SEcube open-source SDK
|
In this file you will find the implementation of the functions already described in SEfile.h and SEfile_C_interface.h. More...
Functions | |
uint16_t | get_secure_context (std::string &filename, std::string *keyid, uint16_t *algo) |
This function retrieves the key ID and the algorithm used to encrypt the file specified by filename. More... | |
uint16_t | secure_mkdir (std::string &path, L1 *SEcubeptr, uint32_t key) |
This function creates a directory with an encrypted name. More... | |
uint16_t | secure_ls (std::string &path, std::vector< std::pair< std::string, std::string >> &list, L1 *SEcubeptr) |
This function identifies which encrypted files and encrypted directories are present in the directory pointed by path and writes them in list. More... | |
uint16_t | crypt_dirname (std::string &path, char *encDirname, uint32_t *enc_len, L1 *SEcubeptr, uint32_t key) |
This function is used to compute the ciphertext of a directory name stored in dirname. More... | |
uint16_t | decrypt_dirname (std::string &path, char *decDirname, L1 *SEcubeptr) |
This function is used to compute the plaintext of am encrypted directory name stored in dirname. More... | |
uint16_t | encrypt_name (void *buff1, void *buff2, size_t size, uint16_t direction, L1 *SEcubeptr, uint32_t key) |
Internally used by crypt_dirname and decrypt_dirname(). | |
uint16_t | decrypt_filename (std::string &path, char *filename, L1 *SEcubeptr) |
This function is used to compute the plaintext of an encrypted filename stored in path. More... | |
uint16_t | crypto_filename (char *path, char *enc_name, uint16_t *encoded_length) |
This function computes the encrypted name of the file specified as path. More... | |
uint16_t | secure_getfilesize (char *path, uint32_t *position, L1 *SEcubeptr) |
This function is used to get the total logic size of an encrypted file pointed by path. Logic size will always be smaller than physical size because it takes into account the overhead introduced by SEfile. More... | |
uint16_t | secure_recrypt (std::string path, uint32_t key, L1 *SEcubeptr) |
This function re-encrypts an encrypted file pointed by path with the new key specified as parameter. More... | |
void | compute_blk_offset (size_t current_offset, uint8_t *nonce) |
Internally used by SEfile functions. | |
uint16_t | valid_directory_name (std::string &name) |
This function checks if the given name can be a valid SEfile directory name. More... | |
uint16_t | valid_file_name (std::string &name) |
This function checks if the given name can be a valid SEfile file name. More... | |
size_t | pos_to_cipher_block (size_t current_position) |
Internally used by SEfile functions. | |
void | get_path (char *full_path, char *path) |
Extract the path of a file removing the file name. | |
void | get_filename (char *path, char *file_name) |
Extract the name of a file from its path. | |
Variables | |
bool | override_key_check = false |
Global flag that is used to bypass the validity check of a key to read or write encrypted data. It is used only to re-encrypt data belonging to a compromised file. | |
In this file you will find the implementation of the functions already described in SEfile.h and SEfile_C_interface.h.
uint16_t crypt_dirname | ( | std::string & | path, |
char * | encDirname, | ||
uint32_t * | enc_len, | ||
L1 * | SEcubeptr, | ||
uint32_t | key | ||
) |
This function is used to compute the ciphertext of a directory name stored in dirname.
[in] | path | Path to the directory whose name has to be encrypted. |
[out] | encDirname | A preallocated string where to store the encrypted directory name. |
[out] | enc_len | Where to store how many bytes the encrypted directory name is long. Can be NULL. |
[in] | SEcubeptr | Pointer to the L1 object used to communicate with the SEcube. |
[in] | key | ID of the key to be used to encrypt the name of the new directory. |
uint16_t crypto_filename | ( | char * | path, |
char * | enc_name, | ||
uint16_t * | encoded_length | ||
) |
This function computes the encrypted name of the file specified as path.
