Crypto++ 8.9
Free C++ class library of cryptographic schemes
default.h
Go to the documentation of this file.
1// default.h - originally written and placed in the public domain by Wei Dai
2
3/// \file default.h
4/// \brief Classes for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
5
6#ifndef CRYPTOPP_DEFAULT_H
7#define CRYPTOPP_DEFAULT_H
8
9#include "sha.h"
10#include "hmac.h"
11#include "aes.h"
12#include "des.h"
13#include "modes.h"
14#include "filters.h"
15#include "smartptr.h"
16
17NAMESPACE_BEGIN(CryptoPP)
18
19/// \brief Legacy block cipher for LegacyEncryptor, LegacyDecryptor, LegacyEncryptorWithMAC and LegacyDecryptorWithMAC
21/// \brief Legacy hash for use with LegacyEncryptorWithMAC and LegacyDecryptorWithMAC
23/// \brief Legacy HMAC for use withLegacyEncryptorWithMAC and LegacyDecryptorWithMAC
25
26/// \brief Default block cipher for DefaultEncryptor, DefaultDecryptor, DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
28/// \brief Default hash for use with DefaultEncryptorWithMAC and DefaultDecryptorWithMAC
30/// \brief Default HMAC for use withDefaultEncryptorWithMAC and DefaultDecryptorWithMAC
32
33/// \brief Exception thrown when LegacyDecryptorWithMAC or DefaultDecryptorWithMAC decryption error is encountered
35{
36public:
37 DataDecryptorErr(const std::string &s)
38 : Exception(DATA_INTEGRITY_CHECK_FAILED, s) {}
39};
40
41/// \brief Exception thrown when a bad key is encountered in DefaultDecryptorWithMAC and LegacyDecryptorWithMAC
43{
44 public: KeyBadErr()
45 : DataDecryptorErr("DataDecryptor: cannot decrypt message with this passphrase") {}
46};
47
48/// \brief Exception thrown when an incorrect MAC is encountered in DefaultDecryptorWithMAC and LegacyDecryptorWithMAC
50{
51 public: MACBadErr()
52 : DataDecryptorErr("DataDecryptorWithMAC: MAC check failed") {}
53};
54
55/// \brief Algorithm information for password-based encryptors and decryptors
56template <unsigned int BlockSize, unsigned int KeyLength, unsigned int DigestSize, unsigned int SaltSize, unsigned int Iterations>
58{
59 CRYPTOPP_CONSTANT(BLOCKSIZE = BlockSize);
60 CRYPTOPP_CONSTANT(KEYLENGTH = KeyLength);
61 CRYPTOPP_CONSTANT(SALTLENGTH = SaltSize);
62 CRYPTOPP_CONSTANT(DIGESTSIZE = DigestSize);
63 CRYPTOPP_CONSTANT(ITERATIONS = Iterations);
64};
65
68
69/// \brief Password-based Encryptor
70/// \tparam BC BlockCipher based class used for encryption
71/// \tparam H HashTransformation based class used for mashing
72/// \tparam Info Constants used by the algorithms
73/// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
74/// Crypto++ 5.7 switched to AES and SHA256.
75/// \sa DefaultEncryptor, DefaultDecryptor, LegacyEncryptor, LegacyDecryptor
76/// \since Crypto++ 2.0
77template <class BC, class H, class Info>
78class DataEncryptor : public ProxyFilter, public Info
79{
80public:
81 CRYPTOPP_CONSTANT(BLOCKSIZE = Info::BLOCKSIZE);
82 CRYPTOPP_CONSTANT(KEYLENGTH = Info::KEYLENGTH);
83 CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH);
84 CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE);
85 CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS);
86
87 /// \brief Construct a DataEncryptor
88 /// \param passphrase a C-String password
89 /// \param attachment a BufferedTransformation to attach to this object
90 DataEncryptor(const char *passphrase, BufferedTransformation *attachment = NULLPTR);
91
92 /// \brief Construct a DataEncryptor
93 /// \param passphrase a byte string password
94 /// \param passphraseLength the length of the byte string password
95 /// \param attachment a BufferedTransformation to attach to this object
96 DataEncryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULLPTR);
97
98protected:
99 void FirstPut(const byte *);
100 void LastPut(const byte *inString, size_t length);
101
102private:
103 SecByteBlock m_passphrase;
104 typename CBC_Mode<BC>::Encryption m_cipher;
105};
106
107/// \brief Password-based Decryptor
108/// \tparam BC BlockCipher based class used for encryption
109/// \tparam H HashTransformation based class used for mashing
110/// \tparam Info Constants used by the algorithms
111/// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
112/// Crypto++ 5.7 switched to AES and SHA256.
