Shuffle things around. Add NIST X.509 test to build.

author: lloyd <[email protected]> 2014-01-01 21:20:55 +0000
committer: lloyd <[email protected]> 2014-01-01 21:20:55 +0000
commit: 197dc467dec28a04c3b2f30da7cef122dfbb13e9 (patch)
tree: cdbd3ddaec051c72f0a757db461973d90c37b97a /lib/constructs/cryptobox_psk/cryptobox_psk.cpp
parent: 62faac373c07cfe10bc8c309e89ebdd30d8e5eaa (diff)
1 files changed, 134 insertions, 0 deletions
diff --git a/lib/constructs/cryptobox_psk/cryptobox_psk.cpp b/lib/constructs/cryptobox_psk/cryptobox_psk.cpp
new file mode 100644
index 000000000..f22e43b43
--- /dev/null
+++ b/lib/constructs/cryptobox_psk/cryptobox_psk.cpp
@@ -0,0 +1,134 @@
+/*
+* Cryptobox Message Routines
+* (C) 2013 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/cryptobox_psk.h>
+#include <botan/pipe.h>
+#include <botan/lookup.h>
+#include <botan/loadstor.h>
+#include <memory>
+
+namespace Botan {
+
+namespace CryptoBox {
+
+namespace {
+
+const u32bit CRYPTOBOX_MAGIC = 0x571B0E4F;
+const std::string CRYPTOBOX_CIPHER = "AES-256/CBC";
+const std::string CRYPTOBOX_MAC = "HMAC(SHA-256)";
+const std::string CRYPTOBOX_KDF = "KDF2(SHA-256)";
+
+const size_t MAGIC_LENGTH = 4;
+const size_t KEY_KDF_SALT_LENGTH = 10;
+const size_t MAC_KEY_LENGTH = 32;
+const size_t CIPHER_KEY_LENGTH = 32;
+const size_t CIPHER_IV_LENGTH = 16;
+const size_t MAC_OUTPUT_LENGTH = 32;
+
+}
+
+std::vector<byte> encrypt(const byte input[], size_t input_len,
+                          const SymmetricKey& master_key,
+                          RandomNumberGenerator& rng)
+   {
+   std::unique_ptr<KDF> kdf(get_kdf(CRYPTOBOX_KDF));
+
+   const secure_vector<byte> cipher_key_salt =
+      rng.random_vec(KEY_KDF_SALT_LENGTH);
+
+   const secure_vector<byte> mac_key_salt =
+      rng.random_vec(KEY_KDF_SALT_LENGTH);
+
+   SymmetricKey cipher_key =
+      kdf->derive_key(CIPHER_KEY_LENGTH,
+                      master_key.bits_of(),
+                      cipher_key_salt);
+
+   SymmetricKey mac_key =
+      kdf->derive_key(MAC_KEY_LENGTH,
+                      master_key.bits_of(),
+                      mac_key_salt);
+
+   InitializationVector cipher_iv(rng, 16);
+
+   std::unique_ptr<MessageAuthenticationCode> mac(get_mac(CRYPTOBOX_MAC));
+   mac->set_key(mac_key);
+
+   Pipe pipe(get_cipher(CRYPTOBOX_CIPHER, cipher_key, cipher_iv, ENCRYPTION));
+   pipe.process_msg(input, input_len);
+   secure_vector<byte> ctext = pipe.read_all(0);
+
+   std::vector<byte> out(MAGIC_LENGTH);
+   store_be(CRYPTOBOX_MAGIC, &out[0]);
+   out += cipher_key_salt;
+   out += mac_key_salt;
+   out += cipher_iv.bits_of();
+   out += ctext;
+
+   mac->update(out);
+
+   out += mac->final();
+   return out;
+   }
+
+secure_vector<byte> decrypt(const byte input[], size_t input_len,
+                            const SymmetricKey& master_key)
+   {
+   const size_t MIN_CTEXT_SIZE = 16; // due to using CBC with padding
+
+   const size_t MIN_POSSIBLE_LENGTH =
+      MAGIC_LENGTH +
+      2 * KEY_KDF_SALT_LENGTH +
+      CIPHER_IV_LENGTH +
+      MIN_CTEXT_SIZE +
+      MAC_OUTPUT_LENGTH;
+
+   if(input_len < MIN_POSSIBLE_LENGTH)
+      throw Decoding_Error("Encrypted input too short to be valid");
+
+   if(load_be<u32bit>(input, 0) != CRYPTOBOX_MAGIC)
+      throw Decoding_Error("Unknown header value in cryptobox");
+
+   std::unique_ptr<KDF> kdf(get_kdf(CRYPTOBOX_KDF));
+
+   const byte* cipher_key_salt = &input[MAGIC_LENGTH];
+
+   const byte* mac_key_salt = &input[MAGIC_LENGTH + KEY_KDF_SALT_LENGTH];
+
+   SymmetricKey mac_key = kdf->derive_key(MAC_KEY_LENGTH,
+                                          master_key.bits_of(),
+                                          mac_key_salt,
+                                          KEY_KDF_SALT_LENGTH);
+
+   std::unique_ptr<MessageAuthenticationCode> mac(get_mac(CRYPTOBOX_MAC));
+   mac->set_key(mac_key);
+
+   mac->update(&input[0], input_len - MAC_OUTPUT_LENGTH);
+   secure_vector<byte> computed_mac = mac->final();
+
+   if(!same_mem(&input[input_len - MAC_OUTPUT_LENGTH], &computed_mac[0], computed_mac.size()))
+      throw Decoding_Error("MAC verification failed");
+
+   SymmetricKey cipher_key =
+      kdf->derive_key(CIPHER_KEY_LENGTH,
+                      master_key.bits_of(),
+                      cipher_key_salt, KEY_KDF_SALT_LENGTH);
+
+   InitializationVector cipher_iv(&input[MAGIC_LENGTH+2*KEY_KDF_SALT_LENGTH],
+                                  CIPHER_IV_LENGTH);
+
+   const size_t CTEXT_OFFSET = MAGIC_LENGTH + 2 * KEY_KDF_SALT_LENGTH + CIPHER_IV_LENGTH;
+
+   Pipe pipe(get_cipher(CRYPTOBOX_CIPHER, cipher_key, cipher_iv, DECRYPTION));
+   pipe.process_msg(&input[CTEXT_OFFSET],
+                    input_len - (MAC_OUTPUT_LENGTH + CTEXT_OFFSET));
+   return pipe.read_all();
+   }
+
+}
+
+}
author	lloyd <[email protected]>	2014-01-01 21:20:55 +0000
committer	lloyd <[email protected]>	2014-01-01 21:20:55 +0000
commit	197dc467dec28a04c3b2f30da7cef122dfbb13e9 (patch)
tree	cdbd3ddaec051c72f0a757db461973d90c37b97a /lib/constructs/cryptobox_psk/cryptobox_psk.cpp
parent	62faac373c07cfe10bc8c309e89ebdd30d8e5eaa (diff)