Roeland Jago Douma
be3afd1291
Add FileEncryptJob and FileDecryptJob
...
This handles encryption and decryption of files.
Just create the job and start off.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-12-14 16:54:56 +01:00
Tomaz Canabrava
c592871f94
[CSE] Do not handle b64 inside of the decrypt function
...
the decrypt function should deal with the raw data always.
2017-12-13 16:37:52 +01:00
Tomaz Canabrava
9916583ffa
[CSE] More verbose output
2017-12-12 21:50:30 +01:00
Roeland Jago Douma
25734afd39
First base64 decode
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-12-12 21:42:37 +01:00
Tomaz Canabrava
ea3558faf6
[CSE] Fix strings
2017-12-12 21:29:06 +01:00
Tomaz Canabrava
159c0e138f
[CSE] Add a DecryptAsync method
...
Also, cleanup a bit of the old calls. One particular difference
is that I used to set padding to 1 and it should actually be
PKCS1_OAEP_PADDING
2017-12-12 21:23:02 +01:00
Tomaz Canabrava
aca298ca64
[CSE] Be explicit that async encryption uses publicKey
2017-12-12 20:14:31 +01:00
Tomaz Canabrava
2127b2629d
[CSE] Move encryption related network jobs to its own file
...
Move encryption related network jobs to it's own file,
the original file was starting to be just way too big.
2017-12-12 19:36:47 +01:00
Tomaz Canabrava
f6f078d1ee
[CSE] Rename Variable
2017-12-12 16:15:05 +01:00
Tomaz Canabrava
ce37235cc4
[CSE] Retrieve the Private Key from the KeyChain
...
This fixes one thing and exposes a bug.
the MetadataKeys are not being correctly unencrypted.
2017-12-12 16:09:49 +01:00
Tomaz Canabrava
0a58ea76e5
[CSE] Start the work with an existing metadata
2017-12-12 15:35:53 +01:00
Tomaz Canabrava
0a83d3e743
[CSE] Fix reading the public key for the metadata
...
This broke when we started to use QSslKey and the Qt Keychain
framework.
2017-12-08 11:24:22 +01:00
Tomaz Canabrava
4878e824e5
[CSE] Fix reading encrypted status of folders.
2017-12-07 19:04:12 +01:00
Tomaz Canabrava
893ca66af8
[CSE] Fix indentation
...
Parts of the code are indented by spaces, other parts by tabs.
This needs to run in the whole codebase.
2017-12-07 18:12:25 +01:00
Tomaz Canabrava
19120fde9f
[CSE] Don't query for files on GetFolderEncryptStatusJob
...
The request for folders whas also replying for files.
2017-12-07 18:10:14 +01:00
Tomaz Canabrava
7fe4dd2163
[CSE] Renane GetFolderEncryptStatus to GetFolderEncryptStatusJob
...
it's a network job after all
2017-12-07 18:06:55 +01:00
Tomaz Canabrava
863e86138f
[CSE] Pass the folder to the GetEncryptionStatus
...
Sometimes we are only interested in folders.
2017-12-07 17:32:35 +01:00
Roeland Jago Douma
0f60deb043
Store and retrieve keys in keychain
...
* Store privatekey, certificate and mnemonic in keychain
* Retrieve private + public key from server
- ask for mnemonic to decrypt private key
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-28 12:36:35 +01:00
Tomaz Canabrava
47b5cd0fbb
[CSE] Shows correctly Encrypt / Decrypt in the menu
2017-11-27 21:19:54 +01:00
Tomaz Canabrava
dd903d447f
[CSE] Store the encryption status without the webdav url
...
The Folder information on the desktop client doesn't
knows about the webdav layout aparently.
2017-11-27 21:09:13 +01:00
Tomaz Canabrava
d2d2df4c75
[CSE] Try to find the webdav url of a folder.
2017-11-27 21:06:38 +01:00
Roeland Jago Douma
ffb9f69cf6
Start with moving data to the keychain
...
