8 #include <botan/cryptobox.h>     9 #include <botan/filters.h>    10 #include <botan/pipe.h>    11 #include <botan/lookup.h>    12 #include <botan/sha2_64.h>    13 #include <botan/hmac.h>    14 #include <botan/pbkdf2.h>    15 #include <botan/pem.h>    16 #include <botan/get_byte.h>    17 #include <botan/mem_ops.h>    29 const u32bit CRYPTOBOX_VERSION_CODE = 0xEFC22400;
    31 const size_t VERSION_CODE_LEN = 4;
    32 const size_t CIPHER_KEY_LEN = 32;
    33 const size_t CIPHER_IV_LEN = 16;
    34 const size_t MAC_KEY_LEN = 32;
    35 const size_t MAC_OUTPUT_LEN = 20;
    36 const size_t PBKDF_SALT_LEN = 10;
    37 const size_t PBKDF_ITERATIONS = 8 * 1024;
    39 const size_t PBKDF_OUTPUT_LEN = CIPHER_KEY_LEN + CIPHER_IV_LEN + MAC_KEY_LEN;
    44                     const std::string& passphrase,
    69                                mac_key, MAC_OUTPUT_LEN)));
    80    const size_t ciphertext_len = pipe.
remaining(0);
    87    for(
size_t i = 0; i != VERSION_CODE_LEN; ++i)
    88      out_buf[i] = 
get_byte(i, CRYPTOBOX_VERSION_CODE);
    90    copy_mem(&out_buf[VERSION_CODE_LEN], &pbkdf_salt[0],  PBKDF_SALT_LEN);
    92    pipe.
read(&out_buf[VERSION_CODE_LEN + PBKDF_SALT_LEN], MAC_OUTPUT_LEN, 1);
    93    pipe.
read(&out_buf[VERSION_CODE_LEN + PBKDF_SALT_LEN + MAC_OUTPUT_LEN],
   100                     const std::string& passphrase)
   105                                    "BOTAN CRYPTOBOX MESSAGE");
   107    if(ciphertext.
size() < (VERSION_CODE_LEN + PBKDF_SALT_LEN + MAC_OUTPUT_LEN))
   110    for(
size_t i = 0; i != VERSION_CODE_LEN; ++i)
   111       if(ciphertext[i] != 
get_byte(i, CRYPTOBOX_VERSION_CODE))
   114    const byte* pbkdf_salt = &ciphertext[VERSION_CODE_LEN];
   134                                mac_key, MAC_OUTPUT_LEN)));
   136    const size_t ciphertext_offset =
   137       VERSION_CODE_LEN + PBKDF_SALT_LEN + MAC_OUTPUT_LEN;
   140                     ciphertext.
size() - ciphertext_offset);
   142    byte computed_mac[MAC_OUTPUT_LEN];
   143    pipe.
read(computed_mac, MAC_OUTPUT_LEN, 1);
   146                 &ciphertext[VERSION_CODE_LEN + PBKDF_SALT_LEN],
   154                     const std::string& passphrase)
   156    return decrypt(reinterpret_cast<const byte*>(&input[0]),
 size_t remaining(message_id msg=DEFAULT_MESSAGE) const
virtual void randomize(byte output[], size_t length)=0
bool same_mem(const T *p1, const T *p2, size_t n)
size_t read(byte output[], size_t length)
std::string read_all_as_string(message_id=DEFAULT_MESSAGE)
byte get_byte(size_t byte_num, T input)
std::string decrypt(const byte input[], size_t input_len, const std::string &passphrase)
const byte * begin() const
void copy_mem(T *out, const T *in, size_t n)
std::string encrypt(const byte input[], size_t input_len, const std::string &passphrase, RandomNumberGenerator &rng)
std::string encode(const byte der[], size_t length, const std::string &label, size_t width)
OctetString derive_key(size_t output_len, const std::string &passphrase, const byte salt[], size_t salt_len, size_t iterations) const
Keyed_Filter * get_cipher(const std::string &algo_spec, Cipher_Dir direction)
SecureVector< byte > decode_check_label(DataSource &source, const std::string &label_want)
void process_msg(const byte in[], size_t length)