mptcp/wanproxy
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

version 3.0

Browse source
This commit is contained in:
Bramfeld Team 2015-08-31 14:01:44 +02:00
commit d837490606
209 changed files with 19662 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

0
crypto/Makefile Normal file
View file

5
crypto/TODO Normal file
View file

@ -0,0 +1,5 @@
o) Find a good way to integrate the CryptoThread, CryptoSystem code.
o) Process all cryptographic operations in the (a?) CryptoThread.
o) DH infrastructure.
o) BIGNUM infrastructure?
o) Lots more algorithms.

103
crypto/crypto_encryption.cc Normal file
View file

@ -0,0 +1,103 @@
/*
* Copyright (c) 2011-2012 Juli Mallett. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <common/registrar.h>
#include <crypto/crypto_encryption.h>
namespace {
struct MethodRegistrarKey;
typedef Registrar<MethodRegistrarKey, const CryptoEncryption::Method *> MethodRegistrar;
}
CryptoEncryption::Method::Method(const std::string& name)
: name_(name)
{
MethodRegistrar::instance()->enter(this);
}
const CryptoEncryption::Method *
CryptoEncryption::Method::method(CryptoEncryption::Cipher cipher)
{
std::set<const CryptoEncryption::Method *> method_set = MethodRegistrar::instance()->enumerate();
std::set<const CryptoEncryption::Method *>::const_iterator it;
for (it = method_set.begin(); it != method_set.end(); ++it) {
const CryptoEncryption::Method *m = *it;
std::set<CryptoEncryption::Cipher> cipher_set = m->ciphers();
if (cipher_set.find(cipher) == cipher_set.end())
continue;
return (*it);
}
ERROR("/crypto/encryption/method") << "Could not find a method for cipher: " << cipher;
return (NULL);
}
std::ostream&
operator<< (std::ostream& os, CryptoEncryption::Algorithm algorithm)
{
switch (algorithm) {
case CryptoEncryption::TripleDES:
return (os << "3DES");
case CryptoEncryption::AES128:
return (os << "AES128");
case CryptoEncryption::AES192:
return (os << "AES192");
case CryptoEncryption::AES256:
return (os << "AES256");
case CryptoEncryption::Blowfish:
return (os << "Blowfish");
case CryptoEncryption::CAST:
return (os << "CAST");
case CryptoEncryption::IDEA:
return (os << "IDEA");
case CryptoEncryption::RC4:
return (os << "RC4");
}
NOTREACHED("/crypto/encryption");
}
std::ostream&
operator<< (std::ostream& os, CryptoEncryption::Mode mode)
{
switch (mode) {
case CryptoEncryption::CBC:
return (os << "CBC");
case CryptoEncryption::CTR:
return (os << "CTR");
case CryptoEncryption::Stream:
return (os << "Stream");
}
NOTREACHED("/crypto/encryption");
}
std::ostream&
operator<< (std::ostream& os, CryptoEncryption::Cipher cipher)
{
return (os << cipher.first << "/" << cipher.second);
}

110
crypto/crypto_encryption.h Normal file
View file

@ -0,0 +1,110 @@
/*
* Copyright (c) 2010-2012 Juli Mallett. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef CRYPTO_CRYPTO_ENCRYPTION_H
#define CRYPTO_CRYPTO_ENCRYPTION_H
#include <set>
#include <event/action.h>
#include <event/event_callback.h>
////////////////////////////////////////////////////////////////////////////////
// //
// File: crypto_encryption.h //
// Description: basic encryption machinery //
// Project: WANProxy XTech //
// Adapted by: Andreu Vidal Bramfeld-Software //
// Last modified: 2015-04-01 //
// //
////////////////////////////////////////////////////////////////////////////////
namespace CryptoEncryption {
class Method;
enum Algorithm {
TripleDES,
AES128,
AES192,
AES256,
Blowfish,
CAST,
IDEA,
RC4,
};
enum Mode {
CBC,
CTR,
Stream,
};
typedef std::pair<Algorithm, Mode> Cipher;
enum Operation {
Encrypt,
Decrypt,
};
class Session {
protected:
Session(void)
{ }
public:
virtual ~Session()
{ }
virtual unsigned block_size(void) const = 0;
virtual unsigned key_size(void) const = 0;
virtual unsigned iv_size(void) const = 0;
virtual Session *clone(void) const = 0;
virtual bool initialize(Operation, const Buffer *, const Buffer *) = 0;
virtual bool cipher(Buffer *, const Buffer *) = 0;
//virtual Action *submit(Buffer *, EventCallback *) = 0;
};
class Method {
std::string name_;
protected:
Method(const std::string&);
virtual ~Method()
{ }
public:
virtual std::set<Cipher> ciphers(void) const = 0;
virtual Session *session(Cipher) const = 0;
static const Method *method(Cipher);
};
}
std::ostream& operator<< (std::ostream&, CryptoEncryption::Algorithm);
std::ostream& operator<< (std::ostream&, CryptoEncryption::Mode);
std::ostream& operator<< (std::ostream&, CryptoEncryption::Cipher);
#endif /* !CRYPTO_CRYPTO_ENCRYPTION_H */

