X-Git-Url: http://git.vrable.net/?a=blobdiff_plain;f=bluesky%2Fcrypto.c;h=2a5bf6ebf0fb36bb2e548bcee2bbc22b94c1ac5c;hb=78f5b7a9c7840ce8b2dffb13fca676a18f8f9eb4;hp=fd474919eae729035967e9c561d6da19492147af;hpb=38a7cd8d63ba82a8175f8e43a18a96b6188fd1a9;p=bluesky.git diff --git a/bluesky/crypto.c b/bluesky/crypto.c index fd47491..2a5bf6e 100644 --- a/bluesky/crypto.c +++ b/bluesky/crypto.c @@ -132,6 +132,9 @@ gboolean bluesky_crypt_block_needs_encryption(uint8_t type) void bluesky_crypt_block_encrypt(gchar *cloud_block, size_t len, BlueSkyCryptKeys *keys) { + if (bluesky_options.disable_crypto) + return; + gcry_error_t status; gcry_cipher_hd_t handle; @@ -185,7 +188,8 @@ void bluesky_crypt_block_encrypt(gchar *cloud_block, size_t len, } gboolean bluesky_crypt_block_decrypt(gchar *cloud_block, size_t len, - BlueSkyCryptKeys *keys) + BlueSkyCryptKeys *keys, + gboolean allow_unauth) { gcry_error_t status; uint8_t hmac_check[CRYPTO_HASH_SIZE]; @@ -200,6 +204,11 @@ gboolean bluesky_crypt_block_decrypt(gchar *cloud_block, size_t len, g_assert(memcmp(header->magic, CLOUDLOG_MAGIC_ENCRYPTED, sizeof(header->magic)) == 0); + if (bluesky_options.disable_crypto) { + g_assert(encrypted == FALSE); + return TRUE; + } + if (encrypted != bluesky_crypt_block_needs_encryption(header->type)) { g_warning("Encrypted status of item does not match expected!\n"); } @@ -209,8 +218,15 @@ gboolean bluesky_crypt_block_decrypt(gchar *cloud_block, size_t len, keys->authentication_key, hmac_check); if (memcmp(hmac_check, header->crypt_auth, CRYPTO_HASH_SIZE) != 0) { - g_warning("Cloud block HMAC does not match!\n"); - return FALSE; + g_warning("Cloud block HMAC does not match!"); + if (allow_unauth + && (header->type == LOGTYPE_INODE_MAP + '0' + || header->type == LOGTYPE_CHECKPOINT + '0')) + { + g_warning("Allowing unauthenticated data from cleaner"); + } else { + return FALSE; + } } if (encrypted) {