You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by rn...@apache.org on 2022/05/06 18:03:51 UTC
[couchdb] branch aegis_3.x updated: canary value to detect encryption
This is an automated email from the ASF dual-hosted git repository.
rnewson pushed a commit to branch aegis_3.x
in repository https://gitbox.apache.org/repos/asf/couchdb.git
The following commit(s) were added to refs/heads/aegis_3.x by this push:
new b23a1d39b canary value to detect encryption
b23a1d39b is described below
commit b23a1d39bc68f94202bc0fa4a2a607ef66554420
Author: Robert Newson <rn...@apache.org>
AuthorDate: Fri May 6 19:01:40 2022 +0100
canary value to detect encryption
---
src/couch/src/couch_file.erl | 26 +++++++++++++++++---------
1 file changed, 17 insertions(+), 9 deletions(-)
diff --git a/src/couch/src/couch_file.erl b/src/couch/src/couch_file.erl
index 68c716a47..c194e6efe 100644
--- a/src/couch/src/couch_file.erl
+++ b/src/couch/src/couch_file.erl
@@ -23,6 +23,7 @@
-define(IS_OLD_STATE(S), is_pid(S#file.db_monitor)).
-define(PREFIX_SIZE, 5).
-define(DEFAULT_READ_COUNT, 1024).
+-define(ENCRYPTED_HEADER, 0,1,2,3,4,5,6,7).
-type block_id() :: non_neg_integer().
-type location() :: non_neg_integer().
@@ -932,23 +933,30 @@ reset_eof(#file{} = File) ->
init_key(#file{eof = 0} = File) ->
Key = crypto:strong_rand_bytes(32),
WrappedKey = couch_keywrap:key_wrap(?AES_MASTER_KEY, Key),
- ok = file:write(File#file.fd, WrappedKey),
+ Header = <<?ENCRYPTED_HEADER, WrappedKey/binary>>,
+ ok = file:write(File#file.fd, Header),
ok = file:sync(File#file.fd),
- {ok, File#file{eof = iolist_size(WrappedKey), key = Key}};
+ {ok, File#file{eof = iolist_size(Header), key = Key}};
%% we're opening an existing file and need to unwrap the key.
init_key(#file{key = undefined} = File) ->
- {ok, WrappedKey} = file:pread(File#file.fd, 0, 40),
- case couch_keywrap:key_unwrap(?AES_MASTER_KEY, WrappedKey) of
- fail ->
- {ok, File#file{key = unencrypted}};
- Key when is_binary(Key) ->
- {ok, File#file{key = Key}}
+ case file:pread(File#file.fd, 0, 48) of
+ {ok, <<?ENCRYPTED_HEADER, WrappedKey/binary>>} ->
+ case couch_keywrap:key_unwrap(?AES_MASTER_KEY, WrappedKey) of
+ fail ->
+ {error, unwrap_failed};
+ Key when is_binary(Key) ->
+ {ok, File#file{key = Key}}
+ end;
+ {ok, _} ->
+ {ok, File#file{key = unencrypted}};
+ Else ->
+ Else
end;
%% we're opening an existing file that contains a wrapped key
%% which we've already unwrapped.
-init_key(#file{eof = Eof, key = Key} = File) when Eof > 40, is_binary(Key) ->
+init_key(#file{eof = Eof, key = Key} = File) when Eof > 48, is_binary(Key) ->
{ok, File}.