CernVM-FS  2.9.0
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
encrypt.h
Go to the documentation of this file.
1 
13 #ifndef CVMFS_ENCRYPT_H_
14 #define CVMFS_ENCRYPT_H_
15 
16 #include <pthread.h>
17 
18 #include <map>
19 #include <string>
20 
21 #include "gtest/gtest_prod.h"
22 #include "hash.h"
23 #include "util/single_copy.h"
24 
25 namespace cipher {
26 
27 enum Algorithms {
29  kNone, // needs to be last
30 };
31 
32 
37 class Key : SingleCopy {
38  public:
39  static const unsigned kMaxSize = 64;
40 
41  static Key *CreateRandomly(const unsigned size);
42  static Key *CreateFromFile(const std::string &path);
43  static Key *CreateFromString(const std::string &key);
44  bool SaveToFile(const std::string &path);
45  ~Key();
46 
47  unsigned size() const { return size_; }
48  const unsigned char *data() const { return data_; }
49  std::string ToBase64() const;
50 
51  private:
52  Key() : data_(NULL), size_(0) { }
53  unsigned char *data_;
54  unsigned size_;
55 };
56 
57 
63  public:
64  virtual ~AbstractKeyDatabase() { }
65  virtual bool StoreNew(const Key *key, std::string *id) = 0;
66  virtual const Key *Find(const std::string &id) = 0;
67 };
68 
69 
71  public:
73  virtual ~MemoryKeyDatabase();
74  virtual bool StoreNew(const Key *key, std::string *id);
75  virtual const Key *Find(const std::string &id);
76 
77  private:
78  pthread_mutex_t *lock_;
79  std::map<std::string, const Key *> database_;
80 };
81 
82 
88 class Cipher {
89  public:
90  static Cipher *Create(const Algorithms a);
91  virtual ~Cipher() { }
92 
93  bool Encrypt(const std::string &plaintext, const Key &key,
94  std::string *ciphertext);
95  static bool Decrypt(const std::string &ciphertext, const Key &key,
96  std::string *plaintext);
97 
98  virtual std::string name() const = 0;
99  virtual Algorithms algorithm() const = 0;
100  virtual unsigned key_size() const = 0;
101  virtual unsigned iv_size() const = 0;
102  virtual unsigned block_size() const = 0;
103 
104  protected:
105  Cipher() { }
106  virtual std::string DoEncrypt(const std::string &plaintext,
107  const Key &key) = 0;
108  virtual std::string DoDecrypt(const std::string &ciphertext,
109  const Key &key) = 0;
110 };
111 
112 
116 class CipherAes256Cbc : public Cipher {
117  FRIEND_TEST(T_Encrypt, Aes_256_Cbc_Iv);
118 
119  public:
120  static const unsigned kKeySize = 256/8;
121  static const unsigned kIvSize = 128/8;
122  static const unsigned kBlockSize = 128/8;
123 
124  virtual ~CipherAes256Cbc() { }
125 
126  virtual std::string name() const { return "AES-256-CBC"; }
127  virtual Algorithms algorithm() const { return kAes256Cbc; }
128  virtual unsigned key_size() const { return kKeySize; }
129  virtual unsigned iv_size() const { return kIvSize; }
130  virtual unsigned block_size() const { return kBlockSize; }
131 
132  protected:
133  virtual std::string DoEncrypt(const std::string &plaintext, const Key &key);
134  virtual std::string DoDecrypt(const std::string &ciphertext, const Key &key);
135 
136  private:
137  shash::Md5 GenerateIv(const Key &key);
138 };
139 
140 
144 class CipherNone : public Cipher {
145  public:
146  virtual ~CipherNone() { }
147 
148  virtual std::string name() const { return "FOR TESTING ONLY"; }
149  virtual Algorithms algorithm() const { return kNone; }
150  virtual unsigned key_size() const { return 256/8; }
151  virtual unsigned iv_size() const { return 128/8; }
152  virtual unsigned block_size() const { return 128/8; }
153 
