From b4b3e422de0f7367edfdc4b3fe9074225e3a175f Mon Sep 17 00:00:00 2001 From: Tomaz Canabrava Date: Tue, 27 Mar 2018 09:18:54 +0200 Subject: [PATCH] Handle gracefully failures in file decryption --- src/libsync/clientsideencryption.cpp | 19 ++++++++++--------- src/libsync/clientsideencryption.h | 2 +- src/libsync/propagatedownloadencrypted.cpp | 2 +- 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/src/libsync/clientsideencryption.cpp b/src/libsync/clientsideencryption.cpp index 0f9b7e678..904fe7f5b 100644 --- a/src/libsync/clientsideencryption.cpp +++ b/src/libsync/clientsideencryption.cpp @@ -1440,7 +1440,7 @@ bool EncryptionHelper::fileEncryption(const QByteArray &key, const QByteArray &i return true; } -void EncryptionHelper::fileDecryption(const QByteArray &key, const QByteArray& iv, +bool EncryptionHelper::fileDecryption(const QByteArray &key, const QByteArray& iv, QFile *input, QFile *output) { input->open(QIODevice::ReadOnly); @@ -1452,13 +1452,13 @@ void EncryptionHelper::fileDecryption(const QByteArray &key, const QByteArray& i /* Create and initialise the context */ if(!(ctx = EVP_CIPHER_CTX_new())) { qCInfo(lcCse()) << "Could not create context"; - exit(-1); + return false; } /* Initialise the decryption operation. */ if(!EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL)) { qCInfo(lcCse()) << "Could not init cipher"; - exit(-1); + return false; } EVP_CIPHER_CTX_set_padding(ctx, 0); @@ -1466,13 +1466,13 @@ void EncryptionHelper::fileDecryption(const QByteArray &key, const QByteArray& i /* Set IV length. */ if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, iv.size(), NULL)) { qCInfo(lcCse()) << "Could not set iv length"; - exit(-1); + return false; } /* Initialise key and IV */ if(!EVP_DecryptInit_ex(ctx, NULL, NULL, (const unsigned char *) key.constData(), (const unsigned char *) iv.constData())) { qCInfo(lcCse()) << "Could not set key and iv"; - exit(-1); + return false; } qint64 size = input->size() - 16; @@ -1491,12 +1491,12 @@ void EncryptionHelper::fileDecryption(const QByteArray &key, const QByteArray& i if (data.size() == 0) { qCInfo(lcCse()) << "Could not read data from file"; - exit(-1); + return false; } if(!EVP_DecryptUpdate(ctx, out, &len, (unsigned char *)data.constData(), data.size())) { qCInfo(lcCse()) << "Could not decrypt"; - exit(-1); + return false; } output->write((char *)out, len); @@ -1507,12 +1507,12 @@ void EncryptionHelper::fileDecryption(const QByteArray &key, const QByteArray& i /* Set expected tag value. Works in OpenSSL 1.0.1d and later */ if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, tag.size(), (unsigned char *)tag.constData())) { qCInfo(lcCse()) << "Could not set expected tag"; - exit(-1); + return false; } if(1 != EVP_DecryptFinal_ex(ctx, out, &len)) { qCInfo(lcCse()) << "Could finalize decryption"; - exit(-1); + return false; } output->write((char *)out, len); @@ -1521,6 +1521,7 @@ void EncryptionHelper::fileDecryption(const QByteArray &key, const QByteArray& i input->close(); output->close(); + return true; } } diff --git a/src/libsync/clientsideencryption.h b/src/libsync/clientsideencryption.h index b2eb903f3..b5087d5d5 100644 --- a/src/libsync/clientsideencryption.h +++ b/src/libsync/clientsideencryption.h @@ -63,7 +63,7 @@ namespace EncryptionHelper { bool fileEncryption(const QByteArray &key, const QByteArray &iv, QFile *input, QFile *output, QByteArray& returnTag); - void fileDecryption(const QByteArray &key, const QByteArray& iv, + bool fileDecryption(const QByteArray &key, const QByteArray& iv, QFile *input, QFile *output); } diff --git a/src/libsync/propagatedownloadencrypted.cpp b/src/libsync/propagatedownloadencrypted.cpp index 815b56cef..b07dec6fa 100644 --- a/src/libsync/propagatedownloadencrypted.cpp +++ b/src/libsync/propagatedownloadencrypted.cpp @@ -101,7 +101,7 @@ bool PropagateDownloadEncrypted::decryptFile(QFile& tmpFile) tmpFile.close(); QFile _tmpOutput(_propagator->getFilePath(tmpFileName), this); - EncryptionHelper::fileDecryption(_encryptedInfo.encryptionKey, + bool fileDecrypted = EncryptionHelper::fileDecryption(_encryptedInfo.encryptionKey, _encryptedInfo.initializationVector, &tmpFile, &_tmpOutput);