From c240d107f689a93629cba40b35b2f08ea162d05d Mon Sep 17 00:00:00 2001 From: Arseny Smirnov Date: Fri, 6 Apr 2018 16:41:38 +0300 Subject: [PATCH] Secure{File,Data}->EncryptedSecure{File,Data} GitOrigin-RevId: 78b4ca08ccbd8d6ded6bb0a3bf56795cf9547354 --- td/telegram/SecureManager.cpp | 2 +- td/telegram/SecureManager.h | 2 +- td/telegram/SecureValue.cpp | 61 ++++++++++++++++++----------------- td/telegram/SecureValue.h | 53 +++++++++++++++--------------- td/telegram/SecureValue.hpp | 8 ++--- 5 files changed, 65 insertions(+), 61 deletions(-) diff --git a/td/telegram/SecureManager.cpp b/td/telegram/SecureManager.cpp index a30c95ca..fbec4770 100644 --- a/td/telegram/SecureManager.cpp +++ b/td/telegram/SecureManager.cpp @@ -234,7 +234,7 @@ void SetSecureValue::on_result(NetQueryPtr query) { stop(); } -void SetSecureValue::merge(FileManager *file_manager, FileId file_id, SecureFile &encrypted_file) { +void SetSecureValue::merge(FileManager *file_manager, FileId file_id, EncryptedSecureFile &encrypted_file) { auto file_view = file_manager->get_file_view(file_id); CHECK(!file_view.empty()); CHECK(file_view.encryption_key().has_value_hash()); diff --git a/td/telegram/SecureManager.h b/td/telegram/SecureManager.h index e870e90c..1061105a 100644 --- a/td/telegram/SecureManager.h +++ b/td/telegram/SecureManager.h @@ -84,7 +84,7 @@ class SetSecureValue : public NetQueryCallback { void on_result(NetQueryPtr query) override; void start_upload(FileManager *file_manager, FileId file_id, SecureInputFile &info); - void merge(FileManager *file_manager, FileId file_id, SecureFile &encrypted_file); + void merge(FileManager *file_manager, FileId file_id, EncryptedSecureFile &encrypted_file); }; class SecureManager : public Actor { diff --git a/td/telegram/SecureValue.cpp b/td/telegram/SecureValue.cpp index 233ce5f0..d0769724 100644 --- a/td/telegram/SecureValue.cpp +++ b/td/telegram/SecureValue.cpp @@ -142,17 +142,18 @@ vector> get_passport_data_types_obj return transform(types, get_passport_data_type_object); } -bool operator==(const SecureFile &lhs, const SecureFile &rhs) { +bool operator==(const EncryptedSecureFile &lhs, const EncryptedSecureFile &rhs) { return lhs.file_id == rhs.file_id && lhs.file_hash == rhs.file_hash && lhs.encrypted_secret == rhs.encrypted_secret; } -bool operator!=(const SecureFile &lhs, const SecureFile &rhs) { +bool operator!=(const EncryptedSecureFile &lhs, const EncryptedSecureFile &rhs) { return !(lhs == rhs); } -SecureFile get_secure_file(FileManager *file_manager, tl_object_ptr &&secure_file_ptr) { +EncryptedSecureFile get_secure_file(FileManager *file_manager, + tl_object_ptr &&secure_file_ptr) { CHECK(secure_file_ptr != nullptr); - SecureFile result; + EncryptedSecureFile result; switch (secure_file_ptr->get_id()) { case telegram_api::secureFileEmpty::ID: break; @@ -176,9 +177,9 @@ SecureFile get_secure_file(FileManager *file_manager, tl_object_ptr get_secure_files(FileManager *file_manager, - vector> &&secure_files) { - vector results; +vector get_secure_files(FileManager *file_manager, + vector> &&secure_files) { + vector results; results.reserve(secure_files.size()); for (auto &secure_file : secure_files) { auto result = get_secure_file(file_manager, std::move(secure_file)); @@ -190,7 +191,7 @@ vector get_secure_files(FileManager *file_manager, } telegram_api::object_ptr get_input_secure_file_object(FileManager *file_manager, - const SecureFile &file, + const EncryptedSecureFile &file, SecureInputFile &input_file) { CHECK(file_manager->get_file_view(file.file_id).file_id() == file_manager->get_file_view(input_file.file_id).file_id()); @@ -207,7 +208,7 @@ telegram_api::object_ptr get_input_secure_file_ob return res; } -td_api::object_ptr get_encrypted_file_object(FileManager *file_manager, const SecureFile &file) { +td_api::object_ptr