5 files changed, 363 insertions, 0 deletions
diff --git a/src/lib/psk_db/info.txt b/src/lib/psk_db/info.txt
new file mode 100644
index 000000000..814a30471
--- /dev/null
+++ b/src/lib/psk_db/info.txt
@@ -0,0 +1,10 @@
+<defines>
+PSK_DB -> 20171119
+</defines>
+
+<requires>
+aes
+hmac
+sha2_32
+nist_keywrap
+</requires>
diff --git a/src/lib/psk_db/psk_db.cpp b/src/lib/psk_db/psk_db.cpp
new file mode 100644
index 000000000..af59d2954
--- /dev/null
+++ b/src/lib/psk_db/psk_db.cpp
@@ -0,0 +1,104 @@
+/*
+* (C) 2017 Jack Lloyd
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#include <botan/psk_db.h>
+#include <botan/nist_keywrap.h>
+#include <botan/base64.h>
+#include <botan/mac.h>
+#include <botan/block_cipher.h>
+
+namespace Botan {
+
+Encrypted_PSK_Database::Encrypted_PSK_Database(const secure_vector<uint8_t>& master_key)
+   {
+   m_cipher = BlockCipher::create_or_throw("AES-256");
+   m_hmac = MessageAuthenticationCode::create_or_throw("HMAC(SHA-256)");
+   m_hmac->set_key(master_key);
+
+   m_cipher->set_key(m_hmac->process("wrap"));
+   m_hmac->set_key(m_hmac->process("hmac"));
+   }
+
+Encrypted_PSK_Database::~Encrypted_PSK_Database()
+   {
+   // for ~unique_ptr
+   }
+
+std::set<std::string> Encrypted_PSK_Database::list_names() const
+   {
+   const std::set<std::string> encrypted_names = kv_get_all();
+
+   std::set<std::string> names;
+
+   for(std::string enc_name : encrypted_names)
+      {
+      try
+         {
+         const secure_vector<uint8_t> raw_name = base64_decode(enc_name);
+         const secure_vector<uint8_t> name_bits =
+            nist_key_unwrap_padded(raw_name.data(), raw_name.size(), *m_cipher);
+
+         std::string pt_name(cast_uint8_ptr_to_char(name_bits.data()), name_bits.size());
+         names.insert(pt_name);
+         }
+      catch(Integrity_Failure&)
+         {
+         }
+      }
+
+   return names;
+   }
+
+void Encrypted_PSK_Database::remove(const std::string& name)
+   {
+   const std::vector<uint8_t> wrapped_name =
+      nist_key_wrap_padded(cast_char_ptr_to_uint8(name.data()),
+                           name.size(),
+                           *m_cipher);
+
+   this->kv_del(base64_encode(wrapped_name));
+   }
+
+secure_vector<uint8_t> Encrypted_PSK_Database::get(const std::string& name) const
+   {
+   const std::vector<uint8_t> wrapped_name =
+      nist_key_wrap_padded(cast_char_ptr_to_uint8(name.data()),
+                           name.size(),
+                           *m_cipher);
+
+   const std::string val_base64 = kv_get(base64_encode(wrapped_name));
+
+   if(val_base64.empty())
+      throw Invalid_Argument("Named PSK not located");
+
+   const secure_vector<uint8_t> val = base64_decode(val_base64);
+
+   std::unique_ptr<BlockCipher> wrap_cipher(m_cipher->clone());
+   wrap_cipher->set_key(m_hmac->process(wrapped_name));
+
+   return nist_key_unwrap_padded(val.data(), val.size(), *wrap_cipher);
+   }
+
+void Encrypted_PSK_Database::set(const std::string& name, const uint8_t val[], size_t len)
+   {
+   /*
+   * Both as a basic precaution wrt key seperation, and specifically to prevent
+   * cut-and-paste attacks against the database, each PSK is encrypted with a
+   * distinct key which is derived by hashing the wrapped key name with HMAC.
