1 /*
2  * Copyright (C) 2018 Rafael Ostertag
3  *
4  * This file is part of YAPET.
5  *
6  * YAPET is free software: you can redistribute it and/or modify it under the
7  * terms of the GNU General Public License as published by the Free Software
8  * Foundation, either version 3 of the License, or (at your option) any later
9  * version.
10  *
11  * YAPET is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
13  * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
14  * details.
15  *
16  * You should have received a copy of the GNU General Public License along with
17  * YAPET.  If not, see <http://www.gnu.org/licenses/>.
18  *
19  * Additional permission under GNU GPL version 3 section 7
20  *
21  * If you modify this program, or any covered work, by linking or combining it
22  * with the OpenSSL project's OpenSSL library (or a modified version of that
23  * library), containing parts covered by the terms of the OpenSSL or SSLeay
24  * licenses, Rafael Ostertag grants you additional permission to convey the
25  * resulting work.  Corresponding Source for a non-source form of such a
26  * combination shall include the source code for the parts of OpenSSL used as
27  * well as that of the covered work.
28  */
29 
30 #ifndef _AES256_HH
31 #define _AES256_HH 1
32 
33 #include <openssl/evp.h>
34 #include <memory>
35 
36 #include "crypto.hh"
37 #include "intl.h"
38 #include "key.hh"
39 #include "securearray.hh"
40 
41 namespace yapet {
42 /**
43  * Encrypt/decrypt data using AES 256 algorithm.
44  *
45  * This class does not use the IV provided by the key. Instead it expects the IV
46  * prepended to encrypted data and returns encrypted data with IV prepended.
47  */
48 class Aes256 : public Crypto {
49    private:
50     SecureArray randomIV() const;
51     SecureArray extractIVFromRecord(const SecureArray& record) const;
52     SecureArray extractCipherTextFromRecord(const SecureArray& record) const;
53 
54    protected:
getCipher() const55     const EVP_CIPHER* getCipher() const { return EVP_aes_256_cbc(); }
56 
57     EVP_CIPHER_CTX* initializeOrThrow(const SecureArray& ivec, MODE mode);
58 
59     void checkIVSizeOrThrow(const SecureArray& ivec);
60     void validateCipherOrThrow(const SecureArray& ivec);
61 
62    public:
63     //! Constructor
64     Aes256(const std::shared_ptr<Key>& key);
65     Aes256(const Aes256&);
66     Aes256& operator=(const Aes256& c);
67 
68     Aes256(Aes256&& c);
69     Aes256& operator=(Aes256&& c);
70 
~Aes256()71     ~Aes256() {}
72 
73     /**
74      * Encrypt the plain text.
75      *
76      * The encrypted data has the 16 byte IV prepended.
77      */
78     virtual SecureArray encrypt(const SecureArray& plainText);
79 
80     /**
81      * Decrypt the cipher text.
82      *
83      * The cipher text must have the 16 byte IV prepended.
84      */
85     virtual SecureArray decrypt(const SecureArray& cipherText);
86 };
87 }  // namespace yapet
88 
89 #endif  // _AES256_HH
90