xrootd
|
00001 // $Id$ 00002 #ifndef __CRYPTO_SSLCIPHER_H__ 00003 #define __CRYPTO_SSLCIPHER_H__ 00004 /******************************************************************************/ 00005 /* */ 00006 /* X r d C r y p t o S s l C i p h e r . h h */ 00007 /* */ 00008 /* (c) 2004 by the Board of Trustees of the Leland Stanford, Jr., University */ 00009 /* All Rights Reserved. See XrdInfo.cc for complete License Terms */ 00010 /* Produced by Andrew Hanushevsky for Stanford University under contract */ 00011 /* DE-AC03-76-SFO0515 with the Department of Energy */ 00012 /******************************************************************************/ 00013 00014 /* ************************************************************************** */ 00015 /* */ 00016 /* OpenSSL implementation of XrdCryptoCipher */ 00017 /* */ 00018 /* ************************************************************************** */ 00019 00020 #include <XrdCrypto/XrdCryptoCipher.hh> 00021 00022 #include <openssl/evp.h> 00023 #include <openssl/dh.h> 00024 00025 #define kDHMINBITS 128 00026 00027 // ---------------------------------------------------------------------------// 00028 // 00029 // OpenSSL Cipher Implementation 00030 // 00031 // ---------------------------------------------------------------------------// 00032 class XrdCryptosslCipher : public XrdCryptoCipher 00033 { 00034 private: 00035 char *fIV; 00036 int lIV; 00037 const EVP_CIPHER *cipher; 00038 EVP_CIPHER_CTX ctx; 00039 DH *fDH; 00040 bool deflength; 00041 bool valid; 00042 00043 void GenerateIV(); 00044 int EncDec(int encdec, const char *bin, int lin, char *out); 00045 void PrintPublic(BIGNUM *pub); 00046 int Publen(); 00047 00048 public: 00049 XrdCryptosslCipher(const char *t, int l = 0); 00050 XrdCryptosslCipher(const char *t, int l, const char *k, 00051 int liv, const char *iv); 00052 XrdCryptosslCipher(XrdSutBucket *b); 00053 XrdCryptosslCipher(int len, char *pub, int lpub, const char *t); 00054 XrdCryptosslCipher(const XrdCryptosslCipher &c); 00055 virtual ~XrdCryptosslCipher(); 00056 00057 // Finalize key computation (key agreement) 00058 bool Finalize(char *pub, int lpub, const char *t); 00059 void Cleanup(); 00060 00061 // Validity 00062 bool IsValid() { return valid; } 00063 00064 // Support 00065 static bool IsSupported(const char *cip); 00066 00067 // Required buffer size for encrypt / decrypt operations on l bytes 00068 int EncOutLength(int l); 00069 int DecOutLength(int l); 00070 char *Public(int &lpub); 00071 00072 // Additional getter 00073 XrdSutBucket *AsBucket(); 00074 char *IV(int &l) const { l = lIV; return fIV; } 00075 bool IsDefaultLength() const { return deflength; } 00076 00077 // Additional setter 00078 void SetIV(int l, const char *iv); 00079 00080 // Additional methods 00081 int Encrypt(const char *bin, int lin, char *out); 00082 int Decrypt(const char *bin, int lin, char *out); 00083 char *RefreshIV(int &l); 00084 }; 00085 #endif