+   */
+   const std::vector<uint8_t> wrapped_name =
+      nist_key_wrap_padded(cast_char_ptr_to_uint8(name.data()),
+                           name.size(),
+                           *m_cipher);
+
+   std::unique_ptr<BlockCipher> wrap_cipher(m_cipher->clone());
+   wrap_cipher->set_key(m_hmac->process(wrapped_name));
+   const std::vector<uint8_t> wrapped_key = nist_key_wrap_padded(val, len, *wrap_cipher);
+
+   this->kv_set(base64_encode(wrapped_name), base64_encode(wrapped_key));
+   }
+
+}
diff --git a/src/lib/psk_db/psk_db.h b/src/lib/psk_db/psk_db.h
new file mode 100644
index 000000000..fb20e9437
--- /dev/null
+++ b/src/lib/psk_db/psk_db.h
@@ -0,0 +1,146 @@
+/*
+* (C) 2017 Jack Lloyd
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#ifndef BOTAN_PSK_DB_H_
+#define BOTAN_PSK_DB_H_
+
+#include <botan/secmem.h>
+#include <memory>
+#include <string>
+#include <set>
+
+namespace Botan {
+
+class BlockCipher;
+class MessageAuthenticationCode;
+
+/**
+* This is an interface to a generic PSK (pre-shared key) database.
+* It might be implemented as a plaintext storage or via some mechanism
+* that encrypts the keys and/or values.
+*/
+class BOTAN_PUBLIC_API(2,4) PSK_Database
+   {
+   public:
+      /**
+      * Return the set of names for which get() will return a value.
+      */
+      virtual std::set<std::string> list_names() const = 0;
+
+      /**
+      * Return the value associated with the specified @param name, or otherwise
+      * throw an exception.
+      */
+      virtual secure_vector<uint8_t> get(const std::string& name) const = 0;
+
+      /**
+      * Set a value that can later be accessed with get().
+      * If name already exists in the database, the old value will be overwritten.
+      */
+      virtual void set(const std::string& name, const uint8_t psk[], size_t psk_len) = 0;
+
+      /**
+      * Remove a PSK from the database
+      */
+      virtual void remove(const std::string& name) = 0;
+
+      /**
+      * Returns if the values in the PSK database are encrypted. If
+      * false, saved values are being stored in plaintext.
+      */
+      virtual bool is_encrypted() const = 0;
+
+      /**
+      * Get a PSK in the form of a string (eg if the PSK is a password)
+      */
+      std::string get_str(const std::string& name) const
+         {
+         secure_vector<uint8_t> psk = get(name);
+         return std::string(reinterpret_cast<const char*>(psk.data()), psk.size());
+         }
+
+      void set_str(const std::string& name, const std::string& psk)
+         {
+         set(name, reinterpret_cast<const uint8_t*>(psk.data()), psk.size());
+         }
+
+      template<typename Alloc>
+      void set_vec(const std::string& name,
+                   const std::vector<uint8_t, Alloc>& psk)
+
+         {
+         set(name, psk.data(), psk.size());
+         }
+
+      virtual ~PSK_Database() = default;
+   };
+
+/**
+* A mixin for an encrypted PSK database.
+* Both keys and values are encrypted with NIST AES-256 key wrapping.
+* Values are padded to obscure their length before encryption, allowing
+* it to be used as a password vault.
+*
+* Subclasses must implement the virtual calls to handle storing and
+* getting raw (base64 encoded) values.
+*/
+class BOTAN_PUBLIC_API(2,4) Encrypted_PSK_Database : public PSK_Database
+   {
+   public:
+      /**
+      * @param master_key specifies the master key used to encrypt all
+      * keys and value. It can be of any length, but should be at least 256 bits.
+      *
+      * Subkeys for the cryptographic algorithms used are derived from this
+      * master key. No key stretching is performed; if encrypting a PSK database
+      * using a password, it is recommended to use PBKDF2 to derive the database
+      * master key.
+      */
+      Encrypted_PSK_Database(const secure_vector<uint8_t>& master_key);
+
+      ~Encrypted_PSK_Database();
+
+      std::set<std::string> list_names() const override;
+
+      secure_vector<uint8_t> get(const std::string& name) const override;
+
+      void set(const std::string& name, const uint8_t psk[], size_t psk_len) override;
+
+      void remove(const std::string& name) override;
+
+      bool is_encrypted() const override { return true; }
+
+   protected:
+      /**
+      * Save a encrypted (name.value) pair to the database. Both will be base64 encoded strings.
