EIC code displayed by LXR |
|
|
|
|||
File indexing completed on 2025-01-18 09:54:56
0001 // default.h - originally written and placed in the public domain by Wei Dai 0002 0003 /// \file default.h 0004 /// \brief Classes for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC 0005 0006 #ifndef CRYPTOPP_DEFAULT_H 0007 #define CRYPTOPP_DEFAULT_H 0008 0009 #include "sha.h" 0010 #include "hmac.h" 0011 #include "aes.h" 0012 #include "des.h" 0013 #include "modes.h" 0014 #include "filters.h" 0015 #include "smartptr.h" 0016 0017 NAMESPACE_BEGIN(CryptoPP) 0018 0019 /// \brief Legacy block cipher for LegacyEncryptor, LegacyDecryptor, LegacyEncryptorWithMAC and LegacyDecryptorWithMAC 0020 typedef DES_EDE2 LegacyBlockCipher; 0021 /// \brief Legacy hash for use with LegacyEncryptorWithMAC and LegacyDecryptorWithMAC 0022 typedef SHA1 LegacyHashModule; 0023 /// \brief Legacy HMAC for use withLegacyEncryptorWithMAC and LegacyDecryptorWithMAC 0024 typedef HMAC<LegacyHashModule> LegacyMAC; 0025 0026 /// \brief Default block cipher for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC 0027 typedef AES DefaultBlockCipher; 0028 /// \brief Default hash for use with DefaultEncryptorWithMAC and DefaultDecryptorWithMAC 0029 typedef SHA256 DefaultHashModule; 0030 /// \brief Default HMAC for use withDefaultEncryptorWithMAC and DefaultDecryptorWithMAC 0031 typedef HMAC<DefaultHashModule> DefaultMAC; 0032 0033 /// \brief Exception thrown when LegacyDecryptorWithMAC or DefaultDecryptorWithMAC decryption error is encountered 0034 class DataDecryptorErr : public Exception 0035 { 0036 public: 0037 DataDecryptorErr(const std::string &s) 0038 : Exception(DATA_INTEGRITY_CHECK_FAILED, s) {} 0039 }; 0040 0041 /// \brief Exception thrown when a bad key is encountered in DefaultDecryptorWithMAC and LegacyDecryptorWithMAC 0042 class KeyBadErr : public DataDecryptorErr 0043 { 0044 public: KeyBadErr() 0045 : DataDecryptorErr("DataDecryptor: cannot decrypt message with this passphrase") {} 0046 }; 0047 0048 /// \brief Exception thrown when an incorrect MAC is encountered in DefaultDecryptorWithMAC and LegacyDecryptorWithMAC 0049 class MACBadErr : public DataDecryptorErr 0050 { 0051 public: MACBadErr() 0052 : DataDecryptorErr("DataDecryptorWithMAC: MAC check failed") {} 0053 }; 0054 0055 /// \brief Algorithm information for password-based encryptors and decryptors 0056 template <unsigned int BlockSize, unsigned int KeyLength, unsigned int DigestSize, unsigned int SaltSize, unsigned int Iterations> 0057 struct DataParametersInfo 0058 { 0059 CRYPTOPP_CONSTANT(BLOCKSIZE = BlockSize); 0060 CRYPTOPP_CONSTANT(KEYLENGTH = KeyLength); 0061 CRYPTOPP_CONSTANT(SALTLENGTH = SaltSize); 0062 CRYPTOPP_CONSTANT(DIGESTSIZE = DigestSize); 0063 CRYPTOPP_CONSTANT(ITERATIONS = Iterations); 0064 }; 0065 0066 typedef DataParametersInfo<LegacyBlockCipher::BLOCKSIZE, LegacyBlockCipher::DEFAULT_KEYLENGTH, LegacyHashModule::DIGESTSIZE, 8, 200> LegacyParametersInfo; 0067 typedef DataParametersInfo<DefaultBlockCipher::BLOCKSIZE, DefaultBlockCipher::DEFAULT_KEYLENGTH, DefaultHashModule::DIGESTSIZE, 8, 2500> DefaultParametersInfo; 0068 0069 /// \brief Password-based Encryptor 0070 /// \tparam BC BlockCipher based class used for encryption 0071 /// \tparam H HashTransformation based class used for mashing 0072 /// \tparam Info Constants used by the algorithms 0073 /// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1. 0074 /// Crypto++ 5.7 switched to AES and SHA256. 