wanproxy/crypto/crypto_mac_openssl.cc

/*
 * Copyright (c) 2010-2012 Juli Mallett. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#include <openssl/evp.h>
#include <openssl/hmac.h>

#include <common/factory.h>
#include <crypto/crypto_mac.h>

////////////////////////////////////////////////////////////////////////////////
//                                                                            //
// File:           crypto_mac_openssl.cc                                      //
// Description:    interface to the OpenSSL encryption functions              //
// Project:        WANProxy XTech                                             //
// Adapted by:     Andreu Vidal Bramfeld-Software                             //
// Last modified:  2015-04-01                                                 //
//                                                                            //
////////////////////////////////////////////////////////////////////////////////

namespace {
	class InstanceEVP : public CryptoMAC::Instance {
		LogHandle log_;
		const EVP_MD *algorithm_;
		uint8_t key_[EVP_MAX_KEY_LENGTH];
		size_t key_length_;
	public:
		InstanceEVP(const EVP_MD *algorithm)
		: log_("/crypto/mac/instance/openssl"),
		  algorithm_(algorithm),
		  key_(),
		  key_length_(0)
		{ }

		~InstanceEVP()
		{ }

		unsigned size(void) const
		{
			return (EVP_MD_size(algorithm_));
		}

		Instance *clone(void) const
		{
			ASSERT(log_, key_length_ == 0);
			return (new InstanceEVP(algorithm_));
		}

		bool initialize(const Buffer *key)
		{
			if (key->length() > EVP_MAX_KEY_LENGTH)
				return (false);

			key->copyout(key_, key->length());
			key_length_ = key->length();

			return (true);
		}

		bool mac(Buffer *out, const Buffer *in)
		{
			/*
			 * We process a single, large, linear byte buffer here rather
			 * than going a BufferSegment at a time, even though the byte
			 * buffer is less efficient than some alternatives, because
			 * there are padding and buffering implications if each
			 * BufferSegment's length is not modular to the block size.
			 */
			uint8_t indata[in->length()];
			in->copyout(indata, sizeof indata);

			uint8_t macdata[EVP_MD_size(algorithm_)];
			unsigned maclen;
			if (HMAC(algorithm_, key_, key_length_, indata, sizeof indata, macdata, &maclen) == NULL)
				return (false);
			ASSERT(log_, maclen == sizeof macdata);
			out->append(macdata, maclen);
			return (true);
		}

		/*
		Action *submit(Buffer *in, EventCallback *cb)
		{
			Buffer out;
			if (!mac(&out, in)) {
				in->clear();
				cb->param(Event::Error);
				return (cb->schedule());
			}
			in->clear();
			cb->param(Event(Event::Done, out));
			return (cb->schedule());
		}
		*/
	};

	class MethodOpenSSL : public CryptoMAC::Method {
		LogHandle log_;
		FactoryMap<CryptoMAC::Algorithm, CryptoMAC::Instance> algorithm_map_;
	public:
		MethodOpenSSL(void)
		: CryptoMAC::Method("OpenSSL"),
		  log_("/crypto/mac/openssl"),
		  algorithm_map_()
		{
			OpenSSL_add_all_algorithms();

			factory<InstanceEVP> evp_factory;
			algorithm_map_.enter(CryptoMAC::MD5, evp_factory(EVP_md5()));
			algorithm_map_.enter(CryptoMAC::SHA1, evp_factory(EVP_sha1()));
			algorithm_map_.enter(CryptoMAC::SHA256, evp_factory(EVP_sha256()));
			algorithm_map_.enter(CryptoMAC::SHA512, evp_factory(EVP_sha512()));
			algorithm_map_.enter(CryptoMAC::RIPEMD160, evp_factory(EVP_ripemd160()));

			/* XXX Register.  */
		}

		~MethodOpenSSL()
		{
			/* XXX Unregister.  */
		}

		std::set<CryptoMAC::Algorithm> algorithms(void) const
		{
			return (algorithm_map_.keys());
		}

		CryptoMAC::Instance *instance(CryptoMAC::Algorithm algorithm) const
		{
			return (algorithm_map_.create(algorithm));
		}
	};

	static MethodOpenSSL crypto_mac_method_openssl;
}
version 3.0 2015-08-31 12:01:44 +00:00			`/*`
			`* Copyright (c) 2010-2012 Juli Mallett. All rights reserved.`
			`*`
			`* Redistribution and use in source and binary forms, with or without`
			`* modification, are permitted provided that the following conditions`
			`* are met:`
			`* 1. Redistributions of source code must retain the above copyright`
			`* notice, this list of conditions and the following disclaimer.`
			`* 2. Redistributions in binary form must reproduce the above copyright`
			`* notice, this list of conditions and the following disclaimer in the`
			`* documentation and/or other materials provided with the distribution.`
			`*`
			* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
			`* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE`
			`* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE`
			`* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE`
			`* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL`
			`* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS`
			`* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)`
			`* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT`
			`* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY`
			`* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF`
			`* SUCH DAMAGE.`
			`*/`

