Crypto++  5.6.5
Free C++ class library of cryptographic schemes
default.h
Go to the documentation of this file.
1 // default.h - written and placed in the public domain by Wei Dai
2 
3 //! \file default.h
4 //! \brief Classes for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
5 
6 #ifndef CRYPTOPP_DEFAULT_H
7 #define CRYPTOPP_DEFAULT_H
8 
9 #include "sha.h"
10 #include "hmac.h"
11 #include "aes.h"
12 #include "des.h"
13 #include "modes.h"
14 #include "filters.h"
15 #include "smartptr.h"
16 
17 NAMESPACE_BEGIN(CryptoPP)
18 
19 //! \brief Legacy block cipher for LegacyEncryptor, LegacyDecryptor, LegacyEncryptorWithMAC and LegacyDecryptorWithMAC
21 //! \brief Legacy hash for use with LegacyEncryptorWithMAC and LegacyDecryptorWithMAC
23 //! \brief Legacy HMAC for use withLegacyEncryptorWithMAC and LegacyDecryptorWithMAC
24 typedef HMAC<LegacyHashModule> LegacyMAC;
25 
26 //! \brief Default block cipher for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
28 //! \brief Default hash for use with DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
30 //! \brief Default HMAC for use withDefaultEncryptorWithMAC and DefaultDecryptorWithMAC
31 typedef HMAC<DefaultHashModule> DefaultMAC;
32 
33 //! \class DataDecryptorErr
34 //! \brief Exception thrown when LegacyDecryptorWithMAC or DefaultDecryptorWithMAC decryption error is encountered
36 {
37 public:
38  DataDecryptorErr(const std::string &s)
39  : Exception(DATA_INTEGRITY_CHECK_FAILED, s) {}
40 };
41 
42 //! \class KeyBadErr
43 //! \brief Exception thrown when a bad key is encountered in DefaultDecryptorWithMAC and LegacyDecryptorWithMAC
45 {
46  public: KeyBadErr()
47  : DataDecryptorErr("DataDecryptor: cannot decrypt message with this passphrase") {}
48 };
49 
50 //! \class MACBadErr
51 //! \brief Exception thrown when an incorrect MAC is encountered in DefaultDecryptorWithMAC and LegacyDecryptorWithMAC
53 {
54  public: MACBadErr()
55  : DataDecryptorErr("DataDecryptorWithMAC: MAC check failed") {}
56 };
57 
58 //! \class DataParametersInfo
59 //! \brief Algorithm information for password-based encryptors and decryptors
60 template <unsigned int BlockSize, unsigned int KeyLength, unsigned int DigestSize, unsigned int SaltSize, unsigned int Iterations>
62 {
63  CRYPTOPP_CONSTANT(BLOCKSIZE = BlockSize)
64  CRYPTOPP_CONSTANT(KEYLENGTH = KeyLength)
65  CRYPTOPP_CONSTANT(SALTLENGTH = SaltSize)
66  CRYPTOPP_CONSTANT(DIGESTSIZE = DigestSize)
67  CRYPTOPP_CONSTANT(ITERATIONS = Iterations)
68 };
69 
72 
73 //! \class DataEncryptor
74 //! \brief Password-based Encryptor
75 //! \tparam BC BlockCipher based class used for encryption
76 //! \tparam H HashTransformation based class used for mashing
77 //! \tparam Info Constants used by the algorithms
78 //! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
79 //! Crypto++ 5.7 switched to AES and SHA256.