306
crypto/crypto_encryption_openssl.cc Normal file
View file

@ -0,0 +1,306 @@
/*
* Copyright (c) 2010-2012 Juli Mallett. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <openssl/aes.h>
#include <openssl/evp.h>
#include <common/factory.h>
#include <crypto/crypto_encryption.h>
////////////////////////////////////////////////////////////////////////////////
// //
// File: crypto_encryption_openssl.cc //
// Description: interface to the OpenSSL encryption functions //
// Project: WANProxy XTech //
// Adapted by: Andreu Vidal Bramfeld-Software //
// Last modified: 2015-04-01 //
// //
////////////////////////////////////////////////////////////////////////////////
namespace {
class SessionEVP : public CryptoEncryption::Session {
LogHandle log_;
const EVP_CIPHER *cipher_;
EVP_CIPHER_CTX ctx_;
public:
SessionEVP(const EVP_CIPHER *xcipher)
: log_("/crypto/encryption/session/openssl"),
cipher_(xcipher),
ctx_()
{
EVP_CIPHER_CTX_init(&ctx_);
}
~SessionEVP()
{
EVP_CIPHER_CTX_cleanup(&ctx_);
}
unsigned block_size(void) const
{
return (EVP_CIPHER_block_size(cipher_));
}
unsigned key_size(void) const
{
return (EVP_CIPHER_key_length(cipher_));
}
unsigned iv_size(void) const
{
return (EVP_CIPHER_iv_length(cipher_));
}
Session *clone(void) const
{
return (new SessionEVP(cipher_));
}
bool initialize(CryptoEncryption::Operation operation, const Buffer *key, const Buffer *iv)
{
if (key->length() < (size_t)EVP_CIPHER_key_length(cipher_))
return (false);
if (iv->length() < (size_t)EVP_CIPHER_iv_length(cipher_))
return (false);
int enc;
switch (operation) {
case CryptoEncryption::Encrypt:
enc = 1;
break;
case CryptoEncryption::Decrypt:
enc = 0;
break;
default:
return (false);
}
uint8_t keydata[key->length()];
key->copyout(keydata, sizeof keydata);
uint8_t ivdata[iv->length()];
iv->copyout(ivdata, sizeof ivdata);
int rv = EVP_CipherInit(&ctx_, cipher_, keydata, ivdata, enc);
if (rv == 0)
return (false);
return (true);
}
bool cipher(Buffer *out, const Buffer *in)
{
/*
* We process a single, large, linear byte buffer here rather
* than going a BufferSegment at a time, even though the byte
* buffer is less efficient than some alternatives, because
* there are padding and buffering implications if each
* BufferSegment's length is not modular to the block size.
*/
uint8_t indata[in->length()];
in->copyout(indata, sizeof indata);
uint8_t outdata[sizeof indata];
int rv = EVP_Cipher(&ctx_, outdata, indata, sizeof indata);
if (rv == 0)
return (false);
out->append(outdata, sizeof outdata);
return (true);
}
/*
Action *submit(Buffer *in, EventCallback *cb)
{
Buffer out;
if (!cipher(&out, in)) {
in->clear();
cb->param(Event::Error);
return (cb->schedule());
}
in->clear();
cb->param(Event(Event::Done, out));
return (cb->schedule());
}
*/
};
class SessionAES128CTR : public CryptoEncryption::Session {
LogHandle log_;
AES_KEY key_;
uint8_t iv_[AES_BLOCK_SIZE];
public:
SessionAES128CTR(void)
: log_("/crypto/encryption/session/openssl"),
key_(),
iv_()
{ }
~SessionAES128CTR()
{ }
unsigned block_size(void) const
{
return (AES_BLOCK_SIZE);
}
unsigned key_size(void) const
{
return (AES_BLOCK_SIZE);
}
unsigned iv_size(void) const
{
return (AES_BLOCK_SIZE);
}
Session *clone(void) const
{
return (new SessionAES128CTR());
}
bool initialize(CryptoEncryption::Operation operation, const Buffer *key, const Buffer *iv)
{
(void)operation;
if (key->length() != AES_BLOCK_SIZE)
return (false);
if (iv->length() != AES_BLOCK_SIZE)
return (false);
uint8_t keydata[key->length()];
key->copyout(keydata, sizeof keydata);
AES_set_encrypt_key(keydata, AES_BLOCK_SIZE * 8, &key_);
