Adding CEK parameter to resource data group creation

3MFConsortium · Jun 25, 2021 · 32f1339 · 32f1339
1 parent 431d803
commit 32f1339
Show file tree

Hide file tree

Showing 5 changed files with 19 additions and 11 deletions.
diff --git a/AutomaticComponentToolkit/lib3mf.xml b/AutomaticComponentToolkit/lib3mf.xml
@@ -1346,6 +1346,7 @@
 			<param name="Count" type="uint64" pass="return" description="The number of resource data available"/>
 		</method>
 		<method name="AddResourceDataGroup" description="Adds a resource data group into the keystore.">
+			<param name="ContentEncryptionKey" type="basicarray" class="uint8" pass="in" description="The (optional) encryption key that will be used to encrypt all resource datas in this group" />
 			<param name="ResourceDataGroup" type="class" class="ResourceDataGroup" pass="return" description="The resource data group instance"/>
 		</method>
 		<method name="GetResourceDataGroup" description="Gets a resource data group">

diff --git a/Include/API/lib3mf_keystore.hpp b/Include/API/lib3mf_keystore.hpp
@@ -95,7 +95,7 @@ namespace Lib3MF {
 
 			virtual IResourceDataGroup * GetResourceDataGroup(const Lib3MF_uint64 nResourceDataIndex) override;
 
-			virtual IResourceDataGroup * AddResourceDataGroup() override;
+			virtual IResourceDataGroup * AddResourceDataGroup(const Lib3MF_uint64 nContentEncryptionKeyBufferSize, const Lib3MF_uint8 * pContentEncryptionKeyBuffer) override;
 
 			virtual void RemoveResourceDataGroup(IResourceDataGroup * pTheResourceDataGroup) override;
 

diff --git a/Source/API/lib3mf_keystore.cpp b/Source/API/lib3mf_keystore.cpp
@@ -86,13 +86,20 @@ IResourceDataGroup * Lib3MF::Impl::CKeyStore::GetResourceDataGroup(const Lib3MF_
 	return new CResourceDataGroup(dg);
 }
 
-IResourceDataGroup * Lib3MF::Impl::CKeyStore::AddResourceDataGroup() {
+IResourceDataGroup * Lib3MF::Impl::CKeyStore::AddResourceDataGroup(const Lib3MF_uint64 nContentEncryptionKeyBufferSize, const Lib3MF_uint8 * pContentEncryptionKeyBuffer) {
 	//this is not ideal, as key size is determined by the encryptionalgorithm inside resourcedata.
-	//in any case, the spec does not state what happens if different resource datas have different algorithms,
-	//but resourcedatagroups are supposed to group the same key for a group of resources...
+	//in any case, the spec does not state what happens if different resource datas have different algorithms.
+	//resourcedatagroups are supposed to group the same key for resourcedatas.
+	//at resource data, we should assert key size maches the algorithm chosen.
 	//so far, this should work as aes256 is the only thing we support.
 	std::vector<NMR::nfByte> key(NMR::fnGetAlgorithmKeySize(NMR::eKeyStoreEncryptAlgorithm::AES256_GCM), 0);
-	m_pModel->generateRandomBytes(key.data(), key.size());
+	if (nContentEncryptionKeyBufferSize == 0) {
+		m_pModel->generateRandomBytes(key.data(), key.size());
+	} else if ((key.size() != nContentEncryptionKeyBufferSize) || (nullptr == pContentEncryptionKeyBuffer)) {
+		throw ELib3MFInterfaceException(LIB3MF_ERROR_INVALIDPARAM);
+	} else {
+		std::copy(pContentEncryptionKeyBuffer, pContentEncryptionKeyBuffer + nContentEncryptionKeyBufferSize, key.data());
+	}
 	NMR::PKeyStoreResourceDataGroup dg = NMR::CKeyStoreFactory::makeResourceDataGroup(std::make_shared<NMR::CUUID>(), key);
 	m_pKeyStore->addResourceDataGroup(dg);
 	return new CResourceDataGroup(dg);

