aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/constructs/pbes2/pbes2.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/constructs/pbes2/pbes2.cpp')
-rw-r--r--src/lib/constructs/pbes2/pbes2.cpp43
1 files changed, 13 insertions, 30 deletions
diff --git a/src/lib/constructs/pbes2/pbes2.cpp b/src/lib/constructs/pbes2/pbes2.cpp
index 8c2348408..811806891 100644
--- a/src/lib/constructs/pbes2/pbes2.cpp
+++ b/src/lib/constructs/pbes2/pbes2.cpp
@@ -6,6 +6,8 @@
*/
#include <botan/pbes2.h>
+#include <botan/algo_registry.h>
+#include <botan/cipher_mode.h>
#include <botan/pbkdf2.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
@@ -13,13 +15,8 @@
#include <botan/alg_id.h>
#include <botan/oids.h>
#include <botan/rng.h>
-#include <botan/cbc.h>
#include <algorithm>
-#if defined(BOTAN_HAS_AEAD_GCM)
- #include <botan/gcm.h>
-#endif
-
namespace Botan {
namespace {
@@ -70,8 +67,7 @@ pbes2_encrypt(const secure_vector<byte>& key_bits,
std::chrono::milliseconds msec,
const std::string& cipher,
const std::string& digest,
- RandomNumberGenerator& rng,
- Algorithm_Factory& af)
+ RandomNumberGenerator& rng)
{
const std::string prf = "HMAC(" + digest + ")";
@@ -81,18 +77,12 @@ pbes2_encrypt(const secure_vector<byte>& key_bits,
const secure_vector<byte> salt = rng.random_vec(12);
- std::unique_ptr<Keyed_Transform> enc;
-
- if(cipher_spec[1] == "CBC")
- enc.reset(new CBC_Encryption(af.make_block_cipher(cipher_spec[0]), new PKCS7_Padding));
-#if defined(BOTAN_HAS_AEAD_GCM)
- else if(cipher_spec[1] == "GCM")
- enc.reset(new GCM_Encryption(af.make_block_cipher(cipher_spec[0])));
-#endif
- else
+ if(cipher_spec[1] != "CBC" && cipher_spec[1] != "GCM")
throw Decoding_Error("PBE-PKCS5 v2.0: Don't know param format for " + cipher);
- PKCS5_PBKDF2 pbkdf(af.make_mac(prf));
+ std::unique_ptr<Keyed_Transform> enc(get_cipher_mode(cipher, ENCRYPTION));
+
+ PKCS5_PBKDF2 pbkdf(Algo_Registry<MessageAuthenticationCode>::global_registry().make(prf));
const size_t key_length = enc->key_spec().maximum_keylength();
size_t iterations = 0;
@@ -116,8 +106,7 @@ pbes2_encrypt(const secure_vector<byte>& key_bits,
secure_vector<byte>
pbes2_decrypt(const secure_vector<byte>& key_bits,
const std::string& passphrase,
- const std::vector<byte>& params,
- Algorithm_Factory& af)
+ const std::vector<byte>& params)
{
AlgorithmIdentifier kdf_algo, enc_algo;
@@ -152,6 +141,8 @@ pbes2_decrypt(const secure_vector<byte>& key_bits,
const std::vector<std::string> cipher_spec = split_on(cipher, '/');
if(cipher_spec.size() != 2)
throw Decoding_Error("PBE-PKCS5 v2.0: Invalid cipher spec " + cipher);
+ if(cipher_spec[1] != "CBC" && cipher_spec[1] != "GCM")
+ throw Decoding_Error("PBE-PKCS5 v2.0: Don't know param format for " + cipher);
if(salt.size() < 8)
throw Decoding_Error("PBE-PKCS5 v2.0: Encoded salt is too small");
@@ -159,18 +150,10 @@ pbes2_decrypt(const secure_vector<byte>& key_bits,
secure_vector<byte> iv;
BER_Decoder(enc_algo.parameters).decode(iv, OCTET_STRING).verify_end();
- PKCS5_PBKDF2 pbkdf(af.make_mac(OIDS::lookup(prf_algo.oid)));
-
- std::unique_ptr<Keyed_Transform> dec;
+ const std::string prf = OIDS::lookup(prf_algo.oid);
+ PKCS5_PBKDF2 pbkdf(Algo_Registry<MessageAuthenticationCode>::global_registry().make(prf));
- if(cipher_spec[1] == "CBC")
- dec.reset(new CBC_Decryption(af.make_block_cipher(cipher_spec[0]), new PKCS7_Padding));
-#if defined(BOTAN_HAS_AEAD_GCM)
- else if(cipher_spec[1] == "GCM")
- dec.reset(new GCM_Decryption(af.make_block_cipher(cipher_spec[0])));
-#endif
- else
- throw Decoding_Error("PBE-PKCS5 v2.0: Don't know param format for " + cipher);
+ std::unique_ptr<Keyed_Transform> dec(get_cipher_mode(cipher, DECRYPTION));
if(key_length == 0)
key_length = dec->key_spec().maximum_keylength();