iv->copyout(iv_, sizeof iv_);
return (true);
}
bool cipher(Buffer *out, const Buffer *in)
{
ASSERT(log_, in->length() % AES_BLOCK_SIZE == 0);
/*
* Temporaries for AES_ctr128_encrypt.
*
* Their values only need to persist if we aren't using block-sized
* buffers, which we are. We could just use AES_ctr128_inc and do
* the crypt operation by hand here.
*/
uint8_t counterbuf[AES_BLOCK_SIZE]; /* Will be initialized if countern==0. */
unsigned countern = 0;
/*
* We process a single, large, linear byte buffer here rather
* than going a BufferSegment at a time, even though the byte
* buffer is less efficient than some alternatives, because
* there are padding and buffering implications if each
* BufferSegment's length is not modular to the block size.
*/
uint8_t indata[in->length()];
in->copyout(indata, sizeof indata);
uint8_t outdata[sizeof indata];
AES_ctr128_encrypt(indata, outdata, sizeof indata, &key_, iv_, counterbuf, &countern);
out->append(outdata, sizeof outdata);
return (true);
}
/*
Action *submit(Buffer *in, EventCallback *cb)
{
Buffer out;
if (!cipher(&out, in)) {
in->clear();
cb->param(Event::Error);
return (cb->schedule());
}
in->clear();
cb->param(Event(Event::Done, out));
return (cb->schedule());
}
*/
};
class MethodOpenSSL : public CryptoEncryption::Method {
LogHandle log_;
FactoryMap<CryptoEncryption::Cipher, CryptoEncryption::Session> cipher_map_;
public:
MethodOpenSSL(void)
: CryptoEncryption::Method("OpenSSL"),
log_("/crypto/encryption/openssl"),
cipher_map_()
{
OpenSSL_add_all_algorithms();
factory<SessionEVP> evp_factory;
cipher_map_.enter(CryptoEncryption::Cipher(CryptoEncryption::TripleDES, CryptoEncryption::CBC), evp_factory(EVP_des_ede3_cbc()));
cipher_map_.enter(CryptoEncryption::Cipher(CryptoEncryption::AES128, CryptoEncryption::CBC), evp_factory(EVP_aes_128_cbc()));
cipher_map_.enter(CryptoEncryption::Cipher(CryptoEncryption::AES192, CryptoEncryption::CBC), evp_factory(EVP_aes_192_cbc()));
cipher_map_.enter(CryptoEncryption::Cipher(CryptoEncryption::AES256, CryptoEncryption::CBC), evp_factory(EVP_aes_256_cbc()));
#if 0
cipher_map_.enter(CryptoEncryption::Cipher(CryptoEncryption::AES128, CryptoEncryption::CTR), evp_factory(EVP_aes_128_ctr()));
cipher_map_.enter(CryptoEncryption::Cipher(CryptoEncryption::AES192, CryptoEncryption::CTR), evp_factory(EVP_aes_192_ctr()));
cipher_map_.enter(CryptoEncryption::Cipher(CryptoEncryption::AES256, CryptoEncryption::CTR), evp_factory(EVP_aes_256_ctr()));
#else
factory<SessionAES128CTR> aes128ctr_factory;
cipher_map_.enter(CryptoEncryption::Cipher(CryptoEncryption::AES128, CryptoEncryption::CTR), aes128ctr_factory());
#endif
#ifndef OPENSSL_NO_BF
cipher_map_.enter(CryptoEncryption::Cipher(CryptoEncryption::Blowfish, CryptoEncryption::CBC), evp_factory(EVP_bf_cbc()));
#endif
#ifndef OPENSSL_NO_CAST
cipher_map_.enter(CryptoEncryption::Cipher(CryptoEncryption::CAST, CryptoEncryption::CBC), evp_factory(EVP_cast5_cbc()));
#endif
#ifndef OPENSSL_NO_IDEA
cipher_map_.enter(CryptoEncryption::Cipher(CryptoEncryption::IDEA, CryptoEncryption::CBC), evp_factory(EVP_idea_cbc()));
#endif
cipher_map_.enter(CryptoEncryption::Cipher(CryptoEncryption::RC4, CryptoEncryption::Stream), evp_factory(EVP_rc4()));
/* XXX Register. */
}
~MethodOpenSSL()
{
/* XXX Unregister. */
}
std::set<CryptoEncryption::Cipher> ciphers(void) const
{
return (cipher_map_.keys());
}
CryptoEncryption::Session *session(CryptoEncryption::Cipher cipher) const
{
return (cipher_map_.create(cipher));
}
};
static MethodOpenSSL crypto_encryption_method_openssl;
}

