diff options
| author | lloyd <[email protected]> | 2014-01-01 21:20:55 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2014-01-01 21:20:55 +0000 |
| commit | 197dc467dec28a04c3b2f30da7cef122dfbb13e9 (patch) | |
| tree | cdbd3ddaec051c72f0a757db461973d90c37b97a /src/pbe | |
| parent | 62faac373c07cfe10bc8c309e89ebdd30d8e5eaa (diff) | |
Shuffle things around. Add NIST X.509 test to build.
Diffstat (limited to 'src/pbe')
| -rw-r--r-- | src/pbe/get_pbe.cpp | 140 | ||||
| -rw-r--r-- | src/pbe/get_pbe.h | 44 | ||||
| -rw-r--r-- | src/pbe/info.txt | 7 | ||||
| -rw-r--r-- | src/pbe/pbe.h | 39 | ||||
| -rw-r--r-- | src/pbe/pbes1/info.txt | 10 | ||||
| -rw-r--r-- | src/pbe/pbes1/pbes1.cpp | 193 | ||||
| -rw-r--r-- | src/pbe/pbes1/pbes1.h | 69 | ||||
| -rw-r--r-- | src/pbe/pbes2/info.txt | 14 | ||||
| -rw-r--r-- | src/pbe/pbes2/pbes2.cpp | 209 | ||||
| -rw-r--r-- | src/pbe/pbes2/pbes2.h | 70 |
10 files changed, 0 insertions, 795 deletions
diff --git a/src/pbe/get_pbe.cpp b/src/pbe/get_pbe.cpp deleted file mode 100644 index 4ec518776..000000000 --- a/src/pbe/get_pbe.cpp +++ /dev/null @@ -1,140 +0,0 @@ -/* -* PBE Retrieval -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/get_pbe.h> -#include <botan/oids.h> -#include <botan/scan_name.h> -#include <botan/parsing.h> -#include <botan/libstate.h> - -#if defined(BOTAN_HAS_PBE_PKCS_V15) - #include <botan/pbes1.h> -#endif - -#if defined(BOTAN_HAS_PBE_PKCS_V20) - #include <botan/pbes2.h> - #include <botan/hmac.h> -#endif - -namespace Botan { - -/* -* Get an encryption PBE, set new parameters -*/ -PBE* get_pbe(const std::string& algo_spec, - const std::string& passphrase, - std::chrono::milliseconds msec, - RandomNumberGenerator& rng) - { - SCAN_Name request(algo_spec); - - const std::string pbe = request.algo_name(); - std::string digest_name = request.arg(0); - const std::string cipher = request.arg(1); - - std::vector<std::string> cipher_spec = split_on(cipher, '/'); - if(cipher_spec.size() != 2) - throw Invalid_Argument("PBE: Invalid cipher spec " + cipher); - - const std::string cipher_algo = SCAN_Name::deref_alias(cipher_spec[0]); - const std::string cipher_mode = cipher_spec[1]; - - if(cipher_mode != "CBC") - throw Invalid_Argument("PBE: Invalid cipher mode " + cipher); - - Algorithm_Factory& af = global_state().algorithm_factory(); - - const BlockCipher* block_cipher = af.prototype_block_cipher(cipher_algo); - if(!block_cipher) - throw Algorithm_Not_Found(cipher_algo); - - const HashFunction* hash_function = af.prototype_hash_function(digest_name); - if(!hash_function) - throw Algorithm_Not_Found(digest_name); - - if(request.arg_count() != 2) - throw Invalid_Algorithm_Name(algo_spec); - -#if defined(BOTAN_HAS_PBE_PKCS_V15) - if(pbe == "PBE-PKCS5v15") - return new PBE_PKCS5v15(block_cipher->clone(), - hash_function->clone(), - passphrase, - msec, - rng); -#endif - -#if defined(BOTAN_HAS_PBE_PKCS_V20) - if(pbe == "PBE-PKCS5v20") - return new PBE_PKCS5v20(block_cipher->clone(), - new HMAC(hash_function->clone()), - passphrase, - msec, - rng); -#endif - - throw Algorithm_Not_Found(algo_spec); - } - -/* -* Get a decryption PBE, decode parameters -*/ -PBE* get_pbe(const OID& pbe_oid, - const std::vector<byte>& params, - const std::string& passphrase) - { - SCAN_Name request(OIDS::lookup(pbe_oid)); - - const std::string pbe = request.algo_name(); - -#if defined(BOTAN_HAS_PBE_PKCS_V15) - if(pbe == "PBE-PKCS5v15") - { - if(request.arg_count() != 2) - throw Invalid_Algorithm_Name(request.as_string()); - - std::string digest_name = request.arg(0); - const std::string cipher = request.arg(1); - - std::vector<std::string> cipher_spec = split_on(cipher, '/'); - if(cipher_spec.size() != 2) - throw Invalid_Argument("PBE: Invalid cipher spec " + cipher); - - const std::string cipher_algo = SCAN_Name::deref_alias(cipher_spec[0]); - const std::string cipher_mode = cipher_spec[1]; - - if(cipher_mode != "CBC") - throw Invalid_Argument("PBE: Invalid cipher mode " + cipher); - - Algorithm_Factory& af = global_state().algorithm_factory(); - - const BlockCipher* block_cipher = af.prototype_block_cipher(cipher_algo); - if(!block_cipher) - throw Algorithm_Not_Found(cipher_algo); - - const HashFunction* hash_function = - af.prototype_hash_function(digest_name); - - if(!hash_function) - throw Algorithm_Not_Found(digest_name); - - return new PBE_PKCS5v15(block_cipher->clone(), - hash_function->clone(), - params, - passphrase); - } -#endif - -#if defined(BOTAN_HAS_PBE_PKCS_V20) - if(pbe == "PBE-PKCS5v20") - return new PBE_PKCS5v20(params, passphrase); -#endif - - throw Algorithm_Not_Found(pbe_oid.as_string()); - } - -} diff --git a/src/pbe/get_pbe.h b/src/pbe/get_pbe.h deleted file mode 100644 index df87c0547..000000000 --- a/src/pbe/get_pbe.h +++ /dev/null @@ -1,44 +0,0 @@ -/* -* PBE Lookup -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_LOOKUP_PBE_H__ -#define BOTAN_LOOKUP_PBE_H__ - -#include <botan/pbe.h> -#include <vector> -#include <string> -#include <chrono> - -namespace Botan { - -/** -* Factory function for PBEs. -* @param algo_spec the name of the PBE algorithm to retrieve -* @param passphrase the passphrase to use for encryption -* @param msec how many milliseconds to run the PBKDF -* @param rng a random number generator -* @return pointer to a PBE with randomly created parameters -*/ -BOTAN_DLL PBE* get_pbe(const std::string& algo_spec, - const std::string& passphrase, - std::chrono::milliseconds msec, - RandomNumberGenerator& rng); - -/** -* Factory function for PBEs. -* @param pbe_oid the oid of the desired PBE -* @param params a DataSource providing the DER encoded parameters to use -* @param passphrase the passphrase to use for decryption -* @return pointer to the PBE with the specified parameters -*/ -BOTAN_DLL PBE* get_pbe(const OID& pbe_oid, - const std::vector<byte>& params, - const std::string& passphrase); - -} - -#endif diff --git a/src/pbe/info.txt b/src/pbe/info.txt deleted file mode 100644 index 0436c4efd..000000000 --- a/src/pbe/info.txt +++ /dev/null @@ -1,7 +0,0 @@ -define PASSWORD_BASED_ENCRYPTION 20131128 - -<requires> -filters -libstate -oid_lookup -</requires> diff --git a/src/pbe/pbe.h b/src/pbe/pbe.h deleted file mode 100644 index 45c98e2c8..000000000 --- a/src/pbe/pbe.h +++ /dev/null @@ -1,39 +0,0 @@ -/* -* PBE -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_PBE_BASE_H__ -#define BOTAN_PBE_BASE_H__ - -#include <botan/asn1_oid.h> -#include <botan/data_src.h> -#include <botan/filter.h> -#include <botan/rng.h> - -namespace Botan { - -/** -* Password Based Encryption (PBE) Filter. -*/ -class BOTAN_DLL PBE : public Filter - { - public: - /** - * DER encode the params (the number of iterations and the salt value) - * @return encoded params - */ - virtual std::vector<byte> encode_params() const = 0; - - /** - * Get this PBE's OID. - * @return object identifier - */ - virtual OID get_oid() const = 0; - }; - -} - -#endif diff --git a/src/pbe/pbes1/info.txt b/src/pbe/pbes1/info.txt deleted file mode 100644 index 36d26ecc9..000000000 --- a/src/pbe/pbes1/info.txt +++ /dev/null @@ -1,10 +0,0 @@ -define PBE_PKCS_V15 20131128 - -<requires> -asn1 -block -cbc -filters -hash -pbkdf1 -</requires> diff --git a/src/pbe/pbes1/pbes1.cpp b/src/pbe/pbes1/pbes1.cpp deleted file mode 100644 index a30f10a6c..000000000 --- a/src/pbe/pbes1/pbes1.cpp +++ /dev/null @@ -1,193 +0,0 @@ -/* -* PKCS #5 PBES1 -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/pbes1.h> -#include <botan/pbkdf1.h> -#include <botan/der_enc.h> -#include <botan/ber_dec.h> -#include <botan/lookup.h> -#include <algorithm> - -namespace Botan { - -/* -* Encrypt some bytes using PBES1 -*/ -void PBE_PKCS5v15::write(const byte input[], size_t length) - { - m_pipe.write(input, length); - flush_pipe(true); - } - -/* -* Start encrypting with PBES1 -*/ -void PBE_PKCS5v15::start_msg() - { - m_pipe.append(get_cipher(m_block_cipher->name() + "/CBC/PKCS7", - m_key, m_iv, m_direction)); - - m_pipe.start_msg(); - if(m_pipe.message_count() > 1) - m_pipe.set_default_msg(m_pipe.default_msg() + 1); - } - -/* -* Finish encrypting with PBES1 -*/ -void PBE_PKCS5v15::end_msg() - { - m_pipe.end_msg(); - flush_pipe(false); - m_pipe.reset(); - } - -/* -* Flush the pipe -*/ -void PBE_PKCS5v15::flush_pipe(bool safe_to_skip) - { - if(safe_to_skip && m_pipe.remaining() < 64) - return; - - secure_vector<byte> buffer(DEFAULT_BUFFERSIZE); - while(m_pipe.remaining()) - { - size_t got = m_pipe.read(&buffer[0], buffer.size()); - send(buffer, got); - } - } - -/* -* Encode PKCS#5 PBES1 parameters -*/ -std::vector<byte> PBE_PKCS5v15::encode_params() const - { - return DER_Encoder() - .start_cons(SEQUENCE) - .encode(m_salt, OCTET_STRING) - .encode(m_iterations) - .end_cons() - .get_contents_unlocked(); - } - -/* -* Return an OID for this PBES1 type -*/ -OID PBE_PKCS5v15::get_oid() const - { - const OID base_pbes1_oid("1.2.840.113549.1.5"); - - const std::string cipher = m_block_cipher->name(); - const std::string digest = m_hash_function->name(); - - if(cipher == "DES" && digest == "MD2") - return (base_pbes1_oid + 1); - else if(cipher == "DES" && digest == "MD5") - return (base_pbes1_oid + 3); - else if(cipher == "DES" && digest == "SHA-160") - return (base_pbes1_oid + 10); - else if(cipher == "RC2" && digest == "MD2") - return (base_pbes1_oid + 4); - else if(cipher == "RC2" && digest == "MD5") - return (base_pbes1_oid + 6); - else if(cipher == "RC2" && digest == "SHA-160") - return (base_pbes1_oid + 11); - else - throw Internal_Error("PBE-PKCS5 v1.5: get_oid() has run out of options"); - } - -std::string PBE_PKCS5v15::name() const - { - return "PBE-PKCS5v15(" + m_block_cipher->name() + "," + - m_hash_function->name() + ")"; - } - -PBE_PKCS5v15::PBE_PKCS5v15(BlockCipher* cipher, - HashFunction* hash, - const std::string& passphrase, - std::chrono::milliseconds msec, - RandomNumberGenerator& rng) : - m_direction(ENCRYPTION), - m_block_cipher(cipher), - m_hash_function(hash), - m_salt(rng.random_vec(8)) - { - if(cipher->name() != "DES" && cipher->name() != "RC2") - { - throw