Crypto++ and Qt

[vermarajeev]

Hi jacek,
One problem in crypto++5.4 library. In the sample code test.cpp provided by crypto++ library, it tells me

Qt Code:

Switch view

- To encrypt a file with AES in CTR mode
	cryptest ae input output

- To encrypt a file with AES in CTR mode
	cryptest ae input output

To copy to clipboard, switch view to plain text mode 

but when I pass these as arguments in command line I get this error

Qt Code:

Switch view

"CryptoPP::Exception caught: AES/CTR: 1 is not a valid key length"

"CryptoPP::Exception caught: AES/CTR: 1 is not a valid key length"

To copy to clipboard, switch view to plain text mode 

Then I went through the code to check what is wrong?? I realized I need to pass 6 arguments namely

Qt Code:

Switch view

cryptest ae key IV input output

cryptest ae key IV input output

To copy to clipboard, switch view to plain text mode 

where IV is initialization vector

Now I have one question, Suppose I have a password "somepassword". How do I calculate key and IV for this somepassword. I tried using some dummy value

Qt Code:

Switch view

"2b7e151628aed2a6abf7158809cf4f3c" as my key;
"000102030405060708090a0b0c0d0e0f" as my initialization vector;

"2b7e151628aed2a6abf7158809cf4f3c" as my key;
"000102030405060708090a0b0c0d0e0f" as my initialization vector;

To copy to clipboard, switch view to plain text mode 

The file got encrypted. But I want to calculate key and IV based on password.

Please tell me using some sample code. I'll be thankful to you...

Then there is another problem.
crypto++ library gives code for only encryption. How can I decrypt the file with same password "somepassword". I tried using decrypt instead of encrypt, but I'm not sure what I'm doing is correct or not.

Here is the sample code for decryption

Qt Code:

Switch view

void AES_CTR_Decrypt(const char *hexKey, const char *hexIV, const char *infile, const char *outfile)
{
  SecByteBlock key = HexDecodeString(hexKey);
  SecByteBlock iv = HexDecodeString(hexIV);
  CTR_Mode<AES>::Decryption aes(key, key.size(), iv);
  FileSource(infile, true, new StreamTransformationFilter(aes, new FileSink(outfile)));
}

void AES_CTR_Decrypt(const char *hexKey, const char *hexIV, const char *infile, const char *outfile)
{
  SecByteBlock key = HexDecodeString(hexKey);
  SecByteBlock iv = HexDecodeString(hexIV);
  CTR_Mode<AES>::Decryption aes(key, key.size(), iv);
  FileSource(infile, true, new StreamTransformationFilter(aes, new FileSink(outfile)));
}

To copy to clipboard, switch view to plain text mode 

[jacek]

To encrypt a file with AES in CTR mode (...)

I would use the CBC mode.

Now I have one question, Suppose I have a password "somepassword". How do I calculate key and IV for this somepassword.

Well... for 128-bit version of AES you need 128-bit key. For example you can compute MD5 hash of the password, which will give you always exactly 128 bits.

As for the IV, you can use a constant one, but of course you can also generate it from the password.

crypto++ library gives code for only encryption. How can I decrypt the file with same password "somepassword". I tried using decrypt instead of encrypt, but I'm not sure what I'm doing is correct or not.

CTR mode works in such way that the decryption scheme is exactly the same as encryption.

If you read the docs closely, you will see that CTR_Mode::Decryption is defined as "typedef Encryption Decryption;".

[vermarajeev]

I would use the CBC mode.

Please explain why????

Yes I had the same problem when initially I went through cryptoPP to decide which algorithm to use. I just started to play with AES in CTR mode as that is the only example provided by cryptoPP.. As suggested by you to use AES256 I'm just trying to to achieve the result.

I know CBC is chaining block cipher and CTR is counter mode. I went through some document explaining AES where I had come across these modes. Let me know why you think you would have used CBC instead of CTR modes?????

Thanks for your understanding

[jacek]

Let me know why you think you would have used CBC instead of CTR modes?

Because in CTR mode encryption and decryption schemes are the same, so if you have an application that only encrypts data, still somebody might use it to decrypt data just by feeding it with the encrypted message. Or worse, suppose that your user wants a more secure encryption, so he decided to encrypt the file twice (never underestimate your users ).

[vermarajeev]

Because in CTR mode encryption and decryption schemes are the same, so if you have an application that only encrypts data, still somebody might use it to decrypt data just by feeding it with the encrypted message. Or worse, suppose that your user wants a more secure encryption, so he decided to encrypt the file twice (never underestimate your users ).

