Crypto++ 5.6.3 check-in

author: Jeffrey Walton <noloader@gmail.com> 2015-11-20 19:15:33 -0500
committer: Jeffrey Walton <noloader@gmail.com> 2015-11-20 19:15:33 -0500
commit: c45435812225aa68d122c7de246e5f60b509766c (patch)
tree: d834edb16c82beed38291b896cfb3ac145dd5aae /default.h
parent: 5f70a7c85e02f3c3392930d32682a500d7258b8c (diff)
download: cryptopp-git-c45435812225aa68d122c7de246e5f60b509766c.tar.gz
1 files changed, 100 insertions, 10 deletions
diff --git a/default.h b/default.h
index b4897e72..3dfbe7d7 100644
--- a/default.h
+++ b/default.h
@@ -1,8 +1,7 @@
 // default.h - written and placed in the public domain by Wei Dai
 
-//! \file
-//! \headerfile default.h
-//! \brief Classes for DefaultEncryptor, DefaultEncryptorWithMAC and decryptors
+//! \file default.h
+//! \brief Classes for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
 
 #ifndef CRYPTOPP_DEFAULT_H
 #define CRYPTOPP_DEFAULT_H
@@ -16,15 +15,29 @@
 
 NAMESPACE_BEGIN(CryptoPP)
 
-typedef DES_EDE2 Default_BlockCipher;
+//! \brief Default block cipher for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
+typedef DES_EDE2 DefaultBlockCipher;
+//! \brief Default hash for use with DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
 typedef SHA DefaultHashModule;
+//! \brief Default HMAC for use withDefaultEncryptorWithMAC and DefaultDecryptorWithMAC
 typedef HMAC<DefaultHashModule> DefaultMAC;
 
-//! Password-Based Encryptor using DES-EDE2
+//! \class DefaultEncryptor
+//! \brief Password-Based Encryptor using TripleDES
+//! \details The class uses 2-key TripleDES (DES_EDE2) for encryption, which only
+//!   provides about 80-bits of security.
 class DefaultEncryptor : public ProxyFilter
 {
 public:
+	//! \brief Construct a DefaultEncryptor
+	//! \param passphrase a C-String password
+	//! \param attachment a BufferedTransformation to attach to this object
 	DefaultEncryptor(const char *passphrase, BufferedTransformation *attachment = NULL);
+
+	//! \brief Construct a DefaultEncryptor
+	//! \param passphrase a byte string password
+	//! \param passphraseLength the length of the byte string password
+	//! \param attachment a BufferedTransformation to attach to this object
 	DefaultEncryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);
 
 protected:
@@ -33,14 +46,34 @@ protected:
 
 private:
 	SecByteBlock m_passphrase;
-	CBC_Mode<Default_BlockCipher>::Encryption m_cipher;
+	CBC_Mode<DefaultBlockCipher>::Encryption m_cipher;
+
+#if (CRYPTOPP_GCC_VERSION >= 40300) || (CRYPTOPP_CLANG_VERSION >= 20800)
+} __attribute__((deprecated ("DefaultEncryptor will be changing in the near future because the algorithms are no longer secure")));
+#elif (CRYPTOPP_GCC_VERSION)
+} __attribute__((deprecated));
+#else
 };
+#endif
 
-//! Password-Based Decryptor using DES-EDE2
+//! \class DefaultDecryptor
+//! \brief Password-Based Decryptor using TripleDES
+//! \details The class uses 2-key TripleDES (DES_EDE2) for encryption, which only
+//!   provides about 80-bits of security.
 class DefaultDecryptor : public ProxyFilter
 {
 public:
+	//! \brief Constructs a DefaultDecryptor
+	//! \param passphrase a C-String password
+	//! \param attachment a BufferedTransformation to attach to this object
+	//! \param throwException a flag specifiying whether an Exception should be thrown on error
 	DefaultDecryptor(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);
+	
+	//! \brief Constructs a DefaultDecryptor
+	//! \param passphrase a byte string password
+	//! \param passphraseLength the length of the byte string password
+	//! \param attachment a BufferedTransformation to attach to this object
+	//! \param throwException a flag specifiying whether an Exception should be thrown on error
 	DefaultDecryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);
 
 	class Err : public Exception
@@ -64,16 +97,39 @@ private:
 	void CheckKey(const byte *salt, const byte *keyCheck);
 
 	SecByteBlock m_passphrase;
-	CBC_Mode<Default_BlockCipher>::Decryption m_cipher;
+	CBC_Mode<DefaultBlockCipher>::Decryption m_cipher;
 	member_ptr<FilterWithBufferedInput> m_decryptor;
 	bool m_throwException;
+
+#if (CRYPTOPP_GCC_VERSION >= 40300) || (CRYPTOPP_CLANG_VERSION >= 20800)
+} __attribute__((deprecated ("DefaultDecryptor will be changing in the near future because the algorithms are no longer secure")));
+#elif (CRYPTOPP_GCC_VERSION)
+} __attribute__((deprecated));
+#else
 };
+#endif
 
-//! Password-Based Encryptor using DES-EDE2 and HMAC/SHA-1
+//! \class DefaultEncryptorWithMAC
+//! \brief Password-Based encryptor using TripleDES and HMAC/SHA-1
+//! \details DefaultEncryptorWithMAC uses a non-standard mashup function called Mash() to derive key
+//!   bits from the password. The class also uses 2-key TripleDES (DES_EDE2) for encryption, which only
+//!   provides about 80-bits of security.
+//! \details The purpose of the function Mash() is to take an arbitrary length input string and
+//!   *deterministicly* produce an arbitrary length output string such that (1) it looks random,
+//!   (2) no information about the input is deducible from it, and (3) it contains as much entropy
+//!   as it can hold, or the amount of entropy in the input string, whichever is smaller.
 class DefaultEncryptorWithMAC : public ProxyFilter
 {
 public:
+	//! \brief Constructs a DefaultEncryptorWithMAC
+	//! \param passphrase a C-String password
+	//! \param attachment a BufferedTransformation to attach to this object
 	DefaultEncryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL);
+
+	//! \brief Constructs a DefaultEncryptorWithMAC
+	//! \param passphrase a byte string password
+	//! \param passphraseLength the length of the byte string password
+	//! \param attachment a BufferedTransformation to attach to this object
 	DefaultEncryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);
 
 protected:
@@ -82,15 +138,42 @@ protected:
 
 private:
 	member_ptr<DefaultMAC> m_mac;
+
+#if (CRYPTOPP_GCC_VERSION >= 40300) || (CRYPTOPP_CLANG_VERSION >= 20800)
+} __attribute__((deprecated ("DefaultEncryptorWithMAC will be changing in the near future because the algorithms are no longer secure")));
+#elif (CRYPTOPP_GCC_VERSION)
+} __attribute__((deprecated));
+#else
 };
+#endif
 
-//! Password-Based Decryptor using DES-EDE2 and HMAC/SHA-1
+//! \class DefaultDecryptorWithMAC
+//! \brief Password-Based decryptor using TripleDES and HMAC/SHA-1
+//! \details DefaultDecryptorWithMAC uses a non-standard mashup function called Mash() to derive key
+//!   bits from the password. The class also uses 2-key TripleDES (DES_EDE2) for encryption, which only
+//!   provides about 80-bits of security.
+//! \details The purpose of the function Mash() is to take an arbitrary length input string and
+//!   *deterministicly* produce an arbitrary length output string such that (1) it looks random,
+//!   (2) no information about the input is deducible from it, and (3) it contains as much entropy
+//!   as it can hold, or the amount of entropy in the input string, whichever is smaller.
 class DefaultDecryptorWithMAC : public ProxyFilter
 {
 public:
+	//! \class MACBadErr
+	//! \brief Excpetion thrown when an incorrect MAC is encountered
 	class MACBadErr : public DefaultDecryptor::Err {public: MACBadErr() : DefaultDecryptor::Err("DefaultDecryptorWithMAC: MAC check failed") {}};
 
+	//! \brief Constructs a DefaultDecryptor
+	//! \param passphrase a C-String password
+	//! \param attachment a BufferedTransformation to attach to this object
+	//! \param throwException a flag specifiying whether an Exception should be thrown on error
 	DefaultDecryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);
+
+	//! \brief Constructs a DefaultDecryptor
+	//! \param passphrase a byte string password
+	//! \param passphraseLength the length of the byte string password
+	//! \param attachment a BufferedTransformation to attach to this object
+	//! \param throwException a flag specifiying whether an Exception should be thrown on error
 	DefaultDecryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);
 
 	DefaultDecryptor::State CurrentState() const;
@@ -104,7 +187,14 @@ private:
 	member_ptr<DefaultMAC> m_mac;
 	HashVerifier *m_hashVerifier;
 	bool m_throwException;
+
+#if (CRYPTOPP_GCC_VERSION >= 40300) || (CRYPTOPP_CLANG_VERSION >= 20800)
+} __attribute__((deprecated ("DefaultDecryptorWithMAC will be changing in the near future because the algorithms are no longer secure")));
+#elif (CRYPTOPP_GCC_VERSION)
+} __attribute__((deprecated));
+#else
 };
+#endif
 
 NAMESPACE_END
author	Jeffrey Walton <noloader@gmail.com>	2015-11-20 19:15:33 -0500
committer	Jeffrey Walton <noloader@gmail.com>	2015-11-20 19:15:33 -0500
commit	c45435812225aa68d122c7de246e5f60b509766c (patch)
tree	d834edb16c82beed38291b896cfb3ac145dd5aae /default.h
parent	5f70a7c85e02f3c3392930d32682a500d7258b8c (diff)
download	cryptopp-git-c45435812225aa68d122c7de246e5f60b509766c.tar.gz