77
crypto/crypto_hash.cc Normal file
View file

@ -0,0 +1,77 @@
/*
* Copyright (c) 2011-2012 Juli Mallett. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <common/registrar.h>
#include <crypto/crypto_hash.h>
namespace {
struct MethodRegistrarKey;
typedef Registrar<MethodRegistrarKey, const CryptoHash::Method *> MethodRegistrar;
}
CryptoHash::Method::Method(const std::string& name)
: name_(name)
{
MethodRegistrar::instance()->enter(this);
}
const CryptoHash::Method *
CryptoHash::Method::method(CryptoHash::Algorithm algorithm)
{
std::set<const CryptoHash::Method *> method_set = MethodRegistrar::instance()->enumerate();
std::set<const CryptoHash::Method *>::const_iterator it;
for (it = method_set.begin(); it != method_set.end(); ++it) {
const CryptoHash::Method *m = *it;
std::set<CryptoHash::Algorithm> algorithm_set = m->algorithms();
if (algorithm_set.find(algorithm) == algorithm_set.end())
continue;
return (*it);
}
ERROR("/crypto/encryption/method") << "Could not find a method for algorithm: " << algorithm;
return (NULL);
}
std::ostream&
operator<< (std::ostream& os, CryptoHash::Algorithm algorithm)
{
switch (algorithm) {
case CryptoHash::MD5:
return (os << "MD5");
case CryptoHash::SHA1:
return (os << "SHA1");
case CryptoHash::SHA256:
return (os << "SHA256");
case CryptoHash::SHA512:
return (os << "SHA512");
case CryptoHash::RIPEMD160:
return (os << "RIPEMD160");
}
NOTREACHED("/crypto/encryption");
}

103
crypto/crypto_hash.h Normal file
View file

@ -0,0 +1,103 @@
/*
* Copyright (c) 2010-2012 Juli Mallett. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef CRYPTO_CRYPTO_HASH_H
#define CRYPTO_CRYPTO_HASH_H
#include <set>
#include <event/action.h>
#include <event/event_callback.h>
////////////////////////////////////////////////////////////////////////////////
// //
// File: crypto_hash.h //
// Description: basic encryption machinery //
// Project: WANProxy XTech //
// Adapted by: Andreu Vidal Bramfeld-Software //
// Last modified: 2015-04-01 //
// //
////////////////////////////////////////////////////////////////////////////////
namespace CryptoHash {
class Method;
enum Algorithm {
MD5,
SHA1,
SHA256,
SHA512,
RIPEMD160,
};
class Instance {
protected:
Instance(void)
{ }
public:
virtual ~Instance()
{ }
virtual bool hash(Buffer *, const Buffer *) = 0;
//virtual Action *submit(Buffer *, EventCallback *) = 0;
};
class Method {
std::string name_;
protected:
Method(const std::string&);
virtual ~Method()
{ }
public:
virtual std::set<Algorithm> algorithms(void) const = 0;
virtual Instance *instance(Algorithm) const = 0;
static const Method *method(Algorithm);
};
static inline Instance *instance(Algorithm algorithm)
{
const Method *method = Method::method(algorithm);
if (method == NULL)
return (NULL);
return (method->instance(algorithm));
}
static inline bool hash(Algorithm algorithm, Buffer *out, const Buffer *in)
{
Instance *i = instance(algorithm);
if (i == NULL)
return (false);
bool ok = i->hash(out, in);
delete i;
return (ok);
}
}
std::ostream& operator<< (std::ostream&, CryptoHash::Algorithm);
#endif /* !CRYPTO_CRYPTO_HASH_H */

130
crypto/crypto_hash_openssl.cc Normal file
View file

@ -0,0 +1,130 @@
/*
* Copyright (c) 2010-2012 Juli Mallett. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <common/factory.h>
#include <crypto/crypto_hash.h>
////////////////////////////////////////////////////////////////////////////////
// //
// File: crypto_hash_openssl.cc //
// Description: interface to the OpenSSL encryption functions //
// Project: WANProxy XTech //
// Adapted by: Andreu Vidal Bramfeld-Software //
// Last modified: 2015-04-01 //
// //
////////////////////////////////////////////////////////////////////////////////
namespace {
class InstanceEVP : public CryptoHash::Instance {
LogHandle log_;
const EVP_MD *algorithm_;
public:
InstanceEVP(const EVP_MD *algorithm)
: log_("/crypto/hash/instance/openssl"),
algorithm_(algorithm)
{ }
~InstanceEVP()
{ }
virtual bool hash(Buffer *out, const Buffer *in)
{
/*
* We process a single, large, linear byte buffer here rather
* than going a BufferSegment at a time, even though the byte
* buffer is less efficient than some alternatives, because
* there are padding and buffering implications if each
* BufferSegment's length is not modular to the block size.
*/
uint8_t indata[in->length()];
in->copyout(indata, sizeof indata);
uint8_t macdata[EVP_MD_size(algorithm_)];
unsigned maclen;
if (!EVP_Digest(indata, sizeof indata, macdata, &maclen, algorithm_, NULL))
return (false);
ASSERT(log_, maclen == sizeof macdata);
out->append(macdata, maclen);
return (true);
}
/*
Action *submit(Buffer *in, EventCallback *cb)
{
Buffer out;
if (!hash(&out, in)) {
in->clear();
cb->param(Event::Error);
return (cb->schedule());
}
in->clear();
cb->param(Event(Event::Done, out));
return (cb->schedule());
}
*/
};
class MethodOpenSSL : public CryptoHash::Method {
LogHandle log_;
FactoryMap<CryptoHash::Algorithm, CryptoHash::Instance> algorithm_map_;
public:
MethodOpenSSL(void)
: CryptoHash::Method("OpenSSL"),
log_("/crypto/hash/openssl"),
algorithm_map_()
{
OpenSSL_add_all_algorithms();
factory<InstanceEVP> evp_factory;
algorithm_map_.enter(CryptoHash::MD5, evp_factory(EVP_md5()));
algorithm_map_.enter(CryptoHash::SHA1, evp_factory(EVP_sha1()));
algorithm_map_.enter(CryptoHash::SHA256, evp_factory(EVP_sha256()));
algorithm_map_.enter(CryptoHash::SHA512, evp_factory(EVP_sha512()));
algorithm_map_.enter(CryptoHash::RIPEMD160, evp_factory(EVP_ripemd160()));
/* XXX Register. */
}
~MethodOpenSSL()
{
/* XXX Unregister. */
}
std::set<CryptoHash::Algorithm> algorithms(void) const
{
return (algorithm_map_.keys());
}
CryptoHash::Instance *instance(CryptoHash::Algorithm algorithm) const
{
return (algorithm_map_.create(algorithm));
}
};
static MethodOpenSSL crypto_hash_method_openssl;
}

