default.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201

// default.h - written and placed in the public domain by Wei Dai

//! \file default.h
//! \brief Classes for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC

#ifndef CRYPTOPP_DEFAULT_H
#define CRYPTOPP_DEFAULT_H

#include "sha.h"
#include "hmac.h"
#include "des.h"
#include "modes.h"
#include "filters.h"
#include "smartptr.h"

NAMESPACE_BEGIN(CryptoPP)

//! \brief Default block cipher for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
typedef DES_EDE2 DefaultBlockCipher;
//! \brief Default hash for use with DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
typedef SHA DefaultHashModule;
//! \brief Default HMAC for use withDefaultEncryptorWithMAC and DefaultDecryptorWithMAC
typedef HMAC<DefaultHashModule> DefaultMAC;

//! \class DefaultEncryptor
//! \brief Password-Based Encryptor using TripleDES
//! \details The class uses 2-key TripleDES (DES_EDE2) for encryption, which only
//!   provides about 80-bits of security.
class DefaultEncryptor : public ProxyFilter
{
public:
	//! \brief Construct a DefaultEncryptor
	//! \param passphrase a C-String password
	//! \param attachment a BufferedTransformation to attach to this object
	DefaultEncryptor(const char *passphrase, BufferedTransformation *attachment = NULL);

	//! \brief Construct a DefaultEncryptor
	//! \param passphrase a byte string password
	//! \param passphraseLength the length of the byte string password
	//! \param attachment a BufferedTransformation to attach to this object
	DefaultEncryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);

protected:
	void FirstPut(const byte *);
	void LastPut(const byte *inString, size_t length);

private:
	SecByteBlock m_passphrase;
	CBC_Mode<DefaultBlockCipher>::Encryption m_cipher;

#if (CRYPTOPP_GCC_VERSION >= 40500) || (CRYPTOPP_LLVM_CLANG_VERSION >= 20800)
} __attribute__((deprecated ("DefaultEncryptor will be changing in the near future because the algorithms are no longer secure")));
#elif (CRYPTOPP_GCC_VERSION)
} __attribute__((deprecated));
#else
};
#endif

//! \class DefaultDecryptor
//! \brief Password-Based Decryptor using TripleDES
//! \details The class uses 2-key TripleDES (DES_EDE2) for encryption, which only
//!   provides about 80-bits of security.
class DefaultDecryptor : public ProxyFilter
{
public:
	//! \brief Constructs a DefaultDecryptor
	//! \param passphrase a C-String password
	//! \param attachment a BufferedTransformation to attach to this object
	//! \param throwException a flag specifiying whether an Exception should be thrown on error
	DefaultDecryptor(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);

	//! \brief Constructs a DefaultDecryptor
	//! \param passphrase a byte string password
	//! \param passphraseLength the length of the byte string password
	//! \param attachment a BufferedTransformation to attach to this object
	//! \param throwException a flag specifiying whether an Exception should be thrown on error
	DefaultDecryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);

	class Err : public Exception
	{
	public:
		Err(const std::string &s)
			: Exception(DATA_INTEGRITY_CHECK_FAILED, s) {}
	};
	class KeyBadErr : public Err {public: KeyBadErr() : Err("DefaultDecryptor: cannot decrypt message with this passphrase") {}};

	enum State {WAITING_FOR_KEYCHECK, KEY_GOOD, KEY_BAD};
	State CurrentState() const {return m_state;}

protected:
	void FirstPut(const byte *inString);
	void LastPut(const byte *inString, size_t length);

	State m_state;

private:
	void CheckKey(const byte *salt, const byte *keyCheck);

	SecByteBlock m_passphrase;
	CBC_Mode<DefaultBlockCipher>::Decryption m_cipher;
	member_ptr<FilterWithBufferedInput> m_decryptor;
	bool m_throwException;

#if (CRYPTOPP_GCC_VERSION >= 40500) || (CRYPTOPP_LLVM_CLANG_VERSION >= 20800)
} __attribute__((deprecated ("DefaultDecryptor will be changing in the near future because the algorithms are no longer secure")));
#elif (CRYPTOPP_GCC_VERSION)
} __attribute__((deprecated));
#else
};
#endif

