XRootD
XrdCryptosslCipher.cc
Go to the documentation of this file.
1 /******************************************************************************/
2 /* */
3 /* X r d C r y p t o S s l C i p h e r . c c */
4 /* */
5 /* (c) 2004 by the Board of Trustees of the Leland Stanford, Jr., University */
6 /* Produced by Gerri Ganis for CERN */
7 /* */
8 /* This file is part of the XRootD software suite. */
9 /* */
10 /* XRootD is free software: you can redistribute it and/or modify it under */
11 /* the terms of the GNU Lesser General Public License as published by the */
12 /* Free Software Foundation, either version 3 of the License, or (at your */
13 /* option) any later version. */
14 /* */
15 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */
16 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
17 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
18 /* License for more details. */
19 /* */
20 /* You should have received a copy of the GNU Lesser General Public License */
21 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
22 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
23 /* */
24 /* The copyright holder's institutional names and contributor's names may not */
25 /* be used to endorse or promote products derived from this software without */
26 /* specific prior written permission of the institution or contributor. */
27 /******************************************************************************/
28 
29 /* ************************************************************************** */
30 /* */
31 /* OpenSSL implementation of XrdCryptoCipher */
32 /* */
33 /* ************************************************************************** */
34 #include <cstring>
35 #include <cassert>
36 
37 #include "XrdSut/XrdSutRndm.hh"
38 #include "XrdCrypto/XrdCryptosslTrace.hh"
39 #include "XrdCrypto/XrdCryptosslCipher.hh"
40 
41 //#include <openssl/dsa.h>
42 #include <openssl/bio.h>
43 #include <openssl/pem.h>
44 #include <openssl/dh.h>
45 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
46 #include <openssl/core_names.h>
47 #include <openssl/param_build.h>
48 #endif
49 
50 // Hardcoded DH parameters that are acceptable to both OpenSSL 3.0 (RHEL9)
51 // and 1.0.2 (RHEL7). OpenSSL 3.0 reworked the DH parameter generation algorithm
52 // and now produces DH params that don't pass OpenSSL 1.0.2's parameter verification
53 // function (`DH_check`). Accordingly, since these are safe to reuse, we generated
54 // a single set of parameters for the server to always utilize.
55 static const char dh_param_enc[] =
56 R"(
57 -----BEGIN DH PARAMETERS-----
58 MIIBiAKCAYEAzcEAf3ZCkm0FxJLgKd1YoT16Hietl7QV8VgJNc5CYKmRu/gKylxT
59 MVZJqtUmoh2IvFHCfbTGEmZM5LdVaZfMLQf7yXjecg0nSGklYZeQQ3P0qshFLbI9
60 u3z1XhEeCbEZPq84WWwXacSAAxwwRRrN5nshgAavqvyDiGNi+GqYpqGPb9JE38R3
61 GJ51FTPutZlvQvEycjCbjyajhpItBB+XvIjWj2GQyvi+cqB0WrPQAsxCOPrBTCZL
62 OjM0NfJ7PQfllw3RDQev2u1Q+Rt8QyScJQCFUj/SWoxpw2ydpWdgAkrqTmdVYrev
63 x5AoXE52cVIC8wfOxaaJ4cBpnJui3Y0jZcOQj0FtC0wf4WcBpHnLLBzKSOQwbxts
64 WE8LkskPnwwrup/HqWimFFg40bC9F5Lm3CTDCb45mtlBxi3DydIbRLFhGAjlKzV3
65 s9G3opHwwfgXpFf3+zg7NPV3g1//HLgWCvooOvMqaO+X7+lXczJJLMafEaarcAya
66 Kyo8PGKIAORrAgEF
67 -----END DH PARAMETERS-----
68 )";
69 
70 // ---------------------------------------------------------------------------//
71 //
72 // Cipher interface
73 //
74 // ---------------------------------------------------------------------------//
75 
76 static EVP_PKEY *getFixedDHParams() {
77  static EVP_PKEY *dhparms = [] {
78  EVP_PKEY *dhParam = 0;
79 
80  BIO *biop = BIO_new(BIO_s_mem());
81  BIO_write(biop, dh_param_enc, strlen(dh_param_enc));
82  PEM_read_bio_Parameters(biop, &dhParam);
83  BIO_free(biop);
84  return dhParam;
85  }();
86 
87  assert(dhparms);
88  return dhparms;
89 }
90 
91 static int XrdCheckDH (EVP_PKEY *pkey) {
92  // If the DH parameters we received are our fixed set we know they
93  // are acceptable. The parameter check requires computation and more
94  // with openssl 3 than previously. So skip if DH params are known.
