149 #include <winsock2.h>
150 #pragma comment(lib, "ws2_32.lib")
152 #include <netinet/in.h>
176 if (bCalc) theIdentifier.
GetString(strIdentifier);
189 otInfo <<
" Begin: " << __FUNCTION__
190 <<
": Changing password on symmetric key...\n";
207 otErr << __FUNCTION__ <<
": Failed generating iv for changing "
208 "passphrase on a symmetric key. (Returning "
214 otErr << __FUNCTION__ <<
": Failed generating random salt for changing "
215 "passphrase on a symmetric key. (Returning "
221 m_dataSalt = dataSalt;
222 m_bHasHashCheck =
false;
229 std::unique_ptr<OTPassword> pNewDerivedKey(
254 reinterpret_cast<const char*>(
260 m_bIsGenerated = bEncryptedKey;
262 otInfo <<
" End: " << __FUNCTION__
263 <<
": (Changing passphrase on symmetric key...) "
264 << (m_bIsGenerated ?
"SUCCESS" :
"FAILED") <<
"\n";
266 return m_bIsGenerated;
288 otInfo <<
" Begin: " << __FUNCTION__
289 <<
": GENERATING keys and passwords...\n";
292 otErr << __FUNCTION__ <<
": Failed generating iv for encrypting a "
293 "symmetric key. (Returning false.)\n";
298 otErr << __FUNCTION__
299 <<
": Failed generating random salt. (Returning false.)\n";
315 static_cast<uint32_t
>(nRes);
318 otErr << __FUNCTION__
319 <<
": Failed generating symmetric key. (Returning false.)\n";
328 std::unique_ptr<OTPassword> pDerivedKey(
354 reinterpret_cast<const char*>(
360 m_bIsGenerated = bEncryptedKey;
362 otInfo <<
" End: " << __FUNCTION__
363 <<
": (GENERATING keys and passwords...) "
364 << (m_bIsGenerated ?
"SUCCESS" :
"FAILED") <<
"\n";
367 if (
nullptr != ppDerivedKey) {
368 *ppDerivedKey = pDerivedKey.release();
371 return m_bIsGenerated;
378 if (!m_bIsGenerated) {
379 otErr << __FUNCTION__ <<
": No Key Generated, run GenerateKey(), and "
380 "this function will not be needed!";
385 otErr << __FUNCTION__
386 <<
": Already have a HashCheck, no need to create one!";
399 otErr << __FUNCTION__ <<
": failed to calculate derived key";
406 <<
": Still don't have a hash check (even after generating one)\n!"
407 "this is bad. Will assert.";
417 otOut << __FUNCTION__ <<
": Warning! We don't have a hash-check yet... "
418 "will create one anyway.";
424 m_bHasHashCheck =
false;
470 const OTPassword& thePassphrase,
bool bCheckForHashCheck )
const
476 OTPayload tmpDataHashCheck = m_dataHashCheck;
478 if (bCheckForHashCheck) {
480 otErr << __FUNCTION__ <<
": Unable to calculate derived key, as "
481 "hash check is missing!";
488 otOut << __FUNCTION__ <<
": Warning!! No hash check, ignoring... "
489 "(since bCheckForHashCheck was set false)";
495 thePassphrase, m_dataSalt, m_uIterationCount, tmpDataHashCheck);
512 thePassphrase, m_dataSalt, m_uIterationCount, m_dataHashCheck);
515 otErr << __FUNCTION__
516 <<
": Calling Wrong function!! Hash check already exists!";
522 m_bHasHashCheck =
true;
538 std::unique_ptr<OTPassword> theDerivedAngel;
540 if (
nullptr == pDerivedKey) {
547 pDerivedKey = CalculateDerivedKeyFromPassphrase(
548 thePassphrase,
false);
550 theDerivedAngel.reset(pDerivedKey);
566 return GetRawKeyFromDerivedKey(*pDerivedKey, theRawKeyOutput);
582 const char* szFunc =
"OTSymmetricKey::GetRawKeyFromDerivedKey";
593 <<
": *Begin) Attempting to recover actual key using derived key...\n";
