X-Git-Url: http://git.euphorik.ch/?p=crypto_lab2.git;a=blobdiff_plain;f=labo2-fsharp%2FCryptoFile%2FAPI.fs;h=2f80c070fec56e6683a44bb79b55ca085ad668b1;hp=e4a70086fc60b1df218c70fc3e7c48ae3bf8bac7;hb=a29300558755d533aff12a6fb668c7e985ca4617;hpb=137157b6dbd5efb99b486a30da6e10b0a175f530 diff --git a/labo2-fsharp/CryptoFile/API.fs b/labo2-fsharp/CryptoFile/API.fs index e4a7008..2f80c07 100644 --- a/labo2-fsharp/CryptoFile/API.fs +++ b/labo2-fsharp/CryptoFile/API.fs @@ -1,44 +1,56 @@ namespace CryptoFile + +open System open System.IO +// To read and write metadata. type internal Metadata (d: (string * string) list) = - new (stream : Stream, size: int) = - let binaryReader = new BinaryReader (stream) - new Metadata ([]) + // Read metadata from a stream. + new (stream : Stream) = + let reader = new BinaryReader (stream) + let length = reader.ReadByte () |> int + Metadata ([for i in 1..length -> reader.ReadString (), reader.ReadString ()]) + // Write metadata to a stream. member this.WriteTo (stream : Stream) = - let memoryStream = new MemoryStream () // To know the serialized meta-data size before writtent them to 'stream'. - let memoryWriter = new BinaryWriter (memoryStream) - List.iter (fun (key : string, value : string) -> memoryWriter.Write key; memoryWriter.Write value) d - (new BinaryWriter (stream)).Write (int memoryStream.Length) - memoryStream.CopyTo (stream) + let writer = new BinaryWriter (stream) + writer.Write (byte d.Length) + List.iter (fun (key : string, value : string) -> writer.Write key; writer.Write value) d + + // May raise 'KeyNotFoundException'. + member this.get (key: string) : string = + List.pick (function + | (k, v) when k = key -> Some (v) + | _ -> None) d module API = - module internal MetaData = + module internal MetadataKeys = let filename = "filename" - let creationTimeKey = "file-creation-time" + let modificationTime = "file-modification-time" + + let internal (@@) a1 a2 = Array.append a1 a2 let generatKeysPair : Key * Key = Crypto.generateRSAKeysPair - // Encrypt a given file let encryptFile (inputFilePath : string) (outputFilePath : string) (signaturePrivKey: Key) (cryptPubKey : Key) = - let keyAES, keyMAC, iv = Crypto.rand 32, Crypto.rand 32, Crypto.rand 16 - let fileInfo = new FileInfo (inputFilePath) - use inputStream = new FileStream (inputFilePath, FileMode.Open, FileAccess.Read) + let keyAES, keyMAC, iv = Crypto.rand 16, Crypto.rand 32, Crypto.rand 16 + let fileInfo = FileInfo (inputFilePath) + use inputStream = fileInfo.OpenRead () use outputStream = new FileStream (outputFilePath, FileMode.Create, FileAccess.Write) - let writer = new BinaryWriter (outputStream) + use writer = new BinaryWriter (outputStream) - writer.Seek (32 + 256, SeekOrigin.Current) |> ignore // Skips mac and signature. They will be written later. + outputStream.Position <- 32L + 256L // Skips mac and signature. They will be written later. - Crypto.encryptRSA cryptPubKey (Array.append keyAES <| Array.append keyMAC iv) |> writer.Write + Crypto.encryptRSA cryptPubKey (keyAES @@ keyMAC @@ iv) |> writer.Write - let (hmacStream, hmac) = Crypto.HMACStream keyMAC outputStream + // Plaintext -> cryptoStream -> hmacStream -> cyphertext. + let hmacStream, hmac = Crypto.HMACStream keyMAC outputStream use cryptoStream = Crypto.encryptAES keyAES iv hmacStream - let cryptoWriter = new BinaryWriter (cryptoStream) + use cryptoWriter = new BinaryWriter (cryptoStream) // Write the file metadata. - let metaData = new Metadata ([MetaData.filename, fileInfo.Name - MetaData.creationTimeKey, fileInfo.CreationTimeUtc.Ticks.ToString ()]) + let metaData = Metadata ([MetadataKeys.filename, fileInfo.Name + MetadataKeys.modificationTime, fileInfo.LastWriteTimeUtc.Ticks.ToString ()]) metaData.WriteTo cryptoStream // Write the content of the file. @@ -51,7 +63,42 @@ module API = // Write the signature. Crypto.signRSA signaturePrivKey hmac.Hash |> writer.Write - () + // May raise one of the following error: + // * IntegrityError + // * SignatureMismatch + // * UnableToDecryptAESKeys let decryptFile (sourceFilePath : string) (targetDirPath : string) (signaturePubKey: Key) (decryptPrivKey : Key) = - () \ No newline at end of file + use inputStream = new FileStream (sourceFilePath, FileMode.Open, FileAccess.Read) + use reader = new BinaryReader (inputStream) + let mac = reader.ReadBytes 32 + let signature = reader.ReadBytes 256 + let keys = + try reader.ReadBytes 256 |> Crypto.decryptRSA decryptPrivKey + with + | :? Security.Cryptography.CryptographicException -> raise UnableToDecryptAESKeys + let keyAES = keys.[0..15] + let keyMAC = keys.[16..47] + let iv = keys.[48..63] + + // Integrity validation. + let mac' = Crypto.ComputeHMAC keyMAC inputStream + if mac' <> mac then + raise IntegrityError + + // Authentication validation. + if not <| Crypto.verifySignRSA signaturePubKey mac' signature then + raise SignatureMismatch + + // Decrypt metadata. + inputStream.Position <- 32L + 256L + 256L + use cryptoStream = Crypto.decryptAES keyAES iv inputStream + let metadata = Metadata cryptoStream + + // Create the file and write its content and metadata. + let filePath = Path.Combine (targetDirPath, metadata.get MetadataKeys.filename) + let modificationTime = DateTime (metadata.get MetadataKeys.modificationTime |> int64) + let fileInfo = FileInfo filePath + using (fileInfo.Create ()) <| fun outputStream -> cryptoStream.CopyTo outputStream + fileInfo.LastWriteTimeUtc <- modificationTime + \ No newline at end of file