forked from Archive/PX4-Autopilot
Add a header to logfile encryption key exchange file
Signed-off-by: Jukka Laitinen <jukkax@ssrc.tii.ae>
This commit is contained in:
parent
9a4ef709ca
commit
6cae4c92e7
|
@ -29,8 +29,26 @@ if __name__ == "__main__":
|
||||||
|
|
||||||
# Read the encrypted xchacha key and the nonce
|
# Read the encrypted xchacha key and the nonce
|
||||||
with open(args.ulog_key, 'rb') as f:
|
with open(args.ulog_key, 'rb') as f:
|
||||||
ulog_key_cipher = f.read(256)
|
ulog_key_header = f.read(22)
|
||||||
nonce = f.read(24)
|
|
||||||
|
# Parse the header
|
||||||
|
try:
|
||||||
|
# magic
|
||||||
|
if not ulog_key_header.startswith(bytearray("ULogKey".encode())):
|
||||||
|
raise Exception()
|
||||||
|
# version
|
||||||
|
if ulog_key_header[7] != 1:
|
||||||
|
raise Exception()
|
||||||
|
# expected key exchange algorithm (RSA_OAEP)
|
||||||
|
if ulog_key_header[16] != 4:
|
||||||
|
raise Exception()
|
||||||
|
key_size = ulog_key_header[19] << 8 | ulog_key_header[18];
|
||||||
|
nonce_size = ulog_key_header[21] << 8 | ulog_key_header[20];
|
||||||
|
ulog_key_cipher = f.read(key_size)
|
||||||
|
nonce = f.read(nonce_size)
|
||||||
|
except:
|
||||||
|
print("Keyfile format error")
|
||||||
|
sys.exit(1);
|
||||||
|
|
||||||
# Decrypt the xchacha key
|
# Decrypt the xchacha key
|
||||||
cipher_rsa = PKCS1_OAEP.new(r,SHA256)
|
cipher_rsa = PKCS1_OAEP.new(r,SHA256)
|
||||||
|
|
|
@ -175,7 +175,24 @@ bool LogWriterFile::init_logfile_encryption(const char *filename)
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t written = ::write(key_fd, key, key_size + nonce_size);
|
// write the header to the key exchange file
|
||||||
|
struct ulog_key_header_s keyfile_header = {
|
||||||
|
.magic = {'U', 'L', 'o', 'g', 'K', 'e', 'y'},
|
||||||
|
.hdr_ver = 1,
|
||||||
|
.timestamp = hrt_absolute_time(),
|
||||||
|
.exchange_algorithm = CRYPTO_RSA_OAEP,
|
||||||
|
.exchange_key = _exchange_key_idx,
|
||||||
|
.key_size = (uint16_t)key_size,
|
||||||
|
.initdata_size = (uint16_t)nonce_size
|
||||||
|
};
|
||||||
|
|
||||||
|
size_t hdr_sz = ::write(key_fd, (uint8_t *)&keyfile_header, sizeof(keyfile_header));
|
||||||
|
size_t written = 0;
|
||||||
|
|
||||||
|
if (hdr_sz == sizeof(keyfile_header)) {
|
||||||
|
// Header write succeeded, write the key
|
||||||
|
written = ::write(key_fd, key, key_size + nonce_size);
|
||||||
|
}
|
||||||
|
|
||||||
// Free temporary memory allocations
|
// Free temporary memory allocations
|
||||||
free(key);
|
free(key);
|
||||||
|
|
|
@ -61,6 +61,33 @@ struct ulog_file_header_s {
|
||||||
uint64_t timestamp;
|
uint64_t timestamp;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/** first bytes of the crypto key file */
|
||||||
|
struct ulog_key_header_s {
|
||||||
|
/* magic identifying the file content */
|
||||||
|
uint8_t magic[7];
|
||||||
|
|
||||||
|
/* version of this header file */
|
||||||
|
uint8_t hdr_ver;
|
||||||
|
|
||||||
|
/* file creation timestamp */
|
||||||
|
uint64_t timestamp;
|
||||||
|
|
||||||
|
/* crypto algorithm used for key exchange */
|
||||||
|
uint8_t exchange_algorithm;
|
||||||
|
|
||||||
|
/* encryption key index used for key exchange */
|
||||||
|
uint8_t exchange_key;
|
||||||
|
|
||||||
|
/* size of the key */
|
||||||
|
uint16_t key_size;
|
||||||
|
|
||||||
|
/* size of logfile crypto algoritm initialization data, e.g. nonce */
|
||||||
|
uint16_t initdata_size;
|
||||||
|
|
||||||
|
/* actual data (initdata+key) */
|
||||||
|
uint8_t data[0];
|
||||||
|
};
|
||||||
|
|
||||||
#define ULOG_MSG_HEADER_LEN 3 //accounts for msg_size and msg_type
|
#define ULOG_MSG_HEADER_LEN 3 //accounts for msg_size and msg_type
|
||||||
struct ulog_message_header_s {
|
struct ulog_message_header_s {
|
||||||
uint16_t msg_size;
|
uint16_t msg_size;
|
||||||
|
|
Loading…
Reference in New Issue