Пример #1
0
CryptoPP::SecByteBlock
prf (
 CryptoPP::SecByteBlock const& secret,
 char const* label,
 CryptoPP::SecByteBlock const& seed,
 size_t length
)
{
  size_t half, len;
  CryptoPP::SecByteBlock first, second;
  CryptoPP::SecByteBlock::iterator it1, it2;

  half = secret.size() >> 1;
  len = half + (secret.size() & 1);

  first.Assign(secret.data(), len);
  second.Assign(secret.data()+half, len);

  first  = prf<H1>(first,  label, seed, length);
  second = prf<H2>(second, label, seed, length);

  it1 = first.begin();
  it2 = second.begin();
  while (it1 != first.end() && it2 != second.end())
  {
    (*it1) ^= (*it2);
    ++it1;
    ++it2;
  }
  
  return first;
}
Пример #2
0
int main() {
    {
        CryptoPP::SHA512 sha2;
        unsigned char digest[CryptoPP::SHA512::DIGESTSIZE];
        sha2.Final(digest);
    }

    {
        std::string data;
        const CryptoPP::SecByteBlock key;
        const CryptoPP::SecByteBlock iv;

        CryptoPP::SecByteBlock ret(0, CryptoPP::AES::MAX_KEYLENGTH);
        CryptoPP::StringSource(data, true, new CryptoPP::HashFilter(*(new CryptoPP::SHA3_512), new CryptoPP::ArraySink(ret, CryptoPP::AES::MAX_KEYLENGTH)));
        CryptoPP::GCM< CryptoPP::AES, CryptoPP::GCM_64K_Tables >::Encryption pwenc;
        pwenc.SetKeyWithIV(key.data(), key.size(), iv.data(), iv.size());
        std::string cipher;
        CryptoPP::StringSource(data, true, new CryptoPP::AuthenticatedEncryptionFilter(pwenc, new CryptoPP::StringSink(cipher), false, 16));
    }

    {
        const CryptoPP::SecByteBlock key;
        const CryptoPP::SecByteBlock iv;
        CryptoPP::GCM< CryptoPP::AES, CryptoPP::GCM_64K_Tables >::Decryption pwdec;
        pwdec.SetKeyWithIV(key.data(), key.size(), iv.data(), iv.size());
    }

    {
        CryptoPP::SecByteBlock ret(0, CryptoPP::AES::BLOCKSIZE);
        std::string str;
        CryptoPP::StringSource(str, true, new CryptoPP::Base64Decoder(new CryptoPP::ArraySink(ret, CryptoPP::AES::BLOCKSIZE)));
    }

    return 0;
}
Пример #3
0
	GenericCryptoOutputFilter(
			std::ostream &stream,
			const CryptoPP::SecByteBlock &key,
			const CryptoPP::SecByteBlock &iv): CryptoOutputFilter(stream){
		this->data.reset(new impl);
		this->data->e.SetKeyWithIV(key, key.size(), iv.data(), iv.size());
		this->data->filter.reset(new CryptoPP::StreamTransformationFilter(this->data->e));
	}
Пример #4
0
	std::string security::str(const CryptoPP::SecByteBlock& input)
	{
		std::string output;
		CryptoPP::StringSink sink(output);
		sink.Put(input, input.size());
		return output;
	}
// --------------------------------------------------------------------------
inline
void
client_key_exchange::process_dh (
 CryptoPP::SecByteBlock& premaster
)
// --------------------------------------------------------------------------
{
  CryptoPP::SimpleKeyAgreementDomain*& alg = m_handshake.m_key_algo;
  size_t pos;

  // Add leading zeros to match domain's public key length.
  if (m_pub.size() < alg->PublicKeyLength())
  {
    CryptoPP::SecByteBlock padding;

    padding.CleanNew(alg->PublicKeyLength() - m_pub.size());
    m_pub = padding + m_pub;
  }
  
  // Agree on the premaster secret.
  premaster.New(alg->AgreedValueLength());

  if (!alg->Agree(premaster, m_handshake.m_key_value, m_pub, true))
  {
    LOG_ERR("net.tls.client_key_exchange",
     "Error agreeing on pre-master secret. (DH)"
    );
    
    throw alert(
     alert_level::fatal,
     alert_description::illegal_parameter
    );
  }

  // Strip any leading zero bytes from the agreed value.
  pos = 0;

  while (premaster[pos] == 0 && pos < premaster.size())
  {
    ++pos;
  }

  premaster.Assign(&premaster[pos], (premaster.size() - pos));
}
Пример #6
0
CryptoPP::SecByteBlock
prf (
 CryptoPP::SecByteBlock const& secret,
 char const* label,
 CryptoPP::SecByteBlock const& seed,
 size_t length
)
{
  CryptoPP::HMAC<H> hmac(secret.data(), secret.size());
  CryptoPP::SecByteBlock hash_seed, A, cur_seed, output;
  
  // PRF(secret, label, seed) = P_hash(secret, label + seed)
  // P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) +
  //                        HMAC_hash(secret, A(2) + seed) +
  //                        HMAC_hash(secret, A(3) + seed) + ...
  // A(0) = seed
  // A(i) = HMAC_hash(secret, A(i-1))

  // Make the seed for P_<hash>.
  hash_seed.Assign(
   reinterpret_cast<byte const*>(label),
   strlen(label)
  );
  hash_seed += seed;
  
  // Calculate A(1) = HMAC_hash(secret, A(0)=seed)
  A.CleanNew(hmac.DigestSize());
  hmac.CalculateDigest(A.data(), hash_seed.data(), hash_seed.size());
  
  // Calculate P_hash(secret, seed)
  while (output.size() < length)
  {
    cur_seed = A + hash_seed;
    hmac.Update(cur_seed.data(), cur_seed.size());
    cur_seed.resize(hmac.DigestSize());
    hmac.Final(cur_seed.data());
    output += cur_seed;
    hmac.Update(A.data(), A.size());
    hmac.Final(A.data());
  }

  // Trim and return.
  output.resize(length);
  return output;
}
Пример #7
0
void Container::set_seed(CryptoPP::SecByteBlock seed)
{
	seed_ = seed;
	CryptoPP::AutoSeededRandomPool prng;
	CryptoPP::SecByteBlock t(seed.size());
	prng.GenerateBlock(t, t.size());
	for (auto p : mtl::count_until(t.size()))
	{
		seed_[p] ^= t[p];
	}
	prng_.IncorporateEntropy(seed_, seed_.size());

	//enhance pw
	for (auto b : seed)
	{
		enhanced_passphrase_.push_back(b);
	}
}