Cipher Class
 All Classes Namespaces Files Functions Variables Typedefs Macros Pages
Cipher Class Reference

The cipher object encrypts plaintext data or decrypts ciphertext data. More...

#include <cipher.h>

+ Collaboration diagram for Cipher:

Public Types

typedef uchar aes_iv_t [32]
 
typedef uchar aes_key_t [32]
 
typedef uchar aes_salt_t [8]
 
typedef std::pair< uchar *, uintkv1_t
 
typedef unsigned char uchar
 
typedef unsigned int uint
 

Public Member Functions

 Cipher ()
 Constructor. More...
 
 Cipher (const std::string &cipher, const std::string &digest, uint count, bool embed=true)
 Constructor. More...
 
 ~Cipher ()
 Destructor. More...
 
void debug (bool b=true)
 Set the internal debug flag. More...
 
bool debug () const
 Is debug mode set? More...
 
kv1_t decode_base64 (const std::string &mimetext) const
 Base64 decode. More...
 
std::string decode_cipher (uchar *ciphertext, uint ciphertext_len) const
 Cipher decode. More...
 
std::string decrypt (const std::string &ciphertext, const std::string &pass="", const std::string &salt="")
 Decrypt a buffer using AES 256 CBC (SHA1). More...
 
void decrypt_file (const std::string &ifn, const std::string &ofn, const std::string &pass="", const std::string &salt="")
 Decrypt a file. More...
 
std::string encode_base64 (uchar *ciphertext, uint ciphertext_len) const
 Base64 encode. More...
 
kv1_t encode_cipher (const std::string &plaintext) const
 Cipher encode. More...
 
std::string encrypt (const std::string &plaintext, const std::string &pass="", const std::string &salt="")
 Encrypt buffer using AES 256 CBC (SHA1). More...
 
void encrypt_file (const std::string &ifn, const std::string &ofn, const std::string &pass="", const std::string &salt="")
 Encrypt a file. More...
 
std::string file_read (const std::string &fn) const
 Read a file into a buffer. More...
 
void file_write (const std::string &fn, const std::string &data, bool nl=false) const
 Write ASCII data to a file. More...
 

Private Member Functions

void init (const std::string &pass)
 Initialize the cipher: set the key and IV values. More...
 
void set_salt (const std::string &salt)
 Convert string salt to internal format. More...
 

Private Attributes

std::string m_cipher
 
uint m_count
 
bool m_debug
 
std::string m_digest
 
bool m_embed
 
aes_iv_t m_iv
 
aes_key_t m_key
 
std::string m_pass
 
aes_salt_t m_salt
 

Detailed Description

The cipher object encrypts plaintext data or decrypts ciphertext data.

All data is in ASCII because it is MIME encoded.

The default cipher used is AES-256-CBC from the openssl library but there are many others available. The default digest used is SHA1 which is stronger than MD5.

The algorithms mimic openssl so files created with this object and with the openssl tool are interchangeable.

Here is how you would use it to encrypt and decrypt plaintext data in memory.

* #include "cipher.h"
* #include <string>
* using namepsace std;
*
* // Example the encrypts and decrypts some plaintext.
* // Use encrypt_file or decrypt_file to deal with files.
* void cipher_test()
* {
* string pass = "testTEST!23_";
* string salt = "12345678"; // must be 8 chars
* string plaintext = "Lorem ipsum dolor sit amet, consectetur adipiscing elit.";
*
* // Encrypt and decrypt.
* Cipher c;
* string ciphertext = c.encrypt(plaintext ,pass,salt);
* string decoded = c.decrypt(ciphertext,pass,salt);
*
* // Test the results
* if (plaintext == decoded) {
* cout << "passed" << endl;
* }
* else {
* cout << "failed" << endl;
* }
* }
*
Author
Joe Linoff

Definition at line 74 of file cipher.h.

Member Typedef Documentation

typedef uchar Cipher::aes_iv_t[32]

Definition at line 80 of file cipher.h.

typedef uchar Cipher::aes_key_t[32]

Definition at line 79 of file cipher.h.

typedef uchar Cipher::aes_salt_t[8]

Definition at line 81 of file cipher.h.

typedef std::pair<uchar*,uint> Cipher::kv1_t

Definition at line 82 of file cipher.h.

typedef unsigned char Cipher::uchar

Definition at line 78 of file cipher.h.

typedef unsigned int Cipher::uint

Definition at line 77 of file cipher.h.

Constructor & Destructor Documentation

Cipher::Cipher ( )

Constructor.

Definition at line 149 of file cipher.cc.

153  m_embed(true), // compatible with openssl
154  m_debug(false)
155 {
156 }
bool m_embed
Definition: cipher.h:296
#define CIPHER_DEFAULT_COUNT
Definition: cipher.h:30
std::string m_digest
Definition: cipher.h:291
std::string m_cipher
Definition: cipher.h:290
#define CIPHER_DEFAULT_DIGEST
Definition: cipher.h:29
bool m_debug
Definition: cipher.h:297
#define CIPHER_DEFAULT_CIPHER
Definition: cipher.h:28
uint m_count
Definition: cipher.h:295
Cipher::Cipher ( const std::string &  cipher,
const std::string &  digest,
uint  count,
bool  embed = true 
)

Constructor.

Parameters
cipherThe cipher algorithm to use (def. aes-256-cbc).
digestThe digest to use (def. sha1).
countThe number of iterations (def. 1).
embedEmbed the salt. If this is false, the output will not be compatible with openssl.

Definition at line 161 of file cipher.cc.

165  : m_cipher(cipher),
166  m_digest(digest),
167  m_count(count),
168  m_embed(embed),
169  m_debug(false)
170 {
171 }
bool m_embed
Definition: cipher.h:296
std::string m_digest
Definition: cipher.h:291
std::string m_cipher
Definition: cipher.h:290
bool m_debug
Definition: cipher.h:297
uint m_count
Definition: cipher.h:295
Cipher::~Cipher ( )

Destructor.

Definition at line 176 of file cipher.cc.

177 {
178 }

Member Function Documentation

void Cipher::debug ( bool  b = true)
inline

Set the internal debug flag.

This is only useful for library developers.

Parameters
bTrue for debug or false otherwise.

Definition at line 270 of file cipher.h.

References m_debug.

270 {m_debug=b;}
bool m_debug
Definition: cipher.h:297
bool Cipher::debug ( ) const
inline

Is debug mode set?

Returns
The current debug mode.

Definition at line 275 of file cipher.h.

References m_debug.

275 {return m_debug;}
bool m_debug
Definition: cipher.h:297
Cipher::kv1_t Cipher::decode_base64 ( const std::string &  mimetext) const

Base64 decode.

Parameters
mimetextASCII MIME text.
Returns
Binary data.

Definition at line 290 of file cipher.cc.

References DBG_FCT.

Referenced by decrypt().

291 {
292  DBG_FCT("decode_base64");
293  kv1_t x;
294  int SZ=mimetext.size(); // this will always be smaller
295  x.first = new uchar[SZ];
296  char* tmpbuf = new char[SZ+1];
297  strcpy(tmpbuf,mimetext.c_str());
298  BIO* b64 = BIO_new(BIO_f_base64());
299 
300  // This patch was suggested by Mihai Todor.
301  // It was added to the code on 2013-11-21.
302  // Please see this post for details:
303  // http://joelinoff.com/blog/?p=664
304  if (SZ <= 64) {
305  // If the string is less len 64 or less,
306  // then the -A switch must be used in
307  // openssl.
308  BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
309  }
310 
311  BIO* bm = BIO_new_mem_buf(tmpbuf,mimetext.size());
312  bm = BIO_push(b64,bm);
313  x.second = BIO_read(bm,x.first,SZ);
314  BIO_free_all(bm);
315  delete [] tmpbuf;
316  return x;
317 }
std::pair< uchar *, uint > kv1_t
Definition: cipher.h:82
unsigned char uchar
Definition: cipher.h:78
#define DBG_FCT(fct)
Definition: cipher.cc:42

+ Here is the caller graph for this function:

string Cipher::decode_cipher ( uchar ciphertext,
uint  ciphertext_len 
) const

Cipher decode.

Parameters
ciphertextBinary cipher text.
ciphertext_lenLength of cipher buffer.
Returns
The decoded ASCII string.

Definition at line 371 of file cipher.cc.

References DBG_FCT, m_iv, and m_key.

Referenced by decrypt().

373 {
374  DBG_FCT("decode_cipher");
375  uint SZ = ciphertext_len+20;
376  uchar* plaintext = new uchar[SZ];
377  bzero(plaintext,SZ);
378  int plaintext_len = 0;
379  EVP_CIPHER_CTX ctx;
380  EVP_CIPHER_CTX_init(&ctx);
381 
382  if (!EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, m_key, m_iv)) {
383  throw runtime_error("EVP_DecryptInit_ex() failed");
384  }
385  EVP_CIPHER_CTX_set_key_length(&ctx, EVP_MAX_KEY_LENGTH);
386 
387  if (!EVP_DecryptUpdate(&ctx,plaintext,&plaintext_len,ciphertext,ciphertext_len)) {
388  throw runtime_error("EVP_DecryptUpdate() failed");
389  }
390 
391  int plaintext_padlen=0;
392  if (!EVP_DecryptFinal_ex(&ctx,plaintext+plaintext_len,&plaintext_padlen)) {
393  throw runtime_error("EVP_DecryptFinal_ex() failed");
394  }
395  plaintext_len += plaintext_padlen;
396  plaintext[plaintext_len] = 0;
397 
398  string ret = (char*)plaintext;
399  delete [] plaintext;
400  return ret;
401 }
aes_key_t m_key
Definition: cipher.h:293
unsigned int uint
Definition: cipher.h:77
aes_iv_t m_iv
Definition: cipher.h:294
unsigned char uchar
Definition: cipher.h:78
#define DBG_FCT(fct)
Definition: cipher.cc:42

+ Here is the caller graph for this function:

string Cipher::decrypt ( const std::string &  ciphertext,
const std::string &  pass = "",
const std::string &  salt = "" 
)

Decrypt a buffer using AES 256 CBC (SHA1).

Parameters
ciphertextThe encrypted data.
passThe passphrase.
saltThe optional salt.
Returns
The plaintext: decrypted, MIME decoded data.

Definition at line 218 of file cipher.cc.

References DBG_BDUMP, DBG_FCT, DBG_MDUMP, decode_base64(), decode_cipher(), init(), m_salt, SALTED_PREFIX, and set_salt().

Referenced by decrypt_file().

221 {
222  DBG_FCT("decrypt");
223  kv1_t x = decode_base64(mimetext);
224  uchar* ct = x.first;
225  uchar* ctbeg = ct;
226  uint ctlen = x.second;
227  DBG_BDUMP(ct,ctlen);
228 
229  if (strncmp((const char*)ct,SALTED_PREFIX,8) == 0) {
230  memcpy(m_salt,&ct[8],8);
231  ct += 16;
232  ctlen -= 16;
233  }
234  else {
235  set_salt(salt);
236  }
237  init(pass);
238  string ret = decode_cipher(ct,ctlen);
239  delete [] ctbeg;
240  DBG_MDUMP(ret);
241  return ret;
242 }
std::pair< uchar *, uint > kv1_t
Definition: cipher.h:82
#define DBG_MDUMP(a)
Definition: cipher.cc:47
std::string decode_cipher(uchar *ciphertext, uint ciphertext_len) const
Cipher decode.
Definition: cipher.cc:371
void set_salt(const std::string &salt)
Convert string salt to internal format.
Definition: cipher.cc:406
#define DBG_BDUMP(a, x)
Definition: cipher.cc:46
unsigned int uint
Definition: cipher.h:77
unsigned char uchar
Definition: cipher.h:78
aes_salt_t m_salt
Definition: cipher.h:292
#define SALTED_PREFIX
Definition: cipher.cc:51
void init(const std::string &pass)
Initialize the cipher: set the key and IV values.
Definition: cipher.cc:429
#define DBG_FCT(fct)
Definition: cipher.cc:42
kv1_t decode_base64(const std::string &mimetext) const
Base64 decode.
Definition: cipher.cc:290

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

void Cipher::decrypt_file ( const std::string &  ifn,
const std::string &  ofn,
const std::string &  pass = "",
const std::string &  salt = "" 
)

Decrypt a file.

