refactor decryption frontend

Author: andiwand

cli/src/server.cpp

@@ -21,17 +21,17 @@ int main(int argc, char **argv) {
 
   DecodedFile decoded_file{input, decode_preference};
 
-  if (decoded_file.is_document_file()) {
-    DocumentFile document_file = decoded_file.document_file();
-    if (document_file.password_encrypted() && !password) {
-      std::cerr << "document encrypted but no password given" << std::endl;
-      return 2;
-    }
-    if (document_file.password_encrypted() &&
-        !document_file.decrypt(*password)) {
+  if (decoded_file.password_encrypted() && !password) {
+    std::cerr << "document encrypted but no password given" << std::endl;
+    return 2;
+  }
+  if (decoded_file.password_encrypted()) {
+    auto decrypt_result = decoded_file.decrypt(*password);
+    if (!decrypt_result.has_value()) {
       std::cerr << "wrong password" << std::endl;
       return 1;
     }
+    decoded_file = std::move(*decrypt_result);
   }
 
   HttpServer::Config server_config;

cli/src/translate.cpp

@@ -19,17 +19,17 @@ int main(int argc, char **argv) {
 
   DecodedFile decoded_file{input};
 
-  if (decoded_file.is_document_file()) {
-    DocumentFile document_file = decoded_file.document_file();
-    if (document_file.password_encrypted() && !password) {
-      std::cerr << "document encrypted but no password given" << std::endl;
-      return 2;
-    }
-    if (document_file.password_encrypted() &&
-        !document_file.decrypt(*password)) {
+  if (decoded_file.password_encrypted() && !password) {
+    std::cerr << "document encrypted but no password given" << std::endl;
+    return 2;
+  }
+  if (decoded_file.password_encrypted()) {
+    auto decrypt_result = decoded_file.decrypt(*password);
+    if (!decrypt_result.has_value()) {
       std::cerr << "wrong password" << std::endl;
       return 1;
     }
+    decoded_file = std::move(*decrypt_result);
   }
 
   HtmlConfig config;

src/odr/file.cpp

@@ -35,8 +35,6 @@ File::File(std::shared_ptr<internal::abstract::File> impl)
 File::File(const std::string &path)
     : m_impl{std::make_shared<internal::common::DiskFile>(path)} {}
 
-File::operator bool() const { return m_impl.operator bool(); }
-
 FileLocation File::location() const noexcept { return m_impl->location(); }
 
 std::size_t File::size() const { return m_impl->size(); }
@@ -107,7 +105,7 @@ DecodedFile::DecodedFile(const std::string &path,
     : DecodedFile(internal::open_strategy::open_file(
           std::make_shared<internal::common::DiskFile>(path), preference)) {}
 
-DecodedFile::operator bool() const { return m_impl.operator bool(); }
+File DecodedFile::file() const { return File(m_impl->file()); }
 
 FileType DecodedFile::file_type() const noexcept { return m_impl->file_type(); }
 
@@ -121,7 +119,21 @@ DecoderEngine DecodedFile::decoder_engine() const noexcept {
   return m_impl->decoder_engine();
 }
 
-File DecodedFile::file() const { return File(m_impl->file()); }
+bool DecodedFile::password_encrypted() const {
+  return m_impl->password_encrypted();
+}
+
+EncryptionState DecodedFile::encryption_state() const {
+  return m_impl->encryption_state();
+}
+
+std::optional<DecodedFile> DecodedFile::decrypt(const std::string &password) {
+  auto decrypted = m_impl->decrypt(password);
+  if (decrypted == nullptr) {
+    return std::nullopt;
+  }
+  return DecodedFile(decrypted);
+}
 
 bool DecodedFile::is_text_file() const {
   return std::dynamic_pointer_cast<internal::abstract::TextFile>(m_impl) !=
@@ -231,18 +243,6 @@ DocumentFile::DocumentFile(const std::string &path)
     : DocumentFile(internal::open_strategy::open_document_file(
           std::make_shared<internal::common::DiskFile>(path))) {}
 