95  const EVP_PKEY *dhparms = getFixedDHParams();
96 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
97  const bool skipcheck = EVP_PKEY_parameters_eq(pkey, dhparms);
98 #else
99  const bool skipcheck = EVP_PKEY_cmp_parameters(pkey, dhparms);
100 #endif
101  if (skipcheck) return 1;
102 
103  int rc;
104  EVP_PKEY_CTX *ckctx = EVP_PKEY_CTX_new(pkey, 0);
105  rc = EVP_PKEY_param_check(ckctx);
106  EVP_PKEY_CTX_free(ckctx);
107  return rc;
108 }
109 
110 //_____________________________________________________________________________
111 bool XrdCryptosslCipher::IsSupported(const char *cip)
112 {
113  // Check if the specified cipher is supported
114 
115  return (EVP_get_cipherbyname(cip) != 0);
116 }
117 
118 //____________________________________________________________________________
119 XrdCryptosslCipher::XrdCryptosslCipher(const char *t, int l)
120 {
121  // Main Constructor
122  // Complete initialization of a cipher of type t and length l
123  // The initialization vector is also created
124  // Used to create ciphers
125 
126  valid = 0;
127  ctx = 0;
128  fIV = 0;
129  lIV = 0;
130  cipher = 0;
131  fDH = 0;
132  deflength = 1;
133 
134  // Check and set type
135  char cipnam[64] = {"bf-cbc"};
136  if (t && strcmp(t,"default")) {
137  strcpy(cipnam,t);
138  cipnam[63] = 0;
139  }
140  cipher = EVP_get_cipherbyname(cipnam);
141 
142  if (cipher) {
143  // Determine key length
144  l = (l > EVP_MAX_KEY_LENGTH) ? EVP_MAX_KEY_LENGTH : l;
145  int ldef = EVP_CIPHER_key_length(cipher);
146  int lgen = (l > ldef) ? l : ldef;
147  // Generate and set a new key
148  char *ktmp = XrdSutRndm::GetBuffer(lgen);
149  if (ktmp) {
150  // Init context
151  ctx = EVP_CIPHER_CTX_new();
152  if (ctx) {
153  valid = 1;
154  // Try setting the key length
155  if (l && l != ldef) {
156  EVP_CipherInit_ex(ctx, cipher, 0, 0, 0, 1);
157  EVP_CIPHER_CTX_set_key_length(ctx,l);
158  EVP_CipherInit_ex(ctx, 0, 0, (unsigned char *)ktmp, 0, 1);
159  if (l == EVP_CIPHER_CTX_key_length(ctx)) {
160  // Use the l bytes at ktmp
161  SetBuffer(l,ktmp);
162  deflength = 0;
163  }
164  }
165  if (!Length()) {
166  EVP_CipherInit_ex(ctx, cipher, 0, (unsigned char *)ktmp, 0, 1);
167  SetBuffer(ldef,ktmp);
168  }
169  // Set also the type
170  SetType(cipnam);
171  }
172  // Cleanup
173  delete[] ktmp;
174  }
175  }
176 
177  // Finally, generate and set a new IV
178  if (valid)
179  GenerateIV();
180 }
181 
182 //____________________________________________________________________________
183 XrdCryptosslCipher::XrdCryptosslCipher(const char *t, int l,
184  const char *k, int liv, const char *iv)
185 {
186  // Constructor.
187  // Initialize a cipher of type t and length l using the key at k and
188  // the initialization vector at iv.
189  // Used to import ciphers.