+      */
+      virtual void kv_set(const std::string& index, const std::string& value) = 0;
+
+      /**
+      * Get a value previously saved with set_raw_value. Should return an empty
+      * string if index is not found.
+      */
+      virtual std::string kv_get(const std::string& index) const = 0;
+
+      /**
+      * Remove an index
+      */
+      virtual void kv_del(const std::string& index) = 0;
+
+      /**
+      * Return all indexes in the table.
+      */
+      virtual std::set<std::string> kv_get_all() const = 0;
+
+   private:
+      std::unique_ptr<BlockCipher> m_cipher;
+      std::unique_ptr<MessageAuthenticationCode> m_hmac;
+      secure_vector<uint8_t> m_wrap_key;
+   };
+
+}
+
+#endif
diff --git a/src/lib/psk_db/psk_db_sql.cpp b/src/lib/psk_db/psk_db_sql.cpp
new file mode 100644
index 000000000..3a43e7380
--- /dev/null
+++ b/src/lib/psk_db/psk_db_sql.cpp
@@ -0,0 +1,69 @@
+/*
+* (C) 2017 Jack Lloyd
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#include <botan/psk_db_sql.h>
+
+namespace Botan {
+
+Encrypted_PSK_Database_SQL::Encrypted_PSK_Database_SQL(const secure_vector<uint8_t>& master_key,
+                                                       std::shared_ptr<SQL_Database> db,
+                                                       const std::string& table_name) :
+   Encrypted_PSK_Database(master_key),
+   m_db(db),
+   m_table_name(table_name)
+   {
+   m_db->create_table(
+      "create table if not exists " + m_table_name +
+      "(psk_name TEXT PRIMARY KEY, psk_value TEXT)");
+   }
+
+void Encrypted_PSK_Database_SQL::kv_del(const std::string& name)
+   {
+   auto stmt = m_db->new_statement("delete from " + m_table_name + " where psk_name=?1");
+   stmt->bind(1, name);
+   stmt->spin();
+   }
+
+void Encrypted_PSK_Database_SQL::kv_set(const std::string& name, const std::string& value)
+   {
+   auto stmt = m_db->new_statement("insert or replace into " + m_table_name + " values(?1, ?2)");
+
+   stmt->bind(1, name);
+   stmt->bind(2, value);
+
+   stmt->spin();
+   }
+
+std::string Encrypted_PSK_Database_SQL::kv_get(const std::string& name) const
+   {
+   auto stmt = m_db->new_statement("select psk_value from " + m_table_name +
+                                   " where psk_name = ?1");
+
+   stmt->bind(1, name);
+
+   while(stmt->step())
+      {
+      return stmt->get_str(0);
+      }
+   return "";
+   }
+
+std::set<std::string> Encrypted_PSK_Database_SQL::kv_get_all() const
+   {
+   std::set<std::string> names;
+
+   auto stmt = m_db->new_statement("select psk_name from " + m_table_name);
+
+   while(stmt->step())
+      {
+      names.insert(stmt->get_str(0));
+      }
+
+   return names;
+   }
+
+}
+
diff --git a/src/lib/psk_db/psk_db_sql.h b/src/lib/psk_db/psk_db_sql.h
new file mode 100644
index 000000000..fddadfc30
--- /dev/null
+++ b/src/lib/psk_db/psk_db_sql.h
@@ -0,0 +1,34 @@
+/*
+* (C) 2017 Jack Lloyd
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#ifndef BOTAN_PSK_DB_SQL_H_
+#define BOTAN_PSK_DB_SQL_H_
+
+#include <botan/psk_db.h>
+#include <botan/database.h>
+
+namespace Botan {
+
+class BOTAN_PUBLIC_API(2,4) Encrypted_PSK_Database_SQL : public Encrypted_PSK_Database
+   {
+   public:
+      Encrypted_PSK_Database_SQL(const secure_vector<uint8_t>& master_key,
+                                 std::shared_ptr<SQL_Database> db,
+                                 const std::string& table_name);
+
+   private:
+      void kv_set(const std::string& index, const std::string& value) override;
+      std::string kv_get(const std::string& index) const override;
+      void kv_del(const std::string& index) override;
+      std::set<std::string> kv_get_all() const override;
+
+      std::shared_ptr<SQL_Database> m_db;
+      const std::string m_table_name;
+   };
+
+}
+
+#endif