-bool DocumentFile::password_encrypted() const {
-  return m_impl->password_encrypted();
-}
-
-EncryptionState DocumentFile::encryption_state() const {
-  return m_impl->encryption_state();
-}
-
-bool DocumentFile::decrypt(const std::string &password) {
-  return m_impl->decrypt(password);
-}
-
 DocumentType DocumentFile::document_type() const {
   return m_impl->document_type();
 }
@@ -260,18 +260,6 @@ std::shared_ptr<internal::abstract::DocumentFile> DocumentFile::impl() const {
 PdfFile::PdfFile(std::shared_ptr<internal::abstract::PdfFile> impl)
     : DecodedFile(impl), m_impl{std::move(impl)} {}
 
-bool PdfFile::password_encrypted() const {
-  return m_impl->password_encrypted();
-}
-
-EncryptionState PdfFile::encryption_state() const {
-  return m_impl->encryption_state();
-}
-
-bool PdfFile::decrypt(const std::string &password) {
-  return m_impl->decrypt(password);
-}
-
 std::shared_ptr<internal::abstract::PdfFile> PdfFile::impl() const {
   return m_impl;
 }

src/odr/file.hpp

@@ -154,8 +154,6 @@ class File final {
   explicit File(std::shared_ptr<internal::abstract::File>);
   explicit File(const std::string &path);
 
-  [[nodiscard]] explicit operator bool() const;
-
   [[nodiscard]] FileLocation location() const noexcept;
   [[nodiscard]] std::size_t size() const;
 
@@ -189,14 +187,16 @@ class DecodedFile {
   DecodedFile(const std::string &path, FileType as);
   DecodedFile(const std::string &path, const DecodePreference &preference);
 
-  [[nodiscard]] explicit operator bool() const;
+  [[nodiscard]] File file() const;
 
   [[nodiscard]] FileType file_type() const noexcept;
   [[nodiscard]] FileCategory file_category() const noexcept;
   [[nodiscard]] FileMeta file_meta() const noexcept;
   [[nodiscard]] DecoderEngine decoder_engine() const noexcept;
 
-  [[nodiscard]] File file() const;
+  [[nodiscard]] bool password_encrypted() const;
+  [[nodiscard]] EncryptionState encryption_state() const;
+  [[nodiscard]] std::optional<DecodedFile> decrypt(const std::string &password);
 
   [[nodiscard]] bool is_text_file() const;
   [[nodiscard]] bool is_image_file() const;
@@ -259,10 +259,6 @@ class DocumentFile final : public DecodedFile {
   explicit DocumentFile(std::shared_ptr<internal::abstract::DocumentFile>);
   explicit DocumentFile(const std::string &path);
 
-  [[nodiscard]] bool password_encrypted() const;
-  [[nodiscard]] EncryptionState encryption_state() const;
-  bool decrypt(const std::string &password);
-
   [[nodiscard]] DocumentType document_type() const;
   [[nodiscard]] DocumentMeta document_meta() const;
 
@@ -279,10 +275,6 @@ class PdfFile final : public DecodedFile {
 public:
   explicit PdfFile(std::shared_ptr<internal::abstract::PdfFile>);
 
-  [[nodiscard]] bool password_encrypted() const;
-  [[nodiscard]] EncryptionState encryption_state() const;
-  bool decrypt(const std::string &password);
-
   [[nodiscard]] std::shared_ptr<internal::abstract::PdfFile> impl() const;
 
 private:

src/odr/internal/abstract/file.hpp

@@ -38,6 +38,17 @@ class DecodedFile {
   [[nodiscard]] virtual FileCategory file_category() const noexcept = 0;
   [[nodiscard]] virtual FileMeta file_meta() const noexcept = 0;
   [[nodiscard]] virtual DecoderEngine decoder_engine() const noexcept = 0;
+
+  [[nodiscard]] virtual bool password_encrypted() const noexcept {
+    return false;
+  }
+  [[nodiscard]] virtual EncryptionState encryption_state() const noexcept {
+    return EncryptionState::not_encrypted;
+  }
+  [[nodiscard]] virtual std::shared_ptr<DecodedFile>
+  decrypt(const std::string &password) const noexcept {
+    return nullptr;
+  }
 };
 
 class TextFile : public DecodedFile {
@@ -71,10 +82,6 @@ class DocumentFile : public DecodedFile {
     return FileCategory::document;
   }
 