get_encrypted_file_object(FileManager *file_manager, const EncryptedSecureFile &file) { auto file_view = file_manager->get_file_view(file.file_id); auto file_id = file_manager->register_remote( FullRemoteFileLocation(FileType::SecureRaw, file_view.remote_location().get_id(), @@ -217,13 +218,13 @@ td_api::object_ptr get_encrypted_file_object(FileManager *file_man } vector> get_encrypted_files_object(FileManager *file_manager, - const vector &files) { - return transform(files, - [file_manager](const SecureFile &file) { return get_encrypted_file_object(file_manager, file); }); + const vector &files) { + return transform( + files, [file_manager](const EncryptedSecureFile &file) { return get_encrypted_file_object(file_manager, file); }); } vector> get_input_secure_files_object( - FileManager *file_manager, const vector &files, vector &input_files) { + FileManager *file_manager, const vector &files, vector &input_files) { CHECK(files.size() == input_files.size()); vector> res; res.resize(files.size()); @@ -234,24 +235,24 @@ vector> get_input_secure return res; } -bool operator==(const SecureData &lhs, const SecureData &rhs) { +bool operator==(const EncryptedSecureData &lhs, const EncryptedSecureData &rhs) { return lhs.data == rhs.data && lhs.hash == rhs.hash && lhs.encrypted_secret == rhs.encrypted_secret; } -bool operator!=(const SecureData &lhs, const SecureData &rhs) { +bool operator!=(const EncryptedSecureData &lhs, const EncryptedSecureData &rhs) { return !(lhs == rhs); } -SecureData get_secure_data(tl_object_ptr &&secure_data) { +EncryptedSecureData get_secure_data(tl_object_ptr &&secure_data) { CHECK(secure_data != nullptr); - SecureData result; + EncryptedSecureData result; result.data = secure_data->data_.as_slice().str(); result.hash = secure_data->data_hash_.as_slice().str(); result.encrypted_secret = secure_data->secret_.as_slice().str(); return result; } -telegram_api::object_ptr get_secure_data_object(const SecureData &data) { +telegram_api::object_ptr get_secure_data_object(const EncryptedSecureData &data) { return telegram_api::make_object(BufferSlice(data.data), BufferSlice(data.hash), BufferSlice(data.encrypted_secret)); } @@ -404,7 +405,7 @@ td_api::object_ptr get_passport_data_object(FileManager *f } Result decrypt_secure_file(FileManager *file_manager, const secure_storage::Secret &master_secret, - const SecureFile &secure_file) { + const EncryptedSecureFile &secure_file) { if (!secure_file.file_id.is_valid()) { return secure_file.file_id; } @@ -418,7 +419,7 @@ Result decrypt_secure_file(FileManager *file_manager, const secure_stora } Result> decrypt_secure_files(FileManager *file_manager, const secure_storage::Secret &secret, - const vector &secure_files) { + const vector &secure_files) { vector res; res.reserve(secure_files.size()); for (auto &file : secure_files) { @@ -428,7 +429,8 @@ Result> decrypt_secure_files(FileManager *file_manager, const sec return std::move(res); } -Result decrypt_secure_data(const secure_storage::Secret &master_secret, const SecureData &secure_data) { +Result decrypt_secure_data(const secure_storage::Secret &master_secret, + const EncryptedSecureData &secure_data) { TRY_RESULT(hash, secure_storage::ValueHash::create(secure_data.hash)); TRY_RESULT(encrypted_secret, secure_storage::EncryptedSecret::create(secure_data.encrypted_secret)); TRY_RESULT(secret, encrypted_secret.decrypt(PSLICE() << master_secret.as_slice() << hash.as_slice())); @@ -458,8 +460,8 @@ Result decrypt_encrypted_secure_value(FileManager *file_manager, co return std::move(res); } -SecureFile encrypt_secure_file(FileManager *file_manager, const secure_storage::Secret &master_secret, FileId file, - string &to_hash) { +EncryptedSecureFile encrypt_secure_file(FileManager *file_manager, const secure_storage::Secret &master_secret, + FileId file, string &to_hash) { auto file_view = file_manager->get_file_view(file); if (file_view.empty()) { return {}; @@ -474,7 +476,7 @@ SecureFile encrypt_secure_file(FileManager *file_manager, const secure_storage:: } auto value_hash = file_view.encryption_key().value_hash(); auto secret = file_view.encryption_key().secret(); - SecureFile res; + EncryptedSecureFile res; res.file_id = file; res.file_hash = value_hash.as_slice().str(); res.encrypted_secret = secret.encrypt(PSLICE() << master_secret.as_slice() << value_hash.as_slice()).as_slice().str(); @@ -484,16 +486,17 @@ SecureFile encrypt_secure_file(FileManager *file_manager, const secure_storage:: return res; } -vector encrypt_secure_files(FileManager *file_manager, const secure_storage::Secret &master_secret, - vector files, string &to_hash) { +vector encrypt_secure_files(FileManager *file_manager, const secure_storage::Secret &master_secret, + vector files, string &to_hash) { return transform(files, [&](auto file_id) { return encrypt_secure_file(file_manager, master_secret, file_id, to_hash); }); } -SecureData encrypt_secure_data(const secure_storage::Secret &master_secret, Slice data, string &to_hash) { +EncryptedSecureData encrypt_secure_data(const secure_storage::Secret &master_secret, Slice data, string &to_hash) { + namespace ss = secure_storage; auto secret = secure_storage::Secret::create_new(); auto encrypted = encrypt_value(secret, data).move_as_ok(); - SecureData res; + EncryptedSecureData res; res.encrypted_secret = secret.encrypt(PSLICE() << master_secret.as_slice() << encrypted.hash.as_slice()).as_slice().str(); res.data = encrypted.data.as_slice().str(); @@ -510,7 +513,7 @@ EncryptedSecureValue encrypt_secure_value(FileManager *file_manager, const secur switch (res.type) { case SecureValueType::EmailAddress: case SecureValueType::PhoneNumber: - res.data = SecureData{secure_value.data, "", ""}; + res.data = EncryptedSecureData{secure_value.data, "", ""}; res.hash = secure_storage::calc_value_hash(secure_value.data).as_slice().str(); break; default: { diff --git a/td/telegram/SecureValue.h b/td/telegram/SecureValue.h index 584ce6e1..2f6ebf91 100644 --- a/td/telegram/SecureValue.h +++ b/td/telegram/SecureValue.h @@ -46,54 +46,55 @@ td_api::object_ptr get_secure_value_type_telegram vector> get_passport_data_types_object( const vector &types); -struct SecureFile { +struct EncryptedSecureFile { FileId file_id; string file_hash; string encrypted_secret; }; -bool operator==(const SecureFile &lhs, const SecureFile &rhs); -bool operator!=(const SecureFile &lhs, const SecureFile &rhs); +bool operator==(const EncryptedSecureFile &lhs, const EncryptedSecureFile &rhs); +bool operator!=(const EncryptedSecureFile &lhs, const EncryptedSecureFile &rhs); -SecureFile get_secure_file(FileManager *file_manager, tl_object_ptr &&secure_file_ptr); +EncryptedSecureFile get_secure_file(FileManager *file_manager, + tl_object_ptr &&secure_file_ptr); -vector get_secure_files(FileManager *file_manager, - vector> &&secure_files); +vector get_secure_files(FileManager *file_manager, + vector> &&secure_files); struct SecureInputFile { FileId file_id; tl_object_ptr input_file; }; telegram_api::object_ptr get_input_secure_file_object(FileManager *file_manager, - const SecureFile &file, + const EncryptedSecureFile &file, SecureInputFile &input_file); -td_api::object_ptr get_encrypted_file_object(FileManager *file_manager, const SecureFile &file); +td_api::object_ptr get_encrypted_file_object(FileManager *file_manager, const EncryptedSecureFile &file); vector> get_encrypted_files_object(FileManager *file_manager, - const vector &files); + const vector &files); vector> get_input_secure_files_object( - FileManager *file_manager, const vector &file, vector &input_files); + FileManager *file_manager, const vector &file, vector &input_files); -struct SecureData { +struct EncryptedSecureData { string data; string hash; string encrypted_secret; }; -bool operator==(const SecureData &lhs, const SecureData &rhs); -bool operator!