mirror of
https://github.com/samsonjs/arq_restore.git
synced 2026-04-27 15:07:44 +00:00
removed unused methods from EncryptionDatFile
This commit is contained in:
Stefan Reitshamer
parent
90abf740a8
commit
d9a0893024
2 changed files with 0 additions and 121 deletions
|
|
@ -45,21 +45,6 @@
|
||||||
NSData *masterKeys;
|
NSData *masterKeys;
|
||||||
}
|
}
|
||||||
|
|
||||||
+ (EncryptionDatFile *)createWithRandomMasterKeysAndEncryptionPassword:(NSString *)theEncryptionPassword
|
|
||||||
target:(Target *)theTarget
|
|
||||||
computerUUID:(NSString *)theComputerUUID
|
|
||||||
encryptionVersion:(int)theEncryptionVersion
|
|
||||||
targetConnectionDelegate:(id <TargetConnectionDelegate>)theTCD
|
|
||||||
error:(NSError **)error;
|
|
||||||
|
|
||||||
+ (EncryptionDatFile *)createWithMasterKeys:(NSData *)theMasterKeys
|
|
||||||
encryptionPassword:(NSString *)theEncryptionPassword
|
|
||||||
target:(Target *)theTarget
|
|
||||||
computerUUID:(NSString *)theComputerUUID
|
|
||||||
encryptionVersion:(int)theEncryptionVersion
|
|
||||||
targetConnectionDelegate:(id <TargetConnectionDelegate>)theTCD
|
|
||||||
error:(NSError **)error;
|
|
||||||
|
|
||||||
+ (EncryptionDatFile *)encryptionDatFileForTarget:(Target *)theTarget
|
+ (EncryptionDatFile *)encryptionDatFileForTarget:(Target *)theTarget
|
||||||
computerUUID:(NSString *)theComputerUUID
|
computerUUID:(NSString *)theComputerUUID
|
||||||
encryptionPassword:(NSString *)theEncryptionPassword
|
encryptionPassword:(NSString *)theEncryptionPassword
|
||||||
|
|
|
||||||
|
|
@ -60,52 +60,6 @@
|
||||||
+ (NSString *)errorDomain {
|
+ (NSString *)errorDomain {
|
||||||
return @"EncryptionDatFileErrorDomain";
|
return @"EncryptionDatFileErrorDomain";
|
||||||
}
|
}
|
||||||
+ (EncryptionDatFile *)createWithRandomMasterKeysAndEncryptionPassword:(NSString *)theEncryptionPassword
|
|
||||||
target:(Target *)theTarget
|
|
||||||
computerUUID:(NSString *)theComputerUUID
|
|
||||||
encryptionVersion:(int)theEncryptionVersion
|
|
||||||
targetConnectionDelegate:(id <TargetConnectionDelegate>)theTCD
|
|
||||||
error:(NSError **)error {
|
|
||||||
// Generate a master encryption key.
|
|
||||||
NSMutableData *masterKeys = [NSMutableData dataWithLength:kCCKeySizeAES256 * 2];
|
|
||||||
unsigned char *masterKeysBytes = (unsigned char *)[masterKeys mutableBytes];
|
|
||||||
for (int i = 0; i < kCCKeySizeAES256 * 2; i++) {
|
|
||||||
masterKeysBytes[i] = (unsigned char)arc4random_uniform(256);
|
|
||||||
}
|
|
||||||
return [EncryptionDatFile createWithMasterKeys:masterKeys
|
|
||||||
encryptionPassword:theEncryptionPassword
|
|
||||||
target:theTarget
|
|
||||||
computerUUID:theComputerUUID
|
|
||||||
encryptionVersion:theEncryptionVersion
|
|
||||||
targetConnectionDelegate:theTCD
|
|
||||||
error:error];
|
|
||||||
}
|
|
||||||
|
|
||||||
+ (EncryptionDatFile *)createWithMasterKeys:(NSData *)theMasterKeys
|
|
||||||
encryptionPassword:(NSString *)theEncryptionPassword
|
|
||||||
target:(Target *)theTarget
|
|
||||||
computerUUID:(NSString *)theComputerUUID
|
|
||||||
encryptionVersion:(int)theEncryptionVersion
|
|
||||||
targetConnectionDelegate:(id <TargetConnectionDelegate>)theTCD
|
|
||||||
error:(NSError **)error {
|
|
||||||
NSData *data = [EncryptionDatFile generateDataWithMasterKeys:theMasterKeys encryptionPassword:theEncryptionPassword encryptionVersion:theEncryptionVersion error:error];
|
|
||||||
if (data == nil) {
|
|
||||||
return nil;
|
|
||||||
}
|
|
||||||
EncryptionDatFile *ret = [[[EncryptionDatFile alloc] initWithEncryptionPassword:theEncryptionPassword target:theTarget computerUUID:theComputerUUID encryptionVersion:theEncryptionVersion data:data masterKeys:theMasterKeys] autorelease];
|
|
||||||
// Delete the local cached file to avoid cache inconsistency in the event of an error when saving to target.