77
crypto/crypto_mac.cc Normal file
View file

@ -0,0 +1,77 @@
/*
* Copyright (c) 2011-2012 Juli Mallett. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <common/registrar.h>
#include <crypto/crypto_mac.h>
namespace {
struct MethodRegistrarKey;
typedef Registrar<MethodRegistrarKey, const CryptoMAC::Method *> MethodRegistrar;
}
CryptoMAC::Method::Method(const std::string& name)
: name_(name)
{
MethodRegistrar::instance()->enter(this);
}
const CryptoMAC::Method *
CryptoMAC::Method::method(CryptoMAC::Algorithm algorithm)
{
std::set<const CryptoMAC::Method *> method_set = MethodRegistrar::instance()->enumerate();
std::set<const CryptoMAC::Method *>::const_iterator it;
for (it = method_set.begin(); it != method_set.end(); ++it) {
const CryptoMAC::Method *m = *it;
std::set<CryptoMAC::Algorithm> algorithm_set = m->algorithms();
if (algorithm_set.find(algorithm) == algorithm_set.end())
continue;
return (*it);
}
ERROR("/crypto/encryption/method") << "Could not find a method for algorithm: " << algorithm;
return (NULL);
}
std::ostream&
operator<< (std::ostream& os, CryptoMAC::Algorithm algorithm)
{
switch (algorithm) {
case CryptoMAC::MD5:
return (os << "HMAC-MD5");
case CryptoMAC::SHA1:
return (os << "HMAC-SHA1");
case CryptoMAC::SHA256:
return (os << "HMAC-SHA256");
case CryptoMAC::SHA512:
return (os << "HMAC-SHA512");
case CryptoMAC::RIPEMD160:
return (os << "HMAC-RIPEMD160");
}
NOTREACHED("/crypto/encryption");
}

91
crypto/crypto_mac.h Normal file
View file

@ -0,0 +1,91 @@
/*
* Copyright (c) 2010-2012 Juli Mallett. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef CRYPTO_CRYPTO_MAC_H
#define CRYPTO_CRYPTO_MAC_H
#include <set>
#include <event/action.h>
#include <event/event_callback.h>
////////////////////////////////////////////////////////////////////////////////
// //
// File: crypto_mac.h //
// Description: basic encryption machinery //
// Project: WANProxy XTech //
// Adapted by: Andreu Vidal Bramfeld-Software //
// Last modified: 2015-04-01 //
// //
////////////////////////////////////////////////////////////////////////////////
namespace CryptoMAC {
class Method;
enum Algorithm {
MD5,
SHA1,
SHA256,
SHA512,
RIPEMD160,
};
class Instance {
protected:
Instance(void)
{ }
public:
virtual ~Instance()
{ }
virtual unsigned size(void) const = 0;
virtual Instance *clone(void) const = 0;
virtual bool initialize(const Buffer * = NULL) = 0;
virtual bool mac(Buffer *, const Buffer *) = 0;
//virtual Action *submit(Buffer *, EventCallback *) = 0;
};
class Method {
std::string name_;
protected:
Method(const std::string&);
virtual ~Method()
{ }
public:
virtual std::set<Algorithm> algorithms(void) const = 0;
virtual Instance *instance(Algorithm) const = 0;
static const Method *method(Algorithm);
};
}
std::ostream& operator<< (std::ostream&, CryptoMAC::Algorithm);
#endif /* !CRYPTO_CRYPTO_MAC_H */

