vlc | branch: master | Thomas Guillem <[email protected]> | Thu Feb 25 14:23:16 2016 +0100| [4df30d8af97dc7a00c2c718996c0997024ee8b9b] | committer: Thomas Guillem
keystore/file: add a crypt submodule This module store credentials and crypted secrets on a file. The internal crypt API needs to be implemented. > http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=4df30d8af97dc7a00c2c718996c0997024ee8b9b --- modules/keystore/Makefile.am | 1 + modules/keystore/file.c | 100 ++++++++++++++++++++++++++++++++++++++++- modules/keystore/file_crypt.h | 39 ++++++++++++++++ 3 files changed, 138 insertions(+), 2 deletions(-) diff --git a/modules/keystore/Makefile.am b/modules/keystore/Makefile.am index 3db4d66..6a4858d 100644 --- a/modules/keystore/Makefile.am +++ b/modules/keystore/Makefile.am @@ -5,6 +5,7 @@ libmemory_keystore_plugin_la_SOURCES = keystore/memory.c \ keystore_LTLIBRARIES = libmemory_keystore_plugin.la libfile_keystore_plugin_la_SOURCES = keystore/file.c \ + keystore/file_crypt.h \ keystore/list_util.c keystore/list_util.h keystore_LTLIBRARIES += libfile_keystore_plugin.la diff --git a/modules/keystore/file.c b/modules/keystore/file.c index 1c65457..381ec87 100644 --- a/modules/keystore/file.c +++ b/modules/keystore/file.c @@ -37,10 +37,15 @@ #include <assert.h> +#include "file_crypt.h" #include "list_util.h" static int Open(vlc_object_t *); static void Close(vlc_object_t *); +#ifdef CRYPTFILE +static int OpenCrypt(vlc_object_t *); +static void CloseCrypt(vlc_object_t *); +#endif vlc_module_begin() set_shortname(N_("file keystore (plaintext)")) @@ -51,11 +56,25 @@ vlc_module_begin() add_string("keystore-file", NULL, NULL, NULL, true) set_capability("keystore", 0) add_shortcut("file_plaintext") +#ifdef CRYPTFILE + add_submodule() + set_shortname(N_("crypt keystore")) + set_description(N_("secrets are stored encrypted on a file")) + set_category(CAT_ADVANCED) + set_subcategory(SUBCAT_ADVANCED_MISC) + set_callbacks(OpenCrypt, CloseCrypt) + set_capability("keystore", 1) + add_shortcut("file_crypt") +#endif vlc_module_end () struct vlc_keystore_sys { char * psz_file; +#ifdef CRYPTFILE + bool b_crypted; + struct crypt crypt; +#endif }; static const char *const ppsz_keys[] = { @@ -303,8 +322,29 @@ Store(vlc_keystore *p_keystore, const char *const ppsz_values[KEY_MAX], if (ks_values_copy((const char **)p_entry->ppsz_values, ppsz_values)) goto end; - if (vlc_keystore_entry_set_secret(p_entry, p_secret, i_secret_len)) - goto end; +#ifdef CRYPTFILE + if (p_sys->b_crypted) + { + struct crypt *p_crypt = &p_sys->crypt; + uint8_t *p_enc_secret; + size_t i_enc_secret_len = + p_crypt->pf_encrypt(p_keystore, p_crypt->p_ctx, p_secret, + i_secret_len, &p_enc_secret); + if (i_enc_secret_len == 0) + goto end; + + if (vlc_keystore_entry_set_secret(p_entry, p_enc_secret, + i_enc_secret_len)) + goto end; + free(p_enc_secret); + } + else +#endif + { + if (vlc_keystore_entry_set_secret(p_entry, p_secret, i_secret_len)) + goto end; + } + i_ret = file_save(p_keystore, p_file, i_fd, &list); @@ -343,6 +383,26 @@ Find(vlc_keystore *p_keystore, const char *const ppsz_values[KEY_MAX], goto end; } +#ifdef CRYPTFILE + if (p_sys->b_crypted) + { + struct crypt *p_crypt = &p_sys->crypt; + uint8_t *p_dec_secret; + size_t i_dec_secret_len = + p_crypt->pf_decrypt(p_keystore, p_crypt->p_ctx, p_entry->p_secret, + p_entry->i_secret_len, &p_dec_secret); + if (i_dec_secret_len == 0) + { + ks_list_free(&out_list); + goto end; + } + + free(p_entry->p_secret); + p_entry->p_secret = p_dec_secret; + p_entry->i_secret_len = i_dec_secret_len; + } +#endif + if (vlc_keystore_entry_set_secret(p_out_entry, p_entry->p_secret, p_entry->i_secret_len)) { @@ -445,3 +505,39 @@ Open(vlc_object_t *p_this) return VLC_SUCCESS; } + +#ifdef CRYPTFILE +static void +CloseCrypt(vlc_object_t *p_this) +{ + vlc_keystore *p_keystore = (vlc_keystore *)p_this; + struct crypt *p_crypt = &p_keystore->p_sys->crypt; + + if (p_crypt->pf_clean != NULL) + p_crypt->pf_clean(p_keystore, p_crypt->p_ctx); + + Close(p_this); +} + +static int +OpenCrypt(vlc_object_t *p_this) +{ + int i_ret = Open(p_this); + + if (i_ret != VLC_SUCCESS) + return i_ret; + + vlc_keystore *p_keystore = (vlc_keystore *)p_this; + vlc_keystore_sys *p_sys = p_keystore->p_sys; + + if (CryptInit(p_keystore, &p_sys->crypt) != VLC_SUCCESS) + { + Close(p_this); + return VLC_EGENERIC; + } + assert(p_sys->crypt.pf_encrypt != NULL && p_sys->crypt.pf_decrypt != NULL); + p_sys->b_crypted = true; + + return VLC_SUCCESS; +} +#endif /* CRYPTFILE */ diff --git a/modules/keystore/file_crypt.h b/modules/keystore/file_crypt.h new file mode 100644 index 0000000..2ba4aad --- /dev/null +++ b/modules/keystore/file_crypt.h @@ -0,0 +1,39 @@ +/***************************************************************************** + * file_crypt.h: Crypt extension of the keystore memory module + ***************************************************************************** + * Copyright © 2016 VLC authors, VideoLAN and VideoLabs + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA. + *****************************************************************************/ + +#if 0 +#if defined(__ANDROID__) || defined(_WIN32) +# define CRYPTFILE +#endif +#endif + +#ifdef CRYPTFILE + +struct crypt +{ + void * p_ctx; + size_t (*pf_encrypt)(vlc_keystore *, void *, const uint8_t *, size_t, uint8_t **); + size_t (*pf_decrypt)(vlc_keystore *, void *, const uint8_t *, size_t, uint8_t **); + void (*pf_clean)(vlc_keystore *, void *); +}; + +int CryptInit(vlc_keystore *, struct crypt *); + +#endif _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