//! \class DefaultEncryptorWithMAC
//! \brief Password-Based encryptor using TripleDES and HMAC/SHA-1
//! \details DefaultEncryptorWithMAC uses a non-standard mashup function called Mash() to derive key
//!   bits from the password. The class also uses 2-key TripleDES (DES_EDE2) for encryption, which only
//!   provides about 80-bits of security.
//! \details The purpose of the function Mash() is to take an arbitrary length input string and
//!   *deterministicly* produce an arbitrary length output string such that (1) it looks random,
//!   (2) no information about the input is deducible from it, and (3) it contains as much entropy
//!   as it can hold, or the amount of entropy in the input string, whichever is smaller.
class DefaultEncryptorWithMAC : public ProxyFilter
{
public:
	//! \brief Constructs a DefaultEncryptorWithMAC
	//! \param passphrase a C-String password
	//! \param attachment a BufferedTransformation to attach to this object
	DefaultEncryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL);

	//! \brief Constructs a DefaultEncryptorWithMAC
	//! \param passphrase a byte string password
	//! \param passphraseLength the length of the byte string password
	//! \param attachment a BufferedTransformation to attach to this object
	DefaultEncryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);

protected:
	void FirstPut(const byte *inString) {CRYPTOPP_UNUSED(inString);}
	void LastPut(const byte *inString, size_t length);

private:
	member_ptr<DefaultMAC> m_mac;

#if (CRYPTOPP_GCC_VERSION >= 40500) || (CRYPTOPP_LLVM_CLANG_VERSION >= 20800)
} __attribute__((deprecated ("DefaultEncryptorWithMAC will be changing in the near future because the algorithms are no longer secure")));
#elif (CRYPTOPP_GCC_VERSION)
} __attribute__((deprecated));
#else
};
#endif

//! \class DefaultDecryptorWithMAC
//! \brief Password-Based decryptor using TripleDES and HMAC/SHA-1
//! \details DefaultDecryptorWithMAC uses a non-standard mashup function called Mash() to derive key
//!   bits from the password. The class also uses 2-key TripleDES (DES_EDE2) for encryption, which only
//!   provides about 80-bits of security.
//! \details The purpose of the function Mash() is to take an arbitrary length input string and
//!   *deterministicly* produce an arbitrary length output string such that (1) it looks random,
//!   (2) no information about the input is deducible from it, and (3) it contains as much entropy
//!   as it can hold, or the amount of entropy in the input string, whichever is smaller.
class DefaultDecryptorWithMAC : public ProxyFilter
{
public:
	//! \class MACBadErr
	//! \brief Excpetion thrown when an incorrect MAC is encountered
	class MACBadErr : public DefaultDecryptor::Err {public: MACBadErr() : DefaultDecryptor::Err("DefaultDecryptorWithMAC: MAC check failed") {}};

	//! \brief Constructs a DefaultDecryptor
	//! \param passphrase a C-String password
	//! \param attachment a BufferedTransformation to attach to this object
	//! \param throwException a flag specifiying whether an Exception should be thrown on error
	DefaultDecryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);

	//! \brief Constructs a DefaultDecryptor
	//! \param passphrase a byte string password
	//! \param passphraseLength the length of the byte string password
	//! \param attachment a BufferedTransformation to attach to this object
	//! \param throwException a flag specifiying whether an Exception should be thrown on error
	DefaultDecryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);

	DefaultDecryptor::State CurrentState() const;
	bool CheckLastMAC() const;

protected:
	void FirstPut(const byte *inString) {CRYPTOPP_UNUSED(inString);}
	void LastPut(const byte *inString, size_t length);

private:
	member_ptr<DefaultMAC> m_mac;
	HashVerifier *m_hashVerifier;
	bool m_throwException;

#if (CRYPTOPP_GCC_VERSION >= 40500) || (CRYPTOPP_LLVM_CLANG_VERSION >= 20800)
} __attribute__((deprecated ("DefaultDecryptorWithMAC will be changing in the near future because the algorithms are no longer secure")));
#elif (CRYPTOPP_GCC_VERSION)
} __attribute__((deprecated));
#else
};
#endif

NAMESPACE_END

#endif