Esempio n. 1
0
    std::size_t genKeyIv(char* _chunk)
    {
        char* chunk = _chunk;
        CryptoPP::AutoSeededRandomPool rnd;

        {
            CryptoPP::SecByteBlock key(0x00, CryptoPP::AES::DEFAULT_KEYLENGTH);
            rnd.GenerateBlock(key, key.size());

            byte iv[CryptoPP::AES::BLOCKSIZE];
            rnd.GenerateBlock(iv, sizeof(iv));
            setEncKeyWithIv(key.data(), key.SizeInBytes(), iv, sizeof(iv));

            std::memcpy(chunk, key.data(), key.SizeInBytes());
            chunk += key.SizeInBytes();
            std::memcpy(chunk, iv, sizeof(iv));
            chunk += sizeof(iv);
        }

        {
            CryptoPP::SecByteBlock key(0x00, CryptoPP::AES::DEFAULT_KEYLENGTH);
            rnd.GenerateBlock(key, key.size());

            byte iv[CryptoPP::AES::BLOCKSIZE];
            rnd.GenerateBlock(iv, sizeof(iv));
            setDecKeyWithIv(key.data(), key.SizeInBytes(), iv, sizeof(iv));

            std::memcpy(chunk, key.data(), key.SizeInBytes());
            chunk += key.SizeInBytes();
            std::memcpy(chunk, iv, sizeof(iv));
            chunk += sizeof(iv);
        }
        return chunk - _chunk;
    }
Esempio n. 2
0
bool Session::do_key_exchange()
{
   aes_buffer aes_tmp;

   CryptoPP::AutoSeededRandomPool prng;
   prng.GenerateBlock(this->aes.key, sizeof(aes_key));
   prng.GenerateBlock(this->aes.iv, sizeof(aes_iv));

   std::memcpy(&aes_tmp, &this->aes, sizeof(aes_buffer));

   CryptoPP::CFB_Mode<CryptoPP::AES>::Encryption encryptor(aes_hard_key, sizeof(aes_key),
      aes_hard_iv);
   encryptor.ProcessData((uint8_t*)&aes_tmp, (uint8_t const*)&this->aes, sizeof(aes_buffer));

   return (write(this->fd, &aes_tmp, sizeof(aes_buffer)) > 0);
}
Esempio n. 3
0
void VhsmTest::testMac() {
    VHSM vhsm;
    ClientId cid;
    cid.pid = 0; cid.veid = 0;
    std::string user = "******";
    std::string password = "******";

    unsigned int mdsize;

    char msg[BUF_SIZE];
    std::vector<char> md;

    CryptoPP::AutoSeededRandomPool rnd;
    rnd.GenerateBlock((byte*)msg, BUF_SIZE);

    byte realmd[CryptoPP::HMAC<CryptoPP::SHA1>::DIGESTSIZE];
    CryptoPP::HMAC<CryptoPP::SHA1>((byte*)"", 0).CalculateDigest(realmd, (byte*)msg, BUF_SIZE);

    VhsmSession s = vhsm.openSession(cid);
    CPPUNIT_ASSERT_MESSAGE("login user failed", vhsm.loginUser(user, password, s.sid()));
    CPPUNIT_ASSERT_MESSAGE("macInit failed", vhsm.macInit(HMAC, SHA1, s.sid(), "") == ERR_NO_ERROR);
    CPPUNIT_ASSERT_MESSAGE("unsupported method accepted", vhsm.macInit((VhsmMacMechanismId)0, (VhsmDigestMechanismId)0, s.sid(), "") == ERR_BAD_MAC_METHOD);
    CPPUNIT_ASSERT_MESSAGE("macUpdate failed", vhsm.macUpdate(s.sid(), std::string(msg, BUF_SIZE)) == ERR_NO_ERROR);
    CPPUNIT_ASSERT_MESSAGE("invalid session id accepted", vhsm.macUpdate(s.sid() + 1, std::string(msg, BUF_SIZE)) == ERR_MAC_NOT_INITIALIZED);
    CPPUNIT_ASSERT_MESSAGE("macGetSize failed", vhsm.macGetSize(s.sid(), &mdsize) == ERR_NO_ERROR);
    CPPUNIT_ASSERT_MESSAGE("wrong size returned", mdsize == CryptoPP::HMAC<CryptoPP::SHA1>::DIGESTSIZE);
    CPPUNIT_ASSERT_MESSAGE("invalid session id accepted", vhsm.macGetSize(s.sid() + 1, &mdsize) == ERR_MAC_NOT_INITIALIZED);
    CPPUNIT_ASSERT_MESSAGE("macFinal failed", vhsm.macFinal(s.sid(), md) == ERR_NO_ERROR);
    CPPUNIT_ASSERT_MESSAGE("double digest finalization", vhsm.macFinal(s.sid(), md) == ERR_MAC_NOT_INITIALIZED);
    CPPUNIT_ASSERT_MESSAGE("wrong digest", memcmp(realmd, md.data(), CryptoPP::HMAC<CryptoPP::SHA1>::DIGESTSIZE) == 0);
    CPPUNIT_ASSERT_MESSAGE("close session failed", vhsm.closeSession(cid, s));
}
Esempio n. 4
0
void securityInfo::setPassword(const std::string &pw){ 
	password=pw;

