const char e2e_cert[] = "_e2e-certificate";
const char e2e_private[] = "_e2e-private";
const char e2e_mnemonic[] = "_e2e-mnemonic";
+
+ QList<QByteArray> oldCipherFormatSplit(const QByteArray &cipher)
+ {
+ const auto separator = QByteArrayLiteral("fA=="); // BASE64 encoded '|'
+ auto result = QList<QByteArray>();
+
+ auto data = cipher;
+ auto index = data.indexOf(separator);
+ while (index >=0) {
+ result.append(data.left(index));
+ data = data.mid(index + separator.size());
+ index = data.indexOf(separator);
+ }
+
+ result.append(data);
+ return result;
+ }
+
+ QList<QByteArray> splitCipherParts(const QByteArray &data)
+ {
+ const auto isOldFormat = !data.contains('|');
+ const auto parts = isOldFormat ? oldCipherFormatSplit(data) : data.split('|');
+ qCInfo(lcCse()) << "found parts:" << parts << "old format?" << isOldFormat;
+ return parts;
+ }
} // ns
namespace {
qCInfo(lcCse()) << "decryptStringSymmetric key: " << key;
qCInfo(lcCse()) << "decryptStringSymmetric data: " << data;
- const auto parts = data.split('|');
- qCInfo(lcCse()) << "found parts:" << parts;
-
+ const auto parts = splitCipherParts(data);
if (parts.size() < 2) {
qCInfo(lcCse()) << "Not enough parts found";
return QByteArray();
QByteArray extractPrivateKeySalt(const QByteArray &data)
{
- const auto parts = data.split('|');
- qCInfo(lcCse()) << "found parts:" << parts;
-
+ const auto parts = splitCipherParts(data);
if (parts.size() < 3) {
qCInfo(lcCse()) << "Not enough parts found";
return QByteArray();
qCInfo(lcCse()) << "decryptStringSymmetric key: " << key;
qCInfo(lcCse()) << "decryptStringSymmetric data: " << data;
- int sep = data.indexOf('|');
- qCInfo(lcCse()) << "sep at" << sep;
+ const auto parts = splitCipherParts(data);
+ if (parts.size() < 2) {
+ qCInfo(lcCse()) << "Not enough parts found";
+ return QByteArray();
+ }
- QByteArray cipherTXT64 = data.left(sep);
- QByteArray ivB64 = data.right(data.size() - sep - 1);
+ QByteArray cipherTXT64 = parts.at(0);
+ QByteArray ivB64 = parts.at(1);
qCInfo(lcCse()) << "decryptStringSymmetric cipherTXT: " << cipherTXT64;
qCInfo(lcCse()) << "decryptStringSymmetric IV: " << ivB64;
{
Q_OBJECT
+ QByteArray convertToOldStorageFormat(const QByteArray &data)
+ {
+ return data.split('|').join("fA==");
+ }
+
private slots:
void shouldEncryptPrivateKeys()
{
QCOMPARE(salt, originalSalt);
}
+ void shouldDecryptPrivateKeysInOldStorageFormat()
+ {
+ // GIVEN
+ const auto encryptionKey = QByteArrayLiteral("foo");
+ const auto originalPrivateKey = QByteArrayLiteral("bar");
+ const auto originalSalt = QByteArrayLiteral("baz");
+ const auto cipher = convertToOldStorageFormat(EncryptionHelper::encryptPrivateKey(encryptionKey, originalPrivateKey, originalSalt));
+
+ // WHEN
+ const auto privateKey = EncryptionHelper::decryptPrivateKey(encryptionKey, cipher);
+ const auto salt = EncryptionHelper::extractPrivateKeySalt(cipher);
+
+ // THEN
+ QCOMPARE(privateKey, originalPrivateKey);
+ QCOMPARE(salt, originalSalt);
+ }
+
void shouldSymmetricEncryptStrings()
{
// GIVEN
// THEN
QCOMPARE(data, originalData);
}
+
+ void shouldSymmetricDecryptStringsInOldStorageFormat()
+ {
+ // GIVEN
+ const auto encryptionKey = QByteArrayLiteral("foo");
+ const auto originalData = QByteArrayLiteral("bar");
+ const auto cipher = convertToOldStorageFormat(EncryptionHelper::encryptStringSymmetric(encryptionKey, originalData));
+
+ // WHEN
+ const auto data = EncryptionHelper::decryptStringSymmetric(encryptionKey, cipher);
+
+ // THEN
+ QCOMPARE(data, originalData);
+ }
};
QTEST_APPLESS_MAIN(TestClientSideEncryption)
projects / nextcloud-desktop.git / commitdiff