* Check for cert + privateKey in keychain
* Work with QSslKey and QSslCertificate
* Abstract reading the BIO's a bit more
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-27 16:21:53 +01:00
Tomaz Canabrava
e3050f7456
[CSE] Pass by reference, return by value.
...
Also, Do not create variables in the heap to change it's value
via reference, prefer an aggregation value. use a Typedef to
fully specify what you want in return.
2017-11-27 15:21:29 +01:00
Roeland Jago Douma
9cbe795045
Move more encryption functions to encryption helper
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-25 21:43:15 +01:00
Roeland Jago Douma
e0fbdfe175
Remove obsolete encryption functions
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-25 15:50:47 +01:00
Roeland Jago Douma
12adff76e2
Properly decrypt private key and send it to the server
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-24 22:10:28 +01:00
Roeland Jago Douma
6d145a676b
Added EncryptionHelper
...
This is to move generic encryption methods out of the main code and into
small helper functions. So we don't scatter the encryption code all over
the place.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-24 21:05:21 +01:00
Tomaz Canabrava
45d9323653
[CSE] Update encryption status when folder is updated
2017-11-23 16:55:12 +01:00
Tomaz Canabrava
d31aa7836a
[CSE] Add job to find what folders are encrypted.
...
This still needs to be correctly setuped in the call chain.
The job returns a QVariantMap with the folder-webdav-url
and the encrypted status.
2017-11-20 21:38:17 +01:00
Tomaz Canabrava
14aeb6921b
[CSE] Fix invalid memory access
2017-11-13 18:15:08 +01:00
Tomaz Canabrava
6351c01ee7
[CSE] Remember the token for folders
2017-11-13 17:04:02 +01:00
Tomaz Canabrava
22a2ab8999
[CSE] Start to send the metadata to the server
2017-11-13 16:46:30 +01:00
Tomaz Canabrava
4755b8c8a3
[CSE] More warnings
2017-11-12 13:03:52 +01:00
Tomaz Canabrava
19d64e6308
[CSE] Remove warnings
2017-11-12 12:55:12 +01:00
Tomaz Canabrava
685ceacace
[CSE] Memleaks
2017-11-11 16:25:38 +01:00
Tomaz Canabrava
ee4a848d9a
[CSE] Correctly Unlock the Folder
...
Wireshark is love, and life.
2017-11-06 20:58:30 +01:00
Tomaz Canabrava
7290cf2813
[CSE] Adjust the CN accordingly to the server
2017-11-06 20:57:50 +01:00
Roeland Jago Douma
131fd4e483
Fix encryptJSON and descryptJSON
...
Now working with tag
Basically we called EVP_*Update to much which resulted in weird output.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-03 18:00:05 +01:00
Tomaz Canabrava
be9cd358d4
[CSE] Bypass Qt DELETE Bug
...
It appears that Qt implementation of the DELETE http request
does not send bodyData, and we need that for Nextcloud.
Currently I changed the http request on the server side
to accept a POST instead of a DELETE, so I can actually
develop.
Also, I already poked the Qt developers that did this code.
2017-11-03 17:00:28 +01:00
Tomaz Canabrava
6ad6852045
[CSE] Cleanup - remove commented metadata.
2017-11-03 16:59:39 +01:00
Tomaz Canabrava
5514f14e88
[CSE] Get and send the lock - token
2017-11-03 15:12:12 +01:00
Tomaz Canabrava
b53003792f
[CSE] Removed lambdas for Metadata / Lock / Unlock
2017-11-03 12:34:30 +01:00
Tomaz Canabrava
6facd29663
[CSE] Start to break the lambdas
...
Lambda within a lambda is a terrible idea,
Use default signal / slot connections with a
method instead.
2017-11-03 12:00:25 +01:00
Tomaz Canabrava
d7e05c9b05
[CSE] Comment out broken code.
...
But why it's broken?