Invalid_Argument("PBE_PKCS5v1.5: Unknown cipher " + - cipher->name()); - } - - if(hash->name() != "MD2" && hash->name() != "MD5" && - hash->name() != "SHA-160") - { - throw Invalid_Argument("PBE_PKCS5v1.5: Unknown hash " + - hash->name()); - } - - PKCS5_PBKDF1 pbkdf(m_hash_function->clone()); - - secure_vector<byte> key_and_iv = - pbkdf.derive_key(16, passphrase, - &m_salt[0], m_salt.size(), - msec, m_iterations).bits_of(); - - m_key.assign(&key_and_iv[0], &key_and_iv[8]); - m_iv.assign(&key_and_iv[8], &key_and_iv[16]); - - } - -PBE_PKCS5v15::PBE_PKCS5v15(BlockCipher* cipher, - HashFunction* hash, - const std::vector<byte>& params, - const std::string& passphrase) : - m_direction(DECRYPTION), - m_block_cipher(cipher), - m_hash_function(hash) - { - if(cipher->name() != "DES" && cipher->name() != "RC2") - { - throw Invalid_Argument("PBE_PKCS5v1.5: Unknown cipher " + - cipher->name()); - } - - if(hash->name() != "MD2" && hash->name() != "MD5" && - hash->name() != "SHA-160") - { - throw Invalid_Argument("PBE_PKCS5v1.5: Unknown hash " + - hash->name()); - } - - BER_Decoder(params) - .start_cons(SEQUENCE) - .decode(m_salt, OCTET_STRING) - .decode(m_iterations) - .verify_end() - .end_cons(); - - if(m_salt.size() != 8) - throw Decoding_Error("PBES1: Encoded salt is not 8 octets"); - - PKCS5_PBKDF1 pbkdf(m_hash_function->clone()); - - secure_vector<byte> key_and_iv = - pbkdf.derive_key(16, passphrase, - &m_salt[0], m_salt.size(), - m_iterations).bits_of(); - - m_key.assign(&key_and_iv[0], &key_and_iv[8]); - m_iv.assign(&key_and_iv[8], &key_and_iv[16]); - } - -PBE_PKCS5v15::~PBE_PKCS5v15() - { - delete m_block_cipher; - delete m_hash_function; - } - -} diff --git a/src/pbe/pbes1/pbes1.h b/src/pbe/pbes1/pbes1.h deleted file mode 100644 index 8d1a6f877..000000000 --- a/src/pbe/pbes1/pbes1.h +++ /dev/null @@ -1,69 +0,0 @@ -/* -* PKCS #5 v1.5 PBE -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_PBE_PKCS_V15_H__ -#define BOTAN_PBE_PKCS_V15_H__ - -#include <botan/pbe.h> -#include <botan/block_cipher.h> -#include <botan/hash.h> -#include <botan/pipe.h> -#include <chrono> - -namespace Botan { - -/** -* PKCS #5 v1.5 PBE -*/ -class BOTAN_DLL PBE_PKCS5v15 : public PBE - { - public: - OID get_oid() const; - - std::vector<byte> encode_params() const; - - std::string name() const; - - void write(const byte[], size_t); - void start_msg(); - void end_msg(); - - /** - * @param cipher the block cipher to use (DES or RC2) - * @param hash the hash function to use - * @param passphrase the passphrase to use - * @param msec how many milliseconds to run the PBKDF - * @param rng a random number generator - */ - PBE_PKCS5v15(BlockCipher* cipher, - HashFunction* hash, - const std::string& passphrase, - std::chrono::milliseconds msec, - RandomNumberGenerator& rng); - - PBE_PKCS5v15(BlockCipher* cipher, - HashFunction* hash, - const std::vector<byte>& params, - const std::string& passphrase); - - ~PBE_PKCS5v15(); - private: - - void flush_pipe(bool); - - Cipher_Dir m_direction; - BlockCipher* m_block_cipher; - HashFunction* m_hash_function; - - secure_vector<byte> m_salt, m_key, m_iv; - size_t m_iterations; - Pipe m_pipe; - }; - -} - -#endif diff --git a/src/pbe/pbes2/info.txt b/src/pbe/pbes2/info.txt deleted file mode 100644 index