SEcube open-source SDK
SEcureDB.h
Go to the documentation of this file.
1 
7 #ifndef SECUREDB_H_
8 #define SECUREDB_H_
9 
10 #include "SEfile.h"
11 
12 #undef SEFILE_SQL_SECTOR_SIZE
13 #define SEFILE_SQL_SECTOR_SIZE 4096
19 #define SEFILE_SQL_LOGIC_DATA (SEFILE_SQL_SECTOR_SIZE/2)
20 
23 #define SEFILE_LEN_FIELD 2
24 
31 #define SEFILE_SQL_PADDING_LEN 14
32 
39 #define SEFILE_SQL_OVERHEAD_LEN (SEFILE_SQL_SECTOR_SIZE - SEFILE_SQL_LOGIC_DATA - B5_SHA256_DIGEST_SIZE - SEFILE_LEN_FIELD - SEFILE_SQL_PADDING_LEN)
40 
44 #define SEFILE_SQL_SECTOR_DATA_SIZE (SEFILE_SQL_SECTOR_SIZE - B5_SHA256_DIGEST_SIZE - SEFILE_SQL_OVERHEAD_LEN)
45 
47 #define SEFILE_SQL_SECTOR_OVERHEAD (SEFILE_SQL_SECTOR_SIZE - SEFILE_SQL_LOGIC_DATA)
48 
49 #pragma pack(push,1)
50 
57 struct SEFILE_SQL_SECTOR {
58  union {
64  };
65  uint8_t padding[SEFILE_SQL_PADDING_LEN]; // this is used to roundup the data to be encrypted (must be multiple of the block size)
66  uint16_t len;
67  uint8_t signature[32];
68  uint8_t overhead[SEFILE_SQL_OVERHEAD_LEN]; /* This is used to make SEfile compatible with SQLite. */
70 };
71 #pragma pack(pop)
72 
73 uint16_t securedb_get_secure_context(std::string& filename, std::string *keyid, uint16_t *algo);
74 uint16_t securedb_ls(std::string& path, std::vector<std::pair<std::string, std::string>>& list, L1* SEcubeptr);
75 uint16_t securedb_decrypt_filename(std::string& path, char *filename, L1 *SEcubeptr);
76 uint16_t securedb_recrypt(std::string& path, uint32_t key, L1 *SEcubeptr);
77 size_t securedb_pos_to_cipher_block(size_t current_position);
78 uint16_t securedb_secure_getfilesize(char *path, uint32_t * position);
80 #endif
securedb_decrypt_filename
uint16_t securedb_decrypt_filename(std::string &path, char *filename, L1 *SEcubeptr)
Same as decrypt_filename() but for encrypted SQLite databases.
Definition: SEcureDB.cpp:823
SEfile::l1
L1 * l1
The pointer to the L1 object created by the main application (i.e. to login to the SEcube).
Definition: SEfile.h:124
SEFILE_SQL_SECTOR::data
uint8_t data[SEFILE_SQL_LOGIC_DATA]
Definition: SEcureDB.h:61
SEFILE_SQL_LOGIC_DATA
#define SEFILE_SQL_LOGIC_DATA
Definition: SEcureDB.h:20
SEcube
L1 * SEcube
Definition: SEkey.cpp:22
crypto_filename
uint16_t crypto_filename(char *path, char *enc_name, uint16_t *encoded_length)
This function computes the encrypted name of the file specified as path.
Definition: SEfile.cpp:1410
get_filename
void get_filename(char *path, char *file_name)
Extract the name of a file from its path.
Definition: SEfile.cpp:1602
SEFILE_BEGIN
#define SEFILE_BEGIN
Definition: SEfile_C_interface.h:96
SEFILE_HEADER
The SEFILE_HEADER struct This data struct is used to define a 31 bytes field inside a sector while ta...
Definition: SEfile.h:52
SEFILE_SQL_SECTOR
The SEFILE_SQL_SECTOR struct This data struct is the actual sector organization for encrypted SQLite ...
Definition: SEcureDB.h:58
SEfile::handleptr
std::shared_ptr< SEFILE_HANDLE > handleptr
Handle to the file on the underlying filesystem.
Definition: SEfile.h:125
SEfile::decrypt_sectors
uint16_t decrypt_sectors(void *buff_crypt, void *buff_decrypt, size_t datain_len, size_t current_offset, uint8_t *nonce_ctr, uint8_t *nonce_pbkdf2)
This function decrypts the buff_crypt data by exploiting the functions provided by L1....
Definition: SEfile.cpp:901
SEFILE_OPEN
#define SEFILE_OPEN
Definition: SEfile_C_interface.h:75
decrypt_dirname
uint16_t decrypt_dirname(std::string &path, char *decDirname, L1 *SEcubeptr)
This function is used to compute the plaintext of am encrypted directory name stored in dirname.
Definition: SEfile.cpp:1249
SEFILE_SQL_SECTOR::len
uint16_t len
Definition: SEcureDB.h:67
override_key_check
bool override_key_check
Global flag that is used to bypass the validity check of a key to read or write encrypted data....
Definition: SEfile.cpp:19
SEfile::EnvCrypto
uint16_t EnvCrypto
The algorithm to be used with the key.
Definition: SEfile.h:120
SEFILE_HANDLE
The SEFILE_HANDLE struct This abstract data type is used to hide from higher level of abstraction its...
Definition: SEfile.h:27
SEcureDB.h
This header contains prototypes, constants and structures that are needed to implement the encrypted ...