-  [[nodiscard]] virtual bool password_encrypted() const noexcept = 0;
-  [[nodiscard]] virtual EncryptionState encryption_state() const noexcept = 0;
-  [[nodiscard]] virtual bool decrypt(const std::string &password) = 0;
-
   [[nodiscard]] virtual DocumentType document_type() const = 0;
   [[nodiscard]] virtual DocumentMeta document_meta() const = 0;
 
@@ -89,10 +96,6 @@ class PdfFile : public DecodedFile {
   [[nodiscard]] FileCategory file_category() const noexcept final {
     return FileCategory::document;
   }
-
-  [[nodiscard]] virtual bool password_encrypted() const noexcept = 0;
-  [[nodiscard]] virtual EncryptionState encryption_state() const noexcept = 0;
-  [[nodiscard]] virtual bool decrypt(const std::string &password) = 0;
 };
 
 } // namespace odr::internal::abstract

src/odr/internal/odf/odf_crypto.cpp

@@ -163,29 +163,28 @@ class DecryptedFilesystem final : public abstract::ReadableFilesystem {
 } // namespace
 } // namespace odf
 
-bool odf::decrypt(std::shared_ptr<abstract::ReadableFilesystem> &storage,
-                  const Manifest &manifest, const std::string &password) {
+std::shared_ptr<abstract::ReadableFilesystem>
+odf::decrypt(const std::shared_ptr<abstract::ReadableFilesystem> &filesystem,
+             const Manifest &manifest, const std::string &password) {
   if (!manifest.encrypted) {
-    return true;
+    return nullptr;
   }
 
   if (auto it = manifest.entries.find(common::Path("encrypted-package"));
       it != std::end(manifest.entries)) {
     try {
       const std::string start_key = odf::start_key(it->second, password);
       const std::string input =
-          util::stream::read(*storage->open(it->first)->stream());
+          util::stream::read(*filesystem->open(it->first)->stream());
       std::string decrypt = crypto::util::inflate(
           derive_key_and_decrypt(it->second, start_key, input));
 
       auto memory_file =
           std::make_shared<common::MemoryFile>(std::move(decrypt));
-      storage = zip::ZipFile(memory_file).archive()->filesystem();
+      return zip::ZipFile(memory_file).archive()->filesystem();
     } catch (...) {
-      return false;
+      return nullptr;
     }
-
-    return true;
   }
 
   try {
@@ -197,19 +196,17 @@ bool odf::decrypt(std::shared_ptr<abstract::ReadableFilesystem> &storage,
     const std::string start_key = odf::start_key(smallest_file_entry, password);
     // TODO stream decrypt
     const std::string input =
-        util::stream::read(*storage->open(smallest_file_path)->stream());
+        util::stream::read(*filesystem->open(smallest_file_path)->stream());
     const std::string decrypt =
         derive_key_and_decrypt(smallest_file_entry, start_key, input);
     if (!validate_password(smallest_file_entry, decrypt)) {
-      return false;
+      return nullptr;
     }
-    storage = std::make_shared<DecryptedFilesystem>(std::move(storage),
-                                                    manifest, start_key);
+    return std::make_shared<DecryptedFilesystem>(filesystem, manifest,
+                                                 start_key);
   } catch (...) {
-    return false;
+    return nullptr;
   }
-
-  return true;
 }
 
 } // namespace odr::internal

src/odr/internal/odf/odf_crypto.hpp

@@ -13,25 +13,29 @@ class ReadableFilesystem;
 
 namespace odr::internal::odf {
 
-bool can_decrypt(const Manifest::Entry &) noexcept;
+bool can_decrypt(const Manifest::Entry &entry) noexcept;
 
 std::string hash(const std::string &input, ChecksumType checksum_type);
 
 std::string decrypt(const std::string &input, const std::string &derived_key,
                     const std::string &initialisation_vector,
                     AlgorithmType algorithm);
 
