Skip to content

Commit

Permalink
Do not call exit in library code
Browse files Browse the repository at this point in the history
Check for a failure in all callers.

Signed-off-by: Christian Göttsche <[email protected]>
  • Loading branch information
cgzones committed Nov 28, 2024
1 parent 32cff0c commit ec49428
Show file tree
Hide file tree
Showing 3 changed files with 26 additions and 9 deletions.
18 changes: 11 additions & 7 deletions src/libsync/clientsideencryption.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -703,41 +703,41 @@ QByteArray encryptStringAsymmetric(EVP_PKEY *publicKey, const QByteArray& data)
auto ctx = PKeyCtx::forKey(publicKey, ENGINE_get_default_RSA());
if (!ctx) {
qCInfo(lcCse()) << "Could not initialize the pkey context.";
exit(1);
return {};
}

if (EVP_PKEY_encrypt_init(ctx) != 1) {
qCInfo(lcCse()) << "Error initilaizing the encryption.";
exit(1);
return {};
}

if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) {
qCInfo(lcCse()) << "Error setting the encryption padding.";
exit(1);
return {};
}

if (EVP_PKEY_CTX_set_rsa_oaep_md(ctx, EVP_sha256()) <= 0) {
qCInfo(lcCse()) << "Error setting OAEP SHA 256";
exit(1);
return {};
}

if (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, EVP_sha256()) <= 0) {
qCInfo(lcCse()) << "Error setting MGF1 padding";
exit(1);
return {};
}

size_t outLen = 0;
if (EVP_PKEY_encrypt(ctx, nullptr, &outLen, (unsigned char *)data.constData(), data.size()) != 1) {
qCInfo(lcCse()) << "Error retrieving the size of the encrypted data";
exit(1);
return {};
} else {
qCInfo(lcCse()) << "Encryption Length:" << outLen;
}

QByteArray out(static_cast<int>(outLen), '\0');
if (EVP_PKEY_encrypt(ctx, unsignedData(out), &outLen, (unsigned char *)data.constData(), data.size()) != 1) {
qCInfo(lcCse()) << "Could not encrypt key." << err;
exit(1);
return {};
}

qCInfo(lcCse()) << out.toBase64();
Expand Down Expand Up @@ -816,6 +816,10 @@ bool ClientSideEncryption::checkPublicKeyValidity(const AccountPtr &account) con
auto publicKey = PKey::readPublicKey(publicKeyBio);

auto encryptedData = EncryptionHelper::encryptStringAsymmetric(publicKey, data.toBase64());
if (encryptedData.isEmpty()) {
qCInfo(lcCse()) << "encryption failed";
return false;
}

Bio privateKeyBio;
QByteArray privateKeyPem = account->e2e()->_privateKey;
Expand Down
4 changes: 3 additions & 1 deletion src/libsync/clientsideencryptionjobs.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -366,7 +366,9 @@ bool LockEncryptFolderApiJob::finished()

if (!_publicKey.isNull()) {
const auto folderTokenEncrypted = EncryptionHelper::encryptStringAsymmetric(_publicKey, token);
_journalDb->setE2EeLockedFolder(_fileId, folderTokenEncrypted);
if (!folderTokenEncrypted.isEmpty()) {
_journalDb->setE2EeLockedFolder(_fileId, folderTokenEncrypted);
}
}

//TODO: Parse the token and submit.
Expand Down
13 changes: 12 additions & 1 deletion src/libsync/foldermetadata.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -704,6 +704,11 @@ QByteArray FolderMetadata::encryptedMetadataLegacy()
const auto version = _account->capabilities().clientSideEncryptionVersion();
// multiple toBase64() just to keep with the old (wrong way)
const auto encryptedMetadataKey = encryptDataWithPublicKey(metadataKeyForEncryption().toBase64().toBase64(), _account->e2e()->_publicKey).toBase64();
if (encryptedMetadataKey.isEmpty()) {
qCDebug(lcCseMetadata) << "Metadata generation failed! Encryption failed!";
_account->reportClientStatus(OCC::ClientStatusReportingStatus::E2EeError_GeneralError);
return {};
}
const QJsonObject metadata{
{versionKey, version},
{metadataKeyKey, QJsonValue::fromVariant(encryptedMetadataKey)},
Expand Down Expand Up @@ -1049,10 +1054,16 @@ bool FolderMetadata::addUser(const QString &userId, const QSslCertificate &certi
}

createNewMetadataKeyForEncryption();
const auto encryptedKey = encryptDataWithPublicKey(metadataKeyForEncryption(), certificatePublicKey);
if (encryptedKey.isEmpty()) {
qCWarning(lcCseMetadata()) << "Could not add a folder user. Encryption failure.";
return false;
}

UserWithFolderAccess newFolderUser;
newFolderUser.userId = userId;
newFolderUser.certificatePem = certificate.toPem();
newFolderUser.encryptedMetadataKey = encryptDataWithPublicKey(metadataKeyForEncryption(), certificatePublicKey);
newFolderUser.encryptedMetadataKey = encryptedKey;
_folderUsers[userId] = newFolderUser;
updateUsersEncryptedMetadataKey();

Expand Down

0 comments on commit ec49428

Please sign in to comment.