00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00041 #ifndef _UCOMMON_SECURE_H_
00042 #define _UCOMMON_SECURE_H_
00043
00044 #ifndef _UCOMMON_CONFIG_H_
00045 #include <ucommon/platform.h>
00046 #endif
00047
00048 #ifndef _UCOMMON_UCOMMON_H_
00049 #include <ucommon/ucommon.h>
00050 #endif
00051
00052 #define MAX_CIPHER_KEYSIZE 512
00053 #define MAX_DIGEST_HASHSIZE 512
00054
00055 NAMESPACE_UCOMMON
00056
00062 class __EXPORT secure
00063 {
00064 public:
00068 typedef enum {OK=0, INVALID, MISSING_CERTIFICATE, MISSING_PRIVATEKEY, INVALID_CERTIFICATE, INVALID_AUTHORITY, INVALID_PEERNAME, INVALID_CIPHER} error_t;
00069
00070 protected:
00074 error_t error;
00075
00076 inline secure() {error = OK;};
00077
00078 public:
00083 virtual ~secure();
00084
00088 typedef secure *context_t;
00089
00093 typedef void *session_t;
00094
00098 typedef void *bufio_t;
00099
00107 static bool init(const char *program = NULL);
00108
00118 static error_t verify(session_t session, const char *peername = NULL);
00119
00129 static context_t server(const char *authority = NULL);
00130
00137 static context_t client(const char *authority = NULL);
00138
00145 static context_t user(const char *authority);
00146
00152 static void cipher(context_t context, const char *ciphers);
00153
00158 inline bool is(void)
00159 {return error == OK;};
00160
00165 inline error_t err(void)
00166 {return error;};
00167
00172 static void uuid(char *string);
00173
00174 static String uuid(void);
00175 };
00176
00184 class __EXPORT SSocket : public TCPSocket
00185 {
00186 protected:
00187 secure::session_t ssl;
00188 secure::bufio_t bio;
00189 bool verify;
00190
00191 public:
00192 SSocket(const char *service, secure::context_t context);
00193 SSocket(TCPServer *server, secure::context_t context, size_t size = 536);
00194 ~SSocket();
00195
00202 void open(const char *host, size_t size = 536);
00203
00204 void open(TCPServer *server, size_t size = 536);
00205
00206 void close(void);
00207
00208 bool flush(void);
00209
00210 void release(void);
00211
00212 size_t _push(const char *address, size_t size);
00213
00214 size_t _pull(char *address, size_t size);
00215
00216 bool pending(void);
00217
00218 bool issecure(void)
00219 {return bio != NULL;};
00220 };
00221
00231 class __EXPORT Cipher
00232 {
00233 public:
00234 typedef enum {ENCRYPT = 1, DECRYPT = 0} mode_t;
00235
00243 class __EXPORT Key
00244 {
00245 private:
00246 friend class Cipher;
00247
00248 union {
00249 const void *algotype;
00250 int algoid;
00251 };
00252
00253 union {
00254 const void *hashtype;
00255 int hashid;
00256 };
00257
00258 int modeid;
00259
00260
00261 unsigned char keybuf[MAX_CIPHER_KEYSIZE / 8], ivbuf[MAX_CIPHER_KEYSIZE / 8];
00262
00263
00264 size_t keysize, blksize;
00265
00266 public:
00267 Key(const char *cipher, const char *digest, const char *text, size_t size = 0, const unsigned char *salt = NULL, unsigned rounds = 1);
00268 Key();
00269 ~Key();
00270
00271 void clear(void);
00272
00273 inline size_t size(void)
00274 {return keysize;};
00275
00276 inline size_t iosize(void)
00277 {return blksize;};
00278 };
00279
00280 typedef Key *key_t;
00281
00282 private:
00283 Key keys;
00284 size_t bufsize, bufpos;
00285 mode_t bufmode;
00286 unsigned char *bufaddr;
00287 void *context;
00288
00289 protected:
00290 virtual void push(unsigned char *address, size_t size);
00291
00292 void release(void);
00293
00294 public:
00295 Cipher();
00296
00297 Cipher(key_t key, mode_t mode, unsigned char *address = NULL, size_t size = 0);
00298
00299 ~Cipher();
00300
00301 void set(unsigned char *address, size_t size = 0);
00302
00303 void set(key_t key, mode_t mode, unsigned char *address, size_t size = 0);
00304
00309 size_t flush(void);
00310
00319 size_t put(const unsigned char *data, size_t size);
00320
00327 size_t puts(const char *string);
00328
00340 size_t pad(const unsigned char *address, size_t size);
00341
00350 size_t process(unsigned char *address, size_t size, bool flag = false);
00351
00352 inline size_t size(void)
00353 {return bufsize;};
00354
00355 inline size_t pos(void)
00356 {return bufpos;};
00357
00358 inline size_t align(void)
00359 {return keys.iosize();};
00360
00366 static bool is(const char *name);
00367 };
00368
00375 class __EXPORT Digest
00376 {
00377 private:
00378 void *context;
00379
00380 union {
00381 const void *hashtype;
00382 int hashid;
00383 };
00384
00385 unsigned bufsize;
00386 unsigned char buffer[MAX_DIGEST_HASHSIZE / 8];
00387 char text[MAX_DIGEST_HASHSIZE / 8 + 1];
00388
00389 protected:
00390 void release(void);
00391
00392 public:
00393 Digest(const char *type);
00394
00395 Digest();
00396
00397 ~Digest();
00398
00399 inline bool puts(const char *str)
00400 {return put(str, strlen(str));};
00401
00402 bool put(const void *memory, size_t size);
00403
00404 inline unsigned size() const
00405 {return bufsize;};
00406
00407 const unsigned char *get(void);
00408
00409 const char *c_str(void);
00410
00411 inline String str(void)
00412 {return String(c_str());};
00413
00414 inline operator String()
00415 {return String(c_str());};
00416
00417 void set(const char *id);
00418
00419 inline void operator=(const char *id)
00420 {set(id);};
00421
00422 inline bool operator *=(const char *text)
00423 {return puts(text);};
00424
00425 inline bool operator +=(const char *text)
00426 {return puts(text);};
00427
00428 inline const char *operator*()
00429 {return c_str();};
00430
00431 inline bool operator!() const
00432 {return !bufsize && context == NULL;};
00433
00434 inline operator bool() const
00435 {return bufsize > 0 || context != NULL;};
00436
00442 static bool is(const char *name);
00443
00444 static void uuid(char *string, const char *name, const unsigned char *ns = NULL);
00445
00446 static String uuid(const char *name, const unsigned char *ns = NULL);
00447 };
00448
00454 class __EXPORT Random
00455 {
00456 public:
00463 static bool seed(const unsigned char *buffer, size_t size);
00464
00468 static void seed(void);
00469
00478 static size_t key(unsigned char *memory, size_t size);
00479
00488 static size_t fill(unsigned char *memory, size_t size);
00489
00494 static int get(void);
00495
00502 static int get(int min, int max);
00503
00508 static double real(void);
00509
00516 static double real(double min, double max);
00517
00523 static bool status(void);
00524
00529 static void uuid(char *string);
00530
00531 static String uuid(void);
00532 };
00533
00537 typedef SSocket ssl_t;
00538
00542 typedef Digest digest_t;
00543
00547 typedef Cipher cipher_t;
00548
00552 typedef Cipher::Key skey_t;
00553
00554 inline void zerofill(void *addr, size_t size)
00555 {
00556 ::memset(addr, 0, size);
00557 }
00558
00559 END_NAMESPACE
00560
00561 #endif