|
|
||||||
if (![ret deleteLocalCache:error]) {
|
|
||||||
return NO;
|
|
||||||
}
|
|
||||||
if (![ret saveToTargetWithTargetConnectionDelegate:theTCD error:error]) {
|
|
||||||
return NO;
|
|
||||||
}
|
|
||||||
NSError *cacheError = nil;
|
|
||||||
if (![ret saveToLocalCache:&cacheError]) {
|
|
||||||
HSLogError(@"failed to save new EncryptionDatFile to local cache: %@", cacheError);
|
|
||||||
}
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ (EncryptionDatFile *)encryptionDatFileForTarget:(Target *)theTarget
|
+ (EncryptionDatFile *)encryptionDatFileForTarget:(Target *)theTarget
|
||||||
computerUUID:(NSString *)theComputerUUID
|
computerUUID:(NSString *)theComputerUUID
|
||||||
|
|
@ -312,66 +266,6 @@
|
||||||
return self;
|
return self;
|
||||||
}
|
}
|
||||||
|
|
||||||
+ (NSData *)generateDataWithMasterKeys:(NSData *)theMasterKeys encryptionPassword:(NSString *)theEncryptionPassword encryptionVersion:(int)theEncryptionVersion error:(NSError **)error {
|
|
||||||
if ([theMasterKeys length] != 64 && theEncryptionVersion != 1) {
|
|
||||||
SETNSERROR([self errorDomain], -1, @"master key data must be 64 bytes");
|
|
||||||
return nil;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Create random salt.
|
|
||||||
NSData *salt = [NSData dataWithRandomBytesOfLength:SALT_LENGTH];
|
|
||||||
|
|
||||||
// Create iv.
|
|
||||||
NSData *iv = [NSData dataWithRandomBytesOfLength:IV_LENGTH];
|
|
||||||
|
|
||||||
// Derive 64-byte encryption key from theEncryptionPassword.
|
|
||||||
NSData *thePasswordData = [theEncryptionPassword dataUsingEncoding:NSUTF8StringEncoding];
|
|
||||||
void *derivedEncryptionKey = malloc(kCCKeySizeAES256 * 2);
|
|
||||||
CCKeyDerivationPBKDF(kCCPBKDF2, [thePasswordData bytes], [thePasswordData length], [salt bytes], [salt length], kCCPRFHmacAlgSHA1, KEY_DERIVATION_ROUNDS, derivedEncryptionKey, kCCKeySizeAES256 * 2);
|
|
||||||
void *derivedHMACKey = derivedEncryptionKey + kCCKeySizeAES256;
|
|
||||||
|
|
||||||
// Encrypt master keys using first 32 bytes of derived key and iv.
|
|
||||||
size_t encryptedMasterKeysLen = [theMasterKeys length] + kCCBlockSizeAES128;
|
|
||||||
NSMutableData *encryptedMasterKeys = [NSMutableData dataWithLength:encryptedMasterKeysLen];
|
|
||||||
size_t encryptedMasterKeysActualLen = 0;
|
|
||||||
CCCryptorStatus status = CCCrypt(kCCEncrypt,
|
|
||||||
kCCAlgorithmAES128,
|
|
||||||
kCCOptionPKCS7Padding,
|
|
||||||
derivedEncryptionKey,
|
|
||||||
kCCKeySizeAES256,
|
|
||||||
[iv bytes],
|
|
||||||
[theMasterKeys bytes],
|
|
||||||
[theMasterKeys length],
|
|
||||||
[encryptedMasterKeys mutableBytes],
|
|
||||||
[encryptedMasterKeys length],
|
|
||||||
&encryptedMasterKeysActualLen);
|
|
||||||
if (status != kCCSuccess) {
|
|
||||||
free(derivedEncryptionKey);
|
|
||||||
SETNSERROR([self errorDomain], -1, @"failed to encrypt master keys");
|
|
||||||
return nil;
|
|
||||||
}
|
|
||||||
[encryptedMasterKeys setLength:encryptedMasterKeysActualLen];
|
|
||||||
|
|
||||||
// Calculate HMACSHA256 of IV + encrypted master keys, using derivedHMACKey.
|
|
||||||
unsigned char hmacSHA256[CC_SHA256_DIGEST_LENGTH];
|
|
||||||
CCHmacContext hmacContext;
|
|
||||||
CCHmacInit(&hmacContext, kCCHmacAlgSHA256, derivedHMACKey, kCCKeySizeAES256);
|
|
||||||
CCHmacUpdate(&hmacContext, [iv bytes], [iv length]);
|
|
||||||
CCHmacUpdate(&hmacContext, [encryptedMasterKeys bytes], [encryptedMasterKeys length]);
|
|
||||||
CCHmacFinal(&hmacContext, hmacSHA256);
|
|
||||||
|
|
||||||
free(derivedEncryptionKey);
|
|
||||||
|
|
||||||
// Concatenate header, salt, HMACSHA256, IV and encrypted master keys.
|
|
||||||
NSMutableData *ret = [NSMutableData data];
|
|
||||||
[ret appendBytes:HEADER length:strlen(HEADER)];
|
|
||||||
[ret appendData:salt];
|
|
||||||
[ret appendBytes:hmacSHA256 length:CC_SHA256_DIGEST_LENGTH];
|
|
||||||
[ret appendData:iv];
|
|
||||||
[ret appendData:encryptedMasterKeys];
|
|
||||||
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
- (BOOL)loadPrivateKeyFromData:(NSError **)error {
|
- (BOOL)loadPrivateKeyFromData:(NSError **)error {
|
||||||
if ([data length] < (strlen(HEADER) + SALT_LENGTH + CC_SHA256_DIGEST_LENGTH + IV_LENGTH + 1)) {
|
if ([data length] < (strlen(HEADER) + SALT_LENGTH + CC_SHA256_DIGEST_LENGTH + IV_LENGTH + 1)) {
|
||||||
SETNSERROR([self errorDomain], -1, @"not enough bytes in dat file");
|
SETNSERROR([self errorDomain], -1, @"not enough bytes in dat file");
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue