int main()
{
Botan::LibraryInitializer init;
AutoSeeded_RNG rng;
Row_Encryptor encryptor("secret passphrase", rng);
std::vector<std::string> original_inputs;
for(u32bit i = 0; i != 15000; ++i)
{
std::ostringstream out;
// This will actually generate variable length inputs (when
// there are leading 0s, which are skipped), which is good
// since it assures performance is OK across a mix of lengths
// TODO: Maybe randomize the length slightly?
for(u32bit j = 0; j != 32; ++j)
out << std::hex << (int)rng.next_byte();
original_inputs.push_back(out.str());
}
std::vector<std::string> encrypted_values;
MemoryVector<byte> salt(4); // keep out of loop to avoid excessive dynamic allocation
for(u32bit i = 0; i != original_inputs.size(); ++i)
{
std::string input = original_inputs[i];
store_le(i, salt);
encrypted_values.push_back(encryptor.encrypt(input, salt));
}
for(u32bit i = 0; i != encrypted_values.size(); ++i)
{
std::string ciphertext = encrypted_values[i];
store_le(i, salt); // NOTE: same salt value as previous loop (index value)
std::string output = encryptor.decrypt(ciphertext, salt);
if(output != original_inputs[i])
std::cout << "BOOM " << i << "\n";
}
}
bool BotanWrapper::EncryptFile(QString Source, QString Destination)
{
QFileInfo name = Source;
QString base = name.baseName();
QString encrypted1 = eoutput + base + ".gg";
QString encrypted2 = toutput + base + ".twofish";
QFile e(encrypted1);
QFile t(encrypted2);
try
{
//Setup the key derive functions
PKCS5_PBKDF2 pbkdf2(new HMAC(new Keccak_1600));
const u32bit PBKDF2_ITERATIONS = 700000;
qDebug() << "create keys";
//Create the KEY and IV
KDF* kdf = get_kdf("KDF2(SHA-512)");
AutoSeeded_RNG rng;
qDebug() << "create salt";
SecureVector<byte> salt(256);
rng.randomize(&salt[0], salt.size());
mSalt = salt;
qDebug() << "create master key";
//Create the master key
SecureVector<byte> mMaster = pbkdf2.derive_key(128, mPassword.toStdString(), &mSalt[0], mSalt.size(),PBKDF2_ITERATIONS).bits_of();
SymmetricKey mKey = kdf->derive_key(32, mMaster, "salt1");
InitializationVector mIV = kdf->derive_key(16, mMaster, "salt2");
qDebug() << "start encryption";
string inFilename = Source.toStdString();
string outFilename = encrypted1.toStdString();
std::ifstream inFile(inFilename.c_str());
std::ofstream outFile(outFilename.c_str());
Pipe pipe(get_cipher("AES-256/EAX", mKey, mIV,ENCRYPTION),new DataSink_Stream(outFile));
outFile.write((const char*)mSalt.begin(), mSalt.size());
pipe.start_msg();
inFile >> pipe;
pipe.end_msg();
outFile.flush();
outFile.close();
inFile.close();
QMessageBox msgBox;
/*****************TWOFISH ENCRYPTION********************/
qDebug() << "Twofish";
//Setup the key derive functions
PKCS5_PBKDF2 pbkdf3(new HMAC(new Skein_512));
//Create the KEY and IV
KDF* kdf2 = get_kdf("KDF2(Whirlpool)");
SecureVector<byte> salt2(256);
rng.randomize(&salt2[0], salt2.size());
mSalt2 = salt2;
//Create the master key
SecureVector<byte> mMaster2 = pbkdf3.derive_key(128, mPassword2.toStdString(), &mSalt2[0], mSalt2.size(),PBKDF2_ITERATIONS).bits_of();
SymmetricKey mKey2 = kdf2->derive_key(32, mMaster2, "salt1");
InitializationVector mIV2 = kdf2->derive_key(16, mMaster2, "salt2");
string inFilename2 = encrypted1.toStdString();
string outFilename2 = encrypted2.toStdString();
std::ifstream inFile2(inFilename2.c_str());
std::ofstream outFile2(outFilename2.c_str());
Pipe pipe2(get_cipher("Twofish/CFB", mKey2, mIV2,ENCRYPTION),new DataSink_Stream(outFile2));
outFile2.write((const char*)mSalt2.begin(), mSalt2.size());
pipe2.start_msg();
inFile2 >> pipe2;
pipe2.end_msg();
outFile2.flush();
outFile2.close();
inFile2.close();
/**************************SERPENT ENCRYPTION*****************/
//Create the KEY and IV
KDF* kdf3 = get_kdf("KDF2(Tiger)");
SecureVector<byte> salt3(256);
rng.randomize(&salt3[0], salt3.size());
mSalt3 = salt3;
//Create the master key
SecureVector<byte> mMaster3 = pbkdf2.derive_key(128, mPassword3.toStdString(), &mSalt3[0], mSalt3.size(),PBKDF2_ITERATIONS).bits_of();
SymmetricKey mKey3 = kdf3->derive_key(32, mMaster3, "salt1");
InitializationVector mIV3 = kdf3->derive_key(16, mMaster3, "salt2");
string inFilename3 = encrypted2.toStdString();
string outFilename3 = Destination.toStdString();
std::ifstream inFile3(inFilename3.c_str());
std::ofstream outFile3(outFilename3.c_str());
qDebug() << "serpent";
Pipe pipe3(get_cipher("Serpent/CBC/PKCS7", mKey3, mIV3,ENCRYPTION),new DataSink_Stream(outFile3));
outFile3.write((const char*)mSalt3.begin(), mSalt3.size());
pipe3.start_msg();
inFile3 >> pipe3;
pipe3.end_msg();
outFile3.flush();
outFile3.close();
inFile3.close();
msgBox.setText("Success!");
msgBox.setInformativeText("File successfully encrypted!");
msgBox.setStandardButtons(QMessageBox::Ok);
msgBox.setDefaultButton(QMessageBox::Ok);
msgBox.exec();
e.remove(); t.remove();
return true;
}
catch(...)