113/// \sa DefaultEncryptor, DefaultDecryptor, LegacyEncryptor, LegacyDecryptor
114/// \since Crypto++ 2.0
115template <class BC, class H, class Info>
116class DataDecryptor : public ProxyFilter, public Info
117{
118public:
119 CRYPTOPP_CONSTANT(BLOCKSIZE = Info::BLOCKSIZE);
120 CRYPTOPP_CONSTANT(KEYLENGTH = Info::KEYLENGTH);
121 CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH);
122 CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE);
123 CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS);
124
125 /// \brief Constructs a DataDecryptor
126 /// \param passphrase a C-String password
127 /// \param attachment a BufferedTransformation to attach to this object
128 /// \param throwException a flag specifying whether an Exception should be thrown on error
129 DataDecryptor(const char *passphrase, BufferedTransformation *attachment = NULLPTR, bool throwException=true);
130
131 /// \brief Constructs a DataDecryptor
132 /// \param passphrase a byte string password
133 /// \param passphraseLength the length of the byte string password
134 /// \param attachment a BufferedTransformation to attach to this object
135 /// \param throwException a flag specifying whether an Exception should be thrown on error
136 DataDecryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULLPTR, bool throwException=true);
137
138 enum State {WAITING_FOR_KEYCHECK, KEY_GOOD, KEY_BAD};
139 State CurrentState() const {return m_state;}
140
141protected:
142 void FirstPut(const byte *inString);
143 void LastPut(const byte *inString, size_t length);
144
145 State m_state;
146
147private:
148 void CheckKey(const byte *salt, const byte *keyCheck);
149
150 SecByteBlock m_passphrase;
151 typename CBC_Mode<BC>::Decryption m_cipher;
153 bool m_throwException;
154
155};
156
157/// \brief Password-based encryptor with MAC
158/// \tparam BC BlockCipher based class used for encryption
159/// \tparam H HashTransformation based class used for mashing
160/// \tparam MAC HashTransformation based class used for authentication
161/// \tparam Info Constants used by the algorithms
162/// \details DataEncryptorWithMAC uses a non-standard mashup function called Mash() to derive key
163/// bits from the password.
164/// \details The purpose of the function Mash() is to take an arbitrary length input string and
165/// *deterministically* produce an arbitrary length output string such that (1) it looks random,
166/// (2) no information about the input is deducible from it, and (3) it contains as much entropy
167/// as it can hold, or the amount of entropy in the input string, whichever is smaller.
168/// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
169/// Crypto++ 5.7 switched to AES and SHA256.
170/// \sa DefaultEncryptorWithMAC, DefaultDecryptorWithMAC, LegacyDecryptorWithMAC, LegacyEncryptorWithMAC
171/// \since Crypto++ 2.0
172template <class BC, class H, class MAC, class Info>
174{
175public:
176 CRYPTOPP_CONSTANT(BLOCKSIZE = Info::BLOCKSIZE);
177 CRYPTOPP_CONSTANT(KEYLENGTH = Info::KEYLENGTH);
178 CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH);
179 CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE);
180 CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS);
181
182 /// \brief Constructs a DataEncryptorWithMAC
183 /// \param passphrase a C-String password
184 /// \param attachment a BufferedTransformation to attach to this object
185 DataEncryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULLPTR);
186
187 /// \brief Constructs a DataEncryptorWithMAC
188 /// \param passphrase a byte string password
189 /// \param passphraseLength the length of the byte string password
190 /// \param attachment a BufferedTransformation to attach to this object
191 DataEncryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULLPTR);
192
193protected:
194 void FirstPut(const byte *inString) {CRYPTOPP_UNUSED(inString);}
195 void LastPut(const byte *inString, size_t length);
196
197private:
198 member_ptr<MAC> m_mac;
199
200};
201
202/// \brief Password-based decryptor with MAC
203/// \tparam BC BlockCipher based class used for encryption
204/// \tparam H HashTransformation based class used for mashing
205/// \tparam MAC HashTransformation based class used for authentication
206/// \tparam Info Constants used by the algorithms
207/// \details DataDecryptorWithMAC uses a non-standard mashup function called Mash() to derive key
208/// bits from the password.
