Added tests for basic encryption/decryption workflow errors

Signed-off-by: Lauris Kaplinski <lauris@raulwalter.com>

Author: Lauris Kaplinski

cdoc/CDoc.h

@@ -57,10 +57,16 @@ enum {
     NOT_SUPPORTED = -101,
     /**
      * @brief Conflicting or invalid arguments for a method
+     * 
+     * This does not set CDocReader/CDocWriter into error state - so invoking subsequent methods
+     * with correct arguments will succeed
      */
     WRONG_ARGUMENTS = -102,
     /**
      * @brief Components of multi-method workflow are called in wrong order
+     * 
+     * This does not set CDocReader/CDocWriter into error state - so invoking subsequent methods
+     * in correct order will succeed
      */
     WORKFLOW_ERROR = -103,
     /**
@@ -85,6 +91,9 @@ enum {
     INPUT_STREAM_ERROR = -108,
     /**
      * @brief The supplied decryption key is wrong
+     * 
+     * This does not set CDocReader/CDocWriter into error state - so invoking subsequent methods
+     * with correct key will succeed
      */
     WRONG_KEY = -109,
     /**

cdoc/CDoc2Reader.cpp

@@ -118,35 +118,44 @@ CDoc2Reader::getLockForCert(const std::vector<uint8_t>& cert){
 libcdoc::result_t
 CDoc2Reader::getFMK(std::vector<uint8_t>& fmk, unsigned int lock_idx)
 {
+    if (lock_idx >= priv->locks.size()) {
+        setLastError(t_("Invalid lock index"));
+        LOG_ERROR("{}", last_error);
+        return libcdoc::WRONG_ARGUMENTS;
+    }
     LOG_DBG("CDoc2Reader::getFMK: {}", lock_idx);
     LOG_DBG("CDoc2Reader::num locks: {}", priv->locks.size());
     const Lock& lock = priv->locks.at(lock_idx);
+    LOG_DBG("Label: {}", lock.label);
     std::vector<uint8_t> kek;
     if (lock.type == Lock::Type::PASSWORD) {
         // Password
         LOG_DBG("password");
         std::string info_str = libcdoc::CDoc2::getSaltForExpand(lock.label);
+        LOG_DBG("info: {}", toHex(info_str));
         std::vector<uint8_t> kek_pm;
-        crypto->extractHKDF(kek_pm, lock.getBytes(Lock::SALT), lock.getBytes(Lock::PW_SALT), lock.getInt(Lock::KDF_ITER), lock_idx);
-        LOG_DBG("password2");
+        if (auto rv = crypto->extractHKDF(kek_pm, lock.getBytes(Lock::SALT), lock.getBytes(Lock::PW_SALT), lock.getInt(Lock::KDF_ITER), lock_idx); rv != libcdoc::OK) {
+            setLastError(crypto->getLastErrorStr(rv));
+            LOG_ERROR("{}", last_error);
+            return rv;
+        }
+        LOG_TRACE_KEY("salt: {}", lock.getBytes(Lock::SALT));
+        LOG_TRACE_KEY("kek_pm: {}", kek_pm);
         kek = libcdoc::Crypto::expand(kek_pm, info_str, 32);
-        if (kek.empty()) return libcdoc::CRYPTO_ERROR;
-        LOG_DBG("password3");
     } else if (lock.type == Lock::Type::SYMMETRIC_KEY) {
         // Symmetric key
         LOG_DBG("symmetric");
         std::string info_str = libcdoc::CDoc2::getSaltForExpand(lock.label);
-        std::vector<uint8_t> kek_pm;
-        crypto->extractHKDF(kek_pm, lock.getBytes(Lock::SALT), {}, 0, lock_idx);
-        kek = libcdoc::Crypto::expand(kek_pm, info_str, 32);
-
-        LOG_DBG("Label: {}", lock.label);
         LOG_DBG("info: {}", toHex(info_str));
+        std::vector<uint8_t> kek_pm;
+        if (auto rv = crypto->extractHKDF(kek_pm, lock.getBytes(Lock::SALT), {}, 0, lock_idx); rv != libcdoc::OK) {
+            setLastError(crypto->getLastErrorStr(rv));
+            LOG_ERROR("{}", last_error);
+            return rv;
+        }
         LOG_TRACE_KEY("salt: {}", lock.getBytes(Lock::SALT));
         LOG_TRACE_KEY("kek_pm: {}", kek_pm);
-        LOG_TRACE_KEY("kek: {}", kek);
-
-        if (kek.empty()) return libcdoc::CRYPTO_ERROR;
+        kek = libcdoc::Crypto::expand(kek_pm, info_str, 32);
     } else if ((lock.type == Lock::Type::PUBLIC_KEY) || (lock.type == Lock::Type::SERVER)) {
         // Public/private key
         std::vector<uint8_t> key_material;
@@ -196,13 +205,9 @@ CDoc2Reader::getFMK(std::vector<uint8_t>& fmk, unsigned int lock_idx)
                 LOG_ERROR("{}", last_error);
                 return result;
             }
-
             LOG_TRACE_KEY("Key kekPm: {}", kek_pm);
-
             std::string info_str = libcdoc::CDoc2::getSaltForExpand(key_material, lock.getBytes(Lock::Params::RCPT_KEY));
-
             LOG_DBG("info: {}", toHex(info_str));
-
             kek = libcdoc::Crypto::expand(kek_pm, info_str, libcdoc::CDoc2::KEY_LEN);
         }
     } else  if (lock.type == Lock::Type::SHARE_SERVER) {
@@ -312,7 +317,6 @@ CDoc2Reader::getFMK(std::vector<uint8_t>& fmk, unsigned int lock_idx)
 
