X-Git-Url: http://git.euphorik.ch/?p=crypto_lab2.git;a=blobdiff_plain;f=labo2-fsharp%2FCryptoFile%2FAPI.fs;h=2f80c070fec56e6683a44bb79b55ca085ad668b1;hp=0014c1e280bec30e027f02c74d3bcc37fb36334f;hb=a29300558755d533aff12a6fb668c7e985ca4617;hpb=0425c0fc231c8a5625bf7ac9b711e152de0eafaa diff --git a/labo2-fsharp/CryptoFile/API.fs b/labo2-fsharp/CryptoFile/API.fs index 0014c1e..2f80c07 100644 --- a/labo2-fsharp/CryptoFile/API.fs +++ b/labo2-fsharp/CryptoFile/API.fs @@ -1,11 +1,21 @@ namespace CryptoFile + +open System open System.IO +// To read and write metadata. type internal Metadata (d: (string * string) list) = + // Read metadata from a stream. new (stream : Stream) = let reader = new BinaryReader (stream) let length = reader.ReadByte () |> int - new Metadata ([for i in 1..length -> reader.ReadString (), reader.ReadString ()]) + Metadata ([for i in 1..length -> reader.ReadString (), reader.ReadString ()]) + + // Write metadata to a stream. + member this.WriteTo (stream : Stream) = + let writer = new BinaryWriter (stream) + writer.Write (byte d.Length) + List.iter (fun (key : string, value : string) -> writer.Write key; writer.Write value) d // May raise 'KeyNotFoundException'. member this.get (key: string) : string = @@ -13,37 +23,34 @@ type internal Metadata (d: (string * string) list) = | (k, v) when k = key -> Some (v) | _ -> None) d - member this.WriteTo (stream : Stream) = - let writer = new BinaryWriter (stream) - writer.Write (byte d.Length) - List.iter (fun (key : string, value : string) -> writer.Write key; writer.Write value) d - module API = - module internal Metadata = + module internal MetadataKeys = let filename = "filename" - let creationTimeKey = "file-creation-time" + let modificationTime = "file-modification-time" + + let internal (@@) a1 a2 = Array.append a1 a2 let generatKeysPair : Key * Key = Crypto.generateRSAKeysPair - // Encrypt a given file let encryptFile (inputFilePath : string) (outputFilePath : string) (signaturePrivKey: Key) (cryptPubKey : Key) = - let keyAES, keyMAC, iv = Crypto.rand 32, Crypto.rand 32, Crypto.rand 16 - let fileInfo = new FileInfo (inputFilePath) - use inputStream = new FileStream (inputFilePath, FileMode.Open, FileAccess.Read) + let keyAES, keyMAC, iv = Crypto.rand 16, Crypto.rand 32, Crypto.rand 16 + let fileInfo = FileInfo (inputFilePath) + use inputStream = fileInfo.OpenRead () use outputStream = new FileStream (outputFilePath, FileMode.Create, FileAccess.Write) - let writer = new BinaryWriter (outputStream) + use writer = new BinaryWriter (outputStream) - writer.Seek (32 + 256, SeekOrigin.Current) |> ignore // Skips mac and signature. They will be written later. + outputStream.Position <- 32L + 256L // Skips mac and signature. They will be written later. - Crypto.encryptRSA cryptPubKey (Array.append keyAES <| Array.append keyMAC iv) |> writer.Write + Crypto.encryptRSA cryptPubKey (keyAES @@ keyMAC @@ iv) |> writer.Write - let (hmacStream, hmac) = Crypto.HMACStream keyMAC outputStream + // Plaintext -> cryptoStream -> hmacStream -> cyphertext. + let hmacStream, hmac = Crypto.HMACStream keyMAC outputStream use cryptoStream = Crypto.encryptAES keyAES iv hmacStream - let cryptoWriter = new BinaryWriter (cryptoStream) + use cryptoWriter = new BinaryWriter (cryptoStream) // Write the file metadata. - let metaData = new Metadata ([Metadata.filename, fileInfo.Name - Metadata.creationTimeKey, fileInfo.CreationTimeUtc.Ticks.ToString ()]) + let metaData = Metadata ([MetadataKeys.filename, fileInfo.Name + MetadataKeys.modificationTime, fileInfo.LastWriteTimeUtc.Ticks.ToString ()]) metaData.WriteTo cryptoStream // Write the content of the file. @@ -56,23 +63,29 @@ module API = // Write the signature. Crypto.signRSA signaturePrivKey hmac.Hash |> writer.Write - () + // May raise one of the following error: + // * IntegrityError + // * SignatureMismatch + // * UnableToDecryptAESKeys let decryptFile (sourceFilePath : string) (targetDirPath : string) (signaturePubKey: Key) (decryptPrivKey : Key) = use inputStream = new FileStream (sourceFilePath, FileMode.Open, FileAccess.Read) use reader = new BinaryReader (inputStream) let mac = reader.ReadBytes 32 let signature = reader.ReadBytes 256 - let keys = reader.ReadBytes 256 |> Crypto.decryptRSA decryptPrivKey - let keyAES = keys.[0..31] - let keyMAC = keys.[32..63] - let iv = keys.[64..79] + let keys = + try reader.ReadBytes 256 |> Crypto.decryptRSA decryptPrivKey + with + | :? Security.Cryptography.CryptographicException -> raise UnableToDecryptAESKeys + let keyAES = keys.[0..15] + let keyMAC = keys.[16..47] + let iv = keys.[48..63] // Integrity validation. let mac' = Crypto.ComputeHMAC keyMAC inputStream if mac' <> mac then raise IntegrityError - + // Authentication validation. if not <| Crypto.verifySignRSA signaturePubKey mac' signature then raise SignatureMismatch @@ -80,10 +93,12 @@ module API = // Decrypt metadata. inputStream.Position <- 32L + 256L + 256L use cryptoStream = Crypto.decryptAES keyAES iv inputStream - let metadata = new Metadata (cryptoStream) - - // Create the file and write. - let filename = metadata.get Metadata.filename - use outputStream = new FileStream (Path.Combine (targetDirPath, filename), FileMode.Create, FileAccess.Write) - cryptoStream.CopyTo outputStream - () + let metadata = Metadata cryptoStream + + // Create the file and write its content and metadata. + let filePath = Path.Combine (targetDirPath, metadata.get MetadataKeys.filename) + let modificationTime = DateTime (metadata.get MetadataKeys.modificationTime |> int64) + let fileInfo = FileInfo filePath + using (fileInfo.Create ()) <| fun outputStream -> cryptoStream.CopyTo outputStream + fileInfo.LastWriteTimeUtc <- modificationTime + \ No newline at end of file