Hi jacek,
Thanks for your interest. Now I'm more clearer....

I have just written a code to encrypt and decrypt the files using AES::CBC mode...It encrypts and decrypts properly...I have made the program to react if the user enter a wrong password. It all became possible coz of your support...

But there is still some problem and let me tell you, very interesting one!!!...

Description
My application is something by which I can draw some diagram. Once I'm satisfied with the structure, I say 'Save'.
My program (or logic)takes the input file say myTest.txt along with a password. Pass these information to the encryptionOrDecryption function defined by me.

int encryptionDecryption(const char* password, const char* inputFile);
Then based on inputFIleName I encrypt or decrypt. If the inputfileName ends with a *.enc I'll decode the file if it is *.txt I'll decode it.

Problem-->
Now In the process discussed, First I use ifstream to open the file, IF the inputFileName ends with *.txt.. I append "enc" so now my inputFileName is *.txt.enc.... Then I push encrypted data to *.txt.enc..

Now this process creates two files 1) *.txt which actual data 2) *.txt.enc with encoded data...

I have to delete *.txt because I dont want the user to see the actual data....
I use "::remove( inputfileName.data() );" to remove the *.txt file...

When I save the file the *.txt file gets deleted properly...But supppose I open the encoded file then decode the file.. This creates a file *.txt with actual data which my program reads to load the structure on the drawing area. The I want to delete it again...The file doesnt get deleted...
Though I remove it after closing the stream as if.close();

The other interesting, if I go and delete the file from outside, I says 'The program is being used by external program and is busy"..I dont know why??? The file proerty shows me 0bytes.. If I double click on the file old contents are shown...The new contents are lost(after I modify the diagram and say save again)...Is that operating system problem????

In this scenario how can I solve the above program????

I hope I was clear....If not please let me know....

Waiting eagerly

[jacek]

The I want to delete it again...The file doesnt get deleted...
Though I remove it after closing the stream as if.close();

The other interesting, if I go and delete the file from outside, I says 'The program is being used by external program and is busy"..I dont know why???

You can use Process Explorer to see whether that file is still opened or not.

But why do you write the unencrypted data to the disk? While your program is running, some other process might read it. It can also be recovered with some file recovery tool.

[vermarajeev]

Hi jacek,
I have finished with the first version of module.
I have some doubts.

1) My code for encryption and decryption will create two files test.ct and test.ct.enc.
test.ct with alphanumeric characters and test.ct.enc with encrypted data. I delete test.ct so that the user cannot view the original text. I retain test.ct.enc back.

Problems-->
I dont want the user to get confused by renaming the file's extension. What I want is, the same file test.ct to be encrypted and retained.

I have some solutions in my mind but is unsure if it is correct.
First, test.ct contains this data

Qt Code:

Switch view

# file version 2
6    2  1    1  4  4  0  0  0       0.9625         0.0125  0  1
6    2  1    2  3  3  0  0  0          0.4              0  0  1

# file version 2
6    2  1    1  4  4  0  0  0       0.9625         0.0125  0  1
6    2  1    2  3  3  0  0  0          0.4              0  0  1

To copy to clipboard, switch view to plain text mode 

My possible solutions-->
Solution1-->

First open the file(test.ct) using a stream. Read the first line. Check if the first line matches '# file version 2'. If yes the file has to be encrypted else decrypt the file.
If yes
Write the encrypted data to a temporary file 'test.ct.enc'. Delete 'test.ct' then rename 'test.ct.enc' to 'test.ct'
Else
Decrypt 'test.ct'. Write original data to temp file 'test.ct.enc'. Read original data from 'test.ct.enc' and delete after processing.

Solution2-->

Take a string 'version2'. Encrypt it with a private password(Known to me and not others). Create a block with encrypted data. Say this is block1.

Encrypt the file contents with the user's password(As done by me now). Say this is block2.

Attach both block1 and block2 in a file. block1 first then block2.

To encrypt or decrypt I enter my private password and check if it is new version.
If yes-->Encrypt
Else
Decrypt...
Here too the same process of creating dummy file exists.

Now according to me the first solution is easy to implement. The second solution is tough as I have to deal with blocks for which I have to be thorough with crypto++. I need to know internally how the classes are written. My deadline is too short to achieve that.

Yesterday I just gave an attempt to get solution2. But found difficult to attach block1 and block2 in a single file.

I'm thorough with filestreams and can produce some efficient code. So dont have problem with solution1.

Now, please help me to achieve some good and best results.

Waiting eagerly