[in] | path | Absolute or relative path of a file (it must be plaintext, it cannot be a directory). |
[out] | enc_name | Pre-allocated char array where the encrypted filename should be stored. |
[out] | encoded_length | Length of the encrypted filename. |
The encrypted filename is the SHA-256 digest of the original name. It is expressed as a string of 64 characters (HEX format).
uint16_t decrypt_dirname | ( | std::string & | path, |
char * | decDirname, | ||
L1 * | SEcubeptr | ||
) |
This function is used to compute the plaintext of am encrypted directory name stored in dirname.
[in] | dirpath | Path to the directory whose name has to be decrypted. |
[out] | decDirname | A preallocated char array where to store the decrypted directory name. |
[in] | SEcubeptr | Pointer to the L1 object used to communicate with the SEcube. |
uint16_t decrypt_filename | ( | std::string & | path, |
char * | filename, | ||
L1 * | SEcubeptr | ||
) |
This function is used to compute the plaintext of an encrypted filename stored in path.
[in] | path | Where the encrypted file is stored, it can be an absolute or relative path. No encrypted directory names are allowed. |
[out] | filename | A preallocated string where to store the plaintext filename. |
[in] | SEcubeptr | Pointer to the L1 object used to communicate with the SEcube. |
get_secure_context | ( | std::string & | filename, |
std::string * | keyid, | ||
uint16_t * | algo | ||
) |
This function retrieves the key ID and the algorithm used to encrypt the file specified by filename.
[in] | filename | Absolute or relative path of the file. |
[out] | keyid | The ID of the key used to encrypt the file. |
[out] | algo | The algorithm used to encrypt the file. |
uint16_t secure_getfilesize | ( | char * | path, |
uint32_t * | position, | ||
L1 * | SEcubeptr | ||
) |
This function is used to get the total logic size of an encrypted file pointed by path. Logic size will always be smaller than physical size because it takes into account the overhead introduced by SEfile.
[in] | path | Absolute or relative path the file. |
[out] | position | Where the size of the file is stored. |
[in] | SEcubeptr | Pointer to the L1 object used to communicate with the SEcube. |
uint16_t secure_ls | ( | std::string & | path, |
std::vector< std::pair< std::string, std::string >> & | list, | ||
L1 * | SEcubeptr | ||
) |
This function identifies which encrypted files and encrypted directories are present in the directory pointed by path and writes them in list.
[in] | path | Absolute or relative path to the directory to browse. |
[out] | list | List of pairs containing the encrypted name and the decrypted name. |
[in] | SEcubeptr | Pointer to the L1 object used to communicate with the SEcube. |
Notice that, if the name of a file or of a directory belonging to the path is not associated to SEfile, then it is copied as it is in the list. This function is not recursive.
uint16_t secure_mkdir | ( | std::string & | path, |
L1 * | SEcubeptr, | ||
uint32_t | key | ||
) |
This function creates a directory with an encrypted name.
[in] | path | Absolute or relative path of the new directory. |
[in] | SEcubeptr | Pointer to the L1 object used to communicate with the SEcube. |
[in] | key | ID of the key to be used to encrypt the name of the new directory. |
secure_recrypt | ( | std::string | path, |
uint32_t | key, | ||
L1 * | SEcubeptr | ||
) |
This function re-encrypts an encrypted file pointed by path with the new key specified as parameter.
[in] | path | Absolute or relative path of the file. |
[in] | key | The ID of the key used to encrypt the file. |
[in] | SEcubeptr | Pointer to the L1 object used to communicate with the SEcube. |
This function should be used to re-encrypt a file that was encrypted with a key that is not trusted anymore (i.e. a compromised key).
uint16_t valid_directory_name | ( | std::string & | name | ) |
This function checks if the given name can be a valid SEfile directory name.
[in] | name | Name of the directory. |
This function takes as input the name of a directory and checks if it matches the requirements of an encrypted directory name create with secure_mkdir() (i.e. alphanumeric characters, minimum number of characters, etc.).
uint16_t valid_file_name | ( | std::string & | name | ) |
This function checks if the given name can be a valid SEfile file name.
[in] | name | Name of the file. |
This function takes as input the name of a file and checks if it matches the requirements of an encrypted file name created with crypto_filename() (i.e. alphanumeric characters, minimum number of characters, etc.).