libfilezilla
encryption.hpp
Go to the documentation of this file.
1 #ifndef LIBFILEZILLA_ENCRYPTION_HEADER
2 #define LIBFILEZILLA_ENCRYPTION_HEADER
3 
13 #include "libfilezilla.hpp"
14 
15 #include <vector>
16 #include <string>
17 
18 namespace fz {
19 
24 class FZ_PUBLIC_SYMBOL public_key
25 {
26 public:
28  enum {
29  key_size = 32,
30  salt_size = 32
31  };
32 
33  explicit operator bool() const {
34  return key_.size() == key_size && salt_.size() == salt_size;
35  }
36 
37  bool operator==(public_key const& rhs) const {
38  return key_ == rhs.key_ && salt_ == rhs.salt_;
39  }
40 
41  bool operator!=(public_key const& rhs) const {
42  return !(*this == rhs);
43  }
44 
45  bool operator<(public_key const& rhs) const {
46  return key_ < rhs.key_ || (key_ == rhs.key_ && salt_ < rhs.salt_);
47  }
48 
49  std::string to_base64(bool pad = true) const;
50  static public_key from_base64(std::string_view const& base64);
51  static public_key from_base64(std::wstring_view const& base64);
52 
53  std::vector<uint8_t> key_;
54  std::vector<uint8_t> salt_;
55 };
56 
61 class FZ_PUBLIC_SYMBOL private_key
62 {
63 public:
65  enum {
66  key_size = 32,
67  salt_size = 32
68  };
69 
71  static private_key generate();
72 
73  enum {
74  min_iterations = 100000
75  };
76 
81  static private_key from_password(std::vector<uint8_t> const& password, std::vector<uint8_t> const& salt, unsigned int iterations = min_iterations);
82  static private_key from_password(std::string_view const& password, std::vector<uint8_t> const& salt, unsigned int iterations = min_iterations)
83  {
84  return from_password(std::vector<uint8_t>(password.begin(), password.end()), salt, iterations);
85  }
86 
87  explicit operator bool() const {
88  return key_.size() == key_size && salt_.size() == salt_size;
89  }
90 
91  std::vector<uint8_t> const& salt() const {
92  return salt_;
93  }
94 
96  public_key pubkey() const;
97 
99  std::vector<uint8_t> shared_secret(public_key const& pub) const;
100 
101  std::string to_base64(bool pad = true) const;
102  static private_key from_base64(std::string_view const& base64);
103 
104 private:
105  std::vector<uint8_t> key_;
106  std::vector<uint8_t> salt_;
107 };
108 
130 std::vector<uint8_t> FZ_PUBLIC_SYMBOL encrypt(std::vector<uint8_t> const& plain, public_key const& pub, bool authenticated = true);
131 std::vector<uint8_t> FZ_PUBLIC_SYMBOL encrypt(std::string_view const& plain, public_key const& pub, bool authenticated = true);
132 std::vector<uint8_t> FZ_PUBLIC_SYMBOL encrypt(uint8_t const* plain, size_t size, public_key const& pub, bool authenticated = true);
133 std::vector<uint8_t> FZ_PUBLIC_SYMBOL encrypt(std::vector<uint8_t> const& plain, public_key const& pub, std::vector<uint8_t> const& authenticated_data);
134 std::vector<uint8_t> FZ_PUBLIC_SYMBOL encrypt(std::string_view const& plain, public_key const& pub, std::string_view const& authenticated_data);
135 std::vector<uint8_t> FZ_PUBLIC_SYMBOL encrypt(uint8_t const* plain, size_t size, public_key const& pub, uint8_t const* authenticated_data, size_t authenticated_data_size);
136 
162 std::vector<uint8_t> FZ_PUBLIC_SYMBOL decrypt(std::vector<uint8_t> const& chiper, private_key const& priv, bool authenticated = true);
163 std::vector<uint8_t> FZ_PUBLIC_SYMBOL decrypt(std::string_view const& chiper, private_key const& priv, bool authenticated = true);
164 std::vector<uint8_t> FZ_PUBLIC_SYMBOL decrypt(uint8_t const* cipher, size_t size, private_key const& priv, bool authenticated = true);
165 std::vector<uint8_t> FZ_PUBLIC_SYMBOL decrypt(std::vector<uint8_t> const& cipher, private_key const& priv, std::vector<uint8_t> const& authenticated_data);
166 std::vector<uint8_t> FZ_PUBLIC_SYMBOL decrypt(std::string_view const& cipher, private_key const& priv, std::string_view const& authenticated_data);
167 std::vector<uint8_t> FZ_PUBLIC_SYMBOL decrypt(uint8_t const* cipher, size_t size, private_key const& priv, uint8_t const* authenticated_data, size_t authenticated_data_size);
168 
172 class FZ_PUBLIC_SYMBOL symmetric_key
173 {
174 public:
176  enum {
177  key_size = 32,
178  salt_size = 32
179  };
180 
182  static symmetric_key generate();
183 
184  enum {
185  min_iterations = 100000
186  };
187 
192  static symmetric_key from_password(std::vector<uint8_t> const& password, std::vector<uint8_t> const& salt, unsigned int iterations = min_iterations);
193  static symmetric_key from_password(std::string_view const& password, std::vector<uint8_t> const& salt, unsigned int iterations = min_iterations)
194  {
195  return from_password(std::vector<uint8_t>(password.begin(), password.end()), salt, iterations);
