Update DefaultEncryptor, DefaultEncryptorWithMAC and friends (Issue 345)

1 files changed, 151 insertions, 65 deletions

diff --git a/default.h b/default.h
index e2e82449..5f33a3c8 100644
--- a/default.h
+++ b/default.h
@@ -8,6 +8,7 @@
 

 #include "sha.h"

 #include "hmac.h"

+#include "aes.h"

 #include "des.h"

 #include "modes.h"

 #include "filters.h"

@@ -15,30 +16,89 @@
 

 NAMESPACE_BEGIN(CryptoPP)

 

+//! \brief Legacy block cipher for LegacyEncryptor, LegacyDecryptor, LegacyEncryptorWithMAC and LegacyDecryptorWithMAC

+typedef DES_EDE2 LegacyBlockCipher;

+//! \brief Legacy hash for use with LegacyEncryptorWithMAC and LegacyDecryptorWithMAC

+typedef SHA LegacyHashModule;

+//! \brief Legacy HMAC for use withLegacyEncryptorWithMAC and LegacyDecryptorWithMAC

+typedef HMAC<LegacyHashModule> LegacyMAC;

+

 //! \brief Default block cipher for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC

-typedef DES_EDE2 DefaultBlockCipher;

+typedef AES DefaultBlockCipher;

 //! \brief Default hash for use with DefaultEncryptorWithMAC and DefaultDecryptorWithMAC

-typedef SHA DefaultHashModule;

+typedef SHA256 DefaultHashModule;

 //! \brief Default HMAC for use withDefaultEncryptorWithMAC and DefaultDecryptorWithMAC

 typedef HMAC<DefaultHashModule> DefaultMAC;

 

-//! \class DefaultEncryptor

-//! \brief Password-Based Encryptor using TripleDES

-//! \details The class uses 2-key TripleDES (DES_EDE2) for encryption, which only

-//!   provides about 80-bits of security.

-class DefaultEncryptor : public ProxyFilter

+//! \class DataDecryptorErr

+//! \brief Exception thrown when LegacyDecryptorWithMAC or DefaultDecryptorWithMAC decryption error is encountered

+class DataDecryptorErr : public Exception

+{

+public:

+	DataDecryptorErr(const std::string &s)

+		: Exception(DATA_INTEGRITY_CHECK_FAILED, s) {}

+};

+

+//! \class KeyBadErr

+//! \brief Exception thrown when a bad key is encountered in DefaultDecryptorWithMAC and LegacyDecryptorWithMAC

+class KeyBadErr : public DataDecryptorErr

+{

+	public: KeyBadErr()

+		: DataDecryptorErr("DataDecryptor: cannot decrypt message with this passphrase") {}

+};

+

+//! \class MACBadErr

+//! \brief Exception thrown when an incorrect MAC is encountered in DefaultDecryptorWithMAC and LegacyDecryptorWithMAC

+class MACBadErr : public DataDecryptorErr

+{

+	public: MACBadErr()

+		: DataDecryptorErr("DataDecryptorWithMAC: MAC check failed") {}

+};

+

+//! \class DataParametersInfo

+//! \brief Algorithm information for password-based encryptors and decryptors

+template <unsigned int BlockSize, unsigned int KeyLength, unsigned int DigestSize, unsigned int SaltSize, unsigned int Iterations>

+struct DataParametersInfo

+{

+	CRYPTOPP_CONSTANT(BLOCKSIZE  = BlockSize)

+	CRYPTOPP_CONSTANT(KEYLENGTH  = KeyLength)

+	CRYPTOPP_CONSTANT(SALTLENGTH = SaltSize)

+	CRYPTOPP_CONSTANT(DIGESTSIZE = DigestSize)

+	CRYPTOPP_CONSTANT(ITERATIONS = Iterations)

+};

+

+typedef DataParametersInfo<LegacyBlockCipher::BLOCKSIZE, LegacyBlockCipher::DEFAULT_KEYLENGTH, LegacyHashModule::DIGESTSIZE, 8, 200> LegacyParametersInfo;

+typedef DataParametersInfo<DefaultBlockCipher::BLOCKSIZE, DefaultBlockCipher::DEFAULT_KEYLENGTH, DefaultHashModule::DIGESTSIZE, 8, 2500> DefaultParametersInfo;

+

+//! \class DataEncryptor

+//! \brief Password-Based Encryptor

+//! \tparam BC BlockCipher based class used for encryption

+//! \tparam H HashTransformation based class used for mashing

+//! \tparam Info Constants used by the algorithms

+//! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.