diff --git a/Tests/CPP_Bindings/Source/EncryptionMethods.cpp b/Tests/CPP_Bindings/Source/EncryptionMethods.cpp
@@ -93,7 +93,7 @@ namespace Lib3MF {
 				ASSERT_NE(nullptr, meshObj);
 				auto keyStore = modelToCrpt->GetKeyStore();
 				auto consumer = keyStore->AddConsumer("LIB3MF#TEST", "contentKey", publicKey);
-				auto rdGroup = keyStore->AddResourceDataGroup();
+				auto rdGroup = keyStore->AddResourceDataGroup(ByteVector());
 				rdGroup->AddAccessRight(consumer.get(),
 					eWrappingAlgorithm::RSA_OAEP,
 					eMgfAlgorithm::MGF1_SHA1,
@@ -203,7 +203,7 @@ namespace Lib3MF {
 		Lib3MF::PConsumer consumer = keyStore->AddConsumer(consumerId, keyId, keyValue);
 
 		//add a resource data group
-		Lib3MF::PResourceDataGroup dataGroup = keyStore->AddResourceDataGroup();
+		Lib3MF::PResourceDataGroup dataGroup = keyStore->AddResourceDataGroup(ByteVector());
 
 		//establish consumer access to the datagroup
 		Lib3MF::PAccessRight accessRight = dataGroup->AddAccessRight(

diff --git a/Tests/CPP_Bindings/Source/SecureContent.cpp b/Tests/CPP_Bindings/Source/SecureContent.cpp
@@ -188,7 +188,7 @@ namespace Lib3MF {
 				ASSERT_NE(nullptr, meshObj);
 				auto keyStore = modelToCrpt->GetKeyStore();
 				auto consumer = keyStore->AddConsumer("LIB3MF#TEST", "contentKey", publicKey);
-				auto rdGroup = keyStore->AddResourceDataGroup();
+				auto rdGroup = keyStore->AddResourceDataGroup(std::vector<Lib3MF_uint8>());
 				rdGroup->AddAccessRight(consumer.get(),
 					eWrappingAlgorithm::RSA_OAEP,
 					eMgfAlgorithm::MGF1_SHA1,
@@ -296,7 +296,7 @@ namespace Lib3MF {
 		std::string path1 = "/3D/nonrootmodel1.model";
 		auto part1 = model->FindOrCreatePackagePart(path1);
 
-		auto dataGroup = keyStore->AddResourceDataGroup();
+		auto dataGroup = keyStore->AddResourceDataGroup(std::vector<Lib3MF_uint8>());
 
 		std::string dguuid = dataGroup->GetKeyUUID();
 		ASSERT_FALSE(dguuid.empty());
@@ -321,14 +321,14 @@ namespace Lib3MF {
 		std::string path1 = "/3D/nonrootmodel1.model";
 		auto part1 = model->FindOrCreatePackagePart(path1);
 
-		auto dataGroup1 = keyStore->AddResourceDataGroup();
+		auto dataGroup1 = keyStore->AddResourceDataGroup(std::vector<Lib3MF_uint8>());
 
 		keyStore->AddResourceData(dataGroup1.get(), part1.get(), Lib3MF::eEncryptionAlgorithm::AES256_GCM, Lib3MF::eCompression::Deflate, std::vector<Lib3MF_uint8>());
 
 		std::string path2 = "/3D/nonrootmodel2.model";
 		auto part2 = model->FindOrCreatePackagePart(path2);
 
-		auto dataGroup2 = keyStore->AddResourceDataGroup();
+		auto dataGroup2 = keyStore->AddResourceDataGroup(std::vector<Lib3MF_uint8>());
 
 		keyStore->AddResourceData(dataGroup2.get(), part2.get(), Lib3MF::eEncryptionAlgorithm::AES256_GCM, Lib3MF::eCompression::Deflate, std::vector<Lib3MF_uint8>());