Ye_Ol_Pi_Shack
/
CppCMS
2
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 1 Wiki Activity
ChipMaster's trial hacks on C++CMS starting with v1.2.1. Not sure I'll follow on with the v2 since it looks to be breaking and mostly frivolous.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1320 Commits
2 Branches
13 MiB
 
 
 
 
 
 
Branch: yops
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'yops'
${ noResults }
CppCMS/cppcms/crypto.h

272 lines
7.5 KiB
Raw Permalink Blame History 

  1. ///////////////////////////////////////////////////////////////////////////////

  2. //                                                                             

  3. //  Copyright (C) 2008-2012  Artyom Beilis (Tonkikh) <artyomtnk@yahoo.com>     

  4. //                                                                             

  5. //  See accompanying file COPYING.TXT file for licensing details.

  6. //

  7. ///////////////////////////////////////////////////////////////////////////////

  8. #ifndef CPPCMS_CRYPTO_H

  9. #define CPPCMS_CRYPTO_H

  10. 

  11. #include <cppcms/defs.h>

  12. #include <booster/noncopyable.h>

  13. #include <booster/hold_ptr.h>

  14. #include <booster/auto_ptr_inc.h>

  15. #include <string>

  16. 

  17. namespace cppcms {

  18. 	///

  19. 	/// \brief This namespace holds basic cryptographic utilities useful for save interaction with user.

  20. 	///

  21. 	/// One of the limitations of these functions is the fact that they do not use so called cryptographic memory,

  22. 	/// however it is not required as all secret keys are stored as plain text in configuration files,

  23. 	/// The only protection that is given is that values of keys are erased when the object is deleted

  24. 	/// to prevent key-leaks due to use of uninitialized memory in user applications.

  25. 	///

  26. 	///

  27. 	namespace crypto {

  28. 		///

  29. 		/// \brief Key object, holds the string that represents the binary key.

  30. 		///

  31. 		/// When the key is destroyed it zeros all the memory it uses to prevent accidental

  32. 		/// leaks of the highly confidential data

  33. 		///

  34. 		class CPPCMS_API key {

  35. 		public:

  36. 			///

  37. 			/// Create an empty key on 0 length

  38. 			///

  39. 			key();

  40. 			///

  41. 			/// Copy the key

  42. 			///

  43. 			key(key const &other);

  44. 			///

  45. 			/// Assign the key

  46. 			///

  47. 			key const &operator=(key const &);

  48. 			///

  49. 			/// Destroy they key object clearing the area used by it.

  50. 			///

  51. 			~key();

  52. 			///

  53. 			/// Create a key using binary representation pointed by \a data of \a length bytes

  54. 			///

  55. 			key(void const *data,size_t length);

  56. 			///

  57. 			/// Create a key using the hexadecimal representation

  58. 			///

  59. 			explicit key(char const *s);

  60. 			///

  61. 			/// Create a key using the hexadecimal representation

  62. 			///

  63. 			explicit key(std::string const &);

  64. 			///

  65. 			/// Get the pointer to data, never returns NULL even if size() == 0

  66. 			///

  67. 			char const *data() const;

  68. 			///

  69. 			/// Get the size of the key

  70. 			///

  71. 			size_t size() const;

  72. 

  73. 			///

  74. 			/// Clear the key - and clear the area it was stored it

  75. 			///

  76. 			void reset();

  77. 

  78. 			///

  79. 			/// Set the binary value for the key

  80. 			///

  81. 			void set(void const *ptr,size_t len);

  82. 			///

  83. 			/// Set the value for the key using hexadecimal representation 

  84. 			///

  85. 			void set_hex(char const *ptr,size_t len);

  86. 			

  87. 			///

  88. 			/// Read the key from file. Under windows file_name should be UTF-8 encoded

  89. 			/// string.

  90. 			///

  91. 			void read_from_file(std::string const &file_name);

  92. 

  93. 		private:

  94. 			static unsigned from_hex(char c);

  95. 			char *data_;

  96. 			size_t size_;

  97. 		};

  98. 		///

  99. 		/// \brief this class provides an API to calculate various cryptographic hash functions

  100. 		///

  101. 		class CPPCMS_API message_digest : public booster::noncopyable {

  102. 		protected:

  103. 			/// It should be implemented in derived classes

  104. 			message_digest()

  105. 			{

  106. 			}

  107. 		public:

  108. 			virtual ~message_digest()

  109. 			{

  110. 			}

  111. 			

  112. 			///

  113. 			/// Get the size of message digest, for example for MD5 it is 16, for SHA1 it is 20

  114. 			///

  115. 			virtual unsigned digest_size() const = 0;

  116. 			///

  117. 			/// Get processing block size, returns 64 or 128, used mostly for correct HMAC calculations

  118. 			///

  119. 			virtual unsigned block_size() const = 0;

  120. 

  121. 			///

  122. 			/// Add more data of size bytes for processing

  123. 			///

  124. 			virtual void append(void const *ptr,size_t size) = 0;

  125. 			///

  126. 			/// Read the message digest for the data and reset it into initial state,

  127. 			/// provided buffer must be digest_size() bytes

  128. 			///

  129. 			virtual void readout(void *ptr) = 0;

  130. 

  131. 			///

  132. 			/// Make a polymorphic copy of this object, note the state of copied object is reset to 

  133. 			/// initial

  134. 			///

  135. 			virtual message_digest *clone() const = 0;

  136. 

  137. 			///

  138. 			/// Get the name of the hash function

  139. 			///

  140. 			virtual char const *name() const = 0;

  141. 

  142. 			///

  143. 			/// Create MD5 message digest

  144. 			///

  145. 			static std::auto_ptr<message_digest> md5();

  146. 			///

  147. 			/// Create SHA1 message digest

  148. 			///

  149. 			static std::auto_ptr<message_digest> sha1();

  150. 			///

  151. 			/// Create message digest by name, more then sha1 and md5 may be supported,

  152. 			/// if CppCMS is compiled with cryptography library like libgcrypt or openssl

  153. 			///

  154. 			static std::auto_ptr<message_digest> create_by_name(std::string const &name);

  155. 		};

  156. 		

  157. 		///

  158. 		/// \brief This object calculates the HMAC signature for the input data

  159. 		///

  160. 		class CPPCMS_API hmac : public booster::noncopyable  {

  161. 		public:

  162. 			///

  163. 			/// Create hmac that uses given \a digest algorithm and a binary key - \a key

  164. 			///

  165. 			hmac(std::auto_ptr<message_digest> digest,key const &k);

  166. 			///

  167. 			/// Create hmac that uses message digest algorithm called \a name and use a binary key - \a key

  168. 			///

  169. 			hmac(std::string const &name,key const &k);

  170. 			~hmac();

  171. 

  172. 			///

  173. 			/// Get the size of the signtature

  174. 			///

  175. 			unsigned digest_size() const;

  176. 

  177. 			///

  178. 			/// Add data for signing

  179. 			///

  180. 			void append(void const *ptr,size_t size);

  181. 

  182. 			///

  183. 			/// Get the signature for all the data, after calling this function

  184. 			/// the state of the hmac is reset and it can be used for signing again

  185. 			///

  186. 			/// Note: provided buffer must be digest_size() bytes long.

  187. 			///

  188. 			void readout(void *ptr);

  189. 		private:

  190. 			void init();	

  191. 			struct data_;

  192. 			booster::hold_ptr<data_> d;

  193. 			std::auto_ptr<message_digest> md_,md_opad_;

  194. 			key key_;

  195. 		};

  196. 

  197. 		///

  198. 		/// \brief  Cipher-block chaining encryption and decryption cryptographic service.

  199. 		/// 

  200. 		/// \note In order to use it, you \b must compile CppCMS with OpenSSL (libcrypto) or GNU-TLS (libgcrypt) library.

  201. 		///

  202. 		class CPPCMS_API cbc  : public booster::noncopyable {

  203. 		public:

  204. 			///

  205. 			/// CBC encryption type

  206. 			///

  207. 			typedef enum {

  208. 				aes128 	= 0,	///< AES-128

  209. 				aes192	= 1,	///< AES-192

  210. 				aes256	= 2 	///< AES-256

  211. 			} cbc_type;

  212. 		

  213. 			///

  214. 			/// Create a new cbc object that performs encryption using \a type method.

  215. 			///

  216. 			/// If the encryption method is not supported returns an empty pointer! 

  217. 			///

  218. 			static std::auto_ptr<cbc> create(cbc_type type);

  219. 			///

  220. 			/// Create a new cbc object that performs encryption using algorithm \a name

  221. 			///

  222. 			/// If the encryption method is not supported returns an empty pointer! 

  223. 			///

  224. 			/// Currently supported aes128, aes192, aes256, with names "aes" = "aes-128" = "aes128" , "aes-192" "aes192",

  225. 			/// "aes-256" = "aes256". They require CppCMS to be compiled with OpenSSL or GNU-TLS library

  226. 			///

  227. 			static std::auto_ptr<cbc> create(std::string const &name);

  228. 

  229. 			///

  230. 			/// Get the size of the block CBC works on

  231. 			///

  232. 			virtual unsigned block_size() const = 0;

  233. 			///

  234. 			/// Get the required key size in bytes

  235. 			///

  236. 			virtual unsigned key_size() const = 0;

  237. 

  238. 			///

  239. 			/// Set the key value

  240. 			///

  241. 			virtual void set_key(key const &) = 0;

  242. 			///

  243. 			/// Set initial vector value, size should be equal  to block_size()

  244. 			///

  245. 			virtual void set_iv(void const *ptr,size_t size) = 0;

  246. 			///

  247. 			/// Set randomly created initial vector value

  248. 			///

  249. 			virtual void set_nonce_iv() = 0;

  250. 			///

  251. 			/// Encrypt the data \a in to \a out of size \a len. \a len should be multiple of block_size()

  252. 			///

  253. 			virtual void encrypt(void const *in,void *out,unsigned len) = 0;

  254. 			///

  255. 			/// Decrypt the data \a in to \a out of size \a len. \a len should be multiple of block_size()

  256. 			///

  257. 			virtual void decrypt(void const *in,void *out,unsigned len) = 0;

  258. 

  259. 			virtual ~cbc() 

  260. 			{

  261. 			}

  262. 			

  263. 		};

  264. 

  265. 	} // crypto

  266. 

  267. } // cppcms

  268. 

  269. 

  270. 

  271. #endif