80 //! \sa DefaultEncryptor, DefaultDecryptor, LegacyEncryptor, LegacyDecryptor
81 //! \since Crypto++ 2.0
82 template <class BC, class H, class Info>
83 class DataEncryptor : public ProxyFilter, public Info
84 {
85 public:
86  CRYPTOPP_CONSTANT(BLOCKSIZE = Info::BLOCKSIZE)
87  CRYPTOPP_CONSTANT(KEYLENGTH = Info::KEYLENGTH)
88  CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH)
89  CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE)
90  CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS)
91 
92  //! \brief Construct a DataEncryptor
93  //! \param passphrase a C-String password
94  //! \param attachment a BufferedTransformation to attach to this object
95  DataEncryptor(const char *passphrase, BufferedTransformation *attachment = NULL);
96 
97  //! \brief Construct a DataEncryptor
98  //! \param passphrase a byte string password
99  //! \param passphraseLength the length of the byte string password
100  //! \param attachment a BufferedTransformation to attach to this object
101  DataEncryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);
102 
103 protected:
104  void FirstPut(const byte *);
105  void LastPut(const byte *inString, size_t length);
106 
107 private:
108  SecByteBlock m_passphrase;
109  typename CBC_Mode<BC>::Encryption m_cipher;
110 };
111 
112 //! \class DataDecryptor
113 //! \brief Password-based Decryptor
114 //! \tparam BC BlockCipher based class used for encryption
115 //! \tparam H HashTransformation based class used for mashing
116 //! \tparam Info Constants used by the algorithms
117 //! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
118 //! Crypto++ 5.7 switched to AES and SHA256.
119 //! \sa DefaultEncryptor, DefaultDecryptor, LegacyEncryptor, LegacyDecryptor
120 //! \since Crypto++ 2.0
121 template <class BC, class H, class Info>
122 class DataDecryptor : public ProxyFilter, public Info
123 {
124 public:
125  CRYPTOPP_CONSTANT(BLOCKSIZE = Info::BLOCKSIZE)
126  CRYPTOPP_CONSTANT(KEYLENGTH = Info::KEYLENGTH)
127  CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH)
128  CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE)
129  CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS)
130 
131  //! \brief Constructs a DataDecryptor
132  //! \param passphrase a C-String password
133  //! \param attachment a BufferedTransformation to attach to this object
134  //! \param throwException a flag specifiying whether an Exception should be thrown on error
135  DataDecryptor(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);
136 
137  //! \brief Constructs a DataDecryptor
138  //! \param passphrase a byte string password
139  //! \param passphraseLength the length of the byte string password
140  //! \param attachment a BufferedTransformation to attach to this object
141  //! \param throwException a flag specifiying whether an Exception should be thrown on error
142  DataDecryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);
143 
144  enum State {WAITING_FOR_KEYCHECK, KEY_GOOD, KEY_BAD};
145  State CurrentState() const {return m_state;}
146 
147 protected:
148  void FirstPut(const byte *inString);
149  void LastPut(const byte *inString, size_t length);
150 
151  State m_state;
152 
153 private:
154  void CheckKey(const byte *salt, const byte *keyCheck);
155 
156  SecByteBlock m_passphrase;
157  typename CBC_Mode<BC>::Decryption m_cipher;
159  bool m_throwException;
160 
161 };
162 
163 //! \class DataEncryptorWithMAC
164 //! \brief Password-based encryptor with MAC
165 //! \tparam BC BlockCipher based class used for encryption
166 //! \tparam H HashTransformation based class used for mashing
167 //! \tparam MAC HashTransformation based class used for authentication
168 //! \tparam Info Constants used by the algorithms
169 //! \details DataEncryptorWithMAC uses a non-standard mashup function called Mash() to derive key
170 //! bits from the password.
171 //! \details The purpose of the function Mash() is to take an arbitrary length input string and
172 //! *deterministically* produce an arbitrary length output string such that (1) it looks random,
173 //! (2) no information about the input is deducible from it, and (3) it contains as much entropy
174 //! as it can hold, or the amount of entropy in the input string, whichever is smaller.
175 //! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
176 //! Crypto++ 5.7 switched to AES and SHA256.
