00001 #ifndef __CRYPTO_SSLCIPHER_H__ 00002 #define __CRYPTO_SSLCIPHER_H__ 00003 /******************************************************************************/ 00004 /* */ 00005 /* X r d C r y p t o S s l C i p h e r . h h */ 00006 /* */ 00007 /* (c) 2004 by the Board of Trustees of the Leland Stanford, Jr., University */ 00008 /* Produced by Gerri Ganis for CERN */ 00009 /* */ 00010 /* This file is part of the XRootD software suite. */ 00011 /* */ 00012 /* XRootD is free software: you can redistribute it and/or modify it under */ 00013 /* the terms of the GNU Lesser General Public License as published by the */ 00014 /* Free Software Foundation, either version 3 of the License, or (at your */ 00015 /* option) any later version. */ 00016 /* */ 00017 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */ 00018 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */ 00019 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */ 00020 /* License for more details. */ 00021 /* */ 00022 /* You should have received a copy of the GNU Lesser General Public License */ 00023 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */ 00024 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */ 00025 /* */ 00026 /* The copyright holder's institutional names and contributor's names may not */ 00027 /* be used to endorse or promote products derived from this software without */ 00028 /* specific prior written permission of the institution or contributor. */ 00029 /******************************************************************************/ 00030 00031 /* ************************************************************************** */ 00032 /* */ 00033 /* OpenSSL implementation of XrdCryptoCipher */ 00034 /* */ 00035 /* ************************************************************************** */ 00036 00037 #include "XrdCrypto/XrdCryptoCipher.hh" 00038 00039 #include <openssl/evp.h> 00040 #include <openssl/dh.h> 00041 00042 #define kDHMINBITS 128 00043 00044 // ---------------------------------------------------------------------------// 00045 // 00046 // OpenSSL Cipher Implementation 00047 // 00048 // ---------------------------------------------------------------------------// 00049 class XrdCryptosslCipher : public XrdCryptoCipher 00050 { 00051 private: 00052 char *fIV; 00053 int lIV; 00054 const EVP_CIPHER *cipher; 00055 EVP_CIPHER_CTX *ctx; 00056 DH *fDH; 00057 bool deflength; 00058 bool valid; 00059 00060 void GenerateIV(); 00061 int EncDec(int encdec, const char *bin, int lin, char *out); 00062 void PrintPublic(BIGNUM *pub); 00063 int Publen(); 00064 00065 public: 00066 XrdCryptosslCipher(const char *t, int l = 0); 00067 XrdCryptosslCipher(const char *t, int l, const char *k, 00068 int liv, const char *iv); 00069 XrdCryptosslCipher(XrdSutBucket *b); 00070 XrdCryptosslCipher(bool padded, int len, char *pub, int lpub, const char *t); 00071 XrdCryptosslCipher(const XrdCryptosslCipher &c); 00072 virtual ~XrdCryptosslCipher(); 00073 00074 // Finalize key computation (key agreement) 00075 bool Finalize(bool padded, char *pub, int lpub, const char *t); 00076 void Cleanup(); 00077 00078 // Validity 00079 bool IsValid() { return valid; } 00080 00081 // Support 00082 static bool IsSupported(const char *cip); 00083 00084 // Required buffer size for encrypt / decrypt operations on l bytes 00085 int EncOutLength(int l); 00086 int DecOutLength(int l); 00087 char *Public(int &lpub); 00088 00089 // Additional getter 00090 XrdSutBucket *AsBucket(); 00091 char *IV(int &l) const { l = lIV; return fIV; } 00092 bool IsDefaultLength() const { return deflength; } 00093 int MaxIVLength() const; 00094 00095 // Additional setter 00096 void SetIV(int l, const char *iv); 00097 00098 // Additional methods 00099 int Encrypt(const char *bin, int lin, char *out); 00100 int Decrypt(const char *bin, int lin, char *out); 00101 char *RefreshIV(int &l); 00102 }; 00103 #endif