From 524d3c03d2f3076a349768c177a0e523a7fb333e Mon Sep 17 00:00:00 2001 From: Michael Vrable Date: Tue, 14 Sep 2010 14:49:39 -0700 Subject: [PATCH] Add in header fields for per-object encryption/authentication. These aren't yet used. --- bluesky/bluesky-private.h | 2 ++ bluesky/bluesky.h | 6 ++++++ bluesky/cloudlog.c | 4 ++-- cleaner/cleaner | 32 +++++++++++++++++++------------- 4 files changed, 29 insertions(+), 15 deletions(-) diff --git a/bluesky/bluesky-private.h b/bluesky/bluesky-private.h index 85eb99c..87237cc 100644 --- a/bluesky/bluesky-private.h +++ b/bluesky/bluesky-private.h @@ -213,6 +213,8 @@ struct log_footer { struct cloudlog_header { char magic[4]; + uint8_t crypt_auth[CRYPTO_HASH_SIZE]; + uint8_t crypt_iv[CRYPTO_BLOCK_SIZE]; uint8_t type; BlueSkyCloudID id; uint64_t inum; diff --git a/bluesky/bluesky.h b/bluesky/bluesky.h index c4d175e..9805086 100644 --- a/bluesky/bluesky.h +++ b/bluesky/bluesky.h @@ -88,6 +88,12 @@ void bluesky_string_resize(BlueSkyRCStr *string, gsize len); /* Cryptographic operations. */ #define CRYPTO_BLOCK_SIZE 16 /* 128-bit AES */ #define CRYPTO_KEY_SIZE 16 +#define CRYPTO_HASH_SIZE 32 /* SHA-256 */ + +struct BlueSkyCryptKeys { + uint8_t encryption_key[CRYPTO_KEY_SIZE]; + uint8_t authentication_key[CRYPTO_HASH_SIZE]; +}; void bluesky_crypt_init(); void bluesky_crypt_hash_key(const char *keystr, uint8_t *out); diff --git a/bluesky/cloudlog.c b/bluesky/cloudlog.c index 9d2fe37..c4cb1ae 100644 --- a/bluesky/cloudlog.c +++ b/bluesky/cloudlog.c @@ -295,14 +295,14 @@ BlueSkyCloudPointer bluesky_cloudlog_serialize(BlueSkyCloudLog *log, GString *data3 = g_string_new(""); bluesky_serialize_cloudlog(log, data1, data2, data3); - /* TODO: Right now offset/size are set to the raw data, but we should add - * header parsing to the code which loads objects back in. */ log->location = state->location; log->location.offset = state->data->len; log->data_size = data1->len; struct cloudlog_header header; memcpy(header.magic, CLOUDLOG_MAGIC, 4); + memset(header.crypt_auth, sizeof(header.crypt_auth), 0); + memset(header.crypt_iv, sizeof(header.crypt_iv), 0); header.type = log->type + '0'; header.size1 = GUINT32_TO_LE(data1->len); header.size2 = GUINT32_TO_LE(data2->len); diff --git a/cleaner/cleaner b/cleaner/cleaner index 336537d..1e564e8 100755 --- a/cleaner/cleaner +++ b/cleaner/cleaner @@ -13,7 +13,8 @@ import boto from boto.s3.key import Key # The BlueSky 'struct cloudlog_header' data type. -HEADER_FORMAT = '<4sb16sQIII' +HEADER_FORMAT = '<4s48sb16sQIII' +HEADER_CRYPTBYTES = 48 HEADER_MAGIC = 'AgI-' HEADER_SIZE = struct.calcsize(HEADER_FORMAT) @@ -114,6 +115,9 @@ class S3Backend: class LogItem: """In-memory representation of a single item stored in a log file.""" + def __init__(self): + self.cryptkeys = '\0' * HEADER_CRYPTBYTES + def __str__(self): return "" % (self.type, self.location, self.size, base64.b16encode(self.id).lower()[0:8]) @@ -132,7 +136,8 @@ class LogItem: link_locs = ''.join(link_locs) header = struct.pack(HEADER_FORMAT, - HEADER_MAGIC, ord(self.type), self.id, self.inum, + HEADER_MAGIC, self.cryptkeys, + ord(self.type), self.id, self.inum, len(self.data), len(link_ids), len(link_locs)) return header + self.data + link_ids + link_locs @@ -211,28 +216,29 @@ class UtilizationTracker: def parse_item(data): if len(data) < HEADER_SIZE: return header = struct.unpack_from(HEADER_FORMAT, data, 0) - size = HEADER_SIZE + sum(header[4:7]) + size = HEADER_SIZE + sum(header[5:8]) if header[0] != HEADER_MAGIC: print "Bad header magic!" return if len(data) != size: - print "Item size does not match!" + print "Item size does not match: %d != %d" % (size, len(data)) return item = LogItem() - item.id = header[2] - item.inum = header[3] + item.cryptkeys = header[1] + item.id = header[3] + item.inum = header[4] item.location = None - item.type = chr(header[1]) + item.type = chr(header[2]) item.size = size - item.data = data[HEADER_SIZE : HEADER_SIZE + header[4]] + item.data = data[HEADER_SIZE : HEADER_SIZE + header[5]] links = [] - link_ids = data[HEADER_SIZE + header[4] - : HEADER_SIZE + header[4] + header[5]] - link_locs = data[HEADER_SIZE + header[4] + header[5] - : HEADER_SIZE + sum(header[4:7])] + link_ids = data[HEADER_SIZE + header[5] + : HEADER_SIZE + header[5] + header[6]] + link_locs = data[HEADER_SIZE + header[5] + header[6] + : HEADER_SIZE + sum(header[5:8])] for i in range(len(link_ids) // 16): id = link_ids[16*i : 16*i + 16] if id == '\0' * 16: @@ -268,7 +274,7 @@ def parse_log(data, location=None): offset = 0 while len(data) - offset >= HEADER_SIZE: header = struct.unpack_from(HEADER_FORMAT, data, offset) - size = HEADER_SIZE + sum(header[4:7]) + size = HEADER_SIZE + sum(header[5:8]) if header[0] != HEADER_MAGIC: print "Bad header magic!" break -- 2.20.1