How to check if entered password is correct in botan encryption

StackOverflow https://stackoverflow.com/questions/13792739

Question

I'm have a code to encrypt and decrypt file, the code works good, but the problem is when i try to decrypt a file with a incorrect password, instead of given an error, the decryption is performed resulting in a different file than the original file. Is possible to check if the password entered in decryption is the same used in encryption?

void AES::Encrypt(SymmetricKey key, InitializationVector iv, string inFilename,  string outFilename)
{
    ifstream in(inFilename.c_str(),std::ios::binary);
    ofstream out(outFilename.c_str(),std::ios::binary);

    QFile* file = new QFile(inFilename.c_str());

    qint64 size = file->size();
    qint64 i = 0;
    percent = -1;

    Pipe pipe(get_cipher("AES-256/CBC", key, iv,ENCRYPTION),new DataSink_Stream(out));
    pipe.start_msg();
    SecureBuffer<byte, 4096> buffer;
    while(in.good())
    {
        in.read((char*)&buffer[0], buffer.size());
        const size_t got_from_infile = in.gcount();
        pipe.write(buffer, got_from_infile);
        i += got_from_infile;
        int p = ((i * 100) / size);
        if (p != percent)
        {
            percent = p;
            emit progress(percent);
        }
        if(in.eof()) pipe.end_msg();
        while(pipe.remaining() > 0)
        {
            const size_t buffered = pipe.read(buffer, buffer.size());
            out.write((const char*)&buffer[0], buffered);
        }
    }
    out.flush();
    out.close();
    in.close();

    qDebug() << "Encrypted!";
}

void AES::Decrypt(SymmetricKey key, InitializationVector iv, string inFilename,  string outFilename)
{
    ifstream in(inFilename.c_str(),std::ios::binary);
    ofstream out(outFilename.c_str(),std::ios::binary);

    QFile* file = new QFile(inFilename.c_str());

    qint64 size = file->size();
    qint64 i = 0;
    percent = -1;

    Pipe pipe(get_cipher("AES-256/CBC", key, iv,DECRYPTION),new DataSink_Stream(out));
    pipe.start_msg();
    SecureBuffer<byte, 4096> buffer;
    while(in.good())
    {
        in.read((char*)&buffer[0], buffer.size());
        const size_t got_from_infile = in.gcount();
        pipe.write(buffer, got_from_infile);
        i += got_from_infile;
        int p = ((i * 100) / size);
        if (p != percent)
        {
            percent = p;
            emit progress(percent);
        }
        if(in.eof()) pipe.end_msg();
        while(pipe.remaining() > 0)
        {
            const size_t buffered = pipe.read(buffer, buffer.size());
            out.write((const char*)&buffer[0], buffered);
        }
    }
    out.flush();
    out.close();
    in.close();

    qDebug() << "Decrypted!";
}
Was it helpful?

Solution

When encrypting, first append a hash of the entire contents of the unencrypted file to its end, and then encrypt the new file. The encrypted file would thus be several bytes larger than the unencrypted file.

After decrypting, first check that the hash at the end is valid, and then strip it from the file to get the original contents.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top