{
return false;
}
}
/*!
Encrypts \a data using \a password as the passphrase.
\param data The data to encrypt.
\param password The passphrase used to encrypt \a data.
\param compressionLevel The level of compression to use on \a data. See Database::compression.
\param error If this parameter is non-\c NULL, it will be set to DatabaseCrypto::NoError if the
encryption process succeeded, or one of the other DatabaseCrypto::CryptoStatus enumeration
constants if an error occurred.
\param extendedErrorInformation If this parameter is non-\c NULL, it will be set to a string
containing detailed information about any errors that occurred.
\return The encrypted data encoded in base 64, or an empty string if an error occurred.
*/
QString DatabaseCrypto::encrypt(const QString &data, const QString &password, int compressionLevel, CryptoStatus *error, QString *extendedErrorInformation)
{
const std::string algo = ALGO;
const QString header = HEADER;
Botan::LibraryInitializer init;
Q_UNUSED(init);
if (error)
{
*error = NoError;
}
std::string passphrase = password.toStdString();
// Holds the output data
QString out;
try
{
const BlockCipher* cipher_proto = global_state().algorithm_factory().prototype_block_cipher(algo);
const u32bit key_len = cipher_proto->maximum_keylength();
const u32bit iv_len = cipher_proto->block_size(); // TODO: AES block size is always 128 bit, verify this
const bool compressed = compressionLevel != 0;
const u32bit iterations = 8192;
AutoSeeded_RNG rng;
SecureVector<Botan::byte> salt(8);
rng.randomize(&salt[0], salt.size());
std::auto_ptr<PBKDF> pbkdf(get_pbkdf("PBKDF2(SHA-1)"));
SymmetricKey bc_key = pbkdf->derive_key(key_len, "BLK" + passphrase, &salt[0], salt.size(), iterations);
InitializationVector iv = pbkdf->derive_key(iv_len, "IVL" + passphrase, &salt[0], salt.size(), iterations);
SymmetricKey mac_key = pbkdf->derive_key(16, "MAC" + passphrase, &salt[0], salt.size(), iterations);
// Write the standard file header and the salt encoded in base64
out += QString("%1 %2 %3\n").arg(header).arg(Database::version())
.arg(compressed ? COMPRESSED : UNCOMPRESSED);
out += QString::fromStdString(b64_encode(salt)) + "\n";
Pipe pipe(
new Fork(
new Chain(
new MAC_Filter("HMAC(SHA-1)", mac_key),
new Base64_Encoder),
new Chain(
get_cipher(algo + "/CBC/PKCS7", bc_key, iv, ENCRYPTION),
new Base64_Encoder(true))));
// Write our input data to the pipe to process it - if compressionLevel = 0,
// nothing will be compressed
pipe.start_msg();
QByteArray qCompressedData = qCompress(data.toUtf8(), compressionLevel);
SecureVector<Botan::byte> rawCompressedData;
rawCompressedData.resize(qCompressedData.length());
for (int i = 0; i < qCompressedData.length(); i++)
{
rawCompressedData[i] = qCompressedData[i];
}
pipe.write(rawCompressedData);
pipe.end_msg();
// Get the encrypted data back from the pipe and write it to our output variable
out += QString::fromStdString(pipe.read_all_as_string(0)) + "\n";
out += QString::fromStdString(pipe.read_all_as_string(1));
return out;
}
catch (Algorithm_Not_Found &e)
{
if (extendedErrorInformation)
{
*extendedErrorInformation = QString(e.what());
}
if (error)
{
*error = UnknownError;
}
}
catch (std::exception &e)
{
if (extendedErrorInformation)
{
*extendedErrorInformation = QString(e.what());
}
if (error)
{
*error = UnknownError;
}
}
return QString();
}
