decrypt.cpp

含有多种公开密钥算法、多种块加密、多种数据流加密、多种HASH函数、多种CheckSum校验、多种MAC校验等几十种加密算法的程序

/*
Decrypt files encrypted with the 'encrypt' example application.

I'm being lazy and writing the output to stdout rather than stripping off
the ".enc" suffix and writing it there. So all diagnostics go to cerr so there
is no confuson.

Written by Jack Lloyd (lloyd@randombit.net) on August 5, 2002

This file is in the public domain
*/
#include <fstream>
#include <iostream>
#include <string>
#include <vector>
#include <cstring>
#include <cstdlib>

#include <botan/filters.h>
#include <botan/cbc.h>
#include <botan/pgp_s2k.h>
#include <botan/lookup.h>

#if defined(BOTAN_EXT_COMPRESSOR_ZLIB)
  #include <botan/zlib.h>
#else
  #error "You didn't compile the zlib module into Botan"
#endif

using namespace Botan;

SecureVector<byte> b64_decode(const std::string&);

int main(int argc, char* argv[])
   {
   if(argc < 2)
      {
      std::cerr << "Usage: " << argv[0] << " [-p passphrase] file\n"
                << "   -p : Use this passphrase to decrypt\n";
      return 1;
      }

   std::string filename, passphrase;

   for(int j = 1; argv[j] != 0; j++)
      {
      if(std::strcmp(argv[j], "-p") == 0)
         {
         if(argv[j+1])
            {
            passphrase = argv[j+1];
            j++;
            }
         else
            {
            std::cerr << "No argument for -p option" << std::endl;
            return 1;
            }
         }
      else
         {
         if(filename != "")
            {
            std::cerr << "You can only specify one file at a time\n";
            return 1;
            }
         filename = argv[j];
         }
      }

   if(passphrase == "")
      {
      std::cerr << "You have to specify a passphrase!" << std::endl;
      return 1;
      }

   std::ifstream in(filename.c_str());
   if(!in)
      {
      std::cerr << "ERROR: couldn't open " << filename << std::endl;
      return 1;
      }

   std::string algo;

   try {

   LibraryInitializer init;

   std::string header, salt_str, mac_str;
   std::getline(in, header);
   std::getline(in, algo);
   std::getline(in, salt_str);
   std::getline(in, mac_str);

   if(header != "-------- ENCRYPTED FILE --------")
      {
      std::cerr << "ERROR: File is missing the usual header" << std::endl;
      return 1;
      }

   if(!have_block_cipher(algo))
      {
      std::cerr << "Don't know about the block cipher \"" << algo << "\"\n";
      return 1;
      }

   OpenPGP_S2K s2k("SHA-1", 8192);
   s2k.change_salt(b64_decode(salt_str));

   u32bit key_len = max_keylength_of(algo);
   u32bit iv_len = block_size_of(algo);

   SymmetricKey bc_key = s2k.derive_key("BLK" + passphrase, key_len);
   SymmetricKey mac_key = s2k.derive_key("MAC" + passphrase, key_len);
   BlockCipherModeIV iv = s2k.derive_key("IVL" + passphrase, iv_len);

   Pipe pipe(new Base64_Decoder,
             new CBC_Decryption(algo, "PKCS7", bc_key, iv),
             new Zlib_Decompress,
             new Fork(
                0,
                new Chain(new MAC_Filter("HMAC(SHA-1)", mac_key),
                          new Base64_Encoder)
                )
      );

   pipe.start_msg();
   in >> pipe;
   pipe.end_msg();

   std::string our_mac = pipe.read_all_as_string(1);
   if(our_mac != mac_str)
      std::cerr << "WARNING: MAC in message failed to verify\n";

   std::cout << pipe.read_all_as_string(0);
   }
   catch(Botan::Algorithm_Not_Found)
      {
      std::cerr << "Don't know about the block cipher \"" << algo << "\"\n";
      return 1;
      }
   catch(Botan::Decoding_Error)
      {
      std::cerr << "Bad passphrase or corrupt file\n";
      return 1;
      }
   catch(std::exception& e)
      {
      std::cerr << "Exception caught: " << e.what() << std::endl;
      return 1;
      }
   return 0;
   }

SecureVector<byte> b64_decode(const std::string& in)
   {
   Botan::Pipe pipe(new Botan::Base64_Decoder);
   pipe.start_msg();
   pipe.write(in);
   pipe.end_msg();

   return pipe.read_all();
   }