0075 /// \sa DefaultEncryptor, DefaultDecryptor, LegacyEncryptor, LegacyDecryptor 0076 /// \since Crypto++ 2.0 0077 template <class BC, class H, class Info> 0078 class DataEncryptor : public ProxyFilter, public Info 0079 { 0080 public: 0081 CRYPTOPP_CONSTANT(BLOCKSIZE = Info::BLOCKSIZE); 0082 CRYPTOPP_CONSTANT(KEYLENGTH = Info::KEYLENGTH); 0083 CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH); 0084 CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE); 0085 CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS); 0086 0087 /// \brief Construct a DataEncryptor 0088 /// \param passphrase a C-String password 0089 /// \param attachment a BufferedTransformation to attach to this object 0090 DataEncryptor(const char *passphrase, BufferedTransformation *attachment = NULLPTR); 0091 0092 /// \brief Construct a DataEncryptor 0093 /// \param passphrase a byte string password 0094 /// \param passphraseLength the length of the byte string password 0095 /// \param attachment a BufferedTransformation to attach to this object 0096 DataEncryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULLPTR); 0097 0098 protected: 0099 void FirstPut(const byte *); 0100 void LastPut(const byte *inString, size_t length); 0101 0102 private: 0103 SecByteBlock m_passphrase; 0104 typename CBC_Mode<BC>::Encryption m_cipher; 0105 }; 0106 0107 /// \brief Password-based Decryptor 0108 /// \tparam BC BlockCipher based class used for encryption 0109 /// \tparam H HashTransformation based class used for mashing 0110 /// \tparam Info Constants used by the algorithms 0111 /// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1. 0112 /// Crypto++ 5.7 switched to AES and SHA256. 0113 /// \sa DefaultEncryptor, DefaultDecryptor, LegacyEncryptor, LegacyDecryptor 0114 /// \since Crypto++ 2.0 0115 template <class BC, class H, class Info> 0116 class DataDecryptor : public ProxyFilter, public Info 0117 { 0118 public: 0119 CRYPTOPP_CONSTANT(BLOCKSIZE = Info::BLOCKSIZE); 0120 CRYPTOPP_CONSTANT(KEYLENGTH = Info::KEYLENGTH); 0121 CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH); 0122 CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE); 0123 CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS); 0124 0125 /// \brief Constructs a DataDecryptor 0126 /// \param passphrase a C-String password 0127 /// \param attachment a BufferedTransformation to attach to this object 0128 /// \param throwException a flag specifying whether an Exception should be thrown on error 0129 DataDecryptor(const char *passphrase, BufferedTransformation *attachment = NULLPTR, bool throwException=true); 0130 0131 /// \brief Constructs a DataDecryptor 0132 /// \param passphrase a byte string password 0133 /// \param passphraseLength the length of the byte string password 0134 /// \param attachment a BufferedTransformation to attach to this object 0135 /// \param throwException a flag specifying whether an Exception should be thrown on error 0136 DataDecryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULLPTR, bool throwException=true); 0137 0138 enum State {WAITING_FOR_KEYCHECK, KEY_GOOD, KEY_BAD}; 0139 State CurrentState() const {return m_state;} 0140 0141 protected: 0142 void FirstPut(const byte *inString); 0143 void LastPut(const byte *inString, size_t length); 0144 0145 State m_state; 0146 0147 private: 0148 void CheckKey(const byte *salt, const byte *keyCheck); 0149 0150 SecByteBlock m_passphrase; 0151 typename CBC_Mode<BC>::Decryption m_cipher; 0152 member_ptr<FilterWithBufferedInput> m_decryptor; 0153 bool m_throwException; 0154 0155 }; 0156 0157 /// \brief Password-based encryptor with MAC 0158 /// \tparam BC BlockCipher based class used for encryption 0159 /// \tparam H HashTransformation based class used for mashing 0160 /// \tparam MAC HashTransformation based class used for authentication 0161 /// \tparam Info Constants used by the algorithms 0162 /// \details DataEncryptorWithMAC uses a non-standard mashup function called Mash() to derive key 0163 /// bits from the password. 0164 /// \details The purpose of the function Mash() is to take an arbitrary length input string and 0165 /// *deterministically* produce an arbitrary length output string such that (1) it looks random, 0166 /// (2) no information about the input is deducible from it, and (3) it contains as much entropy 0167 /// as it can hold, or the amount of entropy in the input string, whichever is smaller. 0168 /// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1. 0169 /// Crypto++ 5.7 switched to AES and SHA256. 