196  }
197 
198  explicit operator bool() const {
199  return key_.size() == key_size && salt_.size() == salt_size;
200  }
201 
202  std::vector<uint8_t> const& salt() const {
203  return salt_;
204  }
205 
206  std::string to_base64(bool pad = true) const;
207  static symmetric_key from_base64(std::string_view const& base64);
208  static symmetric_key from_base64(std::wstring_view const& base64);
209 
210  std::vector<uint8_t> encrypt_key(fz::public_key const& kek);
211  static symmetric_key decrypt_key(std::vector<uint8_t> const& encrypted, fz::private_key const& kek);
212 
213  std::vector<uint8_t> const& key() const;
214 
215  static size_t encryption_overhead();
216 private:
217  std::vector<uint8_t> key_;
218  std::vector<uint8_t> salt_;
219 };
220 
222 bool FZ_PUBLIC_SYMBOL operator==(symmetric_key const& lhs, symmetric_key const& rhs);
223 inline bool FZ_PUBLIC_SYMBOL operator!=(symmetric_key const& lhs, symmetric_key const& rhs) {
224  return !(lhs == rhs);
225 }
226 
241 std::vector<uint8_t> FZ_PUBLIC_SYMBOL encrypt(std::vector<uint8_t> const& plain, symmetric_key const& key);
242 std::vector<uint8_t> FZ_PUBLIC_SYMBOL encrypt(std::string_view const& plain, symmetric_key const& key);
243 std::vector<uint8_t> FZ_PUBLIC_SYMBOL encrypt(uint8_t const* plain, size_t size, symmetric_key const& key);
244 std::vector<uint8_t> FZ_PUBLIC_SYMBOL encrypt(std::vector<uint8_t> const& plain, symmetric_key const& key, std::vector<uint8_t> const& authenticated_data);
245 std::vector<uint8_t> FZ_PUBLIC_SYMBOL encrypt(std::string_view const& plain, symmetric_key const& key, std::string_view const& authenticated_data);
246 std::vector<uint8_t> FZ_PUBLIC_SYMBOL encrypt(uint8_t const* plain, size_t size, symmetric_key const& key, uint8_t const* authenticated_data, size_t authenticated_data_size);
247 
267 std::vector<uint8_t> FZ_PUBLIC_SYMBOL decrypt(std::vector<uint8_t> const& chiper, symmetric_key const& key);
268 std::vector<uint8_t> FZ_PUBLIC_SYMBOL decrypt(std::string_view const& chiper, symmetric_key const& key);
269 std::vector<uint8_t> FZ_PUBLIC_SYMBOL decrypt(uint8_t const* cipher, size_t size, symmetric_key const& key);
270 std::vector<uint8_t> FZ_PUBLIC_SYMBOL decrypt(std::vector<uint8_t> const& cipher, symmetric_key const& key, std::vector<uint8_t> const& authenticated_data);
271 std::vector<uint8_t> FZ_PUBLIC_SYMBOL decrypt(std::string_view const& cipher, symmetric_key const& key, std::string_view const& authenticated_data);
272 std::vector<uint8_t> FZ_PUBLIC_SYMBOL decrypt(uint8_t const* cipher, size_t size, symmetric_key const& key, uint8_t const* authenticated_data, size_t authenticated_data_size);
273 
274 }
275 #endif
fz::private_key
Represents a X25519 private key with associated salt.
Definition: encryption.hpp:62
fz::private_key::pubkey
public_key pubkey() const
Calculates the public key corresponding to the private key.
fz::private_key::from_password
static private_key from_password(std::vector< uint8_t > const &password, std::vector< uint8_t > const &salt, unsigned int iterations=min_iterations)
Derives a symmetric key using PBKDF2-SHA256 from the given password and salt.
fz::private_key::generate
static private_key generate()
Generates a random private key.
fz::private_key::shared_secret
std::vector< uint8_t > shared_secret(public_key const &pub) const
Calculates a shared secret using Elliptic Curve Diffie-Hellman on Curve25519 (X25519)
fz::public_key
Represents a X25519 public key with associated salt.
Definition: encryption.hpp:25
fz::symmetric_key
Symmetric encryption key with associated salt.
Definition: encryption.hpp:173
fz::symmetric_key::from_password
static symmetric_key from_password(std::vector< uint8_t > const &password, std::vector< uint8_t > const &salt, unsigned int iterations=min_iterations)
Derives a symmetric key using PBKDF2-SHA256 from the given password and salt.
fz::symmetric_key::generate
static symmetric_key generate()
Generates a random symmetric key.
libfilezilla.hpp
Sets some global macros and further includes string.hpp.
fz
The namespace used by libfilezilla.
Definition: apply.hpp:17
fz::decrypt
std::vector< uint8_t > decrypt(std::vector< uint8_t > const &chiper, private_key const &priv, bool authenticated=true)
Decrypt the ciphertext using the given private key.
fz::encrypt
std::vector< uint8_t > encrypt(std::vector< uint8_t > const &plain, public_key const &pub, bool authenticated=true)
Encrypt the plaintext to the given public key.
fz::operator==
bool operator==(symmetric_key const &lhs, symmetric_key const &rhs)
Side-channel safe comparison.
Generated by doxygen 1.9.1