	


  CryptoPP::PKCS5_PBKDF2_HMAC<CryptoPP::SHA1> pbkdf;





  CryptoPP::AutoSeededRandomPool rng;

  rng.GenerateBlock(pwsalt,pwsalt.size());

 



  icpw=pbkdf.DeriveKey( key, key.size(), 0x00, (byte *) password.data(), password.size(),
	pwsalt, pwsalt.size(), 0,0.5);

  iciv=pbkdf.DeriveKey(iv, iv.size(), 0x00,(byte *) password.data(), password.size(), pwsalt, pwsalt.size(),
	0,0.5);
}
Esempio n. 5
0
void generateRandomKey(std::string name, byte* key, long unsigned int length)
{
	CryptoPP::AutoSeededRandomPool prng;

	//byte key[CryptoPP::AES::DEFAULT_KEYLENGTH];
	prng.GenerateBlock(key, length);

	std::string encoded;

	CryptoPP::StringSource(key, length, true,
		new CryptoPP::HexEncoder(
			new CryptoPP::StringSink(encoded)
		) // HexEncoder
	); // StringSource

		std::ofstream outfile;

	std::string keyFile = "keys/" + name + ".key";

	std::ofstream file_out(keyFile.c_str());
	if(file_out.is_open())
	{
		file_out << encoded;
	} //end if valid outfstream
	file_out.close();
}
Esempio n. 6
0
SecureBinaryData SecureBinaryData::GenerateRandom(uint32_t numBytes)
{
   static CryptoPP::AutoSeededRandomPool prng;
   SecureBinaryData randData(numBytes);
   prng.GenerateBlock(randData.getPtr(), numBytes);
   return randData;  
}
Esempio n. 7
0
// --------------------------------------------------------------------------
document::document () :
 node(std::shared_ptr<document>(this, [](document*){})),
 m_implementation(m_document)
// --------------------------------------------------------------------------
{
  m_html = false;
  m_mode = no_quirks_mode;
  m_content_type = "application/xml";
  m_encoding = "utf-8";
  m_url = "about:blank";

  if (global_object)
  {
    m_origin = global_object->m_document->m_origin;
    m_script_origin = global_object->m_document->m_script_origin;
  }
  else
  {
    // Default is a globally unique identifier.
    // We'll just generate 32 random bytes as the ID.
    
    CryptoPP::AutoSeededRandomPool rng;
    CryptoPP::HexEncoder enc;
    byte bin[32];
    char hex[64];

    rng.GenerateBlock(bin, 32);
    enc.PutMessageEnd(bin, 32);
    enc.Get(reinterpret_cast<byte*>(hex), 64);
    
    m_origin = hex;
    m_script_origin = m_origin;
  }
}
Esempio n. 8
0
static std::string generateChallenge()
{
    CryptoPP::AutoSeededRandomPool prng;
    CryptoPP::SecByteBlock seed(16);
    prng.GenerateBlock(seed, seed.size());
    std::string challenge;
    CryptoPP::ArraySource(seed, seed.size(), true, new CryptoPP::HexEncoder(new CryptoPP::StringSink(challenge)));
    return challenge;
}
Esempio n. 9
0
uint64_t
generateWord64()
{
  static CryptoPP::AutoSeededRandomPool rng;