0170 /// \sa DefaultEncryptorWithMAC, DefaultDecryptorWithMAC, LegacyDecryptorWithMAC, LegacyEncryptorWithMAC 0171 /// \since Crypto++ 2.0 0172 template <class BC, class H, class MAC, class Info> 0173 class DataEncryptorWithMAC : public ProxyFilter 0174 { 0175 public: 0176 CRYPTOPP_CONSTANT(BLOCKSIZE = Info::BLOCKSIZE); 0177 CRYPTOPP_CONSTANT(KEYLENGTH = Info::KEYLENGTH); 0178 CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH); 0179 CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE); 0180 CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS); 0181 0182 /// \brief Constructs a DataEncryptorWithMAC 0183 /// \param passphrase a C-String password 0184 /// \param attachment a BufferedTransformation to attach to this object 0185 DataEncryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULLPTR); 0186 0187 /// \brief Constructs a DataEncryptorWithMAC 0188 /// \param passphrase a byte string password 0189 /// \param passphraseLength the length of the byte string password 0190 /// \param attachment a BufferedTransformation to attach to this object 0191 DataEncryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULLPTR); 0192 0193 protected: 0194 void FirstPut(const byte *inString) {CRYPTOPP_UNUSED(inString);} 0195 void LastPut(const byte *inString, size_t length); 0196 0197 private: 0198 member_ptr<MAC> m_mac; 0199 0200 }; 0201 0202 /// \brief Password-based decryptor with MAC 0203 /// \tparam BC BlockCipher based class used for encryption 0204 /// \tparam H HashTransformation based class used for mashing 0205 /// \tparam MAC HashTransformation based class used for authentication 0206 /// \tparam Info Constants used by the algorithms 0207 /// \details DataDecryptorWithMAC uses a non-standard mashup function called Mash() to derive key 0208 /// bits from the password. 0209 /// \details The purpose of the function Mash() is to take an arbitrary length input string and 0210 /// *deterministically* produce an arbitrary length output string such that (1) it looks random, 0211 /// (2) no information about the input is deducible from it, and (3) it contains as much entropy 0212 /// as it can hold, or the amount of entropy in the input string, whichever is smaller. 0213 /// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1. 0214 /// Crypto++ 5.7 switched to AES and SHA256. 0215 /// \sa DefaultEncryptorWithMAC, DefaultDecryptorWithMAC, LegacyDecryptorWithMAC, LegacyEncryptorWithMAC 0216 /// \since Crypto++ 2.0 0217 template <class BC, class H, class MAC, class Info> 0218 class DataDecryptorWithMAC : public ProxyFilter 0219 { 0220 public: 0221 CRYPTOPP_CONSTANT(BLOCKSIZE = Info::BLOCKSIZE); 0222 CRYPTOPP_CONSTANT(KEYLENGTH = Info::KEYLENGTH); 0223 CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH); 0224 CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE); 0225 CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS); 0226 0227 /// \brief Constructs a DataDecryptor 0228 /// \param passphrase a C-String password 0229 /// \param attachment a BufferedTransformation to attach to this object 0230 /// \param throwException a flag specifying whether an Exception should be thrown on error 0231 DataDecryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULLPTR, bool throwException=true); 0232 0233 /// \brief Constructs a DataDecryptor 0234 /// \param passphrase a byte string password 0235 /// \param passphraseLength the length of the byte string password 0236 /// \param attachment a BufferedTransformation to attach to this object 0237 /// \param throwException a flag specifying whether an Exception should be thrown on error 0238 DataDecryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULLPTR, bool throwException=true); 0239 0240 typename DataDecryptor<BC,H,Info>::State CurrentState() const; 0241 bool CheckLastMAC() const; 0242 0243 protected: 0244 void FirstPut(const byte *inString) {CRYPTOPP_UNUSED(inString);} 0245 void LastPut(const byte *inString, size_t length); 0246 0247 private: 0248 member_ptr<MAC> m_mac; 0249 HashVerificationFilter *m_hashVerifier; 0250 bool m_throwException; 0251 }; 0252 0253 #if defined(CRYPTOPP_DOXYGEN_PROCESSING) 0254 /// \brief Password-based encryptor (deprecated) 0255 /// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1. 