156
crypto/crypto_mac_openssl.cc Normal file
View file

@ -0,0 +1,156 @@
/*
* Copyright (c) 2010-2012 Juli Mallett. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <common/factory.h>
#include <crypto/crypto_mac.h>
////////////////////////////////////////////////////////////////////////////////
// //
// File: crypto_mac_openssl.cc //
// Description: interface to the OpenSSL encryption functions //
// Project: WANProxy XTech //
// Adapted by: Andreu Vidal Bramfeld-Software //
// Last modified: 2015-04-01 //
// //
////////////////////////////////////////////////////////////////////////////////
namespace {
class InstanceEVP : public CryptoMAC::Instance {
LogHandle log_;
const EVP_MD *algorithm_;
uint8_t key_[EVP_MAX_KEY_LENGTH];
size_t key_length_;
public:
InstanceEVP(const EVP_MD *algorithm)
: log_("/crypto/mac/instance/openssl"),
algorithm_(algorithm),
key_(),
key_length_(0)
{ }
~InstanceEVP()
{ }
unsigned size(void) const
{
return (EVP_MD_size(algorithm_));
}
Instance *clone(void) const
{
ASSERT(log_, key_length_ == 0);
return (new InstanceEVP(algorithm_));
}
bool initialize(const Buffer *key)
{
if (key->length() > EVP_MAX_KEY_LENGTH)
return (false);
key->copyout(key_, key->length());
key_length_ = key->length();
return (true);
}
bool mac(Buffer *out, const Buffer *in)
{
/*
* We process a single, large, linear byte buffer here rather
* than going a BufferSegment at a time, even though the byte
* buffer is less efficient than some alternatives, because
* there are padding and buffering implications if each
* BufferSegment's length is not modular to the block size.
*/
uint8_t indata[in->length()];
in->copyout(indata, sizeof indata);
uint8_t macdata[EVP_MD_size(algorithm_)];
unsigned maclen;
if (HMAC(algorithm_, key_, key_length_, indata, sizeof indata, macdata, &maclen) == NULL)
return (false);
ASSERT(log_, maclen == sizeof macdata);
out->append(macdata, maclen);
return (true);
}
/*
Action *submit(Buffer *in, EventCallback *cb)
{
Buffer out;
if (!mac(&out, in)) {
in->clear();
cb->param(Event::Error);
return (cb->schedule());
}
in->clear();
cb->param(Event(Event::Done, out));
return (cb->schedule());
}
*/
};
class MethodOpenSSL : public CryptoMAC::Method {
LogHandle log_;
FactoryMap<CryptoMAC::Algorithm, CryptoMAC::Instance> algorithm_map_;
public:
MethodOpenSSL(void)
: CryptoMAC::Method("OpenSSL"),
log_("/crypto/mac/openssl"),
algorithm_map_()
{
OpenSSL_add_all_algorithms();
factory<InstanceEVP> evp_factory;
algorithm_map_.enter(CryptoMAC::MD5, evp_factory(EVP_md5()));
algorithm_map_.enter(CryptoMAC::SHA1, evp_factory(EVP_sha1()));
algorithm_map_.enter(CryptoMAC::SHA256, evp_factory(EVP_sha256()));
algorithm_map_.enter(CryptoMAC::SHA512, evp_factory(EVP_sha512()));
algorithm_map_.enter(CryptoMAC::RIPEMD160, evp_factory(EVP_ripemd160()));
/* XXX Register. */
}
~MethodOpenSSL()
{
/* XXX Unregister. */
}
std::set<CryptoMAC::Algorithm> algorithms(void) const
{
return (algorithm_map_.keys());
}
CryptoMAC::Instance *instance(CryptoMAC::Algorithm algorithm) const
{
return (algorithm_map_.create(algorithm));
}
};
static MethodOpenSSL crypto_mac_method_openssl;
}

80
crypto/crypto_random.h Normal file
View file

@ -0,0 +1,80 @@
/*
* Copyright (c) 2010-2011 Juli Mallett. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef CRYPTO_CRYPTO_RANDOM_H
#define CRYPTO_CRYPTO_RANDOM_H
#include <event/action.h>
#include <event/event_callback.h>
////////////////////////////////////////////////////////////////////////////////
// //
// File: crypto_random.h //
// Description: basic encryption machinery //
// Project: WANProxy XTech //
// Adapted by: Andreu Vidal Bramfeld-Software //
// Last modified: 2015-04-01 //
// //
////////////////////////////////////////////////////////////////////////////////
class CryptoRandomMethod;
/*
* XXX
* Add a CryptoTypeBest, which will use whatever the best, available method is.
*/
enum CryptoRandomType {
CryptoTypeRNG,
CryptoTypePRNG,
};
class CryptoRandomSession {
protected:
CryptoRandomSession(void)
{ }
public:
virtual ~CryptoRandomSession()
{ }
//virtual Action *generate(size_t, EventCallback *) = 0;
};
class CryptoRandomMethod {
protected:
CryptoRandomMethod(void)
{ }
virtual ~CryptoRandomMethod()
{ }
public:
virtual bool generate(CryptoRandomType, size_t, Buffer *) const = 0;
virtual CryptoRandomSession *session(CryptoRandomType) const = 0;
/* XXX Registration API somehow. */
static const CryptoRandomMethod *default_method;
};
#endif /* !CRYPTO_CRYPTO_RANDOM_H */