Here is a usage example.

* #include "cipher.h"
* #include <iostream>
* #include <string>
* using namepsace std;
*
* void example()
* {
* string pass = "password";
* string salt = "12345678"; // must be 8
* string ifn = "license.dat"; // ciphertext
* string ofn = "license.txt"; // plaintext
*
* // Decrypt file.
* // It is the same as running this command:
* // % openssl enc -d -a -md sha1 -aes-256-cbc -salt -p \
* // -pass pass:password \
* // -in license.dat -out license.txt
* // NOTE: it is not necessary to specify the salt for decryption.
* try {
* Cipher c;
* c.decrypt_file(ifn,ofn,pass,salt);
* }
* catch (exception& e) {
* cerr << "ERROR: " << e.what() << endl;
* }
* }
*
Parameters
ifnThe encrypted file.
ofnThe plaintext file.
passThe passphrase.
saltThe optional salt.

Definition at line 247 of file cipher.cc.

References DBG_FCT, decrypt(), file_read(), and file_write().

251 {
252  DBG_FCT("decrypt_file");
253  string ciphertext = file_read(ifn);
254  string plaintext = decrypt(ciphertext,pass,salt);
255  file_write(ofn,plaintext);
256 }
std::string decrypt(const std::string &ciphertext, const std::string &pass="", const std::string &salt="")
Decrypt a buffer using AES 256 CBC (SHA1).
Definition: cipher.cc:218
void file_write(const std::string &fn, const std::string &data, bool nl=false) const
Write ASCII data to a file.
Definition: cipher.cc:498
std::string file_read(const std::string &fn) const
Read a file into a buffer.
Definition: cipher.cc:482
#define DBG_FCT(fct)
Definition: cipher.cc:42

+ Here is the call graph for this function:

string Cipher::encode_base64 ( uchar ciphertext,
uint  ciphertext_len 
) const

Base64 encode.

Parameters
ciphertextBinary cipher text.
ciphertext_lenLength of cipher buffer.
Returns
The encoded ASCII MIME string.

Definition at line 261 of file cipher.cc.

References DBG_FCT.

Referenced by encrypt().

263 {
264  DBG_FCT("encode_base64");
265  BIO* b64 = BIO_new(BIO_f_base64());
266  BIO* bm = BIO_new(BIO_s_mem());
267  b64 = BIO_push(b64,bm);
268  if (BIO_write(b64,ciphertext,ciphertext_len)<2) {
269  throw runtime_error("BIO_write() failed");
270  }
271  if (BIO_flush(b64)<1) {
272  throw runtime_error("BIO_flush() failed");
273  }
274  BUF_MEM *bptr=0;
275  BIO_get_mem_ptr(b64,&bptr);
276  uint len=bptr->length;
277  char* mimetext = new char[len+1];
278  memcpy(mimetext, bptr->data, bptr->length-1);
279  mimetext[bptr->length-1]=0;
280  BIO_free_all(b64);
281 
282  string ret = mimetext;
283  delete [] mimetext;
284  return ret;
285 }
unsigned int uint
Definition: cipher.h:77
#define DBG_FCT(fct)
Definition: cipher.cc:42

+ Here is the caller graph for this function:

Cipher::kv1_t Cipher::encode_cipher ( const std::string &  plaintext) const

Cipher encode.

Parameters
plaintextASCII data to encode.
Returns
Binary data.

Definition at line 322 of file cipher.cc.

References DBG_FCT, m_embed, m_iv, m_key, m_salt, and SALTED_PREFIX.

Referenced by encrypt().

