Geoff, You're very correct, and I'm thankful for the explanation. However the example you've given shows a trivial case - when you can pair FileSource on one end with FileSink on the other. That I got working with ease. My problem is with writing code that stops "automation" AFTER decryption - so that my code could read the decrypted records one by one WHEN IT CHOOSES, INSTEAD OF having the library pump them all into a new file (which then can be opened for read, and so on).
I need an example of how to actually tie together the pieces that I specified: file (maybe FileSource is not needed), Base64Decoder, decrAES (AES decryptor in CBC mode). My encryption example shows exactly that: a construct that allows the program to put records one by one into aesEnc, from where they automatically end up in an encrypted encoded file. Now I need the same but in reverse - an aesDec construct from which I would read records that are automatically extracted->decoded->decrypted from a file. And I can't get this part right (so far). Decryption in general (like from file to file in your example, or from record to record) and cases when there's only one record in the encrypted file - I've done just fine. The problem arises ONLY when I need to take encrypted encoded file (multiple records) AND process decrypted records ONE BY ONE. I.e. if I replace FileSink in my code (similar to your decryption example) with StringSink - the code coredumps (probably because StringSink is designed to take one record, and FileSource is trying to push out several). I'd appreciate a code snippet that would shed light on this issue. I suspect I didn't get the proper wrappers (i.e. perhaps I should wrap the decryptor in BufferedTransform or such) - but the documentation is less than spectacular, and the structure is less than intuitive. So (in absense of decent/readable description) perhaps somebody could offer a short code snippet? Tnx! > -----Original Message----- > From: Geoff Beier [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 26, 2007 00:58 > To: Crypto++ Users > Cc: Mouse > Subject: Re: Help with BufferedTransform please? > > Hi, > > I'm having problem with unwarpping/decoding/deciphering a file. > > > > Here's how the file is encrypted: > > > > CBC_Mode<AES>::Encryption encrAES; > > byte aesKey[32], aesIV[16]; > > rng.GenerateBlock(aesKey, 32); rng.GenerateBlock(aesIV, 16); > > encrAES.SetKeyWithIV(aesKey, 32, aesIV); > > > > Base64Encoder *baseEnc = new Base64Encoder(new > > FileSink("encoded.txt")); > > StreamTransformationFilter aesEnc(encrAES, baseEnc); > > aesEnc.Put(plainText, sizeof(plainText)); > > aesEnc.MessageEnd(); > > ............repeat the last two multiple times........... > > > > Thus I feed the data to aesEnc and it works fine. > > > > Now I'm trying to reverse this process, and unwrap the contents > > of that file record by record. So ideally I need something like > > FileSource(file)->Base64Decoder->Decryptor, from which I > > can Get() my data back. > > > > However I fail miserably in attempts to do something like: > > > > Base64Decoder *b6d = new > > Base64Decoder(new FileSource("encoded.txt", true)); > > StreamTransformationFilter aesDec(b6d, decrAES); > > > > I'm sure you understand what it is that I'm trying to > > accomplish. It is clear that I haven't gotten the hang > > of filters and piping in Crypto++, so I'm not > > connecting/using the right pieces. What is the > > best way to do what I'm trying to achieve? > > > > In the above code, decrAES is decryptor that reverses > > encrAES (of course :-). > > Think of a source as something that pulls from one place and > puts data into its attachment. Each attachment can then have > an attachment that it puts it output into. So suppose I have > a file containing base64 encoded ciphertext. First, I set up > a decryptor with the key and IV needed to decrypt that file: > CBC_Mode<AES>::Decryption decryptor(key,AES::DEFAULT_KEYLENGTH,iv); > > Then I can set up a filesource that reads from the encrypted > file and pumps data into its attachment, a base64 decoder. > That pumps the decoded data into *its* attachment, a > StreamTransformationFilter wrapping the decryptor above. The > stream transformation filter pumps > *its* output into the buffered transformation of its > choosing, which might be a file sink, a string sink, another > encoder/decoder, etc. > > Here's a block that generates an AES key and IV, encrypts a > string, encodes the encrypted string, writes that to a file, > reads the file containing the encoded encrypted string, > decodes and decrypts it, and writes the recovered plaintext > to a file. All error handling is omitted here, and you > (obviously) need some mechanism to transmit the key and IV. > > { > string plaintext("I think Smithers picked me because of > my motivational skills. Everyone says they have to work a lot > harder when I'm around.\n"); > string encfile("encrypted.txt"); > string decfile("decrypted.txt"); > SecByteBlock key,iv; > > key.New(AES::DEFAULT_KEYLENGTH); > iv.New(AES::BLOCKSIZE); > > AutoSeededRandomPool rng; > rng.GenerateBlock(key,AES::DEFAULT_KEYLENGTH); > rng.GenerateBlock(iv,AES::BLOCKSIZE); > > cout << "Plaintext: " << plaintext << endl; > CBC_Mode<AES>::Encryption > encryptor(key,AES::DEFAULT_KEYLENGTH,iv); > StringSource incoming(plaintext, true, > new > StreamTransformationFilter( encryptor, new Base64Encoder(new > FileSink(encfile.c_str())))); > cout << "Encrypted data written to: " << encfile << endl; > CBC_Mode<AES>::Decryption > decryptor(key,AES::DEFAULT_KEYLENGTH,iv); > FileSource outgoing(encfile.c_str(), true, > new > Base64Decoder(new StreamTransformationFilter(decryptor, new > FileSink(decfile.c_str())))); > cout << "Decrypted data written to: " << decfile << endl; } > > It's not intuitive at first, but once you get your mind > around it it's very easy to use. Anyone who thinks this is a > decent example is free to use it, post it to the FAQ or wiki, etc. > > HTH, > > Geoff --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [EMAIL PROTECTED] More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