2017-11-03 11:20:44 +01:00
Roeland Jago Douma
8e3e3a4575
Be java compatible and store the tag at the end of the cipher text
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-02 12:39:42 +01:00
Tomaz Canabrava
8d537fdd3c
[CSE] Get Metadata from the server
2017-11-01 18:32:33 +01:00
Tomaz Canabrava
4a66cf11d2
[CSE] Send Metadata to the server
2017-11-01 18:21:30 +01:00
Tomaz Canabrava
2698759525
[CSE] Implement the Folder Unlock api job
2017-11-01 17:54:17 +01:00
Tomaz Canabrava
1b1add5ead
[CSE] Add api to lock file
2017-11-01 17:36:54 +01:00
Tomaz Canabrava
e5fdcd2f38
[CSE] Add TODO:
2017-11-01 16:48:19 +01:00
Tomaz Canabrava
ef2529ca44
[CSE] Set padding to 0 for the Rsa encryption
...
Also, commented out the finalization of the decrypt operation
because that was messing with the encryption. There's something
wrong here but I need to get this working and I can fix stuff
later.
2017-11-01 16:13:17 +01:00
Tomaz Canabrava
1a891423e5
[CSE] Call the decryption function to test.
2017-11-01 15:48:40 +01:00
Tomaz Canabrava
41ebcd0b7e
[CSE] Decryption of the metadata blob
2017-11-01 15:29:14 +01:00
Tomaz Canabrava
77ec3b086d
[CSE] Remember to finalize encryption
2017-11-01 15:24:19 +01:00
Tomaz Canabrava
88d87bf0ca
[CSE] Convert encrypted bitearray to Base64
...
also, start the decrypt.
2017-11-01 14:46:32 +01:00
Tomaz Canabrava
eb43fa1459
[CSE] Internal metadata encryption working
2017-10-31 17:52:01 +01:00
Tomaz Canabrava
8793fdbc69
[CSE] Remember to actually use the correct variable
2017-10-31 16:06:01 +01:00
Tomaz Canabrava
4bb7ebb6aa
[CSE] Convert the base64 data to raw, for the decyrption
2017-10-31 13:17:22 +01:00
Tomaz Canabrava
3628f3739d
[CSE] Start the decryption of the metadata
2017-10-31 13:06:20 +01:00
Tomaz Canabrava
b28b4705de
[CSE] Correctly store the encrypted metadata
...
Missing the conversion to base64.
2017-10-31 12:07:47 +01:00
Tomaz Canabrava
c7d9abbea3
[CSE] Rework pubkeyPath to be able to fetch pubKey
2017-10-30 20:02:55 +01:00
Tomaz Canabrava
a986532442
[CSE] Generate a random password for the metadata.
2017-10-30 19:08:03 +01:00
Tomaz Canabrava
cf56d58241
[CSE] Start the encryption of the metadataKey
2017-10-30 19:05:55 +01:00
Tomaz Canabrava
c695c50c33
[CSE] Implement the empty metadata
...
Signed-off-by: Tomaz Canabrava <tcanabrava@kde.org>
2017-10-30 15:40:05 +01:00
Roeland Jago Douma
238f0b3610
Add note
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-24 15:53:17 +02:00
Roeland Jago Douma
817baf292d
Use EVP_aes_128_gcm
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-24 15:51:53 +02:00
Roeland Jago Douma
ca6fa7b341
Update decryp function
...
* Do not use AAD
* Do not try to decrypt the last 16 bytes as Android adds the tag there
by default
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-24 15:51:53 +02:00
Roeland Jago Douma
bacbf337d2
Update encryption function
...
* Do not use padding
* Do not use the ADD data
* Append the tag to the ciphertext to be compatible with Android
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-24 15:51:53 +02:00
Tomaz Canabrava
476fe66043
[CSE] Add beginnign of the code to deal with the metadata
2017-10-23 21:06:26 +02:00
Tomaz Canabrava
23f5bb7ed9
[CSE] Move network jobs out of networkjobs.h
...
Since those networkjobs are all about client side
encryption, mvoe them to clientsideencryption.h
This will help with fewer conflicts with the origin.
