AES 256 GCM (in addition to CBC) see issue

#18 and existing PR
#35 (credits to JP
Bougie, I am just "porting" his code)

Author: danielweck

crypto/encrypt_test.go crypto/aes_cbc_test.go

@@ -37,7 +37,9 @@ func TestSimpleEncrypt(t *testing.T) {
 	var output bytes.Buffer
 	var key [32]byte //not a safe key to have
 
-	err := Encrypt(key[:], input, &output)
+	cbc := NewAESCBCEncrypter()
+
+	err := cbc.Encrypt(key[:], input, &output)
 
 	if err != nil {
 		t.Log(err)
@@ -56,7 +58,9 @@ func TestConsecutiveEncrypts(t *testing.T) {
 	var output bytes.Buffer
 	var key [32]byte //not a safe key to have
 
-	err := Encrypt(key[:], input, &output)
+	cbc := NewAESCBCEncrypter()
+
+	err := cbc.Encrypt(key[:], input, &output)
 
 	if err != nil {
 		t.Log(err)
@@ -66,7 +70,7 @@ func TestConsecutiveEncrypts(t *testing.T) {
 	input = bytes.NewBufferString("1234")
 	var output2 bytes.Buffer
 
-	err = Encrypt(key[:], input, &output2)
+	err = cbc.Encrypt(key[:], input, &output2)
 
 	if err != nil {
 		t.Log(err)
@@ -81,7 +85,10 @@ func TestConsecutiveEncrypts(t *testing.T) {
 func TestFailingReaderForEncryption(t *testing.T) {
 	var output bytes.Buffer
 	var key [32]byte //not a safe key to have
-	err := Encrypt(key[:], failingReader{}, &output)
+
+	cbc := NewAESCBCEncrypter()
+
+	err := cbc.Encrypt(key[:], failingReader{}, &output)
 
 	if err == nil {
 		t.Error("expected an error from the reader")
@@ -93,12 +100,14 @@ func TestDecrypt(t *testing.T) {
 	key := sha256.Sum256([]byte("password"))
 	var cipher bytes.Buffer
 
-	err := Encrypt(key[:], clear, &cipher)
+	cbc := &cbcEncrypter{}
+	err := cbc.Encrypt(key[:], clear, &cipher)
 	if err != nil {
 		t.Fatal(err)
 	}
+
 	var res bytes.Buffer
-	err = Decrypt(key[:], &cipher, &res)
+	err = cbc.Decrypt(key[:], &cipher, &res)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -128,4 +137,4 @@ func TestKeyWrap(t *testing.T) {
 	if !bytes.Equal(out, expected) {
 		t.Errorf("Expected %x, got %x", expected, out)
 	}
-}
+}

crypto/encrypt.go

@@ -26,69 +26,18 @@
 package crypto
 
 import (
-	"bytes"
 	"crypto/aes"
-	"crypto/cipher"
-	"crypto/rand"
 	"io"
 )
 
-func Encrypt(key []byte, r io.Reader, w io.Writer) error {
-	r = PaddedReader(r, aes.BlockSize)
-
-	block, err := aes.NewCipher(key)
-	if err != nil {
-		return err
-	}
-
-	// generate the IV
-	iv := make([]byte, aes.BlockSize)
-	if _, err := io.ReadFull(rand.Reader, iv); err != nil {
-		return err
-	}
-
-	// write the IV first
-	if _, err = w.Write(iv); err != nil {
-		return err
-	}
-
-	mode := cipher.NewCBCEncrypter(block, iv)
-	buffer := make([]byte, aes.BlockSize)
-	for _, err = io.ReadFull(r, buffer); err == nil; _, err = io.ReadFull(r, buffer) {
-		mode.CryptBlocks(buffer, buffer)
-		_, wErr := w.Write(buffer)
-		if wErr != nil {
-			return wErr
-		}
-	}
-
-	if err == nil || err == io.EOF {
-		return nil
-	}
-
-	return err
+type Encrypter interface {
+	Encrypt(key ContentKey, r io.Reader, w io.Writer) error
+	GenerateKey() (ContentKey, error)
+	Signature() string
 }
 