177 //! \sa DefaultEncryptorWithMAC, DefaultDecryptorWithMAC, LegacyDecryptorWithMAC, LegacyEncryptorWithMAC
178 //! \since Crypto++ 2.0
179 template <class BC, class H, class MAC, class Info>
181 {
182 public:
183  //! \brief Constructs a DataEncryptorWithMAC
184  //! \param passphrase a C-String password
185  //! \param attachment a BufferedTransformation to attach to this object
186  DataEncryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL);
187 
188  //! \brief Constructs a DataEncryptorWithMAC
189  //! \param passphrase a byte string password
190  //! \param passphraseLength the length of the byte string password
191  //! \param attachment a BufferedTransformation to attach to this object
192  DataEncryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL);
193 
194 protected:
195  void FirstPut(const byte *inString) {CRYPTOPP_UNUSED(inString);}
196  void LastPut(const byte *inString, size_t length);
197 
198 private:
199  member_ptr<MAC> m_mac;
200 
201 };
202 
203 //! \class DataDecryptorWithMAC
204 //! \brief Password-based decryptor with MAC
205 //! \tparam BC BlockCipher based class used for encryption
206 //! \tparam H HashTransformation based class used for mashing
207 //! \tparam MAC HashTransformation based class used for authentication
208 //! \tparam Info Constants used by the algorithms
209 //! \details DataDecryptorWithMAC uses a non-standard mashup function called Mash() to derive key
210 //! bits from the password.
211 //! \details The purpose of the function Mash() is to take an arbitrary length input string and
212 //! *deterministically* produce an arbitrary length output string such that (1) it looks random,
213 //! (2) no information about the input is deducible from it, and (3) it contains as much entropy
214 //! as it can hold, or the amount of entropy in the input string, whichever is smaller.
215 //! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
216 //! Crypto++ 5.7 switched to AES and SHA256.
217 //! \sa DefaultEncryptorWithMAC, DefaultDecryptorWithMAC, LegacyDecryptorWithMAC, LegacyEncryptorWithMAC
218 //! \since Crypto++ 2.0
219 template <class BC, class H, class MAC, class Info>
221 {
222 public:
223  //! \brief Constructs a DataDecryptor
224  //! \param passphrase a C-String password
225  //! \param attachment a BufferedTransformation to attach to this object
226  //! \param throwException a flag specifiying whether an Exception should be thrown on error
227  DataDecryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULL, bool throwException=true);
228 
229  //! \brief Constructs a DataDecryptor
230  //! \param passphrase a byte string password
231  //! \param passphraseLength the length of the byte string password
232  //! \param attachment a BufferedTransformation to attach to this object
233  //! \param throwException a flag specifiying whether an Exception should be thrown on error
234  DataDecryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULL, bool throwException=true);
235 
236  typename DataDecryptor<BC,H,Info>::State CurrentState() const;
237  bool CheckLastMAC() const;
238 
239 protected:
240  void FirstPut(const byte *inString) {CRYPTOPP_UNUSED(inString);}
241  void LastPut(const byte *inString, size_t length);
242 
243 private:
244  member_ptr<MAC> m_mac;
245  HashVerificationFilter *m_hashVerifier;
246  bool m_throwException;
247 };
248 
249 #if defined(CRYPTOPP_DOXYGEN_PROCESSING)
250 //! \class LegacyEncryptor
251 //! \brief Password-based encryptor (deprecated)
252 //! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
253 //! Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
254 //! <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
255 struct LegacyEncryptor : public DataEncryptor<LegacyBlockCipher,LegacyHashModule,LegacyParametersInfo> {};
256 //! \class LegacyDecryptor
257 //! \brief Password-based decryptor (deprecated)
258 //! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
259 //! Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
260 //! <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
261 struct LegacyDecryptor : public DataDecryptor<LegacyBlockCipher,LegacyHashModule,LegacyParametersInfo> {};
262 //! \class DefaultEncryptor
263 //! \brief Password-based encryptor
264 //! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
265 //! Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
266 //! <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
267 struct DefaultEncryptor : public DataEncryptor<DefaultBlockCipher,DefaultHashModule,DefaultParametersInfo> {};
