summaryrefslogtreecommitdiffstats
path: root/lib/cryptopp/default.cpp
diff options
context:
space:
mode:
authorMattes D <github@xoft.cz>2014-01-25 22:05:16 +0100
committerMattes D <github@xoft.cz>2014-01-25 22:05:16 +0100
commit437a9c8d1f13cc7770a95534dbf71b78685edfe7 (patch)
tree68b0e13a46f3936bb772106c0ca8d8e74aba2b8e /lib/cryptopp/default.cpp
parentMerge pull request #581 from worktycho/strerror (diff)
parentProtoProxy: Modified to use PolarSSL. (diff)
downloadcuberite-437a9c8d1f13cc7770a95534dbf71b78685edfe7.tar
cuberite-437a9c8d1f13cc7770a95534dbf71b78685edfe7.tar.gz
cuberite-437a9c8d1f13cc7770a95534dbf71b78685edfe7.tar.bz2
cuberite-437a9c8d1f13cc7770a95534dbf71b78685edfe7.tar.lz
cuberite-437a9c8d1f13cc7770a95534dbf71b78685edfe7.tar.xz
cuberite-437a9c8d1f13cc7770a95534dbf71b78685edfe7.tar.zst
cuberite-437a9c8d1f13cc7770a95534dbf71b78685edfe7.zip
Diffstat (limited to 'lib/cryptopp/default.cpp')
-rw-r--r--lib/cryptopp/default.cpp258
1 files changed, 0 insertions, 258 deletions
diff --git a/lib/cryptopp/default.cpp b/lib/cryptopp/default.cpp
deleted file mode 100644
index 72940784d..000000000
--- a/lib/cryptopp/default.cpp
+++ /dev/null
@@ -1,258 +0,0 @@
-// default.cpp - written and placed in the public domain by Wei Dai
-
-#include "pch.h"
-#include "default.h"
-#include "queue.h"
-#include <time.h>
-#include <memory>
-
-NAMESPACE_BEGIN(CryptoPP)
-
-static const unsigned int MASH_ITERATIONS = 200;
-static const unsigned int SALTLENGTH = 8;
-static const unsigned int BLOCKSIZE = Default_BlockCipher::Encryption::BLOCKSIZE;
-static const unsigned int KEYLENGTH = Default_BlockCipher::Encryption::DEFAULT_KEYLENGTH;
-
-// The purpose of this function Mash() is to take an arbitrary length input
-// string and *deterministicly* produce an arbitrary length output string such
-// that (1) it looks random, (2) no information about the input is
-// deducible from it, and (3) it contains as much entropy as it can hold, or
-// the amount of entropy in the input string, whichever is smaller.
-
-static void Mash(const byte *in, size_t inLen, byte *out, size_t outLen, int iterations)
-{
- if (BytePrecision(outLen) > 2)
- throw InvalidArgument("Mash: output legnth too large");
-
- size_t bufSize = RoundUpToMultipleOf(outLen, (size_t)DefaultHashModule::DIGESTSIZE);
- byte b[2];
- SecByteBlock buf(bufSize);
- SecByteBlock outBuf(bufSize);
- DefaultHashModule hash;
-
- unsigned int i;
- for(i=0; i<outLen; i+=DefaultHashModule::DIGESTSIZE)
- {
- b[0] = (byte) (i >> 8);
- b[1] = (byte) i;
- hash.Update(b, 2);
- hash.Update(in, inLen);
- hash.Final(outBuf+i);
- }
-
- while (iterations-- > 1)
- {
- memcpy(buf, outBuf, bufSize);
- for (i=0; i<bufSize; i+=DefaultHashModule::DIGESTSIZE)
- {
- b[0] = (byte) (i >> 8);
- b[1] = (byte) i;
- hash.Update(b, 2);
- hash.Update(buf, bufSize);
- hash.Final(outBuf+i);
- }
- }
-
- memcpy(out, outBuf, outLen);
-}
-
-static void GenerateKeyIV(const byte *passphrase, size_t passphraseLength, const byte *salt, size_t saltLength, byte *key, byte *IV)
-{
- SecByteBlock temp(passphraseLength+saltLength);
- memcpy(temp, passphrase, passphraseLength);
- memcpy(temp+passphraseLength, salt, saltLength);
- SecByteBlock keyIV(KEYLENGTH+BLOCKSIZE);