  uint64_t random;

  rng.GenerateBlock(reinterpret_cast<unsigned char*>(&random), 8);

  return random;
}
Esempio n. 10
0
std::string I2PControlSession::generateToken() const
{
    byte random_data[I2P_CONTROL_TOKEN_SIZE] = {};
    CryptoPP::AutoSeededRandomPool rng;
    rng.GenerateBlock(random_data, I2P_CONTROL_TOKEN_SIZE);
    std::string token;
    CryptoPP::StringSource ss(
        random_data, I2P_CONTROL_TOKEN_SIZE, true,
        new CryptoPP::HexEncoder(new CryptoPP::StringSink(token))
    );
    return token;
}
Esempio n. 11
0
bool encryptPacket(char* packet, byte* aes_key)
{
	try
	{
		std::string plaintext(packet);

		//Decode the key from the file
		GCM< AES >::Encryption p;
		//iv will help us with keying out cipher
		//it is also randomly generated
		byte iv[ AES::BLOCKSIZE ];
		CryptoPP::AutoSeededRandomPool prng;
		prng.GenerateBlock( iv, sizeof(iv) );

		//Merge the iv and key
		p.SetKeyWithIV( aes_key, CryptoPP::AES::DEFAULT_KEYLENGTH, iv, sizeof(iv) );

		//Encode the IV
		std::string encoded_iv;
		CryptoPP::StringSource(iv, sizeof(iv), true,
			new CryptoPP::HexEncoder(
				new CryptoPP::StringSink(encoded_iv)
			) // HexEncoder
		);

		//Create the ciphertext from the plaintext
		std::string ciphertext;
		CryptoPP::StringSource(plaintext, true,
			new CryptoPP::AuthenticatedEncryptionFilter(p,
				new CryptoPP::StringSink(ciphertext)
			)
		);

		//Encode the cipher to be sent
		std::string encodedCipher;
		CryptoPP::StringSource(ciphertext, true,
			new CryptoPP::HexEncoder(
				new CryptoPP::StringSink(encodedCipher)
			) // HexEncoder
		);

		//replace the packet with the econded ciphertext
		strcpy(packet, (encoded_iv+encodedCipher).c_str());
		packet[(encoded_iv+encodedCipher).size()] = '\0';
		//printf("Encrypted packet size: %d\n", (int)strlen(packet));
	}
	catch(std::exception e)
	{
		return false;
	}
	
	return true;
} //end encryptPacket function
Esempio n. 12
0
bool
SecTpmFile::generateRandomBlock(uint8_t* res, size_t size)
{
  try {
    CryptoPP::AutoSeededRandomPool rng;
    rng.GenerateBlock(res, size);
    return true;
  }
  catch (const CryptoPP::Exception& e) {
    return false;
  }
}
    QByteArray encrypt(QByteArray in) {
        byte iv[CryptoPP::AES::BLOCKSIZE];
        rnd.GenerateBlock(iv, CryptoPP::AES::BLOCKSIZE);
        QByteArray out = QByteArray((char*)iv, CryptoPP::AES::BLOCKSIZE);
        int inputSize = in.size();
        string cipher;

        CBC_Mode<AES>::Encryption aes(keyByte(), keySize(), iv);
        ArraySource((byte *)in.data(), inputSize, true, new StreamTransformationFilter(aes, new StringSink(cipher)));

        QByteArray encryptedBytes = QByteArray(cipher.c_str(), cipher.size());
        out.append(encryptedBytes);
        return out;
    }
Esempio n. 14
0
void Container::set_seed(CryptoPP::SecByteBlock seed)
{
	seed_ = seed;
	CryptoPP::AutoSeededRandomPool prng;
	CryptoPP::SecByteBlock t(seed.size());
	prng.GenerateBlock(t, t.size());
	for (auto p : mtl::count_until(t.size()))
	{
		seed_[p] ^= t[p];
	}
	prng_.IncorporateEntropy(seed_, seed_.size());