     LOG_TRACE_KEY("KEK: {}", kek);
 
-
     if(kek.empty()) {
         setLastError(t_("Failed to derive KEK"));
         LOG_ERROR("{}", last_error);
@@ -394,10 +398,10 @@ CDoc2Reader::beginDecryption(const std::vector<uint8_t>& fmk)
     std::vector<uint8_t> aad(libcdoc::CDoc2::PAYLOAD.cbegin(), libcdoc::CDoc2::PAYLOAD.cend());
     aad.insert(aad.end(), priv->header_data.cbegin(), priv->header_data.cend());
     aad.insert(aad.end(), priv->headerHMAC.cbegin(), priv->headerHMAC.cend());
-    if(priv->dec->updateAAD(aad) != OK) {
-        setLastError("Wrong decryption key (FMK)");
+    if(auto rv = priv->dec->updateAAD(aad); rv != OK) {
+        setLastError(priv->dec->getLastErrorStr(rv));
         LOG_ERROR("{}", last_error);
-        return libcdoc::WRONG_KEY;
+        return rv;
     }
 
     priv->zsrc = std::make_unique<libcdoc::ZSource>(priv->dec.get(), false);

cdoc/CDoc2Writer.cpp

@@ -457,6 +457,11 @@ CDoc2Writer::buildHeader(std::vector<uint8_t>& header, const std::vector<libcdoc
 libcdoc::result_t
 CDoc2Writer::addRecipient(const libcdoc::Recipient& rcpt)
 {
+    if (finished) {
+        setLastError("Encryption finished");
+        LOG_ERROR("{}", last_error);
+        return libcdoc::WORKFLOW_ERROR;
+    }
     if(tar) {
         setLastError("Cannot add Recipient when files are added");
         LOG_ERROR("{}", last_error);
@@ -469,6 +474,11 @@ CDoc2Writer::addRecipient(const libcdoc::Recipient& rcpt)
 libcdoc::result_t
 CDoc2Writer::beginEncryption()
 {
+    if (finished) {
+        setLastError("Encryption finished");
+        LOG_ERROR("{}", last_error);
+        return libcdoc::WORKFLOW_ERROR;
+    }
     last_error.clear();
     if(recipients.empty()) {
         setLastError("No recipients added");
@@ -488,6 +498,11 @@ CDoc2Writer::beginEncryption()
 libcdoc::result_t
 CDoc2Writer::addFile(const std::string& name, size_t size)
 {
+    if (finished) {
+        setLastError("Encryption finished");
+        LOG_ERROR("{}", last_error);
+        return libcdoc::WORKFLOW_ERROR;
+    }
     if(!tar) {
         setLastError("Encryption not started");
         LOG_ERROR("{}", last_error);
@@ -505,6 +520,11 @@ CDoc2Writer::addFile(const std::string& name, size_t size)
 libcdoc::result_t
 CDoc2Writer::writeData(const uint8_t *src, size_t size)
 {
+    if (finished) {
+        setLastError("Encryption finished");
+        LOG_ERROR("{}", last_error);
+        return libcdoc::WORKFLOW_ERROR;
+    }
     if(!tar) {
         setLastError("No file added");
         LOG_ERROR("{}", last_error);
@@ -520,6 +540,11 @@ CDoc2Writer::writeData(const uint8_t *src, size_t size)
 libcdoc::result_t
 CDoc2Writer::finishEncryption()
 {
+    if (finished) {
+        setLastError("Encryption finished");
+        LOG_ERROR("{}", last_error);
+        return libcdoc::WORKFLOW_ERROR;
+    }
     if(!tar) {
         setLastError("No file added");
         LOG_ERROR("{}", last_error);
@@ -531,12 +556,18 @@ CDoc2Writer::finishEncryption()
     tar.reset();
     recipients.clear();
     if (owned) dst->close();
+    finished = true;
     return rv;
 }
 
