Class desfire::crypto_2k3des_base

Defined in File crypto.hpp

Inheritance Relationships

Base Type

public desfire::crypto (Class desfire::crypto)

Derived Type

public desfire::esp32::crypto_2k3des (Class desfire::esp32::crypto_2k3des)

Class Documentation

class crypto_2k3des_base : public desfire::crypto 

Base class for a 2K3DES cryptographic implementation. Inherit from this.

Compared to crypto, this class fixes the cipher_type and provides the implementation of the session key derivation function init_session (which then calls setup_with_key). Moreover, 2K3DES has a special behavior, because the two halves of the 16-bytes key are identical (except version bits), then 2K3DES falls back onto plain old DES ciphers. This is a property of the cryptographic function, but there is a catch: once a 2K3DES crypto object has been set up with a DES key, it becomes a DES cipher and therefore will also derive always DES keys (or equivalently, 2K3DES keys with identical halves) even from the random session data. Therefore, this class also implements setup_with_key in order to detect “degenerate” DES keys and modify the behavior of the future calls to init_session accordingly. Subclasses should thus implement setup_primitives_with_key instead of setup_with_key, as well as do_crypto.

Subclassed by desfire::esp32::crypto_2k3des

Public Functions

crypto_2k3des_base()

inline bool is_degenerate() const

True if a 2K3DES key with identical halves (up to parity bits) was used in setup_with_key.

When a 2K3DES cipher is set up with identical halves, it turns into a DES cipher.

Returns:: True iff this cipher now behaves as a simple DES.

inline virtual desfire::cipher_type cipher_type() const final

Returns:: desfire::cipher_type::des3_2k

virtual void setup_with_key(range<std::uint8_t const*> key) final

Custom implementation that detects and flags degenerate DES keys.

Subclasses should implement instead setup_primitives_with_key. Once a degenerate key is detected, this crypto class behaves as a DES cryptographic implementation and the flag is_degenerate is set.

Parameters:: key – Range of bytes containing the key to use for the following operations. This is specified as a range on raw bytes for convenience, as the underlying cryptographic functions are likely low level.

virtual void init_session(range<std::uint8_t const*> random_data) final: Implementation of 2K3DES session key derivation; will internally call setup_primitives_with_key.

Protected Functions

virtual void setup_primitives_with_key(range<std::uint8_t const*> key) = 0

Subclasses should implement this instead of setup_with_key, to the same effect.

This method is called by the custom implementation of setup_with_key provided in this class, with the same parameters, right after detecting whether the key is degenerate and updating is_degenerate, and storing the key version.

Parameters:: key – Range of bytes containing the key to use for the following operations. This is specified as a range on raw bytes for convenience, as the underlying cryptographic functions are likely low level.