SecureByteArray MessageDigestImpl<HASH>::digestImpl(const SecureByteArray& sa)
{
//ASSERT(sa.data());
//ASSERT(sa.size());
return digestImpl(sa.data(), sa.size());
}
void crypter_make_key(void)
{
SecureByteArray masterPassword = QString("7h15p455w0rd15m0r37h4n53cr37").toUtf8();
QByteArray salt = QString("pepper").toUtf8();
SecureByteArray key = Crypter::makeKeyFromPassword(masterPassword, salt);
QVERIFY(key.size() == Crypter::AESKeySize);
QVERIFY(key.toBase64() == "T8LlrPN1aqDlsIJVFA19r0RlZRpj7LuY8xbFnk3Tx8M=");
}
SecretKey::SecretKey(const NarrowString& alg,
const SecureByteArray& bytes,
const NarrowString& format)
: m_algorithm(alg), m_secBlock(bytes.data(), bytes.size()), m_format(format)
{
ASSERT( !m_algorithm.empty() );
ASSERT( m_secBlock.size() );
ASSERT( !m_format.empty() );
}
size_t MessageDigestImpl<HASH>::digestImpl(SecureByteArray& buf, size_t offset, size_t len)
{
//ASSERT(buf.data());
//ASSERT(buf.size());
//ASSERT(offset + len <= buf.size());
return digestImpl(buf.data(), buf.size(), offset, len);
}
SecureByteArray MessageDigestImpl<HASH>::digestImpl(const NarrowString& input)
{
//ASSERT(input.data());
//ASSERT(input.length());
// Our String classes do not have a getBytes() method.
SecureByteArray sa = TextConvert::GetBytes(input, "UTF-8");
return digestImpl(sa.data(), sa.size());
}
void MessageDigestImpl<HASH>::updateImpl(const SecureByteArray& sa, size_t offset, size_t len)
{
//ASSERT(sa.data());
//ASSERT(sa.size());
//ASSERT(len);
//ASSERT(offset+len <= size);
return updateImpl(sa.data(), sa.size(), offset, len);
}
QByteArray Cipher::update(const QByteArray &data)
{
if (chacha) {
return chacha->update(data);
} else if (rc4) {
return rc4->update(data);
} else if (pipe) {
pipe->process_msg(reinterpret_cast<const Botan::byte *>(data.constData()), data.size());
SecureByteArray c = pipe->read_all(Botan::Pipe::LAST_MESSAGE);
QByteArray out(reinterpret_cast<const char *>(DataOfSecureByteArray(c)), c.size());
return out;
} else {
throw std::runtime_error("Underlying ciphers are all uninitialised!");
}
}
void crypter_encode_decode(void)
{
SecureByteArray masterPassword = QString("7h15p455w0rd15m0r37h4n53cr37").toUtf8();
QByteArray salt = Crypter::randomBytes(Crypter::SaltSize);
SecureByteArray key;
SecureByteArray IV;
Crypter::makeKeyAndIVFromPassword(masterPassword, salt, key, IV);
QVERIFY(key.length() == Crypter::AESKeySize);
QVERIFY(IV.length() == Crypter::AESBlockSize);
SecureByteArray KGK = Crypter::randomBytes(Crypter::KGKSize);
QByteArray data = Crypter::randomBytes(1024);
QByteArray cipher = Crypter::encode(key, IV, salt, KGK, data, true);
SecureByteArray KGK2;
QByteArray plain = Crypter::decode(masterPassword, cipher, true, KGK2);
QVERIFY(plain == data);
QVERIFY(KGK == KGK2);
}
void crypter_make_key_iv(void)
{
SecureByteArray masterPassword = QString("7h15p455w0rd15m0r37h4n53cr37").toUtf8();
QByteArray salt = QString("this is my salt.").toUtf8();
SecureByteArray key;
SecureByteArray IV;
Crypter::makeKeyAndIVFromPassword(masterPassword, salt, key, IV);
QVERIFY(key.length() == Crypter::AESKeySize);
QVERIFY(key.toBase64() == "vGoCE/dCUIpQFfPEHnh+qY9HLTeMNPFPMlA9dz5snjs=");
QVERIFY(IV.length() == Crypter::AESBlockSize);
QVERIFY(IV.toBase64() == "mHg3BMpk9vwK+eY1YJWAKg==");
}
bool Exporter::write(const SecureByteArray &data, const SecureString &pwd)
{
Q_D(Exporter);
Q_ASSERT((data.size() % Crypter::AESBlockSize) == 0);
QByteArray salt = Crypter::generateSalt();
SecureByteArray iv;
SecureByteArray key;
Crypter::makeKeyAndIVFromPassword(pwd.toUtf8(), salt, key, iv);
