1 /*
2  * Copyright 2014 Andrew Ayer
3  *
4  * This file is part of git-crypt.
5  *
6  * git-crypt is free software: you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation, either version 3 of the License, or
9  * (at your option) any later version.
10  *
11  * git-crypt is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with git-crypt.  If not, see <http://www.gnu.org/licenses/>.
18  *
19  * Additional permission under GNU GPL version 3 section 7:
20  *
21  * If you modify the Program, or any covered work, by linking or
22  * combining it with the OpenSSL project's OpenSSL library (or a
23  * modified version of that library), containing parts covered by the
24  * terms of the OpenSSL or SSLeay licenses, the licensors of the Program
25  * grant you additional permission to convey the resulting work.
26  * Corresponding Source for a non-source form of such a combination
27  * shall include the source code for the parts of OpenSSL used as well
28  * as that of the covered work.
29  */
30 
31 #ifndef GIT_CRYPT_KEY_HPP
32 #define GIT_CRYPT_KEY_HPP
33 
34 #include <map>
35 #include <functional>
36 #include <stdint.h>
37 #include <iosfwd>
38 #include <string>
39 
40 enum {
41 	HMAC_KEY_LEN = 64,
42 	AES_KEY_LEN = 32
43 };
44 
45 struct Key_file {
46 public:
47 	struct Entry {
48 		uint32_t		version;
49 		unsigned char		aes_key[AES_KEY_LEN];
50 		unsigned char		hmac_key[HMAC_KEY_LEN];
51 
52 		Entry ();
53 
54 		void			load (std::istream&);
55 		void			load_legacy (uint32_t version, std::istream&);
56 		void			store (std::ostream&) const;
57 		void			generate (uint32_t version);
58 	};
59 
60 	struct Malformed { }; // exception class
61 	struct Incompatible { }; // exception class
62 
63 	const Entry*			get_latest () const;
64 
65 	const Entry*			get (uint32_t version) const;
66 	void				add (const Entry&);
67 
68 	void				load_legacy (std::istream&);
69 	void				load (std::istream&);
70 	void				store (std::ostream&) const;
71 
72 	bool				load_from_file (const char* filename);
73 	bool				store_to_file (const char* filename) const;
74 
75 	std::string			store_to_string () const;
76 
77 	void				generate ();
78 
is_emptyKey_file79 	bool				is_empty () const { return entries.empty(); }
is_filledKey_file80 	bool				is_filled () const { return !is_empty(); }
81 
82 	uint32_t			latest () const;
83 
set_key_nameKey_file84 	void				set_key_name (const char* k) { key_name = k ? k : ""; }
get_key_nameKey_file85 	const char*			get_key_name () const { return key_name.empty() ? 0 : key_name.c_str(); }
86 private:
87 	typedef std::map<uint32_t, Entry, std::greater<uint32_t> > Map;
88 	enum { FORMAT_VERSION = 2 };
89 
90 	Map				entries;
91 	std::string			key_name;
92 
93 	void				load_header (std::istream&);
94 
95 	enum {
96 		HEADER_FIELD_END	= 0,
97 		HEADER_FIELD_KEY_NAME	= 1
98 	};
99 	enum {
100 		KEY_FIELD_END		= 0,
101 		KEY_FIELD_VERSION	= 1,
102 		KEY_FIELD_AES_KEY	= 3,
103 		KEY_FIELD_HMAC_KEY	= 5
104 	};
105 	enum {
106 		MAX_FIELD_LEN		= 1<<20
107 	};
108 };
109 
110 enum {
111 	KEY_NAME_MAX_LEN = 128
112 };
113 
114 bool validate_key_name (const char* key_name, std::string* reason =0);
115 
116 #endif
117