0256 /// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the 0257 /// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes. 0258 struct LegacyEncryptor : public DataEncryptor<LegacyBlockCipher,LegacyHashModule,LegacyParametersInfo> {}; 0259 /// \brief Password-based decryptor (deprecated) 0260 /// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1. 0261 /// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the 0262 /// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes. 0263 struct LegacyDecryptor : public DataDecryptor<LegacyBlockCipher,LegacyHashModule,LegacyParametersInfo> {}; 0264 /// \brief Password-based encryptor 0265 /// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1. 0266 /// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the 0267 /// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes. 0268 struct DefaultEncryptor : public DataEncryptor<DefaultBlockCipher,DefaultHashModule,DefaultParametersInfo> {}; 0269 /// \brief Password-based decryptor 0270 /// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1. 0271 /// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the 0272 /// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes. 0273 struct DefaultDecryptor : public DataDecryptor<DefaultBlockCipher,DefaultHashModule,DefaultParametersInfo> {}; 0274 /// \brief Password-based encryptor with MAC (deprecated) 0275 /// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1. 0276 /// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the 0277 /// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes. 0278 struct LegacyEncryptorWithMAC : public DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,LegacyMAC,LegacyParametersInfo> {}; 0279 /// \brief Password-based decryptor with MAC (deprecated) 0280 /// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1. 0281 /// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the 0282 /// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes. 0283 struct LegacyDecryptorWithMAC : public DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,LegacyMAC,LegacyParametersInfo> {}; 0284 /// \brief Password-based encryptor with MAC 0285 /// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1. 0286 /// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the 0287 /// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes. 0288 struct DefaultEncryptorWithMAC : public DataEncryptorWithMAC<DefaultBlockCipher,DefaultHashModule,DefaultMAC,DefaultParametersInfo> {}; 0289 /// \brief Password-based decryptor with MAC 0290 /// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1. 0291 /// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the 0292 /// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes. 0293 struct DefaultDecryptorWithMAC : public DataDecryptorWithMAC<DefaultBlockCipher,DefaultHashModule,DefaultMAC,DefaultParametersInfo> {}; 0294 #else 0295 typedef DataEncryptor<LegacyBlockCipher,LegacyHashModule,LegacyParametersInfo> LegacyEncryptor; 0296 typedef DataDecryptor<LegacyBlockCipher,LegacyHashModule,LegacyParametersInfo> LegacyDecryptor; 0297 0298 typedef DataEncryptor<DefaultBlockCipher,DefaultHashModule,DefaultParametersInfo> DefaultEncryptor; 0299 typedef DataDecryptor<DefaultBlockCipher,DefaultHashModule,DefaultParametersInfo> DefaultDecryptor; 0300 0301 typedef DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,LegacyMAC,LegacyParametersInfo> LegacyEncryptorWithMAC; 0302 typedef DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,LegacyMAC,LegacyParametersInfo> LegacyDecryptorWithMAC; 0303 0304 typedef DataEncryptorWithMAC<DefaultBlockCipher,DefaultHashModule,DefaultMAC,DefaultParametersInfo> DefaultEncryptorWithMAC; 0305 typedef DataDecryptorWithMAC<DefaultBlockCipher,DefaultHashModule,DefaultMAC,DefaultParametersInfo> DefaultDecryptorWithMAC; 0306 #endif 0307 0308 NAMESPACE_END 0309 0310 #endif
| [ Source navigation ] | [ Diff markup ] | [ Identifier search ] | [ general search ] |
|
This page was automatically generated by the 2.3.7 LXR engine. The LXR team |
|