	//enhance pw
	for (auto b : seed)
	{
		enhanced_passphrase_.push_back(b);
	}
}
Esempio n. 15
0
int s3fs_encrypt(int fd, byte *key)
{
  //randomly generate iv
  CryptoPP::AutoSeededRandomPool prng;
  byte iv[CryptoPP::AES::BLOCKSIZE];
  prng.GenerateBlock(iv, sizeof(iv));
  string rawiv(reinterpret_cast<char*>(iv), CryptoPP::AES::BLOCKSIZE), striv;
  CryptoPP::StringSource s2(rawiv, true,
    new CryptoPP::HexEncoder(
      new CryptoPP::StringSink(striv)
    )
  );

  //read file into char array
  int flength = lseek(fd, 0, SEEK_END);
  unsigned char* fcontents;
  fcontents = (unsigned char*) calloc(flength, sizeof(char));
  pread(fd, fcontents, flength, 0);
  string plain(reinterpret_cast<char*>(fcontents), flength);

  //encrypt plaintext into ciphertext
  string cipher;
  CryptoPP::CBC_Mode<CryptoPP::AES>::Encryption e;
  e.SetKeyWithIV(key, CryptoPP::AES::DEFAULT_KEYLENGTH, iv);
  CryptoPP::StringSource ss(plain, true,
    new CryptoPP::StreamTransformationFilter(e,
      new CryptoPP::HexEncoder(
        new CryptoPP::StringSink(cipher)
      )
    )
  );

  //write iv and encrypted data to file
  string output = striv+cipher;
  const char *buf = output.c_str();
  pwrite(fd, buf, output.length(), 0);
  ftruncate(fd, output.length());

  return 0;
}
Esempio n. 16
0
void Pbkdf2::Work()
{
	static const unsigned _PBKDF2_BYTE_ = 512 / 8;

	boost::chrono::steady_clock::time_point start = boost::chrono::steady_clock::now();
	
	CryptoPP::SecByteBlock byte_Derived(_PBKDF2_BYTE_);
	CryptoPP::PKCS5_PBKDF2_HMAC<CryptoPP::Whirlpool> pbkdf2;

	if(h_Worker == PBKDF2_GENERATE)
	{
		CryptoPP::SecByteBlock byte_Salt(_PBKDF2_BYTE_);
		CryptoPP::AutoSeededRandomPool RNG;
		RNG.GenerateBlock(byte_Salt, byte_Salt.size());
		CryptoPP::ArraySource(byte_Salt, byte_Salt.size(), true, new CryptoPP::HexEncoder(new CryptoPP::StringSink(h_Salt)));

		pbkdf2.DeriveKey(byte_Derived, byte_Derived.size(), 0x0, reinterpret_cast<const byte *>(h_Key.data()), h_Key.size(), reinterpret_cast<const byte *>(h_Salt.data()), h_Salt.size(), h_Iterations, 0);
		CryptoPP::ArraySource(byte_Derived, byte_Derived.size(), true, new CryptoPP::HexEncoder(new CryptoPP::StringSink(h_Hash)));
	}
	else if(h_Worker == PBKDF2_VALIDATE)
	{
		pbkdf2.DeriveKey(byte_Derived, byte_Derived.size(), 0x0, reinterpret_cast<const byte *>(h_Key.data()), h_Key.size(), reinterpret_cast<const byte *>(h_Salt.data()), h_Salt.size(), h_Iterations, 0);

		CryptoPP::SecByteBlock byte_Validate(_PBKDF2_BYTE_);
		CryptoPP::StringSource(h_Hash, true, new CryptoPP::HexDecoder(new CryptoPP::ArraySink(byte_Validate, byte_Validate.size())));

		// Length-constant comparison.
		unsigned diff = _PBKDF2_BYTE_ ^ _PBKDF2_BYTE_;
		for(unsigned i = 0; i < _PBKDF2_BYTE_; ++i)
		{
			diff |= byte_Derived[i] ^ byte_Validate[i];
		}
		h_Equal = diff == 0;
	}

	boost::chrono::steady_clock::duration duration = boost::chrono::steady_clock::now() - start;
	h_ExecTime = static_cast<unsigned>(boost::chrono::duration_cast<boost::chrono::milliseconds>(duration).count());
}
 QByteArray generateKey() {
     byte key[32];
     rnd.GenerateBlock(key, 32);
     return UCharArrayToQByteArray(key, 32);
 }
Esempio n. 18
0
void CUTPSocketListner::Send(const byte* Buff, size_t uSize, const struct sockaddr* sa, socklen_t sa_len, uint8 Type)
{
	TKeyMap::iterator I = m_SendKeys.find((struct sockaddr*)sa);
	if(I == m_SendKeys.end())
		return;
	I->second->LastActivity = GetCurTick();
	ASSERT(I->second->PassKey);