-func Decrypt(key []byte, r io.Reader, w io.Writer) error {
-	block, err := aes.NewCipher(key)
-	if err != nil {
-		return err
-	}
-
-	var buffer bytes.Buffer
-	io.Copy(&buffer, r)
-
-	buf := buffer.Bytes()
-	iv := buf[:aes.BlockSize]
-
-	mode := cipher.NewCBCDecrypter(block, iv)
-	mode.CryptBlocks(buf[aes.BlockSize:], buf[aes.BlockSize:])
-
-	padding := buf[len(buf)-1]
-	w.Write(buf[aes.BlockSize : len(buf)-int(padding)])
-
-	return nil
-
+type Decrypter interface {
+	Decrypt(key ContentKey, r io.Reader, w io.Writer) error
 }
 
 var (

crypto/key.go

@@ -29,12 +29,10 @@ import (
 	"crypto/rand"
 )
 
-const (
-	keyLength = 32 // 256 bits
-)
+type ContentKey []byte
 
-func GenerateKey() ([]byte, error) {
-	k := make([]byte, keyLength)
+func GenerateKey(size int) ([]byte, error) {
+	k := make([]byte, size)
 
 	_, err := rand.Read(k)
 	if err != nil {

crypto/key_test.go

@@ -25,12 +25,10 @@
 
 package crypto
 
-import (
-	"testing"
-)
+import "testing"
 
 func TestGenerateKey(t *testing.T) {
-	buf, err := GenerateKey()
+	buf, err := GenerateKey(aes256keyLength)
 
 	if err != nil {
 		t.Error(err)

lcpencrypt/lcpencrypt.go

@@ -42,6 +42,7 @@ import (
 	"path/filepath"
 	"strings"
 
+	"github.com/readium/readium-lcp-server/crypto"
 	"github.com/readium/readium-lcp-server/epub"
 	"github.com/readium/readium-lcp-server/lcpserver/api"
 	"github.com/readium/readium-lcp-server/pack"
@@ -205,7 +206,8 @@ func main() {
 	}
 
 	// pack / encrypt the epub content, fill the output file
-	_, encryptionKey, err := pack.Do(ep, output)
+	encrypter := crypto.NewAESCBCEncrypter()
+	_, encryptionKey, err := pack.Do(encrypter, ep, output)
 
 	stats, err := output.Stat()
 	if err == nil && (stats.Size() > 0) {

lcpserver/api/license.go

@@ -127,11 +127,13 @@ func GetLicense(w http.ResponseWriter, r *http.Request, s Server) {
 			problem.Error(w, r, problem.Problem{Detail: err.Error()}, http.StatusInternalServerError)
 			return
 		}
+		
+		encrypter := s.Encrypter()
 
-		ExistingLicense.Encryption.ContentKey.Algorithm = "http://www.w3.org/2001/04/xmlenc#aes256-cbc"
-		ExistingLicense.Encryption.ContentKey.Value = encryptKey(content.EncryptionKey, ExistingLicense.Encryption.UserKey.Value) //use old UserKey.Value
+		ExistingLicense.Encryption.ContentKey.Algorithm = encrypter.Signature()
+		ExistingLicense.Encryption.ContentKey.Value = encryptKey(encrypter, content.EncryptionKey, ExistingLicense.Encryption.UserKey.Value) //use old UserKey.Value
 		ExistingLicense.Encryption.UserKey.Algorithm = "http://www.w3.org/2001/04/xmlenc#sha256"
-		err = buildKeyCheck(&ExistingLicense, ExistingLicense.Encryption.UserKey.Value)
+		err = buildKeyCheck(encrypter, &ExistingLicense, ExistingLicense.Encryption.UserKey.Value)
 		if err != nil {
 			problem.Error(w, r, problem.Problem{Detail: err.Error()}, http.StatusBadRequest)
 			return
@@ -410,6 +412,8 @@ func completeLicense(l *license.License, key string, s Server) error {
 		return err
 	}
 