ba7d77774..000000000 --- a/src/pbe/pbes2/info.txt +++ /dev/null @@ -1,14 +0,0 @@ -define PBE_PKCS_V20 20131128 - -<requires> -algo_factory -asn1 -block -cbc -filters -hash -hmac -libstate -oid_lookup -pbkdf2 -</requires> diff --git a/src/pbe/pbes2/pbes2.cpp b/src/pbe/pbes2/pbes2.cpp deleted file mode 100644 index d4df1277c..000000000 --- a/src/pbe/pbes2/pbes2.cpp +++ /dev/null @@ -1,209 +0,0 @@ -/* -* PKCS #5 PBES2 -* (C) 1999-2008 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/pbes2.h> -#include <botan/pbkdf2.h> -#include <botan/algo_factory.h> -#include <botan/libstate.h> -#include <botan/der_enc.h> -#include <botan/ber_dec.h> -#include <botan/parsing.h> -#include <botan/alg_id.h> -#include <botan/oids.h> -#include <botan/lookup.h> -#include <algorithm> -#include <memory> - -namespace Botan { - -/* -* Encrypt some bytes using PBES2 -*/ -void PBE_PKCS5v20::write(const byte input[], size_t length) - { - pipe.write(input, length); - flush_pipe(true); - } - -/* -* Start encrypting with PBES2 -*/ -void PBE_PKCS5v20::start_msg() - { - pipe.append(get_cipher(block_cipher->name() + "/CBC/PKCS7", - key, iv, direction)); - - pipe.start_msg(); - if(pipe.message_count() > 1) - pipe.set_default_msg(pipe.default_msg() + 1); - } - -/* -* Finish encrypting with PBES2 -*/ -void PBE_PKCS5v20::end_msg() - { - pipe.end_msg(); - flush_pipe(false); - pipe.reset(); - } - -/* -* Flush the pipe -*/ -void PBE_PKCS5v20::flush_pipe(bool safe_to_skip) - { - if(safe_to_skip && pipe.remaining() < 64) - return; - - secure_vector<byte> buffer(DEFAULT_BUFFERSIZE); - while(pipe.remaining()) - { - const size_t got = pipe.read(&buffer[0], buffer.size()); - send(buffer, got); - } - } - -/* -* Encode PKCS#5 PBES2 parameters -*/ -std::vector<byte> PBE_PKCS5v20::encode_params() const - { - return DER_Encoder() - .start_cons(SEQUENCE) - .encode( - AlgorithmIdentifier("PKCS5.PBKDF2", - DER_Encoder() - .start_cons(SEQUENCE) - .encode(salt, OCTET_STRING) - .encode(iterations) - .encode(key_length) - .encode_if( - m_prf->name() != "HMAC(SHA-160)", - AlgorithmIdentifier(m_prf->name(), - AlgorithmIdentifier::USE_NULL_PARAM)) - .end_cons() - .get_contents_unlocked() - ) - ) - .encode( - AlgorithmIdentifier(block_cipher->name() + "/CBC", - DER_Encoder().encode(iv, OCTET_STRING).get_contents_unlocked() - ) - ) - .end_cons() - .get_contents_unlocked(); - } - -/* -* Return an OID for PBES2 -*/ -OID PBE_PKCS5v20::get_oid() const - { - return OIDS::lookup("PBE-PKCS5v20"); - } - -std::string PBE_PKCS5v20::name() const - { - return "PBE-PKCS5v20(" + block_cipher->name() + "," + - m_prf->name() + ")"; - } - -/* -* PKCS#5 v2.0 PBE Constructor -*/ -PBE_PKCS5v20::PBE_PKCS5v20(BlockCipher* cipher, - MessageAuthenticationCode* mac, - const std::string& passphrase, - std::chrono::milliseconds msec, - RandomNumberGenerator& rng) : - direction(ENCRYPTION), - block_cipher(cipher), - m_prf(mac), - salt(rng.random_vec(12)), - iv(rng.random_vec(block_cipher->block_size())), - iterations(0), - key_length(block_cipher->maximum_keylength()) - { - PKCS5_PBKDF2 pbkdf(m_prf->clone()); - - key = pbkdf.derive_key(key_length, passphrase, - &salt[0], salt.size(), - msec, iterations).bits_of(); - } - -/* -* PKCS#5 v2.0 PBE Constructor -*/ -PBE_PKCS5v20::PBE_PKCS5v20(const std::vector<byte>& params, - const