Example 1 with KeyFile
use of org.cryptomator.cryptolib.api.KeyFile in project cryptofs by cryptomator.
the class Migrators method migrate.
/**
* Performs the actual migration. This task may take a while and this method will block.
*
* @param pathToVault Path to the vault's root
* @param masterkeyFilename Name of the masterkey file located in the vault
* @param passphrase The passphrase needed to unlock the vault
* @throws NoApplicableMigratorException If the vault can not be migrated, because no migrator could be found
* @throws InvalidPassphraseException If the passphrase could not be used to unlock the vault
* @throws IOException if an I/O error occurs migrating the vault
*/
public void migrate(Path pathToVault, String masterkeyFilename, CharSequence passphrase) throws NoApplicableMigratorException, InvalidPassphraseException, IOException {
Path masterKeyPath = pathToVault.resolve(masterkeyFilename);
byte[] keyFileContents = Files.readAllBytes(masterKeyPath);
KeyFile keyFile = KeyFile.parse(keyFileContents);
try {
Migrator migrator = findApplicableMigrator(keyFile.getVersion()).orElseThrow(NoApplicableMigratorException::new);
migrator.migrate(pathToVault, masterkeyFilename, passphrase);
} catch (UnsupportedVaultFormatException e) {
// might be a tampered masterkey file, as this exception is also thrown if the vault version MAC is not authentic.
throw new IllegalStateException("Vault version checked beforehand but not supported by migrator.");
}
}
Also used :
Path(java.nio.file.Path)
NoApplicableMigratorException(org.cryptomator.cryptofs.migration.api.NoApplicableMigratorException)
KeyFile(org.cryptomator.cryptolib.api.KeyFile)
Migrator(org.cryptomator.cryptofs.migration.api.Migrator)
UnsupportedVaultFormatException(org.cryptomator.cryptolib.api.UnsupportedVaultFormatException)
Example 2 with KeyFile
use of org.cryptomator.cryptolib.api.KeyFile in project cryptofs by cryptomator.
the class Migrators method needsMigration.
/**
* Inspects the vault and checks if it is supported by this library.
*
* @param pathToVault Path to the vault's root
* @param masterkeyFilename Name of the masterkey file located in the vault
* @return <code>true</code> if the vault at the given path is of an older format than supported by this library
* @throws IOException if an I/O error occurs parsing the masterkey file
*/
public boolean needsMigration(Path pathToVault, String masterkeyFilename) throws IOException {
Path masterKeyPath = pathToVault.resolve(masterkeyFilename);
byte[] keyFileContents = Files.readAllBytes(masterKeyPath);
KeyFile keyFile = KeyFile.parse(keyFileContents);
return keyFile.getVersion() < Constants.VAULT_VERSION;
}Example 3 with KeyFile
use of org.cryptomator.cryptolib.api.KeyFile in project cryptofs by cryptomator.
the class Version6MigratorTest method testMigrate.
@Test
public void testMigrate() throws IOException {
String oldPassword = Normalizer.normalize("ä", Form.NFD);
String newPassword = Normalizer.normalize("ä", Form.NFC);
Assert.assertNotEquals(oldPassword, newPassword);
KeyFile beforeMigration = cryptorProvider.createNew().writeKeysToMasterkeyFile(oldPassword, 5);
Assert.assertEquals(5, beforeMigration.getVersion());
Files.write(masterkeyFile, beforeMigration.serialize());
Migrator migrator = new Version6Migrator(cryptorProvider);
migrator.migrate(pathToVault, "masterkey.cryptomator", oldPassword);
KeyFile afterMigration = KeyFile.parse(Files.readAllBytes(masterkeyFile));
Assert.assertEquals(6, afterMigration.getVersion());
try (Cryptor cryptor = cryptorProvider.createFromKeyFile(afterMigration, newPassword, 6)) {
Assert.assertNotNull(cryptor);
}
Assert.assertTrue(Files.exists(masterkeyBackupFile));
KeyFile backupKey = KeyFile.parse(Files.readAllBytes(masterkeyBackupFile));
Assert.assertEquals(5, backupKey.getVersion());
}Example 4 with KeyFile
use of org.cryptomator.cryptolib.api.KeyFile in project cryptofs by cryptomator.
the class Version6Migrator method migrate.
@Override
public void migrate(Path vaultRoot, String masterkeyFilename, CharSequence passphrase) throws InvalidPassphraseException, UnsupportedVaultFormatException, IOException {
LOG.info("Upgrading {} from version 5 to version 6.", vaultRoot);
Path masterkeyFile = vaultRoot.resolve(masterkeyFilename);
byte[] fileContentsBeforeUpgrade = Files.readAllBytes(masterkeyFile);
KeyFile keyFile = KeyFile.parse(fileContentsBeforeUpgrade);
try (Cryptor cryptor = cryptorProvider.createFromKeyFile(keyFile, passphrase, 5)) {
// create backup, as soon as we know the password was correct:
Path masterkeyBackupFile = vaultRoot.resolve(masterkeyFilename + Constants.MASTERKEY_BACKUP_SUFFIX);
Files.copy(masterkeyFile, masterkeyBackupFile, StandardCopyOption.REPLACE_EXISTING);
LOG.info("Backed up masterkey from {} to {}.", masterkeyFile.getFileName(), masterkeyBackupFile.getFileName());
// rewrite masterkey file with normalized passphrase:
byte[] fileContentsAfterUpgrade = cryptor.writeKeysToMasterkeyFile(Normalizer.normalize(passphrase, Form.NFC), 6).serialize();
Files.write(masterkeyFile, fileContentsAfterUpgrade, StandardOpenOption.TRUNCATE_EXISTING);
LOG.info("Updated masterkey.");
}
LOG.info("Upgraded {} from version 5 to version 6.", vaultRoot);
}Aggregations
KeyFile (org.cryptomator.cryptolib.api.KeyFile)4
Path (java.nio.file.Path)3
Migrator (org.cryptomator.cryptofs.migration.api.Migrator)2
Cryptor (org.cryptomator.cryptolib.api.Cryptor)2
NoApplicableMigratorException (org.cryptomator.cryptofs.migration.api.NoApplicableMigratorException)1
UnsupportedVaultFormatException (org.cryptomator.cryptolib.api.UnsupportedVaultFormatException)1
Test (org.junit.Test)1