130
crypto/crypto_random_openssl.cc Normal file
View file

@ -0,0 +1,130 @@
/*
* Copyright (c) 2010-2011 Juli Mallett. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <common/factory.h>
#include <crypto/crypto_random.h>
////////////////////////////////////////////////////////////////////////////////
// //
// File: crypto_random_openssl.cc //
// Description: interface to the OpenSSL encryption functions //
// Project: WANProxy XTech //
// Adapted by: Andreu Vidal Bramfeld-Software //
// Last modified: 2015-04-01 //
// //
////////////////////////////////////////////////////////////////////////////////
namespace {
typedef int (RAND_func)(unsigned char *, int);
}
class CryptoRandomSessionRAND : public CryptoRandomSession {
LogHandle log_;
RAND_func *func_;
public:
CryptoRandomSessionRAND(RAND_func *func)
: log_("/crypto/random/session/openssl"),
func_(func)
{ }
~CryptoRandomSessionRAND()
{ }
/*
Action *generate(size_t len, EventCallback *cb)
{
ASSERT(log_, len != 0);
uint8_t bytes[len];
int rv = func_(bytes, sizeof bytes);
if (rv == 0) {
cb->param(Event::Error);
return (cb->schedule());
}
cb->param(Event(Event::Done, Buffer(bytes, sizeof bytes)));
return (cb->schedule());
}
*/
};
class CryptoRandomMethodOpenSSL : public CryptoRandomMethod {
LogHandle log_;
std::map<CryptoRandomType, RAND_func *> func_map_;
public:
CryptoRandomMethodOpenSSL(void)
: log_("/crypto/random/openssl"),
func_map_()
{
OpenSSL_add_all_algorithms();
func_map_[CryptoTypeRNG] = RAND_bytes;
func_map_[CryptoTypePRNG] = RAND_pseudo_bytes;
/* XXX Register. */
}
~CryptoRandomMethodOpenSSL()
{
/* XXX Unregister. */
}
/*
* Synchronous randomness generation. May not succeed.
*/
bool generate(CryptoRandomType func, size_t len, Buffer *out) const
{
std::map<CryptoRandomType, RAND_func *>::const_iterator it;
it = func_map_.find(func);
if (it == func_map_.end())
return (false);
uint8_t bytes[len];
int rv = it->second(bytes, sizeof bytes);
if (rv == 0)
return (false);
out->append(bytes, sizeof bytes);
return (true);
}
CryptoRandomSession *session(CryptoRandomType func) const
{
std::map<CryptoRandomType, RAND_func *>::const_iterator it;
it = func_map_.find(func);
if (it != func_map_.end())
return (new CryptoRandomSessionRAND(it->second));
return (NULL);
}
};
namespace {
static CryptoRandomMethodOpenSSL crypto_random_method_openssl;
}
const CryptoRandomMethod *CryptoRandomMethod::default_method = &crypto_random_method_openssl; /* XXX */

17
crypto/lib.mk Normal file
View file

@ -0,0 +1,17 @@
VPATH+= ${TOPDIR}/crypto
SRCS+= crypto_encryption.cc
SRCS+= crypto_hash.cc
SRCS+= crypto_mac.cc
SRCS+= crypto_encryption_openssl.cc
SRCS+= crypto_hash_openssl.cc
SRCS+= crypto_mac_openssl.cc
SRCS+= crypto_random_openssl.cc
# Apple has decided to deprecate all of OpenSSL in Mac OS X ~Lion~. Brilliant.
ifeq "${OSNAME}" "Darwin"
CFLAGS+= -Wno-deprecated-declarations
endif
LDADD+= -lcrypto