602 static_cast<const char*>(
612 <<
": (End) attempt to recover actual key using derived key...\n";
613 return bDecryptedKey;
635 const char* szDisplay =
"OTSymmetricKey::GetPassphraseFromUser";
637 : pstrDisplay->
Get());
641 const int32_t nCallback =
644 static_cast<void*
>(&thePWData));
645 const uint32_t uCallback =
static_cast<uint32_t
>(nCallback);
646 if ((nCallback > 0) &&
647 pPassUserInput->
SetSize(uCallback)) {
652 return pPassUserInput;
655 delete pPassUserInput;
656 pPassUserInput =
nullptr;
659 <<
": Sorry, unable to retrieve passphrase from user. (Failure.)\n";
670 std::unique_ptr<OTPassword> pPassUserInput;
672 if (
nullptr == pAlreadyHavePW) {
673 const char* szDisplay =
"Creating new symmetric key.";
675 (
nullptr == pstrDisplay) ? szDisplay : pstrDisplay->
Get());
681 pPassUserInput.reset(const_cast<OTPassword*>(pAlreadyHavePW));
683 bool bSuccess =
false;
685 if (
nullptr != pPassUserInput)
689 <<
": Calling OTSymmetricKey theKey.GenerateKey()...\n";
699 <<
": Sorry, unable to generate key. (Failure.)\n";
704 <<
": Sorry, unable to retrieve password from user. (Failure.)\n";
712 const OTString* pstrDisplay,
bool bBookends,
716 otWarn << __FUNCTION__ <<
": Nonexistent: either the key or the "
717 "plaintext. Please supply. (Failure.)\n";
724 otWarn << __FUNCTION__ <<
": Failed trying to load symmetric key from "
725 "string. (Returning false.)\n";
732 bBookends, pAlreadyHavePW);
738 const OTString* pstrDisplay,
bool bBookends,
743 <<
": Failure: theKey.IsGenerated() was false. (The calling "
744 "code probably should have checked that key already...)\n";
748 if (!strPlaintext.
Exists()) {
750 <<
": Plaintext is empty. Please supply. (Failure.)\n";
756 std::unique_ptr<OTPassword> pPassUserInput;
758 if (
nullptr == pAlreadyHavePW) {
759 const char* szDisplay =
"Password-protecting a plaintext.";
761 (
nullptr == pstrDisplay) ? szDisplay : pstrDisplay->
Get());
767 pPassUserInput.reset(const_cast<OTPassword*>(pAlreadyHavePW));
770 bool bSuccess =
false;
772 if (
nullptr != pPassUserInput)
777 if (theEnvelope.
Encrypt(strPlaintext,
778 const_cast<OTSymmetricKey&>(theKey),
785 strOutput,
"SYMMETRIC MSG",
789 strOutput.
Set(ascOutput.
Get());
793 otWarn << __FUNCTION__ <<
": Failed trying to encrypt. (Sorry.)\n";
799 <<
": Sorry, unable to retrieve passphrase from user. (Failure.)\n";
813 <<
": Nonexistent: The symmetric key. Please supply. (Failure.)\n";
820 otWarn << __FUNCTION__ <<
": Failed trying to load symmetric key from "
821 "string. (Returning false.)\n";
828 pstrDisplay, pAlreadyHavePW);
839 <<
": Failure: theKey.IsGenerated() was false. (The calling "
840 "code probably should have checked for that...)\n";
846 ascArmor, strCiphertext);
848 if (!bLoadedArmor || !ascArmor.
Exists()) {
849 otErr << __FUNCTION__ <<
": Failure loading ciphertext envelope:\n\n"
850 << strCiphertext <<
"\n\n";
856 std::unique_ptr<OTPassword> pPassUserInput;
858 if (
nullptr == pAlreadyHavePW) {
859 const char* szDisplay =
"Decrypting a password-protected ciphertext.";
861 (
nullptr == pstrDisplay) ? szDisplay : pstrDisplay->
Get());
867 bool bSuccess =
false;
869 if (pPassUserInput ||
874 if (theEnvelope.
Decrypt(strOutput, theKey, pPassUserInput
876 : *pAlreadyHavePW)) {
880 otWarn << __FUNCTION__ <<
": Failed trying to decrypt. (Sorry.)\n";
886 <<
": Sorry, unable to retrieve passphrase from user. (Failure.)\n";
907 ascInput.
LoadFromString(const_cast<OTString&>(strInput), bEscaped,
908 "-----BEGIN OT ARMORED SYMMETRIC KEY")) {
940 uint16_t from_bool_is_generated = (m_bIsGenerated ? 1 : 0);
941 uint16_t n_is_generated =
static_cast<uint16_t
>(
942 htons(static_cast<uint16_t>(from_bool_is_generated)));
943 uint16_t n_key_size_bits =
944 static_cast<uint16_t
>(htons(static_cast<uint16_t>(m_nKeySize)));
946 uint32_t n_iteration_count =
947 static_cast<uint32_t
>(htonl(static_cast<uint32_t>(m_uIterationCount)));
949 uint32_t n_salt_size =
static_cast<uint32_t
>(
950 htonl(static_cast<uint32_t>(m_dataSalt.
GetSize())));
952 static_cast<uint32_t
>(htonl(static_cast<uint32_t>(m_dataIV.
GetSize())));
953 uint32_t n_enc_key_size =
static_cast<uint32_t
>(
954 htonl(static_cast<uint32_t>(m_dataEncryptedKey.
GetSize())));
956 uint32_t n_hash_check_size =
static_cast<uint32_t
>(
957 htonl(static_cast<uint32_t>(m_dataHashCheck.
GetSize())));
960 <<
": is_generated: " <<
static_cast<int32_t
>(ntohs(n_is_generated))
961 <<
" key_size_bits: "
962 << static_cast<int32_t>(ntohs(n_key_size_bits))
963 <<
" iteration_count: "
964 << static_cast<int64_t>(ntohl(n_iteration_count))
966 "salt_size: " << static_cast<int64_t>(ntohl(n_salt_size))
967 <<
" iv_size: " << static_cast<int64_t>(ntohl(n_iv_size))
968 <<
" enc_key_size: " << static_cast<int64_t>(ntohl(n_enc_key_size))
971 theOutput.
Concatenate(reinterpret_cast<void*>(&n_is_generated),
972 static_cast<uint32_t>(
sizeof(n_is_generated)));
974 theOutput.
Concatenate(reinterpret_cast<void*>(&n_key_size_bits),
975 static_cast<uint32_t>(
sizeof(n_key_size_bits)));
977 theOutput.
Concatenate(reinterpret_cast<void*>(&n_iteration_count),
978 static_cast<uint32_t>(
sizeof(n_iteration_count)));
980 theOutput.
Concatenate(reinterpret_cast<void*>(&n_salt_size),
981 static_cast<uint32_t>(
sizeof(n_salt_size)));
986 theOutput.
Concatenate(reinterpret_cast<void*>(&n_iv_size),
987 static_cast<uint32_t>(
sizeof(n_iv_size)));
992 theOutput.
Concatenate(reinterpret_cast<void*>(&n_enc_key_size),
993 static_cast<uint32_t>(
sizeof(n_enc_key_size)));
999 theOutput.
Concatenate(reinterpret_cast<void*>(&n_hash_check_size),
1000 static_cast<uint32_t>(
sizeof(n_hash_check_size)));
1017 const char* szFunc =
"OTSymmetricKey::SerializeFrom";
1023 uint16_t n_is_generated = 0;
1025 if (0 == (nRead = theInput.
OTfread(
1026 reinterpret_cast<uint8_t*>(&n_is_generated),
1027 static_cast<uint32_t>(
sizeof(n_is_generated))))) {
1028 otErr << szFunc <<
": Error reading n_is_generated.\n";
1034 uint16_t host_is_generated =
1035 static_cast<uint16_t
>(ntohs(static_cast<uint16_t>(n_is_generated)));
1037 if (1 == host_is_generated)
1038 m_bIsGenerated =
true;
1039 else if (0 == host_is_generated)
1040 m_bIsGenerated =
false;
1042 otErr << szFunc <<
": Error: host_is_generated, Bad value: "
1043 <<
static_cast<int32_t
>(host_is_generated)
1044 <<
". (Expected 0 or 1.)\n";
1049 <<
": is_generated: " <<
static_cast<int32_t
>(host_is_generated)
1054 uint16_t n_key_size_bits = 0;
1056 if (0 == (nRead = theInput.
OTfread(
1057 reinterpret_cast<uint8_t*>(&n_key_size_bits),
1058 static_cast<uint32_t>(
sizeof(n_key_size_bits))))) {
1059 otErr << szFunc <<
": Error reading n_key_size_bits.\n";
1065 m_nKeySize =
static_cast<uint16_t
>(ntohs(n_key_size_bits));
1068 <<
": key_size_bits: " <<
static_cast<int32_t
>(m_nKeySize) <<
" \n";
1072 uint32_t n_iteration_count = 0;
1074 if (0 == (nRead = theInput.
OTfread(
1075 reinterpret_cast<uint8_t*>(&n_iteration_count),
1076 static_cast<uint32_t>(
sizeof(n_iteration_count))))) {
1077 otErr << szFunc <<
": Error reading n_iteration_count.\n";
1080 OT_ASSERT(nRead == static_cast<uint32_t>(
sizeof(n_iteration_count)));
1084 m_uIterationCount =
static_cast<uint32_t
>(ntohl(n_iteration_count));
1087 <<
": iteration_count: " <<
static_cast<int64_t
>(m_uIterationCount)
1092 uint32_t n_salt_size = 0;
1094 if (0 == (nRead = theInput.
OTfread(
1095 reinterpret_cast<uint8_t*>(&n_salt_size),
1096 static_cast<uint32_t>(
sizeof(n_salt_size))))) {
1097 otErr << szFunc <<
": Error reading n_salt_size.\n";
1100 OT_ASSERT(nRead == static_cast<uint32_t>(
sizeof(n_salt_size)));
1104 const uint32_t lSaltSize =
1105 static_cast<uint32_t
>(ntohl(static_cast<uint32_t>(n_salt_size)));
1108 <<
": salt_size value: " <<
static_cast<int64_t
>(lSaltSize) <<
" \n";
1114 if (0 == (nRead = theInput.
OTfread(static_cast<uint8_t*>(const_cast<void*>(
1116 static_cast<uint32_t
>(lSaltSize)))) {
1117 otErr << szFunc <<
": Error reading salt for symmetric key.\n";
1121 <<
": salt length actually read: " <<
static_cast<int64_t
>(nRead)
1123 OT_ASSERT(nRead == static_cast<uint32_t>(lSaltSize));
1127 uint32_t n_iv_size = 0;
1130 (nRead = theInput.
OTfread(reinterpret_cast<uint8_t*>(&n_iv_size),
1131 static_cast<uint32_t>(
sizeof(n_iv_size))))) {
1132 otErr << szFunc <<
": Error reading n_iv_size.\n";
1136 OT_ASSERT(nRead == static_cast<uint32_t>(
sizeof(n_iv_size)));
1140 const uint32_t lIVSize = ntohl(n_iv_size);
1143 <<
": iv_size value: " <<
static_cast<int64_t
>(lIVSize) <<
" \n";
1149 if (0 == (nRead = theInput.
OTfread(static_cast<uint8_t*>(const_cast<void*>(
1151 static_cast<uint32_t
>(lIVSize)))) {
1152 otErr << szFunc <<
": Error reading IV for symmetric key.\n";
1157 <<
": iv length actually read: " <<
static_cast<int64_t
>(nRead)
1160 OT_ASSERT(nRead == static_cast<uint32_t>(lIVSize));
1164 uint32_t n_enc_key_size = 0;
1166 if (0 == (nRead = theInput.
OTfread(
1167 reinterpret_cast<uint8_t*>(&n_enc_key_size),
1168 static_cast<uint32_t>(
sizeof(n_enc_key_size))))) {
1169 otErr << szFunc <<
": Error reading n_enc_key_size.\n";
1172 OT_ASSERT(nRead == static_cast<uint32_t>(
sizeof(n_enc_key_size)));
1176 const uint32_t lEncKeySize = ntohl(n_enc_key_size);
1179 <<
": enc_key_size value: " <<
static_cast<int64_t
>(lEncKeySize)
1187 (nRead = theInput.
OTfread(static_cast<uint8_t*>(const_cast<void*>(
1189 static_cast<uint32_t
>(lEncKeySize)))) {
1190 otErr << szFunc <<
": Error reading encrypted symmetric key.\n";
1194 otLog5 << __FUNCTION__ <<
": encrypted key length actually read: "
1195 <<
static_cast<int64_t
>(nRead) <<
" \n";
1197 OT_ASSERT(nRead == static_cast<uint32_t>(lEncKeySize));
1201 uint32_t n_hash_check_size = 0;
1203 if (0 == (nRead = theInput.
OTfread(
1204 reinterpret_cast<uint8_t*>(&n_hash_check_size),
1205 static_cast<uint32_t>(
sizeof(n_hash_check_size))))) {
1206 otErr << szFunc <<
": Error reading n_hash_check_size.\n";
1209 <<
": Looks like we don't have a hash check yet! (will make one)\n";
1210 m_bHasHashCheck =
false;
1213 OT_ASSERT(nRead == static_cast<uint32_t>(
sizeof(n_hash_check_size)));
1217 const uint32_t lHashCheckSize = ntohl(n_hash_check_size);
1219 otLog5 << __FUNCTION__ <<
": hash_check_size value: "
1220 <<
static_cast<int64_t
>(lHashCheckSize) <<
" \n";
1227 (nRead = theInput.
OTfread(static_cast<uint8_t*>(const_cast<void*>(
1229 static_cast<uint32_t
>(lHashCheckSize)))) {
1230 otErr << szFunc <<
": Error reading hash check data.\n";
1235 <<
": hash check data actually read: " <<
static_cast<int64_t
>(nRead)
1238 OT_ASSERT(nRead == static_cast<uint32_t>(lHashCheckSize));
1240 m_bHasHashCheck = !m_dataHashCheck.
IsEmpty();
1246 : m_bIsGenerated(false)
1247 , m_bHasHashCheck(false)
1255 : m_bIsGenerated(false)
1256 , m_bHasHashCheck(false)
1272 m_bIsGenerated =
false;
EXPORT const uint8_t * getMemory_uint8() const
static EXPORT OTCrypto * It()
EXPORT OTPassword * CalculateNewDerivedKeyFromPassphrase(const OTPassword &thePassphrase)
static EXPORT uint32_t SymmetricIvSize()
EXPORT bool CalculateDigest(const OTData &dataInput)
virtual bool Encrypt(const OTPassword &theRawSymmetricKey, const char *szInput, uint32_t lInputLength, const OTPayload &theIV, OTPayload &theEncryptedOutput) const =0
EXPORT uint32_t getMemorySize() const
static EXPORT uint32_t IterationCount()
EXPORT OT_OPENSSL_CALLBACK souped_up_pass_cb
EXPORT bool SerializeFrom(OTPayload &theInput)
EXPORT bool Decrypt(OTString &theOutput, const OTSymmetricKey &theKey, const OTPassword &thePassword)
OTLOG_IMPORT OTLogStream otOut
EXPORT bool ReGenerateHashCheck(const OTPassword &thePassphrase)
OTLOG_IMPORT OTLogStream otLog3
EXPORT char * getPasswordWritable_char()
static EXPORT uint32_t SymmetricSaltSize()
EXPORT bool WriteArmoredString(OTString &strOutput, const std::string str_type, bool bEscaped=false) const
EXPORT bool Encrypt(const OTString &theInput, OTSymmetricKey &theKey, const OTPassword &thePassword)
EXPORT bool GetRawKeyFromPassphrase(const OTPassword &thePassphrase, OTPassword &theRawKeyOutput, OTPassword *pDerivedKey=nullptr) const
EXPORT bool Exists() const
static EXPORT bool LoadFromString(OTASCIIArmor &ascArmor, const OTString &strInput, std::string str_bookend="-----BEGIN")
EXPORT int32_t randomizeMemory(uint32_t size=DEFAULT_SIZE)
static EXPORT bool Decrypt(const OTString &strKey, OTString &strCiphertext, OTString &strOutput, const OTString *pstrDisplay=nullptr, const OTPassword *pAlreadyHavePW=nullptr)
static EXPORT OTPassword * GetPassphraseFromUser(const OTString *pstrDisplay=nullptr, bool bAskTwice=false)
EXPORT bool SetSize(uint32_t size)
static EXPORT OTPassword * CreateTextBuffer()
EXPORT void Set(const char *data, uint32_t enforcedMaxLength=0)
EXPORT bool GetRawKeyFromDerivedKey(const OTPassword &theDerivedKey, OTPassword &theRawKeyOutput) const
static EXPORT bool Encrypt(const OTString &strKey, const OTString &strPlaintext, OTString &strOutput, const OTString *pstrDisplay=nullptr, bool bBookends=true, const OTPassword *pAlreadyHavePW=nullptr)
EXPORT void Release_SymmetricKey()
EXPORT bool GetAsciiArmoredData(OTASCIIArmor &theArmoredText, bool bLineBreaks=true) const
EXPORT bool GenerateKey(const OTPassword &thePassphrase, OTPassword **ppDerivedKey=nullptr)
EXPORT bool SerializeTo(OTPayload &theOutput) const
EXPORT void SetPayloadSize(uint32_t lNewSize)
OTLOG_IMPORT OTLogStream otInfo
EXPORT void setUsingOldSystem(bool bUsing=true)
EXPORT OTPassword * CalculateDerivedKeyFromPassphrase(const OTPassword &thePassphrase, bool bCheckForHashCheck=true) const
EXPORT bool GetData(OTData &theData, bool bLineBreaks=true) const
OTLOG_IMPORT OTLogStream otWarn
EXPORT const char * Get() const
EXPORT const void * GetPayloadPointer() const
OTLOG_IMPORT OTLogStream otErr
virtual EXPORT void Release()
EXPORT bool isMemory() const
EXPORT bool GenerateHashCheck(const OTPassword &thePassphrase)
virtual bool Decrypt(const OTPassword &theRawSymmetricKey, const char *szInput, uint32_t lInputLength, const OTPayload &theIV, OTCrypto_Decrypt_Output theDecryptedOutput) const =0
EXPORT bool ChangePassphrase(const OTPassword &oldPassphrase, const OTPassword &newPassphrase)
EXPORT uint32_t getBlockSize() const
EXPORT void GetString(OTString &theStr) const
EXPORT uint32_t OTfread(uint8_t *data, uint32_t size)
EXPORT bool SetData(const OTData &theData, bool bLineBreaks=true)
EXPORT bool IsEmpty() const
virtual EXPORT void Release()
bool HasHashCheck() const
EXPORT void GetIdentifier(OTIdentifier &theIdentifier) const
virtual OTPassword * DeriveNewKey(const OTPassword &userPassword, const OTPayload &dataSalt, uint32_t uIterations, OTPayload &dataCheckHash) const =0
EXPORT bool Randomize(uint32_t size)
static EXPORT bool CreateNewKey(OTString &strOutput, const OTString *pstrDisplay=nullptr, const OTPassword *pAlreadyHavePW=nullptr)
EXPORT void Concatenate(const void *data, uint32_t size)
static EXPORT uint32_t SymmetricKeySize()
virtual EXPORT ~OTSymmetricKey()
EXPORT void zeroMemory() const
OTLOG_IMPORT OTLogStream otLog5