323 {
324  DBG_FCT("encode_cipher");
325  uint SZ=plaintext.size()+AES_BLOCK_SIZE+20;
326  uchar* ciphertext = new uchar[SZ];
327  bzero(ciphertext,SZ);
328  uchar* pbeg = ciphertext;
329 
330  // This requires some explanation.
331  // In order to be compatible with openssl, I need to append
332  // 16 characters worth of information that describe the salt.
333  // I found this in the openssl source code but I couldn't
334  // find any associated documentation.
335  uint off = 0;
336  if (m_embed) {
337  memcpy(&ciphertext[0],SALTED_PREFIX,8);
338  memcpy(&ciphertext[8],m_salt,8);
339  off = 16;
340  ciphertext += off;
341  }
342 
343  int ciphertext_len=0;
344  int ciphertext_padlen=0;
345  EVP_CIPHER_CTX ctx;
346  EVP_CIPHER_CTX_init(&ctx);
347 
348  if (!EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, m_key, m_iv)) {
349  throw runtime_error("EVP_EncryptInit_ex() failed");
350  }
351  EVP_CIPHER_CTX_set_key_length(&ctx, EVP_MAX_KEY_LENGTH);
352 
353  uchar* p = (uchar*)plaintext.c_str();
354  uint plen = plaintext.size();
355  if (!EVP_EncryptUpdate(&ctx,ciphertext,&ciphertext_len,p,plen)) {
356  throw runtime_error("EVP_EncryptUpdate() failed");
357  }
358 
359  uchar* pbuf = ciphertext+ciphertext_len; // pad at the end
360  if (!EVP_EncryptFinal_ex(&ctx,pbuf,&ciphertext_padlen)) {
361  throw runtime_error("EVP_EncryptFinal_ex() failed");
362  }
363 
364  ciphertext_len += ciphertext_padlen + off; // <off> for the Salted prefix
365  return kv1_t(pbeg,ciphertext_len);
366 }
aes_key_t m_key
Definition: cipher.h:293
std::pair< uchar *, uint > kv1_t
Definition: cipher.h:82
bool m_embed
Definition: cipher.h:296
unsigned int uint
Definition: cipher.h:77
aes_iv_t m_iv
Definition: cipher.h:294
unsigned char uchar
Definition: cipher.h:78
aes_salt_t m_salt
Definition: cipher.h:292
#define SALTED_PREFIX
Definition: cipher.cc:51
#define DBG_FCT(fct)
Definition: cipher.cc:42

+ Here is the caller graph for this function:

string Cipher::encrypt ( const std::string &  plaintext,
const std::string &  pass = "",
const std::string &  salt = "" 
)

Encrypt buffer using AES 256 CBC (SHA1).

Parameters
plaintextThe plaintext buffer.
passThe passphrase.
saltThe optional salt.
Returns
The ciphertext: encrypted, MIME encoded data.

Definition at line 183 of file cipher.cc.

References DBG_BDUMP, DBG_FCT, DBG_MDUMP, encode_base64(), encode_cipher(), init(), and set_salt().

Referenced by encrypt_file().

186 {
187  DBG_FCT("encrypt");
188  set_salt(salt);
189  init(pass);
190  kv1_t x = encode_cipher(plaintext);
191  uchar* ct = x.first;
192  uint ctlen = x.second;
193  DBG_BDUMP(ct,ctlen);
194 
195  string ret = encode_base64(ct,ctlen);
196  delete [] ct;
197  DBG_MDUMP(ret);
198  return ret;
199 }
std::pair< uchar *, uint > kv1_t
Definition: cipher.h:82
#define DBG_MDUMP(a)
Definition: cipher.cc:47
void set_salt(const std::string &salt)
Convert string salt to internal format.
Definition: cipher.cc:406
#define DBG_BDUMP(a, x)
Definition: cipher.cc:46
unsigned int uint
Definition: cipher.h:77
unsigned char uchar
Definition: cipher.h:78
void init(const std::string &pass)
Initialize the cipher: set the key and IV values.
Definition: cipher.cc:429
kv1_t encode_cipher(const std::string &plaintext) const
Cipher encode.
Definition: cipher.cc:322
#define DBG_FCT(fct)
Definition: cipher.cc:42
std::string encode_base64(uchar *ciphertext, uint ciphertext_len) const
Base64 encode.
Definition: cipher.cc:261

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

void Cipher::encrypt_file ( const std::string &  ifn,
const std::string &  ofn,
const std::string &  pass = "",
const std::string &  salt = "" 
)

Encrypt a file.

Here is a usage example.