CryptoPP::CBC_Mode<CryptoPP::AES>::Encryption enc;
enc.SetKeyWithIV(reinterpret_cast<const byte*>(key.constData()), key.size(), reinterpret_cast<const byte*>(iv.constData()));
const int cipherSize = data.size();
QByteArray cipher(cipherSize, static_cast<char>(0));
CryptoPP::ArraySource s(
reinterpret_cast<const byte*>(data.constData()), data.size(),
true,
new CryptoPP::StreamTransformationFilter(
enc,
new CryptoPP::ArraySink(reinterpret_cast<byte*>(cipher.data()), cipher.size()),
CryptoPP::StreamTransformationFilter::NO_PADDING
)
);
Q_UNUSED(s); // just to please the compiler
QFile file(d->filename);
bool opened = file.open(QIODevice::WriteOnly);
if (!opened)
return false;
QByteArray block = salt + cipher;
file.write(PemPreamble.toUtf8());
file.write("\n");
const SecureByteArray &b64 = block.toBase64();
for (int i = 0; i < b64.size(); i += 64) {
file.write(b64.mid(i, qMin(64, b64.size() - i)));
file.write("\n");
}
file.write(PemEpilog.toUtf8());
file.write("\n");
file.close();
return true;
}
SecureByteArray Exporter::read(const SecureString &pwd)
{
Q_D(Exporter);
SecureByteArray plain;
QFile file(d->filename);
bool opened = file.open(QIODevice::ReadOnly);
if (opened) {
static const int MaxLineSize = 64 + 2;
int state = 0;
QByteArray b64;
while (!file.atEnd()) {
char buf[MaxLineSize];
const qint64 bytesRead = file.readLine(buf, MaxLineSize);
const QString line = QByteArray(buf, bytesRead).trimmed();
switch (state) {
case 0:
if (line == PemPreamble) {
state = 1;
}
else {
qWarning() << "bad format";
}
break;
case 1:
if (line != PemEpilog) {
b64.append(line.toUtf8());
}
else {
state = 2;
}
break;
case 2:
// ignore trailing lines
break;
default:
qWarning() << "Oops! Should never have gotten here.";
break;
}
}
file.close();
SecureByteArray iv;
SecureByteArray key;
QByteArray imported = QByteArray::fromBase64(b64);
QByteArray salt = imported.mid(0, Crypter::SaltSize);
QByteArray cipher = imported.mid(Crypter::SaltSize);
Crypter::makeKeyAndIVFromPassword(pwd.toUtf8(), salt, key, iv);
CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption dec;
dec.SetKeyWithIV(reinterpret_cast<const byte*>(key.constData()), key.size(), reinterpret_cast<const byte*>(iv.constData()));
plain = SecureByteArray(cipher.size(), static_cast<char>(0));
CryptoPP::ArraySource s(
reinterpret_cast<const byte*>(cipher.constData()), cipher.size(),
true,
new CryptoPP::StreamTransformationFilter(
dec,
new CryptoPP::ArraySink(reinterpret_cast<byte*>(plain.data()), plain.size()),
CryptoPP::StreamTransformationFilter::NO_PADDING
)
);
Q_UNUSED(s); // just to please the compiler
}
return plain;
}
void MessageDigestImpl<HASH>::updateImpl(const NarrowString& str)
{
// Our String classes do not have a getBytes() method.
SecureByteArray sa = TextConvert::GetBytes(str, "UTF-8");
updateImpl(sa.data(), sa.size());
}
void MessageDigestImpl<HASH>::updateImpl(const SecureByteArray& input)
{
updateImpl(input.data(), input.size());
}
/**
* Creates an IvParameterSpec object using the first len bytes in iv,
* beginning at offset inclusive, as the IV.
*/
IvParameterSpec::IvParameterSpec(const SecureByteArray& iv, size_t offset, size_t len)
: m_iv(create_secure_array(iv.data(), iv.size(), offset, len))
{
ASSERT(m_iv.data());
ASSERT(m_iv.size());
}
/**
* Creates an IvParameterSpec object using the bytes in iv as the IV.
*/
IvParameterSpec::IvParameterSpec(const SecureByteArray& iv)
: m_iv(create_secure_array(iv.data(), iv.size(), 0, iv.size()))
{
ASSERT(m_iv.data());
ASSERT(m_iv.size());
}