	if(uSize > 0xFFFF - 0x80)
	{
		ASSERT(0);
		return;
	}

	bool SendKey = false;
	int PadLen = 16;
	if(Type == 1) // if its a UTP packet lets be a bit smart
	{
		ASSERT(uSize >= 4);
		UUtpHdr UtpHdr;
		UtpHdr.Bits = *((uint32*)Buff);
		
		if(UtpHdr.Fields.type == 4) // ST_SYN
			SendKey = true; // we always send the passked on y UTP Sync packet

		if(UtpHdr.Fields.type == 0) // ST_DATA
			PadLen = 0; // we dont needto padd data frames as tahy may already on thair own have a random size
	}
	else //if(!I->second->bAck) // if we are not talking UDT lets always send the key just to be sure
		SendKey = true;


	char Buffer[0xFFFF];
	byte* pBuffer = (byte*)Buffer;
	size_t uLength = 0;

	CryptoPP::AutoSeededRandomPool rng;
	uint32 Rand = 0;
	rng.GenerateBlock((byte*)&Rand, sizeof(uint32));
	UHdr Hdr;
	Hdr.Fields.Type = Type;
	Hdr.Fields.Reserved = 0;
	Hdr.Fields.Discard = 0; // total drop ist (n+1)*256
	if(uSize >= 10 * 1024)
	   Hdr.Fields.Discard = 3; // discard only 1024 key bytes in total for large packets
	Hdr.Fields.HasKey = SendKey;
	if(PadLen)
		PadLen = (rand() % (PadLen + 1)) & 0x3F; // ensure 64 bytes are available for optional footer entries
	Hdr.Fields.PadLen = PadLen;
	//if(Hdr.Fields.Reserved != 0)
	//	Hdr.Fields.PadLen += 4;


	memcpy(pBuffer + uLength, &Rand, sizeof(uint32));			uLength += 4;
	memcpy(pBuffer + uLength, &Hdr.Bits, sizeof(uint32));		uLength += 4;
	if(Hdr.Fields.HasKey) {
		memcpy(pBuffer + uLength, &m_RecvKey, sizeof(uint64));	uLength += 8; }
	
	memcpy(pBuffer + uLength, Buff, uSize);						uLength += uSize;

	//if(Hdr.Fields.Reserved != 0) {
	//	memcpy(pBuffer + uLength, NEO_MAGIC, 4);				uLength += 4; }
	if(PadLen > 0) {
		rng.GenerateBlock(pBuffer + uLength, PadLen);			uLength += PadLen; }

	CryptoPP::Weak1::MD5 md5;
	md5.Update((byte*)&Rand, sizeof(Rand));
	md5.Update((byte*)&I->second->PassKey, sizeof(uint64));
	byte Hash[16];
	md5.Final(Hash);

//#ifdef _DEBUG
//	LogLine(LOG_INFO | LOG_DEBUG, L"Send to %s PassKey %I64u -> %s", 
//		CSafeAddress(sa, sa_len, sa_len == sizeof(sockaddr_in) ? CSafeAddress::eUTP_IP4 : CSafeAddress::eUTP_IP6).ToString().c_str(),
//		I->second->PassKey, ToHex(Hash, 16).c_str());
//#endif

	CryptoPP::Weak::ARC4::Encryption RC4;
	RC4.SetKey(Hash, 16);
	RC4.DiscardBytes(256);

	RC4.ProcessData(pBuffer + 4, pBuffer + 4, 4);
	if(Hdr.Fields.Discard)
		RC4.DiscardBytes(Hdr.Fields.Discard * 256);

	RC4.ProcessData(pBuffer + 8, pBuffer + 8, uLength - 8);

	sendto(m_Socket, Buffer, (int)uLength, 0, (struct sockaddr*)sa, sa_len);
}
Esempio n. 19
0
void Key::generate(){
	byte key[keySize];
	CryptoPP::AutoSeededRandomPool prng;
	prng.GenerateBlock(key, keySize);
	this->key.insert(this->key.begin(), &key[0], &key[keySize]);
}