156 lines
4.9 KiB
C++
156 lines
4.9 KiB
C++
/*
|
|
* Copyright (c) 2010-2012 Juli Mallett. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#include <openssl/evp.h>
|
|
#include <openssl/hmac.h>
|
|
|
|
#include <common/factory.h>
|
|
#include <crypto/crypto_mac.h>
|
|
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
// //
|
|
// File: crypto_mac_openssl.cc //
|
|
// Description: interface to the OpenSSL encryption functions //
|
|
// Project: WANProxy XTech //
|
|
// Adapted by: Andreu Vidal Bramfeld-Software //
|
|
// Last modified: 2015-04-01 //
|
|
// //
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
|
|
namespace {
|
|
class InstanceEVP : public CryptoMAC::Instance {
|
|
LogHandle log_;
|
|
const EVP_MD *algorithm_;
|
|
uint8_t key_[EVP_MAX_KEY_LENGTH];
|
|
size_t key_length_;
|
|
public:
|
|
InstanceEVP(const EVP_MD *algorithm)
|
|
: log_("/crypto/mac/instance/openssl"),
|
|
algorithm_(algorithm),
|
|
key_(),
|
|
key_length_(0)
|
|
{ }
|
|
|
|
~InstanceEVP()
|
|
{ }
|
|
|
|
unsigned size(void) const
|
|
{
|
|
return (EVP_MD_size(algorithm_));
|
|
}
|
|
|
|
Instance *clone(void) const
|
|
{
|
|
ASSERT(log_, key_length_ == 0);
|
|
return (new InstanceEVP(algorithm_));
|
|
}
|
|
|
|
bool initialize(const Buffer *key)
|
|
{
|
|
if (key->length() > EVP_MAX_KEY_LENGTH)
|
|
return (false);
|
|
|
|
key->copyout(key_, key->length());
|
|
key_length_ = key->length();
|
|
|
|
return (true);
|
|
}
|
|
|
|
bool mac(Buffer *out, const Buffer *in)
|
|
{
|
|
/*
|
|
* We process a single, large, linear byte buffer here rather
|
|
* than going a BufferSegment at a time, even though the byte
|
|
* buffer is less efficient than some alternatives, because
|
|
* there are padding and buffering implications if each
|
|
* BufferSegment's length is not modular to the block size.
|
|
*/
|
|
uint8_t indata[in->length()];
|
|
in->copyout(indata, sizeof indata);
|
|
|
|
uint8_t macdata[EVP_MD_size(algorithm_)];
|
|
unsigned maclen;
|
|
if (HMAC(algorithm_, key_, key_length_, indata, sizeof indata, macdata, &maclen) == NULL)
|
|
return (false);
|
|
ASSERT(log_, maclen == sizeof macdata);
|
|
out->append(macdata, maclen);
|
|
return (true);
|
|
}
|
|
|
|
/*
|
|
Action *submit(Buffer *in, EventCallback *cb)
|
|
{
|
|
Buffer out;
|
|
if (!mac(&out, in)) {
|
|
in->clear();
|
|
cb->param(Event::Error);
|
|
return (cb->schedule());
|
|
}
|
|
in->clear();
|
|
cb->param(Event(Event::Done, out));
|
|
return (cb->schedule());
|
|
}
|
|
*/
|
|
};
|
|
|
|
class MethodOpenSSL : public CryptoMAC::Method {
|
|
LogHandle log_;
|
|
FactoryMap<CryptoMAC::Algorithm, CryptoMAC::Instance> algorithm_map_;
|
|
public:
|
|
MethodOpenSSL(void)
|
|
: CryptoMAC::Method("OpenSSL"),
|
|
log_("/crypto/mac/openssl"),
|
|
algorithm_map_()
|
|
{
|
|
OpenSSL_add_all_algorithms();
|
|
|
|
factory<InstanceEVP> evp_factory;
|
|
algorithm_map_.enter(CryptoMAC::MD5, evp_factory(EVP_md5()));
|
|
algorithm_map_.enter(CryptoMAC::SHA1, evp_factory(EVP_sha1()));
|
|
algorithm_map_.enter(CryptoMAC::SHA256, evp_factory(EVP_sha256()));
|
|
algorithm_map_.enter(CryptoMAC::SHA512, evp_factory(EVP_sha512()));
|
|
algorithm_map_.enter(CryptoMAC::RIPEMD160, evp_factory(EVP_ripemd160()));
|
|
|
|
/* XXX Register. */
|
|
}
|
|
|
|
~MethodOpenSSL()
|
|
{
|
|
/* XXX Unregister. */
|
|
}
|
|
|
|
std::set<CryptoMAC::Algorithm> algorithms(void) const
|
|
{
|
|
return (algorithm_map_.keys());
|
|
}
|
|
|
|
CryptoMAC::Instance *instance(CryptoMAC::Algorithm algorithm) const
|
|
{
|
|
return (algorithm_map_.create(algorithm));
|
|
}
|
|
};
|
|
|
|
static MethodOpenSSL crypto_mac_method_openssl;
|
|
}
|