+//!   Crypto++ 5.7 switched to AES and SHA256.

+//! \sa DefaultEncryptor, DefaultDecryptor, LegacyEncryptor, LegacyDecryptor

+//! \since Crypto++ 2.0

+template <class BC, class H, class Info>

+class DataEncryptor : public ProxyFilter, public Info

 {

 public:

-	//! \brief Construct a DefaultEncryptor

+	CRYPTOPP_CONSTANT(BLOCKSIZE  = Info::BLOCKSIZE)

+	CRYPTOPP_CONSTANT(KEYLENGTH  = Info::KEYLENGTH)

+	CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH)

+	CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE)

+	CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS)

+

+	//! \brief Construct a DataEncryptor

 	//! \param passphrase a C-String password

 	//! \param attachment a BufferedTransformation to attach to this object

-	DefaultEncryptor(const char *passphrase, BufferedTransformation *attachment = NULL);

+	DataEncryptor(const char *passphrase, BufferedTransformation *attachment = NULL);

 

-	//! \brief Construct a DefaultEncryptor

+	//! \brief Construct a DataEncryptor

 	//! \param passphrase a byte string password

 	//! \param passphraseLength the length of the byte string password

 	//! \param attachment a BufferedTransformation to attach to this object

-	DefaultEncryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);

+	DataEncryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);

 

 protected:

 	void FirstPut(const byte *);

@@ -46,37 +106,40 @@ protected:
 

 private:

 	SecByteBlock m_passphrase;

-	CBC_Mode<DefaultBlockCipher>::Encryption m_cipher;

-

-} CRYPTOPP_DEPRECATED ("DefaultEncryptor will be changing in the near future because the algorithms are no longer secure");

-

-//! \class DefaultDecryptor

-//! \brief Password-Based Decryptor using TripleDES

-//! \details The class uses 2-key TripleDES (DES_EDE2) for encryption, which only

-//!   provides about 80-bits of security.

-class DefaultDecryptor : public ProxyFilter

+	typename CBC_Mode<BC>::Encryption m_cipher;

+};

+

+//! \class DataDecryptor

+//! \brief Password-Based Decryptor

+//! \tparam BC BlockCipher based class used for encryption

+//! \tparam H HashTransformation based class used for mashing

+//! \tparam Info Constants used by the algorithms

+//! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.

+//!   Crypto++ 5.7 switched to AES and SHA256.

+//! \sa DefaultEncryptor, DefaultDecryptor, LegacyEncryptor, LegacyDecryptor

+//! \since Crypto++ 2.0

+template <class BC, class H, class Info>

+class DataDecryptor : public ProxyFilter, public Info

 {

 public:

-	//! \brief Constructs a DefaultDecryptor

+	CRYPTOPP_CONSTANT(BLOCKSIZE  = Info::BLOCKSIZE)

+	CRYPTOPP_CONSTANT(KEYLENGTH  = Info::KEYLENGTH)

+	CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH)

+	CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE)

+	CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS)

+

+	//! \brief Constructs a DataDecryptor

 	//! \param passphrase a C-String password

 	//! \param attachment a BufferedTransformation to attach to this object

 	//! \param throwException a flag specifiying whether an Exception should be thrown on error

-	DefaultDecryptor(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);

+	DataDecryptor(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);

 

-	//! \brief Constructs a DefaultDecryptor

+	//! \brief Constructs a DataDecryptor

 	//! \param passphrase a byte string password

 	//! \param passphraseLength the length of the byte string password

 	//! \param attachment a BufferedTransformation to attach to this object

 	//! \param throwException a flag specifiying whether an Exception should be thrown on error

-	DefaultDecryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);

-

-	class Err : public Exception

-	{

-	public:

-		Err(const std::string &s)

-			: Exception(DATA_INTEGRITY_CHECK_FAILED, s) {}

-	};

-	class KeyBadErr : public Err {public: KeyBadErr() : Err("DefaultDecryptor: cannot decrypt message with this passphrase") {}};

+	DataDecryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);

 

 	enum State {WAITING_FOR_KEYCHECK, KEY_GOOD, KEY_BAD};

 	State CurrentState() const {return m_state;}

@@ -91,74 +154,86 @@ private:
 	void CheckKey(const byte *salt, const byte *keyCheck);

 

 	SecByteBlock m_passphrase;

-	CBC_Mode<DefaultBlockCipher>::Decryption m_cipher;

+	typename CBC_Mode<BC>::Decryption m_cipher;

 	member_ptr<FilterWithBufferedInput> m_decryptor;

 	bool m_throwException;

 

-} CRYPTOPP_DEPRECATED ("DefaultDecryptor will be changing in the near future because the algorithms are no longer secure");

+};

 

-//! \class DefaultEncryptorWithMAC

-//! \brief Password-Based encryptor using TripleDES and HMAC/SHA-1

-//! \details DefaultEncryptorWithMAC uses a non-standard mashup function called Mash() to derive key

-//!   bits from the password. The class also uses 2-key TripleDES (DES_EDE2) for encryption, which only

-//!   provides about 80-bits of security.

+//! \class DataEncryptorWithMAC

+//! \brief Password-Based encryptor

+//! \tparam BC BlockCipher based class used for encryption

+//! \tparam H HashTransformation based class used for mashing

+//! \tparam MAC HashTransformation based class used for authentication

+//! \tparam Info Constants used by the algorithms

+//! \details DataEncryptorWithMAC uses a non-standard mashup function called Mash() to derive key

+//!   bits from the password.

 //! \details The purpose of the function Mash() is to take an arbitrary length input string and

 //!   *deterministically* produce an arbitrary length output string such that (1) it looks random,

 //!   (2) no information about the input is deducible from it, and (3) it contains as much entropy

 //!   as it can hold, or the amount of entropy in the input string, whichever is smaller.

-class DefaultEncryptorWithMAC : public ProxyFilter

+//! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.

+//!   Crypto++ 5.7 switched to AES and SHA256.

+//! \sa DefaultEncryptorWithMAC, DefaultDecryptorWithMAC, LegacyDecryptorWithMAC, LegacyEncryptorWithMAC

+//! \since Crypto++ 2.0

+template <class BC, class H, class MAC, class Info>

+class DataEncryptorWithMAC : public ProxyFilter

 {

 public:

-	//! \brief Constructs a DefaultEncryptorWithMAC

+	//! \brief Constructs a DataEncryptorWithMAC

 	//! \param passphrase a C-String password

 	//! \param attachment a BufferedTransformation to attach to this object

-	DefaultEncryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL);

+	DataEncryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL);

 

-	//! \brief Constructs a DefaultEncryptorWithMAC

+	//! \brief Constructs a DataEncryptorWithMAC

 	//! \param passphrase a byte string password

 	//! \param passphraseLength the length of the byte string password

 	//! \param attachment a BufferedTransformation to attach to this object

-	DefaultEncryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);

+	DataEncryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);

 

 protected:

 	void FirstPut(const byte *inString) {CRYPTOPP_UNUSED(inString);}

 	void LastPut(const byte *inString, size_t length);

 

 private:

-	member_ptr<DefaultMAC> m_mac;

-

-} CRYPTOPP_DEPRECATED ("DefaultEncryptorWithMAC will be changing in the near future because the algorithms are no longer secure");

-

-//! \class DefaultDecryptorWithMAC

-//! \brief Password-Based decryptor using TripleDES and HMAC/SHA-1

-//! \details DefaultDecryptorWithMAC uses a non-standard mashup function called Mash() to derive key

-//!   bits from the password. The class also uses 2-key TripleDES (DES_EDE2) for encryption, which only

-//!   provides about 80-bits of security.