=(const SecureData &lhs, const SecureData &rhs); +bool operator==(const EncryptedSecureData &lhs, const EncryptedSecureData &rhs); +bool operator!=(const EncryptedSecureData &lhs, const EncryptedSecureData &rhs); -SecureData get_secure_data(tl_object_ptr &&secure_data); +EncryptedSecureData get_secure_data(tl_object_ptr &&secure_data); -telegram_api::object_ptr get_secure_data_object(const SecureData &data); +telegram_api::object_ptr get_secure_data_object(const EncryptedSecureData &data); struct EncryptedSecureValue { SecureValueType type = SecureValueType::None; - SecureData data; - vector files; - SecureFile selfie; + EncryptedSecureData data; + vector files; + EncryptedSecureFile selfie; string hash; // memory only }; @@ -142,18 +143,18 @@ Result get_secure_value(FileManager *file_manager, td_api::object_ptr get_passport_data_object(FileManager *file_manager, const SecureValue &value); Result decrypt_secure_file(FileManager *file_manager, const secure_storage::Secret &secret, - const SecureFile &secure_file); + const EncryptedSecureFile &secure_file); Result> decrypt_secure_files(FileManager *file_manager, const secure_storage::Secret &secret, - const vector &secure_file); -Result decrypt_secure_data(const secure_storage::Secret &secret, const SecureData &secure_data); + const vector &secure_file); +Result decrypt_secure_data(const secure_storage::Secret &secret, const EncryptedSecureData &secure_data); Result decrypt_encrypted_secure_value(FileManager *file_manager, const secure_storage::Secret &secret, const EncryptedSecureValue &encrypted_secure_value); -SecureFile encrypt_secure_file(FileManager *file_manager, const secure_storage::Secret &master_secret, FileId file, - string &to_hash); -vector encrypt_secure_files(FileManager *file_manager, const secure_storage::Secret &master_secret, - vector files, string &to_hash); -SecureData encrypt_secure_data(const secure_storage::Secret &master_secret, Slice data, string &to_hash); +EncryptedSecureFile encrypt_secure_file(FileManager *file_manager, const secure_storage::Secret &master_secret, + FileId file, string &to_hash); +vector encrypt_secure_files(FileManager *file_manager, const secure_storage::Secret &master_secret, + vector files, string &to_hash); +EncryptedSecureData encrypt_secure_data(const secure_storage::Secret &master_secret, Slice data, string &to_hash); EncryptedSecureValue encrypt_secure_value(FileManager *file_manager, const secure_storage::Secret &master_secret, const SecureValue &secure_value); diff --git a/td/telegram/SecureValue.hpp b/td/telegram/SecureValue.hpp index 82789438..fc209043 100644 --- a/td/telegram/SecureValue.hpp +++ b/td/telegram/SecureValue.hpp @@ -15,28 +15,28 @@ namespace td { template -void store(SecureFile file, StorerT &storer) { +void store(EncryptedSecureFile file, StorerT &storer) { store(file.file_id, storer); store(file.file_hash, storer); store(file.encrypted_secret, storer); } template -void parse(SecureFile &file, ParserT &parser) { +void parse(EncryptedSecureFile &file, ParserT &parser) { parse(file.file_id, parser); parse(file.file_hash, parser); parse(file.encrypted_secret, parser); } template -void store(const SecureData &data, StorerT &storer) { +void store(const EncryptedSecureData &data, StorerT &storer) { store(data.data, storer); store(data.hash, storer); store(data.encrypted_secret, storer); } template -void parse(SecureData &data, ParserT &parser) { +void parse(EncryptedSecureData &data, ParserT &parser) { parse(data.data, parser); parse(data.hash, parser); parse(data.encrypted_secret, parser);