Moved masterkey export method from Cryptor to Masterkey (where it belongs), made scryptCostParam parametrizable for speedy test

Author: tobihagemann

CryptoLib/Cryptor.swift

@@ -54,10 +54,6 @@ struct FileHeader {
 }
 
 public class Cryptor {
-	static let defaultScryptSaltSize = 8
-	static let defaultScryptCostParam = 1 << 15 // 2^15
-	static let defaultScryptBlockSize = 8
-
 	static let fileHeaderLegacyPayloadSize = 8
 	static let fileHeaderSize = kCCBlockSizeAES128 + fileHeaderLegacyPayloadSize + kCCKeySizeAES256 + Int(CC_SHA256_DIGEST_LENGTH)
 	static let cleartextChunkSize = 32 * 1024
@@ -75,33 +71,6 @@ public class Cryptor {
 		self.init(masterkey: masterkey, cryptoSupport: CryptoSupport())
 	}
 
-	// MARK: - Masterkey Encoding
-
-	public func encodeMasterkeyJson(password: String, pepper: [UInt8] = [UInt8]()) throws -> Data {
-		let pw = [UInt8](password.precomposedStringWithCanonicalMapping.utf8)
-		let salt = try cryptoSupport.createRandomBytes(size: Cryptor.defaultScryptSaltSize)
-		let saltAndPepper = salt + pepper
-		let kek = try Scrypt(password: pw, salt: saltAndPepper, dkLen: kCCKeySizeAES256, N: Cryptor.defaultScryptCostParam, r: Cryptor.defaultScryptBlockSize, p: 1).calculate()
-
-		let wrappedMasterKey = try Masterkey.wrapMasterKey(rawKey: masterkey.aesMasterKey, kek: kek)
-		let wrappedHmacKey = try Masterkey.wrapMasterKey(rawKey: masterkey.macMasterKey, kek: kek)
-
-		var versionMac = [UInt8](repeating: 0x00, count: Int(CC_SHA256_DIGEST_LENGTH))
-		let versionBytes = withUnsafeBytes(of: UInt32(masterkey.version).bigEndian, Array.init)
-		CCHmac(CCHmacAlgorithm(kCCHmacAlgSHA256), masterkey.macMasterKey, masterkey.macMasterKey.count, versionBytes, versionBytes.count, &versionMac)
-
-		let masterkeyJson = MasterkeyJson(
-			scryptSalt: Data(salt).base64EncodedString(),
-			scryptCostParam: Cryptor.defaultScryptCostParam,
-			scryptBlockSize: Cryptor.defaultScryptBlockSize,
-			primaryMasterKey: Data(wrappedMasterKey).base64EncodedString(),
-			hmacMasterKey: Data(wrappedHmacKey).base64EncodedString(),
-			versionMac: Data(versionMac).base64EncodedString(),
-			version: masterkey.version
-		)
-		return try JSONEncoder().encode(masterkeyJson)
-	}
-
 	// MARK: - Path Encryption and Decryption
 
 	public func encryptDirId(_ dirId: Data) throws -> String {

CryptoLib/Masterkey.swift

@@ -28,6 +28,10 @@ enum MasterkeyError: Error, Equatable {
 }
 
 public class Masterkey {
+	static let defaultScryptSaltSize = 8
+	static let defaultScryptCostParam = 1 << 15 // 2^15
+	static let defaultScryptBlockSize = 8
+
 	private(set) var aesMasterKey: [UInt8]
 	private(set) var macMasterKey: [UInt8]
 	public let version: Int
@@ -47,7 +51,7 @@ public class Masterkey {
 		}
 	}
 
-	// MARK: - Masterkey Factory Methods
+	// MARK: - Factory
 
 	public static func createNew() throws -> Masterkey {
 		let cryptoSupport = CryptoSupport()
@@ -134,4 +138,35 @@ public class Masterkey {
 			throw MasterkeyError.unwrapFailed(status)
 		}
 	}
+
+	// MARK: - Export
+
+	public func exportEncrypted(password: String, pepper: [UInt8] = [UInt8]()) throws -> Data {
+		let masterkeyJson: MasterkeyJson = try exportEncrypted(password: password, pepper: pepper)
+		return try JSONEncoder().encode(masterkeyJson)
+	}
+
+	func exportEncrypted(password: String, pepper: [UInt8], scryptCostParam: Int = Masterkey.defaultScryptCostParam, cryptoSupport: CryptoSupport = CryptoSupport()) throws -> MasterkeyJson {
+		let pw = [UInt8](password.precomposedStringWithCanonicalMapping.utf8)
+		let salt = try cryptoSupport.createRandomBytes(size: Masterkey.defaultScryptSaltSize)
+		let saltAndPepper = salt + pepper
+		let kek = try Scrypt(password: pw, salt: saltAndPepper, dkLen: kCCKeySizeAES256, N: scryptCostParam, r: Masterkey.defaultScryptBlockSize, p: 1).calculate()
+
+		let wrappedMasterKey = try Masterkey.wrapMasterKey(rawKey: aesMasterKey, kek: kek)
+		let wrappedHmacKey = try Masterkey.wrapMasterKey(rawKey: macMasterKey, kek: kek)
+
+		var versionMac = [UInt8](repeating: 0x00, count: Int(CC_SHA256_DIGEST_LENGTH))
+		let versionBytes = withUnsafeBytes(of: UInt32(version).bigEndian, Array.init)
+		CCHmac(CCHmacAlgorithm(kCCHmacAlgSHA256), macMasterKey, macMasterKey.count, versionBytes, versionBytes.count, &versionMac)
+
+		return MasterkeyJson(
+			scryptSalt: Data(salt).base64EncodedString(),
+			scryptCostParam: scryptCostParam,
+			scryptBlockSize: Masterkey.defaultScryptBlockSize,
+			primaryMasterKey: Data(wrappedMasterKey).base64EncodedString(),
+			hmacMasterKey: Data(wrappedHmacKey).base64EncodedString(),
+			versionMac: Data(versionMac).base64EncodedString(),
+			version: version
+		)
+	}
 }