* #include "cipher.h"
* #include <iostream>
* #include <string>
* using namepsace std;
*
* void example()
* {
* string pass = "password";
* string salt = "12345678"; // must be 8
* string ifn = "license.txt"; // plaintext
* string ofn = "license.dat"; // ciphertext
*
* // Encrypt file.
* // It is the same as running this command:
* // % openssl enc -e -a -md sha1 -aes-256-cbc -salt -p \
* // -S 49505152535455676758 \
* // -pass pass:password \
* // -in license.txt -out license.dat
* try {
* Cipher c;
* c.encrypt_file(ifn,ofn,pass,salt);
* }
* catch (exception& e) {
* cerr << "ERROR: " << e.what() << endl;
* }
* }
*
Parameters
ifnThe plaintext file.
ofnThe encrypted file.
passThe passphrase.
saltThe optional salt.
Exceptions
runtime_errorIf a problem occurs.

Definition at line 204 of file cipher.cc.

References DBG_FCT, encrypt(), file_read(), and file_write().

208 {
209  DBG_FCT("encrypt_file");
210  string plaintext = file_read(ifn);
211  string ciphertext = encrypt(plaintext,pass,salt);
212  file_write(ofn,ciphertext,true);
213 }
void file_write(const std::string &fn, const std::string &data, bool nl=false) const
Write ASCII data to a file.
Definition: cipher.cc:498
std::string encrypt(const std::string &plaintext, const std::string &pass="", const std::string &salt="")
Encrypt buffer using AES 256 CBC (SHA1).
Definition: cipher.cc:183
std::string file_read(const std::string &fn) const
Read a file into a buffer.
Definition: cipher.cc:482
#define DBG_FCT(fct)
Definition: cipher.cc:42

+ Here is the call graph for this function:

string Cipher::file_read ( const std::string &  fn) const

Read a file into a buffer.

Parameters
fnThe file name.
Returns
The file contents.
Exceptions
runtime_errorif the file doesn't exist.

Definition at line 482 of file cipher.cc.

References DBG_FCT.

Referenced by decrypt_file(), and encrypt_file().

483 {
484  DBG_FCT("file_read");
485  ifstream ifs(fn.c_str());
486  if (!ifs) {
487  string msg="Cannot read file '"+fn+"'";
488  throw runtime_error(msg);
489  }
490  string str((istreambuf_iterator<char>(ifs)),
491  istreambuf_iterator<char>());
492  return str;
493 }
#define DBG_FCT(fct)
Definition: cipher.cc:42

+ Here is the caller graph for this function:

void Cipher::file_write ( const std::string &  fn,
const std::string &  data,
bool  nl = false 
) const

Write ASCII data to a file.

Parameters
fnThe file name.
dataThe data to write.
nlAppend a trailing new line.
Exceptions
runtime_errorif the file cannot be written.

Definition at line 498 of file cipher.cc.

References DBG_FCT.

Referenced by decrypt_file(), and encrypt_file().

499 {
500  DBG_FCT("file_write");
501  ofstream ofs(fn.c_str());
502  if (!ofs) {
503  string msg="Cannot write file '"+fn+"'";
504  throw runtime_error(msg);
505  }
506  ofs << data;
507  if (nl) {
508  ofs << endl;
509  }
510  ofs.close();
511 }
#define DBG_FCT(fct)
Definition: cipher.cc:42

+ Here is the caller graph for this function:

void Cipher::init ( const std::string &  pass)
private

Initialize the cipher: set the key and IV values.

Parameters
passThe passphrase.

Definition at line 429 of file cipher.cc.

References DBG_FCT, DBG_PKV, DBG_TDUMP, m_cipher, m_count, m_digest, m_iv, m_key, m_pass, and m_salt.

Referenced by decrypt(), and encrypt().

