Disk ARchive 2.8.3
Full featured and portable backup and archiving tool
Loading...
Searching...
No Matches
crypto_sym.hpp
Go to the documentation of this file.
1//*********************************************************************/
2// dar - disk archive - a backup/restoration program
3// Copyright (C) 2002-2026 Denis Corbin
4//
5// This program is free software; you can redistribute it and/or
6// modify it under the terms of the GNU General Public License
7// as published by the Free Software Foundation; either version 2
8// of the License, or (at your option) any later version.
9//
10// This program is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with this program; if not, write to the Free Software
17// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18//
19// to contact the author, see the AUTHOR file
20/*********************************************************************/
21
25
26#ifndef CRYPTO_SYM_HPP
27#define CRYPTO_SYM_HPP
28
29extern "C"
30{
31#if HAVE_GCRYPT_H
32#ifndef GCRYPT_NO_DEPRECATED
33#define GCRYPT_NO_DEPRECATED
34#endif
35#include <gcrypt.h>
36#endif
37}
38
39#include "../my_config.h"
40#include <string>
41
42#include "crypto_module.hpp"
43#include "secu_string.hpp"
44#include "crypto.hpp"
45#include "archive_aux.hpp"
46#include "archive_version.hpp"
47
48
49namespace libdar
50{
51
54
55 inline bool crypto_min_ver_libgcrypt_no_bug()
56 {
57#if CRYPTO_AVAILABLE
58 return gcry_check_version(MIN_VERSION_GCRYPT_HASH_BUG);
59#else
60 return true;
61#endif
62 }
63
65
66 class crypto_sym : public crypto_module
67 {
68 public:
69 crypto_sym(const secu_string & password,
70 const archive_version & reading_ver,
71 crypto_algo algo,
72 const std::string & salt,
73 const infinint & iteration_count,
74 hash_algo kdf_hash,
75 bool use_pkcs5
76 );
77 crypto_sym(const crypto_sym & ref) { nullify(); copy_from(ref); };
78 crypto_sym(crypto_sym && ref) noexcept { try { move_from(std::move(ref)); } catch(...) {} };
79 crypto_sym & operator = (const crypto_sym & ref) { detruit(); copy_from(ref); return *this; };
80 crypto_sym & operator = (crypto_sym && ref) noexcept { try { detruit(); move_from(std::move(ref)); } catch(...) {} return *this; };
81 virtual ~crypto_sym() noexcept { try { detruit(); } catch(...) {} };
82
83 // inherited from class crypto_module
84
85 virtual U_32 encrypted_block_size_for(U_32 clear_block_size) override;
86 virtual U_32 clear_block_allocated_size_for(U_32 clear_block_size) override;
87 virtual U_32 encrypt_data(const infinint & block_num,
88 const char *clear_buf,
89 const U_32 clear_size,
90 const U_32 clear_allocated,
91 char *crypt_buf, U_32 crypt_size) override;
92 virtual U_32 decrypt_data(const infinint & block_num,
93 const char *crypt_buf,
94 const U_32 crypt_size,
95 char *clear_buf,
96 U_32 clear_size) override;
97 virtual std::unique_ptr<crypto_module> clone() const override;
98
100 const std::string & get_salt() const { return sel; };
101
102
104 static size_t max_key_len(crypto_algo algo);
105
107 static size_t max_key_len_libdar(crypto_algo algo);
108
110 static bool is_a_strong_password(crypto_algo algo, const secu_string & password);
111
112 private:
113 std::string sel;
114#if CRYPTO_AVAILABLE
115 archive_version reading_ver;
116 crypto_algo algo;
117 secu_string hashed_password;
118 secu_string essiv_password;
119 gcry_cipher_hd_t main_clef;
120 gcry_cipher_hd_t essiv_clef;
121 size_t algo_block_size;
122 unsigned char *ivec;
123
124 void init_hashed_password(const secu_string & password,
125 bool use_pkcs5,
126 const std::string & salt,
127 infinint iteration_count,
128 hash_algo kdf_hash,
129 crypto_algo algo);
130 void init_essiv_password(const secu_string & key,
131 unsigned int IV_hashing);
132 void init_main_clef(const secu_string & password,
133 crypto_algo algo
134 );
135 void init_essiv_clef(const secu_string & essiv_password,
136 U_I IV_cipher,
137 U_I main_cipher_algo_block_size);
138 void init_algo_block_size(crypto_algo algo);
139 void init_ivec(crypto_algo algo, size_t algo_block_size);
140
141 void nullify();
142 void detruit();
143 void copy_from(const crypto_sym & ref);
144 void move_from(crypto_sym && ref);
145
147
149
150 static void get_IV_cipher_and_hashing(const archive_version & ver, U_I main_cipher, U_I & cipher, U_I & hashing);
151
153
159 static void make_ivec(const infinint & ref,
160 unsigned char *ivec,
161 U_I size,
162 const gcry_cipher_hd_t & IVkey);
163
165 static secu_string pkcs5_pass2key(const secu_string & password,
166 const std::string & salt,
167 U_I iteration_count,
168 U_I hash_gcrypt,
169 U_I output_length);
170
172 static secu_string argon2_pass2key(const secu_string & password,
173 const std::string & salt,
174 U_I iteration_count,
175 U_I output_length);
176
178 static U_I get_algo_id(crypto_algo algo);
179
181 static std::string generate_salt(U_I size);
182
183#ifdef LIBDAR_NO_OPTIMIZATION
184 static bool self_tested;
185 static void self_test(void);
186#endif
187
188#else
189 void nullify() { throw Ecompilation(gettext("Strong encryption support (libgcrypt)")); };
190 void detruit() { throw Ecompilation(gettext("Strong encryption support (libgcrypt)")); };
191 void copy_from(const crypto_sym & ref) { throw Ecompilation(gettext("Strong encryption support (libgcrypt)")); };
192 void move_from(crypto_sym && ref) { throw Ecompilation(gettext("Strong encryption support (libgcrypt)")); };
193#endif
194 };
195
197
198} // end of namespace
199
200#endif
archive_version.hpp
class archive_version that rules which archive format to follow
libdar::Ecompilation
exception used when a requested fearture has not beed activated at compilation time
Definition dar64-2.8.3-win64/include/dar/erreurs.hpp:366
libdar::archive_version
class archive_version manages the version of the archive format
Definition archive_version.hpp:47
libdar::crypto_sym
symetrical strong encryption, interface to grypt library
Definition crypto_sym.hpp:67
libdar::crypto_sym::sel
std::string sel
the salt
Definition crypto_sym.hpp:113
libdar::crypto_sym::crypto_sym
crypto_sym(const secu_string &password, const archive_version &reading_ver, crypto_algo algo, const std::string &salt, const infinint &iteration_count, hash_algo kdf_hash, bool use_pkcs5)
libdar::crypto_sym::max_key_len_libdar
static size_t max_key_len_libdar(crypto_algo algo)
returns the max key length in octets to use to compute a key from a user provided password
libdar::crypto_sym::is_a_strong_password
static bool is_a_strong_password(crypto_algo algo, const secu_string &password)
check whether the given password is reported as strong in regard to the given cipher
libdar::crypto_sym::get_salt
const std::string & get_salt() const
give access to the calculated or provided salt
Definition crypto_sym.hpp:100
libdar::crypto_sym::max_key_len
static size_t max_key_len(crypto_algo algo)
returns the max key length in octets for the given algorithm
libdar::infinint
the arbitrary large positive integer class
Definition dar64-2.8.3-win64/include/dar/real_infinint.hpp:62
libdar::secu_string
class secu_string
Definition dar64-2.8.3-win64/include/dar/secu_string.hpp:54
crypto_module.hpp
per block cryptography implementation
libdar::hash_algo
hash_algo
hashing algorithm available
Definition dar64-2.8.3-win64/include/dar/archive_aux.hpp:63
libdar::crypto_algo
crypto_algo
the different cypher available for encryption (strong or weak)
Definition dar64-2.8.3-win64/include/dar/crypto.hpp:50
my_config.h
include macro defined by the configure script and some specific additional ones
libdar
libdar namespace encapsulate all libdar symbols
Definition dar64-2.8.3-win64/include/dar/archive.hpp:47
archive_aux.hpp
set of datastructures used to interact with a catalogue object
crypto.hpp
the crypto algoritm definition
secu_string.hpp
this file contains the definition of secu_string class, a std::string like class but allocated in sec...
Generated on for Disk ARchive by doxygen 1.16.1