268 //! \class DefaultDecryptor
269 //! \brief Password-based decryptor
270 //! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
271 //! Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
272 //! <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
273 struct DefaultDecryptor : public DataDecryptor<DefaultBlockCipher,DefaultHashModule,DefaultParametersInfo> {};
274 //! \class LegacyEncryptorWithMAC
275 //! \brief Password-based encryptor with MAC (deprecated)
276 //! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
277 //! Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
278 //! <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
279 struct LegacyEncryptorWithMAC : public DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo> {};
280 //! \class LegacyDecryptorWithMAC
281 //! \brief Password-based decryptor with MAC (deprecated)
282 //! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
283 //! Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
284 //! <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
285 struct LegacyDecryptorWithMAC : public DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo> {};
286 //! \class DefaultEncryptorWithMAC
287 //! \brief Password-based encryptor with MAC
288 //! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
289 //! Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
290 //! <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
291 struct DefaultEncryptorWithMAC : public DataEncryptorWithMAC<DefaultBlockCipher,DefaultHashModule,DefaultMAC,DefaultParametersInfo> {};
292 //! \class DefaultDecryptorWithMAC
293 //! \brief Password-based decryptor with MAC
294 //! \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
295 //! Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
296 //! <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
297 struct DefaultDecryptorWithMAC : public DataDecryptorWithMAC<DefaultBlockCipher,DefaultHashModule,DefaultMAC,DefaultParametersInfo> {};
298 #else
301 
304 
307 
310 #endif
311 
312 NAMESPACE_END
313 
314 #endif
Base class for all exceptions thrown by the library.
Definition: cryptlib.h:140
const char * DigestSize()
int, in bytes
Definition: argnames.h:79
Exception thrown when a bad key is encountered in DefaultDecryptorWithMAC and LegacyDecryptorWithMAC...
Definition: default.h:44
Base class for Filter classes that are proxies for a chain of other filters.
Definition: filters.h:951
SHA-256 message digest.
Definition: sha.h:39
Class file for modes of operation.
Password-based Encryptor.
Definition: default.h:83
Password-based decryptor (deprecated)
Definition: default.h:261
Password-based Decryptor.
Definition: default.h:122
Classes for automatic resource management.
Password-based encryptor with MAC (deprecated)
Definition: default.h:279
SecBlock<byte> typedef.
Definition: secblock.h:731
Interface for buffered transformations.
Definition: cryptlib.h:1352
Password-based decryptor with MAC (deprecated)
Definition: default.h:285
Password-based encryptor (deprecated)
Definition: default.h:255
Classes for HMAC message authentication codes.
Filter wrapper for HashTransformation.
Definition: filters.h:550
Password-based encryptor with MAC.
Definition: default.h:180
Password-based encryptor.
Definition: default.h:267
Class file for the AES cipher (Rijndael)
2-key TripleDES block cipher
Definition: des.h:75
SHA-1 message digest.
Definition: sha.h:25
Exception thrown when LegacyDecryptorWithMAC or DefaultDecryptorWithMAC decryption error is encounter...
Definition: default.h:35
AES block cipher (Rijndael)
Definition: aes.h:16
Algorithm information for password-based encryptors and decryptors.
Definition: default.h:61
const char * BlockSize()
int, in bytes
Definition: argnames.h:27
Classes for DES, 2-key Triple-DES, 3-key Triple-DES and DESX.
Classes for SHA-1 and SHA-2 family of message digests.
Implementation of BufferedTransformation&#39;s attachment interface.
Password-based decryptor.
Definition: default.h:273
HMAC.
Definition: hmac.h:50
Password-based decryptor with MAC.
Definition: default.h:220
Crypto++ library namespace.
Password-based decryptor with MAC.
Definition: default.h:297
const char * SaltSize()
int, in bytes
Definition: argnames.h:89
Password-based encryptor with MAC.
Definition: default.h:291
Exception thrown when an incorrect MAC is encountered in DefaultDecryptorWithMAC and LegacyDecryptorW...
Definition: default.h:52
CBC mode.
Definition: modes.h:430