.append a1 a2
 
+    let test = 256 / 8
+    let hmacSize = 256 / 8 // [byte].
+    let signatureSize = Crypto.rsaKeySize / 8 // [byte].
+    let keysSize = Crypto.rsaKeySize / 8 // [byte].
+
+    let generatKeysPair () : Key * Key = Crypto.generateRSAKeysPair ()
+
+    /// Format of the container:
+    ///  <mac><signature><encrypted keys><cyphertext>
+    /// Where the sizes of the three first parts are given by 'hmacSize', 'signatureSize' and 'keysSize'.
     let encryptFile (inputFilePath : string) (outputFilePath : string) (signaturePrivKey: Key) (cryptPubKey : Key)  =
-        let keyAES, keyMAC, iv = Crypto.rand 32, Crypto.rand 32, Crypto.rand 16
-        let fileInfo = new FileInfo (inputFilePath)
-        use inputStream = new FileStream (inputFilePath, FileMode.Open, FileAccess.Read)
+        let keyAES, keyMAC, iv = Crypto.rand 16, Crypto.rand 32, Crypto.rand 16
+        let fileInfo = FileInfo (inputFilePath)
+        use inputStream = fileInfo.OpenRead ()
         use outputStream = new FileStream (outputFilePath, FileMode.Create, FileAccess.Write)
-        let writer = new BinaryWriter (outputStream)
+        use writer = new BinaryWriter (outputStream)
 
-        writer.Seek (32 + 256, SeekOrigin.Current) |> ignore // Skips mac and signature. They will be written later.
+        outputStream.Position <- (int64 <| hmacSize + signatureSize) // Skips mac and signature. They will be written later.
 
-        Crypto.encryptRSA cryptPubKey (Array.append keyAES <| Array.append keyMAC iv) |> writer.Write
+        Crypto.encryptRSA cryptPubKey (keyAES @@ keyMAC @@ iv) |> writer.Write
 
         // Plaintext -> cryptoStream -> hmacStream -> cyphertext.
-        let (hmacStream, hmac) = Crypto.HMACStream keyMAC outputStream
+        let hmacStream, hmac = Crypto.HMACStream keyMAC outputStream
         use cryptoStream = Crypto.encryptAES keyAES iv hmacStream
-        let cryptoWriter = new BinaryWriter (cryptoStream)
+        use cryptoWriter = new BinaryWriter (cryptoStream)
 
         // Write the file metadata.
-        let metaData = new Metadata ([Metadata.filenameKey, fileInfo.Name
-                                      Metadata.modificationTimeKey, fileInfo.LastWriteTimeUtc.Ticks.ToString ()])
+        let metaData = Metadata ([MetadataKeys.filename, fileInfo.Name
+                                  MetadataKeys.modificationTime, fileInfo.LastWriteTimeUtc.Ticks.ToString ()])
         metaData.WriteTo cryptoStream
 
         // Write the content of the file.
@@ -62,34 +72,41 @@ module API =
         // Write the signature.
         Crypto.signRSA signaturePrivKey hmac.Hash |> writer.Write
 
+    /// May raise one of the following error:
+    ///  * IntegrityError
+    ///  * SignatureMismatch 
+    ///  * UnableToDecryptAESKeys
     let decryptFile (sourceFilePath : string) (targetDirPath : string) (signaturePubKey: Key) (decryptPrivKey : Key) =
         use inputStream = new FileStream (sourceFilePath, FileMode.Open, FileAccess.Read)
         use reader = new BinaryReader (inputStream)
-        let mac = reader.ReadBytes 32
-        let signature = reader.ReadBytes 256
-        let keys = reader.ReadBytes 256 |> Crypto.decryptRSA decryptPrivKey
-        let keyAES = keys.[0..31]
-        let keyMAC = keys.[32..63]
-        let iv = keys.[64..79]
+        let mac = reader.ReadBytes hmacSize
+        let signature = reader.ReadBytes signatureSize
+        let keys = 
+            try reader.ReadBytes keysSize |> Crypto.decryptRSA decryptPrivKey
+            with 
+                | :? Security.Cryptography.CryptographicException -> raise UnableToDecryptKeys
+        let keyAES = keys.[0 .. 15]
+        let keyMAC = keys.[16 .. 47]
+        let iv = keys.[48 .. 63]
 
         // Integrity validation.
         let mac' = Crypto.ComputeHMAC keyMAC inputStream
         if mac' <> mac then
             raise IntegrityError
-
+        
         // Authentication validation.
         if not <| Crypto.verifySignRSA signaturePubKey mac' signature then
             raise SignatureMismatch
 
         // Decrypt metadata.
-        inputStream.Position <- 32L + 256L + 256L
+        inputStream.Position <- (int64 <| hmacSize + signatureSize + keysSize)
         use cryptoStream = Crypto.decryptAES keyAES iv inputStream
-        let metadata = new Metadata (cryptoStream)
+        let metadata = Metadata cryptoStream
 
         // Create the file and write its content and metadata.
-        let filePath = Path.Combine (targetDirPath, metadata.get Metadata.filenameKey)
-        let modificationTime = new DateTime (metadata.get Metadata.modificationTimeKey |> int64)
-        let fileInfo = new FileInfo (filePath)
-        using (fileInfo.Create ()) <| fun outputStream -> cryptoStream.CopyTo outputStream
+        let filePath = Path.Combine (targetDirPath, metadata.get MetadataKeys.filename)
+        let modificationTime = DateTime (metadata.get MetadataKeys.modificationTime |> int64)
+        let fileInfo = FileInfo filePath
+        using (fileInfo.Create ()) cryptoStream.CopyTo // We have to close the result file before updating the modification time.
         fileInfo.LastWriteTimeUtc <- modificationTime
     
\ No newline at end of file