UCommon: ucommon/secure.h Source File

00001 // Copyright (C) 2010 David Sugar, Tycho Softworks.
00002 //
00003 // This file is part of GNU uCommon C++.
00004 //
00005 // GNU uCommon C++ is free software: you can redistribute it and/or modify
00006 // it under the terms of the GNU Lesser General Public License as published 
00007 // by the Free Software Foundation, either version 3 of the License, or
00008 // (at your option) any later version.
00009 //
00010 // GNU uCommon C++ is distributed in the hope that it will be useful,
00011 // but WITHOUT ANY WARRANTY; without even the implied warranty of
00012 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00013 // GNU Lesser General Public License for more details.
00014 //
00015 // You should have received a copy of the GNU Lesser General Public License
00016 // along with GNU uCommon C++.  If not, see <http://www.gnu.org/licenses/>.
00017 
00041 #ifndef _UCOMMON_SECURE_H_
00042 #define _UCOMMON_SECURE_H_
00043 
00044 #ifndef _UCOMMON_CONFIG_H_
00045 #include <ucommon/platform.h>
00046 #endif
00047 
00048 #ifndef _UCOMMON_UCOMMON_H_
00049 #include <ucommon/ucommon.h>
00050 #endif
00051 
00052 #define MAX_CIPHER_KEYSIZE  512
00053 #define MAX_DIGEST_HASHSIZE 512
00054 
00055 NAMESPACE_UCOMMON
00056 
00062 class __EXPORT secure
00063 {
00064 public:
00068     typedef enum {OK=0, INVALID, MISSING_CERTIFICATE, MISSING_PRIVATEKEY, INVALID_CERTIFICATE, INVALID_AUTHORITY, INVALID_PEERNAME, INVALID_CIPHER} error_t;
00069 
00070 protected:
00074     error_t error;
00075 
00076     inline secure() {error = OK;};
00077 
00078 public:
00083     virtual ~secure();
00084 
00088     typedef secure *context_t;
00089 
00093     typedef void *session_t;
00094 
00098     typedef void *bufio_t;
00099 
00107     static bool init(const char *program = NULL);
00108 
00118     static error_t verify(session_t session, const char *peername = NULL);
00119 
00129     static context_t server(const char *authority = NULL);
00130 
00137     static context_t client(const char *authority = NULL);
00138 
00145     static context_t user(const char *authority);
00146 
00152     static void cipher(context_t context, const char *ciphers);
00153 
00158     inline bool is(void)
00159         {return error == OK;};
00160 
00165     inline error_t err(void)
00166         {return error;};
00167 };
00168 
00176 class __EXPORT SSocket : public TCPSocket
00177 {
00178 protected:
00179     secure::session_t ssl;
00180     secure::bufio_t bio;
00181     bool verify;
00182 
00183 public:
00184     SSocket(const char *service, secure::context_t context);
00185     SSocket(TCPServer *server, secure::context_t context, size_t size = 536);
00186     ~SSocket();
00187 
00194     void open(const char *host, size_t size = 536);
00195 
00196     void open(TCPServer *server, size_t size = 536);
00197 
00198     void close(void);
00199 
00200     bool flush(void);
00201 
00202     void release(void);
00203 
00204     size_t _push(const char *address, size_t size);
00205 
00206     size_t _pull(char *address, size_t size);
00207 
00208     bool pending(void);
00209 
00210     bool issecure(void)
00211         {return bio != NULL;};
00212 };
00213 
00223 class __EXPORT Cipher
00224 {
00225 public:
00226     typedef enum {ENCRYPT = 1, DECRYPT = 0} mode_t;
00227 
00235     class __EXPORT Key
00236     {
00237     private:
00238         friend class Cipher;
00239     
00240         union {
00241             const void *algotype;
00242             int algoid;
00243         };
00244 
00245         union {
00246             const void *hashtype;
00247             int hashid;
00248         };
00249 
00250         int modeid;
00251         
00252         // assume 512 bit cipher keys possible...