- Mash(temp, passphraseLength + saltLength, keyIV, KEYLENGTH+BLOCKSIZE, MASH_ITERATIONS);
- memcpy(key, keyIV, KEYLENGTH);
- memcpy(IV, keyIV+KEYLENGTH, BLOCKSIZE);
-}
-
-// ********************************************************
-
-DefaultEncryptor::DefaultEncryptor(const char *passphrase, BufferedTransformation *attachment)
- : ProxyFilter(NULL, 0, 0, attachment), m_passphrase((const byte *)passphrase, strlen(passphrase))
-{
-}
-
-DefaultEncryptor::DefaultEncryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment)
- : ProxyFilter(NULL, 0, 0, attachment), m_passphrase(passphrase, passphraseLength)
-{
-}
-
-
-void DefaultEncryptor::FirstPut(const byte *)
-{
- // VC60 workaround: __LINE__ expansion bug
- CRYPTOPP_COMPILE_ASSERT_INSTANCE(SALTLENGTH <= DefaultHashModule::DIGESTSIZE, 1);
- CRYPTOPP_COMPILE_ASSERT_INSTANCE(BLOCKSIZE <= DefaultHashModule::DIGESTSIZE, 2);
-
- SecByteBlock salt(DefaultHashModule::DIGESTSIZE), keyCheck(DefaultHashModule::DIGESTSIZE);
- DefaultHashModule hash;
-
- // use hash(passphrase | time | clock) as salt
- hash.Update(m_passphrase, m_passphrase.size());
- time_t t=time(0);
- hash.Update((byte *)&t, sizeof(t));
- clock_t c=clock();
- hash.Update((byte *)&c, sizeof(c));
- hash.Final(salt);
-
- // use hash(passphrase | salt) as key check
- hash.Update(m_passphrase, m_passphrase.size());
- hash.Update(salt, SALTLENGTH);
- hash.Final(keyCheck);
-
- AttachedTransformation()->Put(salt, SALTLENGTH);
-
- // mash passphrase and salt together into key and IV
- SecByteBlock key(KEYLENGTH);
- SecByteBlock IV(BLOCKSIZE);
- GenerateKeyIV(m_passphrase, m_passphrase.size(), salt, SALTLENGTH, key, IV);
-
- m_cipher.SetKeyWithIV(key, key.size(), IV);
- SetFilter(new StreamTransformationFilter(m_cipher));
-
- m_filter->Put(keyCheck, BLOCKSIZE);
-}
-
-void DefaultEncryptor::LastPut(const byte *inString, size_t length)
-{
- m_filter->MessageEnd();
-}
-
-// ********************************************************
-
-DefaultDecryptor::DefaultDecryptor(const char *p, BufferedTransformation *attachment, bool throwException)
- : ProxyFilter(NULL, SALTLENGTH+BLOCKSIZE, 0, attachment)
- , m_state(WAITING_FOR_KEYCHECK)
- , m_passphrase((const byte *)p, strlen(p))
- , m_throwException(throwException)
-{
-}
-
-DefaultDecryptor::DefaultDecryptor(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment, bool throwException)
- : ProxyFilter(NULL, SALTLENGTH+BLOCKSIZE, 0, attachment)
- , m_state(WAITING_FOR_KEYCHECK)
- , m_passphrase(passphrase, passphraseLength)
- , m_throwException(throwException)
-{
-}
-
-void DefaultDecryptor::FirstPut(const byte *inString)
-{
- CheckKey(inString, inString+SALTLENGTH);
-}
-
-void DefaultDecryptor::LastPut(const byte *inString, size_t length)
-{
- if (m_filter.get() == NULL)
- {
- m_state = KEY_BAD;
- if (m_throwException)
- throw KeyBadErr();
- }
- else
- {
- m_filter->MessageEnd();
- m_state = WAITING_FOR_KEYCHECK;
- }
-}
-
-void DefaultDecryptor::CheckKey(const byte *salt, const byte *keyCheck)
-{
- SecByteBlock check(STDMAX((unsigned int)2*BLOCKSIZE, (unsigned int)DefaultHashModule::DIGESTSIZE));
-
- DefaultHashModule hash;
- hash.Update(m_passphrase, m_passphrase.size());
- hash.Update(salt, SALTLENGTH);
- hash.Final(check);