std::string& passphrase) : - direction(DECRYPTION), - block_cipher(nullptr), - m_prf(nullptr) - { - AlgorithmIdentifier kdf_algo, enc_algo; - - BER_Decoder(params) - .start_cons(SEQUENCE) - .decode(kdf_algo) - .decode(enc_algo) - .verify_end() - .end_cons(); - - AlgorithmIdentifier prf_algo; - - if(kdf_algo.oid != OIDS::lookup("PKCS5.PBKDF2")) - throw Decoding_Error("PBE-PKCS5 v2.0: Unknown KDF algorithm " + - kdf_algo.oid.as_string()); - - BER_Decoder(kdf_algo.parameters) - .start_cons(SEQUENCE) - .decode(salt, OCTET_STRING) - .decode(iterations) - .decode_optional(key_length, INTEGER, UNIVERSAL) - .decode_optional(prf_algo, SEQUENCE, CONSTRUCTED, - AlgorithmIdentifier("HMAC(SHA-160)", - AlgorithmIdentifier::USE_NULL_PARAM)) - .verify_end() - .end_cons(); - - Algorithm_Factory& af = global_state().algorithm_factory(); - - std::string cipher = OIDS::lookup(enc_algo.oid); - std::vector<std::string> cipher_spec = split_on(cipher, '/'); - if(cipher_spec.size() != 2) - throw Decoding_Error("PBE-PKCS5 v2.0: Invalid cipher spec " + cipher); - - if(cipher_spec[1] != "CBC") - throw Decoding_Error("PBE-PKCS5 v2.0: Don't know param format for " + - cipher); - - BER_Decoder(enc_algo.parameters).decode(iv, OCTET_STRING).verify_end(); - - block_cipher = af.make_block_cipher(cipher_spec[0]); - m_prf = af.make_mac(OIDS::lookup(prf_algo.oid)); - - if(key_length == 0) - key_length = block_cipher->maximum_keylength(); - - if(salt.size() < 8) - throw Decoding_Error("PBE-PKCS5 v2.0: Encoded salt is too small"); - - PKCS5_PBKDF2 pbkdf(m_prf->clone()); - - key = pbkdf.derive_key(key_length, passphrase, - &salt[0], salt.size(), - iterations).bits_of(); - } - -PBE_PKCS5v20::~PBE_PKCS5v20() - { - delete m_prf; - delete block_cipher; - } - -} diff --git a/src/pbe/pbes2/pbes2.h b/src/pbe/pbes2/pbes2.h deleted file mode 100644 index b7160f575..000000000 --- a/src/pbe/pbes2/pbes2.h +++ /dev/null @@ -1,70 +0,0 @@ -/* -* PKCS #5 v2.0 PBE -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_PBE_PKCS_v20_H__ -#define BOTAN_PBE_PKCS_v20_H__ - -#include <botan/pbe.h> -#include <botan/block_cipher.h> -#include <botan/mac.h> -#include <botan/pipe.h> -#include <chrono> - -namespace Botan { - -/** -* PKCS #5 v2.0 PBE -*/ -class BOTAN_DLL PBE_PKCS5v20 : public PBE - { - public: - OID get_oid() const; - - std::vector<byte> encode_params() const; - - std::string name() const; - - void write(const byte buf[], size_t buf_len); - void start_msg(); - void end_msg(); - - /** - * Load a PKCS #5 v2.0 encrypted stream - * @param params the PBES2 parameters - * @param passphrase the passphrase to use for decryption - */ - PBE_PKCS5v20(const std::vector<byte>& params, - const std::string& passphrase); - - /** - * @param cipher the block cipher to use - * @param mac the MAC to use - * @param passphrase the passphrase to use for encryption - * @param msec how many milliseconds to run the PBKDF - * @param rng a random number generator - */ - PBE_PKCS5v20(BlockCipher* cipher, - MessageAuthenticationCode* mac, - const std::string& passphrase, - std::chrono::milliseconds msec, - RandomNumberGenerator& rng); - - ~PBE_PKCS5v20(); - private: - void flush_pipe(bool); - - Cipher_Dir direction; - BlockCipher* block_cipher; - MessageAuthenticationCode* m_prf; - secure_vector<byte> salt, key, iv; - size_t iterations, key_length; - Pipe pipe; - }; - -} - -#endif |