154  protected:
155  virtual std::string DoEncrypt(const std::string &plaintext, const Key &key);
156  virtual std::string DoDecrypt(const std::string &ciphertext, const Key &key);
157 };
158 
159 } // namespace cipher
160 
161 #endif // CVMFS_ENCRYPT_H_
virtual unsigned block_size() const
Definition: encrypt.h:130
virtual unsigned block_size() const =0
virtual std::string DoEncrypt(const std::string &plaintext, const Key &key)
Definition: encrypt.cc:277
static bool Decrypt(const std::string &ciphertext, const Key &key, std::string *plaintext)
Definition: encrypt.cc:189
static const unsigned kIvSize
Definition: encrypt.h:121
virtual unsigned key_size() const =0
virtual unsigned iv_size() const
Definition: encrypt.h:129
static Cipher * Create(const Algorithms a)
Definition: encrypt.cc:158
Algorithms
Definition: encrypt.h:27
std::string ToBase64() const
Definition: encrypt.cc:109
static const unsigned kKeySize
Definition: encrypt.h:120
virtual std::string DoDecrypt(const std::string &ciphertext, const Key &key)
Definition: encrypt.cc:348
unsigned size() const
Definition: encrypt.h:47
virtual ~CipherNone()
Definition: encrypt.h:146
static Key * CreateRandomly(const unsigned size)
Definition: encrypt.cc:32
virtual std::string DoEncrypt(const std::string &plaintext, const Key &key)=0
std::map< std::string, const Key * > database_
Definition: encrypt.h:79
virtual Algorithms algorithm() const =0
virtual const Key * Find(const std::string &id)=0
virtual std::string DoEncrypt(const std::string &plaintext, const Key &key)
Definition: encrypt.cc:353
virtual unsigned key_size() const
Definition: encrypt.h:150
virtual std::string name() const
Definition: encrypt.h:148
virtual unsigned block_size() const
Definition: encrypt.h:152
FRIEND_TEST(T_Encrypt, Aes_256_Cbc_Iv)
static const unsigned kMaxSize
Definition: encrypt.h:39
unsigned size_
Definition: encrypt.h:54
virtual std::string DoDecrypt(const std::string &ciphertext, const Key &key)
Definition: encrypt.cc:216
virtual std::string name() const =0
virtual std::string name() const
Definition: encrypt.h:126
virtual ~MemoryKeyDatabase()
Definition: encrypt.cc:125
unsigned char * data_
Definition: encrypt.h:53
virtual ~Cipher()
Definition: encrypt.h:91
bool SaveToFile(const std::string &path)
Definition: encrypt.cc:97
virtual const Key * Find(const std::string &id)
Definition: encrypt.cc:146
static const unsigned kBlockSize
Definition: encrypt.h:122
bool Encrypt(const std::string &plaintext, const Key &key, std::string *ciphertext)
Definition: encrypt.cc:171
virtual ~CipherAes256Cbc()
Definition: encrypt.h:124
virtual unsigned iv_size() const =0
const unsigned char * data() const
Definition: encrypt.h:48
virtual Algorithms algorithm() const
Definition: encrypt.h:149
virtual std::string DoDecrypt(const std::string &ciphertext, const Key &key)=0
virtual unsigned key_size() const
Definition: encrypt.h:128
shash::Md5 GenerateIv(const Key &key)
Definition: encrypt.cc:331
virtual ~AbstractKeyDatabase()
Definition: encrypt.h:64
pthread_mutex_t * lock_
Definition: encrypt.h:78
static Key * CreateFromString(const std::string &key)
Definition: encrypt.cc:77
virtual bool StoreNew(const Key *key, std::string *id)
Definition: encrypt.cc:131
virtual Algorithms algorithm() const
Definition: encrypt.h:127
virtual bool StoreNew(const Key *key, std::string *id)=0
static Key * CreateFromFile(const std::string &path)
Definition: encrypt.cc:47
virtual unsigned iv_size() const
Definition: encrypt.h:151