Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable clients with capability to set the encryption key of a resource data group #274

Draft
wants to merge 1 commit into
base: develop
Choose a base branch
from
Draft

Enable clients with capability to set the encryption key of a resource data group #274

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions AutomaticComponentToolkit/lib3mf.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1346,6 +1346,7 @@
<param name="Count" type="uint64" pass="return" description="The number of resource data available"/>
</method>
<method name="AddResourceDataGroup" description="Adds a resource data group into the keystore.">
<param name="ContentEncryptionKey" type="basicarray" class="uint8" pass="in" description="The (optional) encryption key that will be used to encrypt all resource datas in this group" />
<param name="ResourceDataGroup" type="class" class="ResourceDataGroup" pass="return" description="The resource data group instance"/>
</method>
<method name="GetResourceDataGroup" description="Gets a resource data group">
Expand Down
2 changes: 1 addition & 1 deletion Include/API/lib3mf_keystore.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ namespace Lib3MF {

virtual IResourceDataGroup * GetResourceDataGroup(const Lib3MF_uint64 nResourceDataIndex) override;

virtual IResourceDataGroup * AddResourceDataGroup() override;
virtual IResourceDataGroup * AddResourceDataGroup(const Lib3MF_uint64 nContentEncryptionKeyBufferSize, const Lib3MF_uint8 * pContentEncryptionKeyBuffer) override;

virtual void RemoveResourceDataGroup(IResourceDataGroup * pTheResourceDataGroup) override;

Expand Down
15 changes: 11 additions & 4 deletions Source/API/lib3mf_keystore.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,13 +86,20 @@ IResourceDataGroup * Lib3MF::Impl::CKeyStore::GetResourceDataGroup(const Lib3MF_
return new CResourceDataGroup(dg);
}

IResourceDataGroup * Lib3MF::Impl::CKeyStore::AddResourceDataGroup() {
IResourceDataGroup * Lib3MF::Impl::CKeyStore::AddResourceDataGroup(const Lib3MF_uint64 nContentEncryptionKeyBufferSize, const Lib3MF_uint8 * pContentEncryptionKeyBuffer) {
//this is not ideal, as key size is determined by the encryptionalgorithm inside resourcedata.
//in any case, the spec does not state what happens if different resource datas have different algorithms,
//but resourcedatagroups are supposed to group the same key for a group of resources...
//in any case, the spec does not state what happens if different resource datas have different algorithms.
//resourcedatagroups are supposed to group the same key for resourcedatas.
//at resource data, we should assert key size maches the algorithm chosen.
//so far, this should work as aes256 is the only thing we support.
std::vector<NMR::nfByte> key(NMR::fnGetAlgorithmKeySize(NMR::eKeyStoreEncryptAlgorithm::AES256_GCM), 0);
m_pModel->generateRandomBytes(key.data(), key.size());
if (nContentEncryptionKeyBufferSize == 0) {
m_pModel->generateRandomBytes(key.data(), key.size());
} else if ((key.size() != nContentEncryptionKeyBufferSize) || (nullptr == pContentEncryptionKeyBuffer)) {
throw ELib3MFInterfaceException(LIB3MF_ERROR_INVALIDPARAM);
} else {
std::copy(pContentEncryptionKeyBuffer, pContentEncryptionKeyBuffer + nContentEncryptionKeyBufferSize, key.data());
}
NMR::PKeyStoreResourceDataGroup dg = NMR::CKeyStoreFactory::makeResourceDataGroup(std::make_shared<NMR::CUUID>(), key);
m_pKeyStore->addResourceDataGroup(dg);
return new CResourceDataGroup(dg);
Expand Down
4 changes: 2 additions & 2 deletions Tests/CPP_Bindings/Source/EncryptionMethods.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ namespace Lib3MF {
ASSERT_NE(nullptr, meshObj);
auto keyStore = modelToCrpt->GetKeyStore();
auto consumer = keyStore->AddConsumer("LIB3MF#TEST", "contentKey", publicKey);
auto rdGroup = keyStore->AddResourceDataGroup();
auto rdGroup = keyStore->AddResourceDataGroup(ByteVector());
rdGroup->AddAccessRight(consumer.get(),
eWrappingAlgorithm::RSA_OAEP,
eMgfAlgorithm::MGF1_SHA1,
Expand Down Expand Up @@ -203,7 +203,7 @@ namespace Lib3MF {
Lib3MF::PConsumer consumer = keyStore->AddConsumer(consumerId, keyId, keyValue);

//add a resource data group
Lib3MF::PResourceDataGroup dataGroup = keyStore->AddResourceDataGroup();
Lib3MF::PResourceDataGroup dataGroup = keyStore->AddResourceDataGroup(ByteVector());

//establish consumer access to the datagroup
Lib3MF::PAccessRight accessRight = dataGroup->AddAccessRight(
Expand Down
8 changes: 4 additions & 4 deletions Tests/CPP_Bindings/Source/SecureContent.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -188,7 +188,7 @@ namespace Lib3MF {
ASSERT_NE(nullptr, meshObj);
auto keyStore = modelToCrpt->GetKeyStore();
auto consumer = keyStore->AddConsumer("LIB3MF#TEST", "contentKey", publicKey);
auto rdGroup = keyStore->AddResourceDataGroup();
auto rdGroup = keyStore->AddResourceDataGroup(std::vector<Lib3MF_uint8>());
rdGroup->AddAccessRight(consumer.get(),
eWrappingAlgorithm::RSA_OAEP,
eMgfAlgorithm::MGF1_SHA1,
Expand Down Expand Up @@ -296,7 +296,7 @@ namespace Lib3MF {
std::string path1 = "/3D/nonrootmodel1.model";
auto part1 = model->FindOrCreatePackagePart(path1);

auto dataGroup = keyStore->AddResourceDataGroup();
auto dataGroup = keyStore->AddResourceDataGroup(std::vector<Lib3MF_uint8>());

std::string dguuid = dataGroup->GetKeyUUID();
ASSERT_FALSE(dguuid.empty());
Expand All @@ -321,14 +321,14 @@ namespace Lib3MF {
std::string path1 = "/3D/nonrootmodel1.model";
auto part1 = model->FindOrCreatePackagePart(path1);

auto dataGroup1 = keyStore->AddResourceDataGroup();
auto dataGroup1 = keyStore->AddResourceDataGroup(std::vector<Lib3MF_uint8>());

keyStore->AddResourceData(dataGroup1.get(), part1.get(), Lib3MF::eEncryptionAlgorithm::AES256_GCM, Lib3MF::eCompression::Deflate, std::vector<Lib3MF_uint8>());

std::string path2 = "/3D/nonrootmodel2.model";
auto part2 = model->FindOrCreatePackagePart(path2);

auto dataGroup2 = keyStore->AddResourceDataGroup();
auto dataGroup2 = keyStore->AddResourceDataGroup(std::vector<Lib3MF_uint8>());

keyStore->AddResourceData(dataGroup2.get(), part2.get(), Lib3MF::eEncryptionAlgorithm::AES256_GCM, Lib3MF::eCompression::Deflate, std::vector<Lib3MF_uint8>());

Expand Down