 libcdoc::result_t
 CDoc2Writer::encrypt(libcdoc::MultiDataSource& src, const std::vector<libcdoc::Recipient>& keys)
 {
+    if (finished) {
+        setLastError("Encryption finished");
+        LOG_ERROR("{}", last_error);
+        return libcdoc::WORKFLOW_ERROR;
+    }
     for (auto rcpt : keys) {
         if(auto rv = addRecipient(rcpt); rv != libcdoc::OK)
             return rv;

cdoc/CDoc2Writer.h

@@ -46,6 +46,7 @@ class CDoc2Writer final: public libcdoc::CDocWriter {
 
     std::unique_ptr<libcdoc::TarConsumer> tar;
     std::vector<libcdoc::Recipient> recipients;
+    bool finished = false;
 };
 
 }

cdoc/CryptoBackend.cpp

@@ -82,7 +82,7 @@ CryptoBackend::getKeyMaterial(std::vector<uint8_t>& key_material, const std::vec
 		if (pw_salt.empty()) return INVALID_PARAMS;
 		std::vector<uint8_t> secret;
         int result = getSecret(secret, idx);
-		if (result < 0) return result;
+		if (result) return result;
 
         LOG_DBG("Secret: {}", toHex(secret));
 
@@ -91,7 +91,7 @@ CryptoBackend::getKeyMaterial(std::vector<uint8_t>& key_material, const std::vec
 		if (key_material.empty()) return OPENSSL_ERROR;
 	} else {
         int result = getSecret(key_material, idx);
-		if (result < 0) return result;
+		if (result) return result;
         LOG_DBG("Secret: {}", toHex(key_material));
         if (key_material.size() != 32) {
             return INVALID_PARAMS;

cdoc/Io.h

@@ -255,7 +255,7 @@ struct CDOC_EXPORT IStreamSource : public DataSource {
         if (_owned) delete _ifs;
 	}
 
-    result_t seek(size_t pos) {
+    result_t seek(size_t pos) override {
         if(_ifs->bad()) return INPUT_STREAM_ERROR;
         _ifs->clear();
 		_ifs->seekg(pos);

cdoc/Tar.cpp

@@ -130,6 +130,10 @@ libcdoc::TarConsumer::~TarConsumer()
 libcdoc::result_t
 libcdoc::TarConsumer::write(const uint8_t *src, size_t size) noexcept
 {
+	if ((_current_size >= 0) && ((_current_written + size) > _current_size)) {
+		return WORKFLOW_ERROR;
+	}
+	_current_written += size;
 	return _dst->write(src, size);
 }
 
@@ -160,19 +164,25 @@ libcdoc::TarConsumer::writePadding(int64_t size) noexcept {
 libcdoc::result_t
 libcdoc::TarConsumer::close() noexcept
 {
-    if (_current_size > 0) {
-        if(auto rv = writePadding(_current_size); rv != OK)
-            return rv;
-    }
-    Header empty = {};
-    if(auto rv = writeHeader(empty); rv != OK)
-        return rv;
-    if(auto rv = writeHeader(empty); rv != OK)
-        return rv;
+	result_t result = OK;
+	if ((_current_size >= 0) && (_current_written < _current_size)) {
+		result = DATA_FORMAT_ERROR;
+	} else {
+		if (_current_written > 0) {
+			if(auto rv = writePadding(_current_written); rv != OK)
+				return rv;
+		}
+		Header empty = {};
+		if(auto rv = writeHeader(empty); rv != OK)
+			return rv;
+		if(auto rv = writeHeader(empty); rv != OK)
+			return rv;
+	}
 	if (_owned) {
-        return _dst->close();
+		if (auto rv = _dst->close(); rv != OK)
+			return rv;
 	}
-    return OK;
+    return result;
 }
 
 bool
@@ -184,12 +194,16 @@ libcdoc::TarConsumer::isError() noexcept
 libcdoc::result_t
 libcdoc::TarConsumer::open(const std::string& name, int64_t size)
 {
-    if (_current_size > 0) {
-        if(auto rv = writePadding(_current_size); rv != OK)
+	if ((_current_size >= 0) && (_current_written < _current_size)) {
+		return WORKFLOW_ERROR;
+	}
+    if (_current_written > 0) {
+        if(auto rv = writePadding(_current_written); rv != OK)
             return rv;
     }
 
     _current_size = size;
+	_current_written = 0;
 	Header h {};
     size_t len = std::min(name.size(), h.name.size());
     std::copy_n(name.cbegin(), len, h.name.begin());