2017-10-23 21:06:26 +02:00
Tomaz Canabrava
1a47052aa3
[CSE] Remove unused function
...
This is already being called from somwhere else.
2017-10-18 21:51:39 +02:00
Tomaz Canabrava
623eb29845
[CSE] Helper functions for the URL's
2017-10-18 21:51:39 +02:00
Tomaz Canabrava
0b50afe915
[CSE] Correctly Set's the client as connected
...
If we manage to encrypt and upload the private key
to the server, the client is in it's connected state.
2017-10-18 21:51:39 +02:00
Tomaz Canabrava
cfb6e3be8c
[CSE] Send the Private Key to the server
2017-10-18 21:51:38 +02:00
Tomaz Canabrava
78136a10b0
[CSE] Debug statements to help find the encrypt error
2017-10-18 21:51:38 +02:00
Tomaz Canabrava
08dfe86f37
[CSE] Adjust the calls to ent-to-end encryption
...
We changed the name.
2017-10-18 21:51:38 +02:00
Tomaz Canabrava
0f1480728e
[cse] Use fake data to verify the encryption
...
beware, this is broken.
2017-10-18 21:51:38 +02:00
Tomaz Canabrava
ba3d2a61d5
[cse] Call the encrypt and decrypt functions on fake data
2017-10-18 21:51:38 +02:00
Tomaz Canabrava
e0d368cbb3
[cse] Update the encrypt and decrypt algorithm to GCM
2017-10-18 21:51:38 +02:00
Tomaz Canabrava
4f7265c04f
[aes] Create the Decrypt function.
2017-10-18 21:51:38 +02:00
Tomaz Canabrava
6b53b4f257
[cse] Add the crypt method, based on OpenSSL Wiki
2017-10-18 21:51:38 +02:00
Tomaz Canabrava
77c0309e02
[cse] use PKCS5_PBKDF2_HMAC_SHA1 on the random-word passphrase
2017-10-18 21:51:38 +02:00
Tomaz Canabrava
5395fc56b1
[cse] Start the encryption algorithm for the Private Key
2017-10-18 21:51:38 +02:00
Tomaz Canabrava
69c709714d
[cse] Save signed key on disk
2017-10-18 21:51:37 +02:00
Tomaz Canabrava
090336c928
[cse] Correctly send the CSR
...
finally.
Signed-off-by: Tomaz Canabrava <tcanabrava@kde.org>
2017-10-18 21:51:37 +02:00
Tomaz Canabrava
307dfd195c
[cse] Call the CSR job.
...
There's something wrong on the CSR job that I need to discover.
2017-10-18 21:51:37 +02:00
Tomaz Canabrava
ecb05020a9
[cse] Do not save the certificate on disk
...
Store it on memory, and discard it as soon as no longer
needed.
2017-10-18 21:51:37 +02:00
Tomaz Canabrava
d2992d92ba
[cse] Generate the CSE
...
I still need to send it to the server. It's been a long
learning with the OpenSSL library.
2017-10-18 21:51:37 +02:00
Tomaz Canabrava
42a3098595
[cse] s/scr/csr
2017-10-18 21:51:37 +02:00
Tomaz Canabrava
58e2e6b30b
[cse] Generate the public / private keys and store locally
...
Now I need to understand what the hell I need to do
to send this to the server.
2017-10-18 21:51:37 +02:00
Tomaz Canabrava
8c342cb1dd
[cse] Generate the KeyPair
...
Not stored anywhere yet, but it's correctly running.
2017-10-18 21:51:37 +02:00
Tomaz Canabrava
17693a75e5
[cse] Request public key from server
...
This is the first step needed to properly communicate.
Next, get private key.
2017-10-18 21:51:37 +02:00
Tomaz Canabrava
29b64640fa
[cse] Start to fetch the basics to fetch the key from the server
2017-10-18 21:51:37 +02:00
Tomaz Canabrava
3f4d915a17
[cse] Add files to handle client side encryption
...
This will be the responsible for encryption,
decryption and talking with the server.
2017-10-18 21:51:36 +02:00