SEFILE_HEADER::key_header
SEKEY_HEADER key_header
Definition: SEfile.h:54
SEfile::secure_close
uint16_t secure_close()
This function releases the resources related to the underlying SEfile object (i.e....
Definition: SEfile.cpp:809
SEFILE_HEADER::nonce_ctr
uint8_t nonce_ctr[16]
Definition: SEfile.h:55
SEKEY_HEADER::key_id
uint32_t key_id
Definition: SEfile.h:44
SEfile::secure_key_check
uint16_t secure_key_check(uint16_t direction)
This function is used to check if the key setup in the SEfile object can be used to encrypt or decryp...
Definition: SEfile.cpp:78
SEFILE_SQL_PADDING_LEN
#define SEFILE_SQL_PADDING_LEN
Definition: SEcureDB.h:32
securedb_get_secure_context
uint16_t securedb_get_secure_context(std::string &filename, std::string *keyid, uint16_t *algo)
Same as get_secure_context() but for encrypted SQLite databases.
Definition: SEcureDB.cpp:992
SEfile.h
This is the SEfile header that contains most of the methods, constants and structures used by SEfile.
valid_directory_name
uint16_t valid_directory_name(std::string &name)
This function checks if the given name can be a valid SEfile directory name.
Definition: SEfile.cpp:1547
SEFILE_BLOCK_SIZE
#define SEFILE_BLOCK_SIZE
Definition: SEfile_C_interface.h:158
SEFILE_HEADER::nonce_pbkdf2
uint8_t nonce_pbkdf2[SEFILE_NONCE_LEN]
Definition: SEfile.h:53
SEFILE_CURRENT
#define SEFILE_CURRENT
Definition: SEfile_C_interface.h:97
MAX_PATHNAME
#define MAX_PATHNAME
Definition: SEfile_C_interface.h:165
databases
std::vector< std::unique_ptr< SEfile > > databases
Definition: SEcureDB.cpp:5
SEFILE_READ
#define SEFILE_READ
Definition: SEfile_C_interface.h:54
SEFILE_NEWFILE
#define SEFILE_NEWFILE
Definition: SEfile_C_interface.h:74
SEfile::IsOpen
bool IsOpen
Flag that is TRUE if the file is open, FALSE otherwise.
Definition: SEfile.h:123
SEfile::crypt_sectors
uint16_t crypt_sectors(void *buff_decrypt, void *buff_crypt, size_t datain_len, size_t current_offset, uint8_t *nonce_ctr, uint8_t *nonce_pbkdf2)
This function encrypts the buff_decrypt data by exploiting the functions provided by L1....
Definition: SEfile.cpp:862
SEFILE_WRITE
#define SEFILE_WRITE
Definition: SEfile_C_interface.h:55
get_path
void get_path(char *full_path, char *path)
Extract the path of a file removing the file name.
Definition: SEfile.cpp:1582
SEfile::EnvKeyID
uint32_t EnvKeyID
The key ID used by this SEfile instance. This key will be used for encryption and decryption.
Definition: SEfile.h:119
SEFILE_SQL_SECTOR_OVERHEAD
#define SEFILE_SQL_SECTOR_OVERHEAD
Definition: SEcureDB.h:48
securedb_pos_to_cipher_block
size_t securedb_pos_to_cipher_block(size_t current_position)
Same as pos_to_cipher_block() but for encrypted SQLite databases.
Definition: SEcureDB.cpp:711
SEFILE_SQL_SECTOR::header
SEFILE_HEADER header
Definition: SEcureDB.h:60
valid_file_name
uint16_t valid_file_name(std::string &name)
This function checks if the given name can be a valid SEfile file name.
Definition: SEfile.cpp:1563
SEFILE_SQL_SECTOR_SIZE
#define SEFILE_SQL_SECTOR_SIZE
Definition: SEcureDB.h:13
environment.h
This is a header file required by any application exploiting SEfile and/or SEkey.
securedb_recrypt
uint16_t securedb_recrypt(std::string &path, uint32_t key, L1 *SEcubeptr)
Same as secure_recrypt() but for encrypted SQLite databases.
Definition: SEcureDB.cpp:928
SEfile
A SEfile object is used to manage a file encrypted with SEfile.
Definition: SEfile.h:117
SEFILE_END
#define SEFILE_END
Definition: SEfile_C_interface.h:98
SEfile::crypt_header
uint16_t crypt_header(void *buff1, void *buff2, size_t datain_len, uint16_t direction)
This function encrypts a header buffer by exploiting the functions provided by L1....
Definition: SEfile.cpp:826
SEFILE_SQL_SECTOR::signature
uint8_t signature[32]
Definition: SEcureDB.h:68
SEFILE_SQL_SECTOR_DATA_SIZE
#define SEFILE_SQL_SECTOR_DATA_SIZE
Definition: SEcureDB.h:45
SEFILE_SQL_OVERHEAD_LEN
#define SEFILE_SQL_OVERHEAD_LEN
Definition: SEcureDB.h:40
securedb_ls
uint16_t securedb_ls(std::string &path, std::vector< std::pair< std::string, std::string >> &list, L1 *SEcubeptr)
Same as secure_ls() but for encrypted SQLite databases.
Definition: SEcureDB.cpp:714
SEKEY_HEADER::algorithm
uint16_t algorithm
Definition: SEfile.h:45
securedb_secure_getfilesize
uint16_t securedb_secure_getfilesize(char *path, uint32_t *position)
Same as secure_getfilesize() but for encrypted SQLite databases.
Definition: SEcureDB.cpp:598