209/// \details The purpose of the function Mash() is to take an arbitrary length input string and
210/// *deterministically* produce an arbitrary length output string such that (1) it looks random,
211/// (2) no information about the input is deducible from it, and (3) it contains as much entropy
212/// as it can hold, or the amount of entropy in the input string, whichever is smaller.
213/// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
214/// Crypto++ 5.7 switched to AES and SHA256.
215/// \sa DefaultEncryptorWithMAC, DefaultDecryptorWithMAC, LegacyDecryptorWithMAC, LegacyEncryptorWithMAC
216/// \since Crypto++ 2.0
217template <class BC, class H, class MAC, class Info>
219{
220public:
221 CRYPTOPP_CONSTANT(BLOCKSIZE = Info::BLOCKSIZE);
222 CRYPTOPP_CONSTANT(KEYLENGTH = Info::KEYLENGTH);
223 CRYPTOPP_CONSTANT(SALTLENGTH = Info::SALTLENGTH);
224 CRYPTOPP_CONSTANT(DIGESTSIZE = Info::DIGESTSIZE);
225 CRYPTOPP_CONSTANT(ITERATIONS = Info::ITERATIONS);
226
227 /// \brief Constructs a DataDecryptor
228 /// \param passphrase a C-String password
229 /// \param attachment a BufferedTransformation to attach to this object
230 /// \param throwException a flag specifying whether an Exception should be thrown on error
231 DataDecryptorWithMAC(const char *passphrase, BufferedTransformation *attachment = NULLPTR, bool throwException=true);
232
233 /// \brief Constructs a DataDecryptor
234 /// \param passphrase a byte string password
235 /// \param passphraseLength the length of the byte string password
236 /// \param attachment a BufferedTransformation to attach to this object
237 /// \param throwException a flag specifying whether an Exception should be thrown on error
238 DataDecryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment = NULLPTR, bool throwException=true);
239
240 typename DataDecryptor<BC,H,Info>::State CurrentState() const;
241 bool CheckLastMAC() const;
242
243protected:
244 void FirstPut(const byte *inString) {CRYPTOPP_UNUSED(inString);}
245 void LastPut(const byte *inString, size_t length);
246
247private:
248 member_ptr<MAC> m_mac;
249 HashVerificationFilter *m_hashVerifier;
250 bool m_throwException;
251};
252
253#if defined(CRYPTOPP_DOXYGEN_PROCESSING)
254/// \brief Password-based encryptor (deprecated)
255/// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
256/// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
257/// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
258struct LegacyEncryptor : public DataEncryptor<LegacyBlockCipher,LegacyHashModule,LegacyParametersInfo> {};
259/// \brief Password-based decryptor (deprecated)
260/// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
261/// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
262/// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
263struct LegacyDecryptor : public DataDecryptor<LegacyBlockCipher,LegacyHashModule,LegacyParametersInfo> {};
264/// \brief Password-based encryptor
265/// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
266/// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
267/// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
268struct DefaultEncryptor : public DataEncryptor<DefaultBlockCipher,DefaultHashModule,DefaultParametersInfo> {};
269/// \brief Password-based decryptor
270/// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
271/// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
272/// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
273struct DefaultDecryptor : public DataDecryptor<DefaultBlockCipher,DefaultHashModule,DefaultParametersInfo> {};
274/// \brief Password-based encryptor with MAC (deprecated)
275/// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
276/// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
277/// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
278struct LegacyEncryptorWithMAC : public DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,LegacyMAC,LegacyParametersInfo> {};
279/// \brief Password-based decryptor with MAC (deprecated)
280/// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
281/// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
282/// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
283struct LegacyDecryptorWithMAC : public DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,LegacyMAC,LegacyParametersInfo> {};
284/// \brief Password-based encryptor with MAC
285/// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
286/// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
287/// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
288struct DefaultEncryptorWithMAC : public DataEncryptorWithMAC<DefaultBlockCipher,DefaultHashModule,DefaultMAC,DefaultParametersInfo> {};
289/// \brief Password-based decryptor with MAC
290/// \details Crypto++ 5.6.5 and earlier used the legacy algorithms, including DES_EDE2 and SHA1.