CryptoLibTests/CryptorTests.swift

@@ -28,18 +28,6 @@ class CryptorTests: XCTestCase {
 		try FileManager.default.removeItem(at: tmpDirURL)
 	}
 
-	func testEncodeMasterkeyJson() throws {
-		let jsonData = try cryptor.encodeMasterkeyJson(password: "asd")
-		let decoded = try JSONDecoder().decode(MasterkeyJson.self, from: jsonData)
-		XCTAssertEqual("8PDw8PDw8PA=", decoded.scryptSalt)
-		XCTAssertEqual(32768, decoded.scryptCostParam)
-		XCTAssertEqual(8, decoded.scryptBlockSize)
-		XCTAssertEqual("nDcSwW65LXWVnry/lAC88aVtZrkB6dUWC9QuLsrRq/ZFCAJaldMtoQ==", decoded.primaryMasterKey)
-		XCTAssertEqual("HCuwIhdRnXeA3U4Ohm9/m96IML9kH/OuhyR1ygEJ+zJWRnhzOrtz9A==", decoded.hmacMasterKey)
-		XCTAssertEqual("sAWFgFNhmtMPeNWr4zh+9Ps7GOtT0pknX11PRQ7eC9Q=", decoded.versionMac)
-		XCTAssertEqual(7, decoded.version)
-	}
-
 	func testEncryptDirId() throws {
 		let rootDir = try cryptor.encryptDirId("".data(using: .utf8)!)
 		XCTAssertEqual("VLWEHT553J5DR7OZLRJAYDIWFCXZABOD", rootDir)

CryptoLibTests/MasterkeyTests.swift

@@ -18,16 +18,6 @@ class MasterkeyTests: XCTestCase {
 		// Put teardown code here. This method is called after the invocation of each test method in the class.
 	}
 
-	func testWrapAndUnwrapKey() throws {
-		let rawKey = [UInt8](repeating: 0x77, count: 32)
-		let kek = [UInt8](repeating: 0x55, count: 32)
-		let wrapped = try Masterkey.wrapMasterKey(rawKey: rawKey, kek: kek)
-		XCTAssertNotNil(wrapped)
-		let unwrapped = try Masterkey.unwrapMasterKey(wrappedKey: wrapped, kek: kek)
-		XCTAssertNotNil(unwrapped)
-		XCTAssertEqual(rawKey, unwrapped)
-	}
-
 	func testCreateFromMasterkeyFile() throws {
 		let expectedKeys = [UInt8](repeating: 0x00, count: 32)
 		let jsonData = """
@@ -139,4 +129,26 @@ class MasterkeyTests: XCTestCase {
 			XCTAssertEqual(error as! MasterkeyError, MasterkeyError.malformedMasterkeyFile("invalid base64 data in versionMac"))
 		}
 	}
+
+	func testWrapAndUnwrapKey() throws {
+		let rawKey = [UInt8](repeating: 0x77, count: 32)
+		let kek = [UInt8](repeating: 0x55, count: 32)
+		let wrapped = try Masterkey.wrapMasterKey(rawKey: rawKey, kek: kek)
+		XCTAssertNotNil(wrapped)
+		let unwrapped = try Masterkey.unwrapMasterKey(wrappedKey: wrapped, kek: kek)
+		XCTAssertNotNil(unwrapped)
+		XCTAssertEqual(rawKey, unwrapped)
+	}
+
+	func testExportEncrypted() throws {
+		let masterkey = Masterkey.createFromRaw(aesMasterKey: [UInt8](repeating: 0x55, count: 32), macMasterKey: [UInt8](repeating: 0x77, count: 32), version: 7)
+		let json = try masterkey.exportEncrypted(password: "asd", pepper: [UInt8](), scryptCostParam: 2, cryptoSupport: CryptoSupportMock())
+		XCTAssertEqual("8PDw8PDw8PA=", json.scryptSalt)
+		XCTAssertEqual(2, json.scryptCostParam)
+		XCTAssertEqual(8, json.scryptBlockSize)
+		XCTAssertEqual("jvdghkTc01VISrFly37pgaT/UKtXrDCvZcU3tT9Y98zyzn/pJ91bxw==", json.primaryMasterKey)
+		XCTAssertEqual("99I+J4bT3rVpZE8yZwKRV9gHVRmQ8XQEujAL9IuwLTc2D3mg5JEjKA==", json.hmacMasterKey)
+		XCTAssertEqual("sAWFgFNhmtMPeNWr4zh+9Ps7GOtT0pknX11PRQ7eC9Q=", json.versionMac)
+		XCTAssertEqual(7, json.version)
+	}
 }