8 #include <botan/pbes2.h>
9 #include <botan/pbkdf2.h>
10 #include <botan/hmac.h>
11 #include <botan/cbc.h>
12 #include <botan/algo_factory.h>
13 #include <botan/libstate.h>
14 #include <botan/der_enc.h>
15 #include <botan/ber_dec.h>
16 #include <botan/parsing.h>
17 #include <botan/asn1_obj.h>
18 #include <botan/oids.h>
29 pipe.
write(input, length);
65 void PBE_PKCS5v20::flush_pipe(
bool safe_to_skip)
73 size_t got = pipe.
read(&buffer[0], buffer.size());
81 void PBE_PKCS5v20::set_key(
const std::string& passphrase)
83 PKCS5_PBKDF2 pbkdf(
new HMAC(hash_function->
clone()));
85 key = pbkdf.derive_key(key_length, passphrase,
86 &salt[0], salt.
size(),
87 iterations).bits_of();
93 void PBE_PKCS5v20::new_params(RandomNumberGenerator&
rng)
98 salt = rng.random_vec(12);
99 iv = rng.random_vec(block_cipher->
block_size());
105 MemoryVector<byte> PBE_PKCS5v20::encode_params()
const
110 AlgorithmIdentifier(
"PKCS5.PBKDF2",
121 AlgorithmIdentifier(block_cipher->
name() +
"/CBC",
134 void PBE_PKCS5v20::decode_params(DataSource& source)
136 AlgorithmIdentifier kdf_algo, enc_algo;
147 BER_Decoder(kdf_algo.parameters)
156 throw Decoding_Error(
"PBE-PKCS5 v2.0: Unknown KDF algorithm " +
157 kdf_algo.oid.as_string());
162 std::vector<std::string> cipher_spec =
split_on(cipher,
'/');
163 if(cipher_spec.size() != 2)
164 throw Decoding_Error(
"PBE-PKCS5 v2.0: Invalid cipher spec " + cipher);
166 if(!
known_cipher(cipher_spec[0]) || cipher_spec[1] !=
"CBC")
167 throw Decoding_Error(
"PBE-PKCS5 v2.0: Don't know param format for " +
170 BER_Decoder(enc_algo.parameters).decode(iv,
OCTET_STRING).verify_end();
172 block_cipher = af.make_block_cipher(cipher_spec[0]);
173 hash_function = af.make_hash_function(
"SHA-160");
179 throw Decoding_Error(
"PBE-PKCS5 v2.0: Encoded salt is too small");
185 OID PBE_PKCS5v20::get_oid()
const
195 if(algo ==
"AES-128" || algo ==
"AES-192" || algo ==
"AES-256")
197 if(algo ==
"DES" || algo ==
"TripleDES")
204 return "PBE-PKCS5v20(" + block_cipher->
name() +
"," +
205 hash_function->
name() +
")";
214 block_cipher(cipher),
215 hash_function(digest),
221 if(hash_function->
name() !=
"SHA-160")
232 decode_params(params);
237 delete hash_function;
void append(Filter *filt)
size_t read(byte output[], size_t length)
void write(const byte in[], size_t length)
virtual BlockCipher * clone() const =0
std::vector< std::string > split_on(const std::string &str, char delim)
std::invalid_argument Invalid_Argument
virtual HashFunction * clone() const =0
size_t remaining(message_id msg=DEFAULT_MESSAGE) const
Algorithm_Factory & algorithm_factory() const
void send(const byte in[], size_t length)
RandomNumberGenerator * rng
Library_State & global_state()
std::string lookup(const OID &oid)
virtual std::string name() const =0
std::string encode(const byte der[], size_t length, const std::string &label, size_t width)
static bool known_cipher(const std::string &cipher)
size_t default_msg() const
void set_default_msg(message_id msg)
PBE_PKCS5v20(DataSource &input)
size_t maximum_keylength() const
message_id message_count() const
virtual size_t block_size() const =0
void write(const byte[], size_t)