-
- SecByteBlock key(KEYLENGTH);
- SecByteBlock IV(BLOCKSIZE);
- GenerateKeyIV(m_passphrase, m_passphrase.size(), salt, SALTLENGTH, key, IV);
-
- m_cipher.SetKeyWithIV(key, key.size(), IV);
- std::auto_ptr<StreamTransformationFilter> decryptor(new StreamTransformationFilter(m_cipher));
-
- decryptor->Put(keyCheck, BLOCKSIZE);
- decryptor->ForceNextPut();
- decryptor->Get(check+BLOCKSIZE, BLOCKSIZE);
-
- SetFilter(decryptor.release());
-
- if (!VerifyBufsEqual(check, check+BLOCKSIZE, BLOCKSIZE))
- {
- m_state = KEY_BAD;
- if (m_throwException)
- throw KeyBadErr();
- }
- else
- m_state = KEY_GOOD;
-}
-
-// ********************************************************
-
-static DefaultMAC * NewDefaultEncryptorMAC(const byte *passphrase, size_t passphraseLength)
-{
- size_t macKeyLength = DefaultMAC::StaticGetValidKeyLength(16);
- SecByteBlock macKey(macKeyLength);
- // since the MAC is encrypted there is no reason to mash the passphrase for many iterations
- Mash(passphrase, passphraseLength, macKey, macKeyLength, 1);
- return new DefaultMAC(macKey, macKeyLength);
-}
-
-DefaultEncryptorWithMAC::DefaultEncryptorWithMAC(const char *passphrase, BufferedTransformation *attachment)
- : ProxyFilter(NULL, 0, 0, attachment)
- , m_mac(NewDefaultEncryptorMAC((const byte *)passphrase, strlen(passphrase)))
-{
- SetFilter(new HashFilter(*m_mac, new DefaultEncryptor(passphrase), true));
-}
-
-DefaultEncryptorWithMAC::DefaultEncryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment)
- : ProxyFilter(NULL, 0, 0, attachment)
- , m_mac(NewDefaultEncryptorMAC(passphrase, passphraseLength))
-{
- SetFilter(new HashFilter(*m_mac, new DefaultEncryptor(passphrase, passphraseLength), true));
-}
-
-void DefaultEncryptorWithMAC::LastPut(const byte *inString, size_t length)
-{
- m_filter->MessageEnd();
-}
-
-// ********************************************************
-
-DefaultDecryptorWithMAC::DefaultDecryptorWithMAC(const char *passphrase, BufferedTransformation *attachment, bool throwException)
- : ProxyFilter(NULL, 0, 0, attachment)
- , m_mac(NewDefaultEncryptorMAC((const byte *)passphrase, strlen(passphrase)))
- , m_throwException(throwException)
-{
- SetFilter(new DefaultDecryptor(passphrase, m_hashVerifier=new HashVerifier(*m_mac, NULL, HashVerifier::PUT_MESSAGE), throwException));
-}
-
-DefaultDecryptorWithMAC::DefaultDecryptorWithMAC(const byte *passphrase, size_t passphraseLength, BufferedTransformation *attachment, bool throwException)
- : ProxyFilter(NULL, 0, 0, attachment)
- , m_mac(NewDefaultEncryptorMAC(passphrase, passphraseLength))
- , m_throwException(throwException)
-{
- SetFilter(new DefaultDecryptor(passphrase, passphraseLength, m_hashVerifier=new HashVerifier(*m_mac, NULL, HashVerifier::PUT_MESSAGE), throwException));
-}
-
-DefaultDecryptor::State DefaultDecryptorWithMAC::CurrentState() const
-{
- return static_cast<const DefaultDecryptor *>(m_filter.get())->CurrentState();
-}
-
-bool DefaultDecryptorWithMAC::CheckLastMAC() const
-{
- return m_hashVerifier->GetLastResult();
-}
-
-void DefaultDecryptorWithMAC::LastPut(const byte *inString, size_t length)
-{
- m_filter->MessageEnd();
- if (m_throwException && !CheckLastMAC())
- throw MACBadErr();
-}
-
-NAMESPACE_END