00253         unsigned char keybuf[MAX_CIPHER_KEYSIZE / 8], ivbuf[MAX_CIPHER_KEYSIZE / 8];
00254 
00255         // generated keysize
00256         size_t keysize, blksize;
00257 
00258     public:
00259         Key(const char *cipher, const char *digest, const char *text, size_t size = 0, const unsigned char *salt = NULL, unsigned rounds = 1);
00260         Key();
00261         ~Key();
00262 
00263         void clear(void);
00264 
00265         inline size_t size(void)
00266             {return keysize;};
00267 
00268         inline size_t iosize(void)
00269             {return blksize;};
00270     };
00271 
00272     typedef Key *key_t;
00273 
00274 private:
00275     Key keys;
00276     size_t bufsize, bufpos;
00277     mode_t bufmode;
00278     unsigned char *bufaddr;
00279     void *context;
00280     
00281 protected:
00282     virtual void push(unsigned char *address, size_t size);
00283 
00284     void release(void);
00285 
00286 public:
00287     Cipher();
00288 
00289     Cipher(key_t key, mode_t mode, unsigned char *address = NULL, size_t size = 0);
00290 
00291     ~Cipher();
00292 
00293     void set(unsigned char *address, size_t size = 0);
00294 
00295     void set(key_t key, mode_t mode, unsigned char *address, size_t size = 0);
00296 
00301     size_t flush(void);
00302 
00311     size_t put(const unsigned char *data, size_t size);
00312 
00319     size_t puts(const char *string);
00320 
00332     size_t pad(const unsigned char *address, size_t size);
00333 
00342     size_t process(unsigned char *address, size_t size, bool flag = false);
00343         
00344     inline size_t size(void)
00345         {return bufsize;};
00346 
00347     inline size_t pos(void)
00348         {return bufpos;};
00349 
00350     inline size_t align(void)
00351         {return keys.iosize();};
00352 
00358     static bool is(const char *name);
00359 };
00360 
00367 class __EXPORT Digest
00368 {
00369 private:
00370     void *context;
00371 
00372     union {
00373         const void *hashtype;
00374         int hashid;
00375     };
00376 
00377     unsigned bufsize;
00378     unsigned char buffer[MAX_DIGEST_HASHSIZE / 8];
00379     char text[MAX_DIGEST_HASHSIZE / 8 + 1];
00380     
00381 protected:
00382     void release(void);
00383 
00384 public:
00385     Digest(const char *type);
00386 
00387     Digest();
00388 
00389     ~Digest();
00390 
00391     inline bool puts(const char *str)
00392         {return put(str, strlen(str));};
00393 
00394     bool put(const void *memory, size_t size);
00395     
00396     inline unsigned size() const
00397         {return bufsize;};
00398     
00399     const unsigned char *get(void);
00400 
00401     const char *c_str(void);
00402 
00403     void set(const char *id);
00404 
00405     inline void operator=(const char *id)
00406         {set(id);};
00407 
00408     inline bool operator *=(const char *text)
00409         {return puts(text);};
00410 
00411     inline bool operator +=(const char *text)
00412         {return puts(text);};
00413 
00414     inline const char *operator*()
00415         {return c_str();};
00416 
00417     inline bool operator!() const
00418         {return !bufsize && context == NULL;};
00419 
00420     inline operator bool() const
00421         {return bufsize > 0 || context != NULL;};
00422 
00428     static bool is(const char *name);
00429 };
00430 
00436 class __EXPORT Random
00437 {
00438 public:
00445     static bool seed(const unsigned char *buffer, size_t size);
00446 
00450     static void seed(void);
00451 
00460     static size_t key(unsigned char *memory, size_t size);
00461 
00470     static size_t fill(unsigned char *memory, size_t size);
00471 
00476     static int get(void);
00477 
00484     static int get(int min, int max);
00485 
00490     static double real(void);
00491 
00498     static double real(double min, double max);
00499 
00505     static bool status(void);
00506 };
00507 
00511 typedef SSocket ssl_t;
00512 
00516 typedef Digest digest_t;
00517 
00521 typedef Cipher cipher_t;
00522 
00526 typedef Cipher::Key skey_t;
00527 
00528 inline void zerofill(void *addr, size_t size)
00529 {
00530     ::memset(addr, 0, size);
00531 }
00532 
00533 END_NAMESPACE
00534 
00535 #endif