291/// Crypto++ 5.7 switched to AES and SHA256. The updated algorithms are available with the
292/// <tt>Default*</tt> classes, and the old algorithms are available with the <tt>Legacy*</tt> classes.
293struct DefaultDecryptorWithMAC : public DataDecryptorWithMAC<DefaultBlockCipher,DefaultHashModule,DefaultMAC,DefaultParametersInfo> {};
294#else
297
300
303
306#endif
307
308NAMESPACE_END
309
310#endif
Class file for the AES cipher (Rijndael)
AES block cipher (Rijndael)
Definition aes.h:23
Interface for buffered transformations.
Definition cryptlib.h:1657
Block cipher mode of operation aggregate.
Definition modes.h:347
2-key TripleDES block cipher
Definition des.h:73
Exception thrown when LegacyDecryptorWithMAC or DefaultDecryptorWithMAC decryption error is encounter...
Definition default.h:35
Password-based Decryptor.
Definition default.h:117
DataDecryptor(const char *passphrase, BufferedTransformation *attachment=NULL, bool throwException=true)
Constructs a DataDecryptor.
Definition default.cpp:142
Password-based decryptor with MAC.
Definition default.h:219
DataDecryptorWithMAC(const char *passphrase, BufferedTransformation *attachment=NULL, bool throwException=true)
Constructs a DataDecryptor.
Definition default.cpp:257
Password-based Encryptor.
Definition default.h:79
DataEncryptor(const char *passphrase, BufferedTransformation *attachment=NULL)
Construct a DataEncryptor.
Definition default.cpp:85
Password-based encryptor with MAC.
Definition default.h:174
DataEncryptorWithMAC(const char *passphrase, BufferedTransformation *attachment=NULL)
Constructs a DataEncryptorWithMAC.
Definition default.cpp:232
Base class for all exceptions thrown by the library.
Definition cryptlib.h:164
HMAC.
Definition hmac.h:53
Filter wrapper for HashTransformation.
Definition filters.h:611
Exception thrown when a bad key is encountered in DefaultDecryptorWithMAC and LegacyDecryptorWithMAC.
Definition default.h:43
Exception thrown when an incorrect MAC is encountered in DefaultDecryptorWithMAC and LegacyDecryptorW...
Definition default.h:50
Base class for Filter classes that are proxies for a chain of other filters.
Definition filters.h:1039
SHA-1 message digest.
Definition sha.h:27
SHA-256 message digest.
Definition sha.h:65
SecBlock typedef.
Definition secblock.h:1226
Pointer that overloads operator ->
Definition smartptr.h:38
Classes for DES, 2-key Triple-DES, 3-key Triple-DES and DESX.
Implementation of BufferedTransformation's attachment interface.
Classes for HMAC message authentication codes.
Classes for block cipher modes of operation.
Crypto++ library namespace.
Classes for SHA-1 and SHA-2 family of message digests.
Classes for automatic resource management.
Algorithm information for password-based encryptors and decryptors.
Definition default.h:58
Password-based decryptor.
Definition default.h:273
Password-based decryptor with MAC.
Definition default.h:293
Password-based encryptor.
Definition default.h:268
Password-based encryptor with MAC.
Definition default.h:288
Password-based decryptor (deprecated)
Definition default.h:263
Password-based decryptor with MAC (deprecated)
Definition default.h:283
Password-based encryptor (deprecated)
Definition default.h:258
Password-based encryptor with MAC (deprecated)
Definition default.h:278