+	member_ptr<MAC> m_mac;

+

+};

+

+//! \class DataDecryptorWithMAC

+//! \brief Password-Based decryptor

+//! \tparam BC BlockCipher based class used for encryption

+//! \tparam H HashTransformation based class used for mashing

+//! \tparam MAC HashTransformation based class used for authentication

+//! \tparam Info Constants used by the algorithms

+//! \details DataDecryptorWithMAC uses a non-standard mashup function called Mash() to derive key

+//!   bits from the password.

 //! \details The purpose of the function Mash() is to take an arbitrary length input string and

 //!   *deterministically* produce an arbitrary length output string such that (1) it looks random,

 //!   (2) no information about the input is deducible from it, and (3) it contains as much entropy

 //!   as it can hold, or the amount of entropy in the input string, whichever is smaller.

-class DefaultDecryptorWithMAC : public ProxyFilter

+//! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.

+//!   Crypto++ 5.7 switched to AES and SHA256.

+//! \sa DefaultEncryptorWithMAC, DefaultDecryptorWithMAC, LegacyDecryptorWithMAC, LegacyEncryptorWithMAC

+//! \since Crypto++ 2.0

+template <class BC, class H, class MAC, class Info>

+class DataDecryptorWithMAC : public ProxyFilter

 {

 public:

-	//! \class MACBadErr

-	//! \brief Excpetion thrown when an incorrect MAC is encountered

-	class MACBadErr : public DefaultDecryptor::Err {public: MACBadErr() : DefaultDecryptor::Err("DefaultDecryptorWithMAC: MAC check failed") {}};

-

-	//! \brief Constructs a DefaultDecryptor

+	//! \brief Constructs a DataDecryptor

 	//! \param passphrase a C-String password

 	//! \param attachment a BufferedTransformation to attach to this object

 	//! \param throwException a flag specifiying whether an Exception should be thrown on error

-	DefaultDecryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);

+	DataDecryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);

 

-	//! \brief Constructs a DefaultDecryptor

+	//! \brief Constructs a DataDecryptor

 	//! \param passphrase a byte string password

 	//! \param passphraseLength the length of the byte string password

 	//! \param attachment a BufferedTransformation to attach to this object

 	//! \param throwException a flag specifiying whether an Exception should be thrown on error

-	DefaultDecryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);

+	DataDecryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);

 

-	DefaultDecryptor::State CurrentState() const;

+	typename DataDecryptor<BC,H,Info>::State CurrentState() const;

 	bool CheckLastMAC() const;

 

 protected:

@@ -166,11 +241,22 @@ protected:
 	void LastPut(const byte *inString, size_t length);

 

 private:

-	member_ptr<DefaultMAC> m_mac;

+	member_ptr<MAC> m_mac;

 	HashVerificationFilter *m_hashVerifier;

 	bool m_throwException;

+};

+

+typedef DataEncryptor<LegacyBlockCipher,LegacyHashModule,LegacyParametersInfo> LegacyEncryptor;

+typedef DataDecryptor<LegacyBlockCipher,LegacyHashModule,LegacyParametersInfo> LegacyDecryptor;

+

+typedef DataEncryptor<DefaultBlockCipher,DefaultHashModule,DefaultParametersInfo> DefaultEncryptor;

+typedef DataDecryptor<DefaultBlockCipher,DefaultHashModule,DefaultParametersInfo> DefaultDecryptor;

+

+typedef DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo> LegacyEncryptorWithMAC;

+typedef DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo> LegacyDecryptorWithMAC;

 

-} CRYPTOPP_DEPRECATED ("DefaultDecryptorWithMAC will be changing in the near future because the algorithms are no longer secure");

+typedef DataEncryptorWithMAC<DefaultBlockCipher,DefaultHashModule,DefaultMAC,DefaultParametersInfo> DefaultEncryptorWithMAC;

+typedef DataDecryptorWithMAC<DefaultBlockCipher,DefaultHashModule,DefaultMAC,DefaultParametersInfo> DefaultDecryptorWithMAC;

 

 NAMESPACE_END