			`#include <openssl/evp.h>`
			`#include <openssl/hmac.h>`

			`#include <common/factory.h>`
			`#include <crypto/crypto_mac.h>`

			`////////////////////////////////////////////////////////////////////////////////`
			`// //`
			`// File: crypto_mac_openssl.cc //`
			`// Description: interface to the OpenSSL encryption functions //`
			`// Project: WANProxy XTech //`
			`// Adapted by: Andreu Vidal Bramfeld-Software //`
			`// Last modified: 2015-04-01 //`
			`// //`
			`////////////////////////////////////////////////////////////////////////////////`

			`namespace {`
			`class InstanceEVP : public CryptoMAC::Instance {`
			`LogHandle log_;`
			`const EVP_MD *algorithm_;`
			`uint8_t key_[EVP_MAX_KEY_LENGTH];`
			`size_t key_length_;`
			`public:`
			`InstanceEVP(const EVP_MD *algorithm)`
			`: log_("/crypto/mac/instance/openssl"),`
			`algorithm_(algorithm),`
			`key_(),`
			`key_length_(0)`
			`{ }`

			`~InstanceEVP()`
			`{ }`

			`unsigned size(void) const`
			`{`
			`return (EVP_MD_size(algorithm_));`
			`}`

			`Instance *clone(void) const`
			`{`
			`ASSERT(log_, key_length_ == 0);`
			`return (new InstanceEVP(algorithm_));`
			`}`

			`bool initialize(const Buffer *key)`
			`{`
			`if (key->length() > EVP_MAX_KEY_LENGTH)`
			`return (false);`

			`key->copyout(key_, key->length());`
			`key_length_ = key->length();`

			`return (true);`
			`}`

			`bool mac(Buffer out, const Buffer in)`
			`{`
			`/*`
			`* We process a single, large, linear byte buffer here rather`
			`* than going a BufferSegment at a time, even though the byte`
			`* buffer is less efficient than some alternatives, because`
			`* there are padding and buffering implications if each`
			`* BufferSegment's length is not modular to the block size.`
			`*/`
			`uint8_t indata[in->length()];`
			`in->copyout(indata, sizeof indata);`

			`uint8_t macdata[EVP_MD_size(algorithm_)];`
			`unsigned maclen;`
			`if (HMAC(algorithm_, key_, key_length_, indata, sizeof indata, macdata, &maclen) == NULL)`
			`return (false);`
			`ASSERT(log_, maclen == sizeof macdata);`
			`out->append(macdata, maclen);`
			`return (true);`
			`}`

			`/*`
			`Action submit(Buffer in, EventCallback *cb)`
			`{`
			`Buffer out;`
			`if (!mac(&out, in)) {`
			`in->clear();`
			`cb->param(Event::Error);`
			`return (cb->schedule());`
			`}`
			`in->clear();`
			`cb->param(Event(Event::Done, out));`
			`return (cb->schedule());`
			`}`
			`*/`
			`};`

			`class MethodOpenSSL : public CryptoMAC::Method {`
			`LogHandle log_;`
			`FactoryMap<CryptoMAC::Algorithm, CryptoMAC::Instance> algorithm_map_;`
			`public:`
			`MethodOpenSSL(void)`
			`: CryptoMAC::Method("OpenSSL"),`
			`log_("/crypto/mac/openssl"),`
			`algorithm_map_()`
			`{`
			`OpenSSL_add_all_algorithms();`

			`factory<InstanceEVP> evp_factory;`
			`algorithm_map_.enter(CryptoMAC::MD5, evp_factory(EVP_md5()));`
			`algorithm_map_.enter(CryptoMAC::SHA1, evp_factory(EVP_sha1()));`
			`algorithm_map_.enter(CryptoMAC::SHA256, evp_factory(EVP_sha256()));`
			`algorithm_map_.enter(CryptoMAC::SHA512, evp_factory(EVP_sha512()));`
			`algorithm_map_.enter(CryptoMAC::RIPEMD160, evp_factory(EVP_ripemd160()));`

			`/* XXX Register. */`
			`}`

			`~MethodOpenSSL()`
			`{`
			`/* XXX Unregister. */`
			`}`

			`std::set<CryptoMAC::Algorithm> algorithms(void) const`
			`{`
			`return (algorithm_map_.keys());`
			`}`

			`CryptoMAC::Instance *instance(CryptoMAC::Algorithm algorithm) const`
			`{`
			`return (algorithm_map_.create(algorithm));`
			`}`
			`};`

			`static MethodOpenSSL crypto_mac_method_openssl;`
			`}`