430 {
431  DBG_FCT("init");
432  // Use a default passphrase if the user didn't specify one.
433  m_pass = pass;
434  if (m_pass.empty() ) {
435  // Default: ' deFau1t pASsw0rD'
436  // Obfuscate so that a simple strings will not find it.
437  char a[] = {' ','d','e','F','a','u','1','t',' ',
438  'p','A','S','s','w','0','r','D',0};
439  m_pass = a;
440  }
441 
442  // Create the key and IV values from the passkey.
443  bzero(m_key,sizeof(m_key));
444  bzero(m_iv,sizeof(m_iv));
445  OpenSSL_add_all_algorithms();
446  const EVP_CIPHER* cipher = EVP_get_cipherbyname(m_cipher.c_str());
447  const EVP_MD* digest = EVP_get_digestbyname(m_digest.c_str());
448  if (!cipher) {
449  string msg = "init(): cipher does not exist "+m_cipher;
450  throw runtime_error(msg);
451  }
452  if (!digest) {
453  string msg = "init(): digest does not exist "+m_digest;
454  throw runtime_error(msg);
455  }
456 
457  int ks = EVP_BytesToKey(cipher, // cipher type
458  digest, // message digest
459  m_salt, // 8 bytes
460  (uchar*)m_pass.c_str(), // pass value
461  m_pass.length(),
462  m_count, // number of rounds
463  m_key,
464  m_iv);
465  if (ks!=32) {
466  throw runtime_error("init() failed: "
467  "EVP_BytesToKey did not return a 32 byte key");
468  }
469 
470  DBG_PKV(m_pass);
471  DBG_PKV(m_cipher);
472  DBG_PKV(m_digest);
473  DBG_TDUMP(m_salt);
474  DBG_TDUMP(m_key);
475  DBG_TDUMP(m_iv);
476  DBG_PKV(m_count);
477 }
aes_key_t m_key
Definition: cipher.h:293
std::string m_digest
Definition: cipher.h:291
std::string m_cipher
Definition: cipher.h:290
#define DBG_PKV(v)
Definition: cipher.cc:44
aes_iv_t m_iv
Definition: cipher.h:294
unsigned char uchar
Definition: cipher.h:78
aes_salt_t m_salt
Definition: cipher.h:292
std::string m_pass
Definition: cipher.h:289
uint m_count
Definition: cipher.h:295
#define DBG_FCT(fct)
Definition: cipher.cc:42
#define DBG_TDUMP(v)
Definition: cipher.cc:43

+ Here is the caller graph for this function:

void Cipher::set_salt ( const std::string &  salt)
private

Convert string salt to internal format.

Parameters
saltThe salt.

Definition at line 406 of file cipher.cc.

References DBG_FCT, and m_salt.

Referenced by decrypt(), and encrypt().

407 {
408  DBG_FCT("set_salt");
409  if (salt.length() == 0) {
410  // Choose a random salt.
411  for(uint i=0;i<sizeof(m_salt);++i) {
412  m_salt[i] = rand() % 256;
413  }
414  }
415  else if (salt.length() == 8) {
416  memcpy(m_salt,salt.c_str(),8);
417  }
418  else if (salt.length()<8) {
419  throw underflow_error("init(): salt is too short, must be 8 characters");
420  }
421  else if (salt.length()>8) {
422  throw overflow_error("init(): salt is too long, must be 8 characters");
423  }
424 }
unsigned int uint
Definition: cipher.h:77
aes_salt_t m_salt
Definition: cipher.h:292
#define DBG_FCT(fct)
Definition: cipher.cc:42

+ Here is the caller graph for this function:

Member Data Documentation

std::string Cipher::m_cipher
private

Definition at line 290 of file cipher.h.

Referenced by init().

uint Cipher::m_count
private

Definition at line 295 of file cipher.h.

Referenced by init().

bool Cipher::m_debug
private

Definition at line 297 of file cipher.h.

Referenced by debug().

std::string Cipher::m_digest
private

Definition at line 291 of file cipher.h.

Referenced by init().

bool Cipher::m_embed
private

Definition at line 296 of file cipher.h.

Referenced by encode_cipher().

aes_iv_t Cipher::m_iv
private

Definition at line 294 of file cipher.h.

Referenced by decode_cipher(), encode_cipher(), and init().

aes_key_t Cipher::m_key
private

Definition at line 293 of file cipher.h.

Referenced by decode_cipher(), encode_cipher(), and init().

std::string Cipher::m_pass
private

Definition at line 289 of file cipher.h.

Referenced by init().

aes_salt_t Cipher::m_salt
private

Definition at line 292 of file cipher.h.

Referenced by decrypt(), encode_cipher(), init(), and set_salt().


The documentation for this class was generated from the following files: