![]() |
Disk ARchive
2.5.2
Full featured and portable backup and archiving tool
|
00001 //*********************************************************************/ 00002 // dar - disk archive - a backup/restoration program 00003 // Copyright (C) 2002-2052 Denis Corbin 00004 // 00005 // This program is free software; you can redistribute it and/or 00006 // modify it under the terms of the GNU General Public License 00007 // as published by the Free Software Foundation; either version 2 00008 // of the License, or (at your option) any later version. 00009 // 00010 // This program is distributed in the hope that it will be useful, 00011 // but WITHOUT ANY WARRANTY; without even the implied warranty of 00012 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00013 // GNU General Public License for more details. 00014 // 00015 // You should have received a copy of the GNU General Public License 00016 // along with this program; if not, write to the Free Software 00017 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 00018 // 00019 // to contact the author : http://dar.linux.free.fr/email.html 00020 /*********************************************************************/ 00021 00025 00026 #ifndef CRYPTO_SYM_HPP 00027 #define CRYPTO_SYM_HPP 00028 00029 extern "C" 00030 { 00031 #if HAVE_GCRYPT_H 00032 #ifndef GCRYPT_NO_DEPRECATED 00033 #define GCRYPT_NO_DEPRECATED 00034 #endif 00035 #include <gcrypt.h> 00036 #endif 00037 } 00038 00039 #include "../my_config.h" 00040 #include <string> 00041 00042 #include "tronconneuse.hpp" 00043 #include "secu_string.hpp" 00044 #include "crypto.hpp" 00045 00046 namespace libdar 00047 { 00048 00051 00052 inline bool crypto_min_ver_libgcrypt_no_bug() 00053 { 00054 #if CRYPTO_AVAILABLE 00055 return gcry_check_version(MIN_VERSION_GCRYPT_HASH_BUG); 00056 #else 00057 return true; 00058 #endif 00059 } 00060 00063 class crypto_sym : public tronconneuse 00064 { 00065 public: 00066 crypto_sym(U_32 block_size, 00067 const secu_string & password, 00068 generic_file & encrypted_side, 00069 bool no_initial_shift, 00070 const archive_version & reading_ver, 00071 crypto_algo algo, 00072 bool use_pkcs5); //< must be set to true when password is human defined, false when password is randomly generated by pseudo-random generator and has the maximum length for the given algorithm 00073 ~crypto_sym() { detruit(); }; 00074 00076 static size_t max_key_len(crypto_algo algo); 00077 00079 static size_t max_key_len_libdar(crypto_algo algo); 00080 00082 static bool is_a_strong_password(crypto_algo algo, const secu_string & password); 00083 00084 protected: 00085 U_32 encrypted_block_size_for(U_32 clear_block_size); 00086 U_32 clear_block_allocated_size_for(U_32 clear_block_size); 00087 U_32 encrypt_data(const infinint & block_num, 00088 const char *clear_buf, const U_32 clear_size, const U_32 clear_allocated, 00089 char *crypt_buf, U_32 crypt_size); 00090 U_32 decrypt_data(const infinint & block_num, 00091 const char *crypt_buf, const U_32 crypt_size, 00092 char *clear_buf, U_32 clear_size); 00093 00094 private: 00095 #if CRYPTO_AVAILABLE 00096 gcry_cipher_hd_t clef; //< used to encrypt/decrypt the data 00097 gcry_cipher_hd_t essiv_clef; //< used to build the Initialization Vector 00098 #endif 00099 size_t algo_block_size; //< the block size of the algorithm (main key) 00100 unsigned char *ivec; //< algo_block_size allocated in secure memory to be used as Initial Vector 00101 U_I algo_id; //< algo ID in libgcrypt 00102 00103 void detruit(); 00104 00108 00109 #if CRYPTO_AVAILABLE 00110 static void dar_set_essiv(const secu_string & key, //< the key to base the essiv on 00111 gcry_cipher_hd_t & IVkey, //< assign essiv from the given (hash) string 00112 const archive_version & ver, //< archive format we read or write 00113 crypto_algo main_cipher); //< the choice of the algo for essiv depends on the cipher used for the main key 00121 static void make_ivec(const infinint & ref, 00122 unsigned char *ivec, 00123 U_I size, 00124 const gcry_cipher_hd_t & IVkey); 00125 00127 static secu_string pkcs5_pass2key(const secu_string & password, //< human provided password 00128 const std::string & salt, //< salt string 00129 U_I iteration_count, //< number of time to shake the melange 00130 U_I output_length); //< length of the string to return 00131 00133 static U_I get_algo_id(crypto_algo algo); 00134 #endif 00135 00136 #ifdef LIBDAR_NO_OPTIMIZATION 00137 static void self_test(void); 00138 #endif 00139 }; 00140 00142 00143 } // end of namespace 00144 00145 #endif