diff options
| author | Per Larsson <[email protected]> | 2022-02-03 13:32:27 +0100 |
|---|---|---|
| committer | Per Larsson <[email protected]> | 2022-02-03 13:32:27 +0100 |
| commit | 1bf13f3c7ac64d44e13de0dcaf51036640232c8f (patch) | |
| tree | a66a643a6d81cb707eec56f87dda4e0fd893cce2 /zenserver/auth/authmgr.cpp | |
| parent | Encrypt serialized auth state. (diff) | |
| download | zen-1bf13f3c7ac64d44e13de0dcaf51036640232c8f.tar.xz zen-1bf13f3c7ac64d44e13de0dcaf51036640232c8f.zip | |
Added AES encryption key/IV cli options.
Diffstat (limited to 'zenserver/auth/authmgr.cpp')
| -rw-r--r-- | zenserver/auth/authmgr.cpp | 31 |
1 files changed, 20 insertions, 11 deletions
diff --git a/zenserver/auth/authmgr.cpp b/zenserver/auth/authmgr.cpp index f61e4acd7..fa5e0d753 100644 --- a/zenserver/auth/authmgr.cpp +++ b/zenserver/auth/authmgr.cpp @@ -23,9 +23,6 @@ namespace zen { using namespace std::literals; namespace details { - const std::string_view DefaultPrivateKey = "HeyThisIsNotAGoodPrivateKeyToUse"sv; - const std::string_view DefaultIV = "DefaultInitVecto"sv; - IoBuffer ReadEncryptedFile(std::filesystem::path Path, MemoryView EncryptionKey, MemoryView IV) { FileContents Result = ReadFile(Path); @@ -79,6 +76,16 @@ namespace details { } } // namespace details +AuthEncryptionKey +AuthEncryptionKey::Default() +{ + const std::string_view DefaultKey = "HeyThisIsNotAGoodPrivateKeyToUse"sv; + const std::string_view DefaultIV = "DefaultInitVecto"sv; + + return {.Key = IoBufferBuilder::MakeCloneFromMemory(MakeMemoryView(DefaultKey)), + .IV = IoBufferBuilder::MakeCloneFromMemory(MakeMemoryView(DefaultIV))}; +} + class AuthMgrImpl final : public AuthMgr { using Clock = std::chrono::system_clock; @@ -88,6 +95,12 @@ class AuthMgrImpl final : public AuthMgr public: AuthMgrImpl(const AuthConfig& Config) : m_Config(Config), m_Log(logging::Get("auth")) { + if (!m_Config.EncryptionKey.Key || !m_Config.EncryptionKey.IV) + { + ZEN_WARN("using default encryption key"); + m_Config.EncryptionKey = AuthEncryptionKey::Default(); + } + LoadState(); m_BackgroundThread.Interval = Config.UpdateInterval; @@ -235,9 +248,8 @@ private: { try { - IoBuffer Buffer = details::ReadEncryptedFile(m_Config.RootDirectory / "authstate"sv, - MakeMemoryView(details::DefaultPrivateKey), - MakeMemoryView(details::DefaultIV)); + IoBuffer Buffer = + details::ReadEncryptedFile(m_Config.RootDirectory / "authstate"sv, m_Config.EncryptionKey.Key, m_Config.EncryptionKey.IV); if (Buffer.GetSize() == 0) { @@ -340,13 +352,10 @@ private: std::filesystem::create_directories(m_Config.RootDirectory); - MemoryView EncryptionKey = MakeMemoryView(details::DefaultPrivateKey); - MemoryView IV = MakeMemoryView(details::DefaultIV); - const uint64_t ByteCount = details::WriteEncryptedFile(m_Config.RootDirectory / "authstate"sv, AuthState.Save().GetBuffer().AsIoBuffer(), - EncryptionKey, - IV); + m_Config.EncryptionKey.Key, + m_Config.EncryptionKey.IV); if (ByteCount == 0) { |