-std::string start_key(const Manifest::Entry &, const std::string &password);
+std::string start_key(const Manifest::Entry &entry,
+                      const std::string &password);
 
-std::string derive_key(const Manifest::Entry &, const std::string &start_key);
+std::string derive_key(const Manifest::Entry &entry,
+                       const std::string &start_key);
 
-std::string derive_key_and_decrypt(const Manifest::Entry &,
+std::string derive_key_and_decrypt(const Manifest::Entry &entry,
                                    const std::string &start_key,
                                    const std::string &input);
 
-bool validate_password(const Manifest::Entry &, std::string decrypted) noexcept;
+bool validate_password(const Manifest::Entry &entry,
+                       std::string decrypted) noexcept;
 
-bool decrypt(std::shared_ptr<abstract::ReadableFilesystem> &, const Manifest &,
-             const std::string &password);
+std::shared_ptr<abstract::ReadableFilesystem>
+decrypt(const std::shared_ptr<abstract::ReadableFilesystem> &filesystem,
+        const Manifest &manifest, const std::string &password);
 
 } // namespace odr::internal::odf

src/odr/internal/odf/odf_file.cpp

@@ -62,14 +62,23 @@ EncryptionState OpenDocumentFile::encryption_state() const noexcept {
   return m_encryption_state;
 }
 
-bool OpenDocumentFile::decrypt(const std::string &password) {
-  // TODO throw if not encrypted or already decrypted
-  if (!odf::decrypt(m_filesystem, m_manifest, password)) {
-    return false;
+std::shared_ptr<abstract::DecodedFile>
+OpenDocumentFile::decrypt(const std::string &password) const noexcept {
+  if (m_encryption_state != EncryptionState::encrypted) {
+    return nullptr;
   }
-  m_file_meta = parse_file_meta(*m_filesystem, nullptr, true);
-  m_encryption_state = EncryptionState::decrypted;
-  return true;
+
+  auto decrypted_filesystem = odf::decrypt(m_filesystem, m_manifest, password);
+  if (decrypted_filesystem == nullptr) {
+    return nullptr;
+  }
+
+  auto decrypted_file = std::make_shared<OpenDocumentFile>(*this);
+  decrypted_file->m_filesystem = std::move(decrypted_filesystem);
+  decrypted_file->m_file_meta =
+      parse_file_meta(*decrypted_file->m_filesystem, nullptr, true);
+  decrypted_file->m_encryption_state = EncryptionState::decrypted;
+  return std::move(decrypted_file);
 }
 
 std::shared_ptr<abstract::Document> OpenDocumentFile::document() const {

src/odr/internal/odf/odf_file.hpp

@@ -34,7 +34,8 @@ class OpenDocumentFile final : public virtual abstract::DocumentFile {
 
   [[nodiscard]] bool password_encrypted() const noexcept final;
   [[nodiscard]] EncryptionState encryption_state() const noexcept final;
-  bool decrypt(const std::string &password) final;
+  [[nodiscard]] std::shared_ptr<abstract::DecodedFile>
+  decrypt(const std::string &password) const noexcept final;
 
   [[nodiscard]] std::shared_ptr<abstract::Document> document() const final;
 

src/odr/internal/oldms/oldms_file.cpp

@@ -77,8 +77,9 @@ EncryptionState LegacyMicrosoftFile::encryption_state() const noexcept {
   return EncryptionState::unknown;
 }
 
-bool LegacyMicrosoftFile::decrypt(const std::string &) {
-  return false; // TODO throw
+std::shared_ptr<abstract::DecodedFile>
+LegacyMicrosoftFile::decrypt(const std::string &password) const noexcept {
+  return {}; // TODO throw
 }
 
 std::shared_ptr<abstract::Document> LegacyMicrosoftFile::document() const {