Hi Ben,
> AESEncryptor::AESEncryptor(const string& passphrase,
> BufferedTransformation* attachment) : Filter(attachment)
> {
> _passphrase = passphrase;
>
> }
Don't store the passphrase. Store a SecByteBlock, and stuff a KDF'd
passphrase into it.
Also, take a look at DefaultEncryptorWithMac. Its briefly discussed in
http://www.codeproject.com/KB/security/BlockCiphers.aspx under the
topic "Encryptors with MACs".
Finally, you have http://www.cryptopp.com/wiki/Filter and
http://www.cryptopp.com/wiki/Filter_(Intermediate). The Intermediate
topics include creation of:
* UselessFilter
* BufferlessUselessFilter
* AnchorFilter
Jeff
On Oct 11, 12:49 pm, Ben Botto <[email protected]> wrote:
> I'm curious if I'm creating filters "correctly". This works, just
> making sure it is the right way of doing it. I have created a class
> to AES encrypt some data, and that works well. I wanted to turn it
> into a filter, and this is what I came up with. The part I'm mainly
> unsure of is buffering the data, as I haven't seen any of the other
> filters do it this way. My AES class needs all the data to decrypt,
> so I buffer the data in the Put2 method until MesageEnd, at which time
> I decrypt and pass the data on to the next BufferedTransformation.
> Any comments are appreciated!
>
> #include "AESEncryptor.h"
>
> /
> *****************************************************************************
> * Constructor - takes a passphrase.
> *****************************************************************************/
> AESEncryptor::AESEncryptor(const string& passphrase,
> BufferedTransformation* attachment) : Filter(attachment)
> {
> _passphrase = passphrase;
>
> }
>
> /
> *****************************************************************************
> * Encrypt the data with the given passphrase.
> *****************************************************************************/
> size_t AESEncryptor::Put2(const byte* inString, size_t length,
> int messageEnd, bool blocking)
> {
> try
> {
> string cipher;
>
> // Buffer the data until message end.
> if (length)
> _buffer += string(reinterpret_cast<const char*>(inString),
> length);
>
> if (!messageEnd)
> return 0;
>
> // Encrypt the data and clear the buffer.
> _aes.Encrypt(new StringSource(_buffer, true),
> new StringSource(_passphrase, true),
> new StringSink(cipher));
>
> _buffer.clear();
>
> // Pass the data on to the next bt.
> return AttachedTransformation()->Put2(
> reinterpret_cast<const byte*>(cipher.c_str()), cipher.length(),
> messageEnd, blocking);
> }
> catch (Exception e)
> {
> throw (string(e.what()));
> }
> catch (string s)
> {
> throw (s);
> }
>
> }
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