+	encrypter := s.Encrypter()
+
 	license.Prepare(l)
 	l.ContentId = key
 	links := new([]license.Link)
@@ -450,15 +454,15 @@ func completeLicense(l *license.License, key string, s Server) error {
 		encryptionKey = hash[:]
 	}
 
-	l.Encryption.ContentKey.Algorithm = "http://www.w3.org/2001/04/xmlenc#aes256-cbc"
-	l.Encryption.ContentKey.Value = encryptKey(c.EncryptionKey, encryptionKey[:])
+	l.Encryption.ContentKey.Algorithm = encrypter.Signature()
+	l.Encryption.ContentKey.Value = encryptKey(encrypter, c.EncryptionKey, encryptionKey[:])
 	l.Encryption.UserKey.Algorithm = "http://www.w3.org/2001/04/xmlenc#sha256"
 
-	err = encryptFields(l, encryptionKey[:])
+	err = encryptFields(encrypter, l, encryptionKey[:])
 	if err != nil {
 		return err
 	}
-	err = buildKeyCheck(l, encryptionKey[:])
+	err = buildKeyCheck(encrypter, l, encryptionKey[:])
 	if err != nil {
 		return err
 	}
@@ -474,21 +478,21 @@ func completeLicense(l *license.License, key string, s Server) error {
 	return nil
 }
 
-func buildKeyCheck(l *license.License, key []byte) error {
+func buildKeyCheck(encrypter crypto.Encrypter, l *license.License, key []byte) error {
 	var out bytes.Buffer
-	err := crypto.Encrypt(key, bytes.NewBufferString(l.Id), &out)
+	err := encrypter.Encrypt(key, bytes.NewBufferString(l.Id), &out)
 	if err != nil {
 		return err
 	}
 	l.Encryption.UserKey.Check = out.Bytes()
 	return nil
 }
 
-func encryptFields(l *license.License, key []byte) error {
+func encryptFields(encrypter crypto.Encrypter, l *license.License, key []byte) error {
 	for _, toEncrypt := range l.User.Encrypted {
 		var out bytes.Buffer
 		field := getField(&l.User, toEncrypt)
-		err := crypto.Encrypt(key[:], bytes.NewBufferString(field.String()), &out)
+		err := encrypter.Encrypt(key[:], bytes.NewBufferString(field.String()), &out)
 		if err != nil {
 			return err
 		}
@@ -516,10 +520,10 @@ func signLicense(l *license.License, cert *tls.Certificate) error {
 	return nil
 }
 
-func encryptKey(key []byte, kek []byte) []byte {
+func encryptKey(encrypter crypto.Encrypter, key []byte, kek []byte) []byte {
 	var out bytes.Buffer
 	in := bytes.NewReader(key)
-	crypto.Encrypt(kek[:], in, &out)
+	encrypter.Encrypt(kek[:], in, &out)
 	return out.Bytes()
 }
 

lcpserver/api/store.go

@@ -35,6 +35,8 @@ import (
 	"os"
 
 	"github.com/gorilla/mux"
+
+	"github.com/readium/readium-lcp-server/crypto"
 	"github.com/readium/readium-lcp-server/api"
 	"github.com/readium/readium-lcp-server/epub"
 	"github.com/readium/readium-lcp-server/index"
@@ -50,6 +52,7 @@ type Server interface {
 	Licenses() license.Store
 	Certificate() *tls.Certificate
 	Source() *pack.ManualSource
+	Encrypter() crypto.Encrypter
 }
 
 // struct for communication with lcp-server

lcpserver/server/server.go

@@ -33,6 +33,7 @@ import (
 	"github.com/abbot/go-http-auth"
 	"github.com/gorilla/mux"
 
+	"github.com/readium/readium-lcp-server/crypto"
 	"github.com/readium/readium-lcp-server/api"
 	"github.com/readium/readium-lcp-server/index"
 	"github.com/readium/readium-lcp-server/lcpserver/api"
@@ -71,6 +72,10 @@ func (s *Server) Source() *pack.ManualSource {
 	return &s.source
 }
 
+func (s *Server) Encrypter() crypto.Encrypter {
+	return crypto.NewAESCBCEncrypter()
+}
+
 func New(bindAddr string, tplPath string, readonly bool, idx *index.Index, st *storage.Store, lst *license.Store, cert *tls.Certificate, packager *pack.Packager, basicAuth *auth.BasicAuth) *Server {
 
 	sr := api.CreateServerRouter(tplPath)

license/store_test.go

@@ -66,7 +66,7 @@ func TestStoreAdd(t *testing.T) {
 	Prepare(&l)
 	err = st.Add(l)
 	if err != nil {
-		t.Error(err)
+		t.Fatal(err)
 	}
 
 	l2, err := st.Get(l.Id)

pack/pack.go

@@ -37,8 +37,8 @@ import (
 	"github.com/readium/readium-lcp-server/xmlenc"
 )
 
-func Do(ep epub.Epub, w io.Writer) (enc *xmlenc.Manifest, key []byte, err error) {
-	key, err = crypto.GenerateKey()
+func Do(encrypter crypto.Encrypter, ep epub.Epub, w io.Writer) (enc *xmlenc.Manifest, key crypto.ContentKey, err error) {
+	key, err = encrypter.GenerateKey()
 	if err != nil {
 		return
 	}
@@ -52,7 +52,7 @@ func Do(ep epub.Epub, w io.Writer) (enc *xmlenc.Manifest, key []byte, err error)
 	for _, res := range ep.Resource {
 		if _, alreadyEncrypted := ep.Encryption.DataForFile(res.Path); !alreadyEncrypted && canEncrypt(res, ep) {
 			toCompress := mustCompressBeforeEncryption(*res, ep)
-			err = encryptFile(key, ep.Encryption, res, toCompress, ew)
+			err = encryptFile(encrypter, key, ep.Encryption, res, toCompress, ew)
 			if err != nil {
 				return
 			}
@@ -90,9 +90,9 @@ func canEncrypt(file *epub.Resource, ep epub.Epub) bool {
 	return ep.CanEncrypt(file.Path)
 }
 
-func encryptFile(key []byte, m *xmlenc.Manifest, file *epub.Resource, compress bool, w *epub.Writer) error {
+func encryptFile(encrypter crypto.Encrypter, key []byte, m *xmlenc.Manifest, file *epub.Resource, compress bool, w *epub.Writer) error {
 	data := xmlenc.Data{}
-	data.Method.Algorithm = "http://www.w3.org/2001/04/xmlenc#aes256-cbc"
+	data.Method.Algorithm = xmlenc.URI(encrypter.Signature())
 	data.KeyInfo = &xmlenc.KeyInfo{}
 	data.KeyInfo.RetrievalMethod.URI = "license.lcpl#/encryption/content_key"
 	data.KeyInfo.RetrievalMethod.Type = "http://readium.org/2014/01/lcp#EncryptedContentKey"
@@ -133,21 +133,7 @@ func encryptFile(key []byte, m *xmlenc.Manifest, file *epub.Resource, compress b
 	if err != nil {
 		return err
 	}
-	return crypto.Encrypt(key, input, fw)
-}
-
-func Undo(key []byte, ep epub.Epub) (epub.Epub, error) {
-	for _, data := range ep.Encryption.Data {
-		if res, ok := findFile(string(data.CipherData.CipherReference.URI), ep); ok {
-			var buf bytes.Buffer
-			crypto.Decrypt(key, res.Contents, &buf)
-			res.Contents = &buf
-		}
-	}
-
-	ep.Encryption = nil
-
-	return ep, nil
+	return encrypter.Encrypt(key, input, fw)
 }
 
 func findFile(name string, ep epub.Epub) (*epub.Resource, bool) {