190  valid = 0;
191  ctx = 0;
192  fIV = 0;
193  lIV = 0;
194  fDH = 0;
195  cipher = 0;
196  deflength = 1;
197 
198  // Check and set type
199  char cipnam[64] = {"bf-cbc"};
200  if (t && strcmp(t,"default")) {
201  strcpy(cipnam,t);
202  cipnam[63] = 0;
203  }
204  cipher = EVP_get_cipherbyname(cipnam);
205 
206  if (cipher) {
207  // Init context
208  ctx = EVP_CIPHER_CTX_new();
209  if (ctx) {
210  // Set the key
211  SetBuffer(l,k);
212  if (l != EVP_CIPHER_key_length(cipher))
213  deflength = 0;
214  // Set also the type
215  SetType(cipnam);
216  // Set validity flag
217  valid = 1;
218  }
219  }
220  //
221  // Init cipher
222  if (valid) {
223  //
224  // Set the IV
225  SetIV(liv,iv);
226 
227  if (deflength) {
228  EVP_CipherInit_ex(ctx, cipher, 0, (unsigned char *)Buffer(), 0, 1);
229  } else {
230  EVP_CipherInit_ex(ctx, cipher, 0, 0, 0, 1);
231  EVP_CIPHER_CTX_set_key_length(ctx,Length());
232  EVP_CipherInit_ex(ctx, 0, 0, (unsigned char *)Buffer(), 0, 1);
233  }
234  }
235 }
236 
237 //____________________________________________________________________________
238 XrdCryptosslCipher::XrdCryptosslCipher(XrdSutBucket *bck)
239 {
240  // Constructor from bucket.
241  // Initialize a cipher of type t and length l using the key at k
242  // Used to import ciphers.
243  valid = 0;
244  ctx = 0;
245  fIV = 0;
246  lIV = 0;
247  fDH = 0;
248  cipher = 0;
249  deflength = 1;
250 
251  if (bck && bck->size > 0) {
252 
253  valid = 1;
254 
255  kXR_int32 ltyp = 0;
256  kXR_int32 livc = 0;
257  kXR_int32 lbuf = 0;
258  kXR_int32 lp = 0;
259  kXR_int32 lg = 0;
260  kXR_int32 lpub = 0;
261  kXR_int32 lpri = 0;
262  char *bp = bck->buffer;
263  int cur = 0;
264  memcpy(&ltyp,bp+cur,sizeof(kXR_int32));
265  cur += sizeof(kXR_int32);
266  memcpy(&livc,bp+cur,sizeof(kXR_int32));
267  cur += sizeof(kXR_int32);
268  memcpy(&lbuf,bp+cur,sizeof(kXR_int32));
269  cur += sizeof(kXR_int32);
270  memcpy(&lp,bp+cur,sizeof(kXR_int32));
271  cur += sizeof(kXR_int32);
272  memcpy(&lg,bp+cur,sizeof(kXR_int32));
273  cur += sizeof(kXR_int32);
274  memcpy(&lpub,bp+cur,sizeof(kXR_int32));
275  cur += sizeof(kXR_int32);
276  memcpy(&lpri,bp+cur,sizeof(kXR_int32));
277  cur += sizeof(kXR_int32);
278  // Type
279  if (ltyp) {
280  char *buf = new char[ltyp+1];
281  if (buf) {
282  memcpy(buf,bp+cur,ltyp);
283  buf[ltyp] = 0;
284  cipher = EVP_get_cipherbyname(buf);
285  if (!cipher)
286  cipher = EVP_get_cipherbyname("bf-cbc");
287  if (cipher) {
288  // Set the type
289  SetType(buf);
290  } else {
291  valid = 0;
292  }
293  delete[] buf;
294  } else
295  valid = 0;
296  cur += ltyp;
297  }
298  // IV
299  if (livc) {
300  char *buf = new char[livc];
301  if (buf) {
302  memcpy(buf,bp+cur,livc);
303  cur += livc;
304  // Set the IV
305  SetIV(livc,buf);
306  delete[] buf;
307  } else
308  valid = 0;
309  cur += livc;
310  }
311  // buffer
312  if (lbuf) {
313  char *buf = new char[lbuf];
314  if (buf) {
315  memcpy(buf,bp+cur,lbuf);
316  // Set the buffer
317  UseBuffer(lbuf,buf);
318  if (cipher && lbuf != EVP_CIPHER_key_length(cipher))
319  deflength = 0;
320  } else
321  valid = 0;
322  cur += lbuf;
323  }
324  // DH, if any
325  if (lp > 0 || lg > 0 || lpub > 0 || lpri > 0) {
326  char *buf = 0;
327  BIGNUM *p = NULL, *g = NULL;
328  BIGNUM *pub = NULL, *pri = NULL;
329  // p
330  if (lp > 0) {
331  buf = new char[lp+1];
332  if (buf) {
333  memcpy(buf,bp+cur,lp);
334  buf[lp] = 0;
335  BN_hex2bn(&p,buf);
336  delete[] buf;
337  } else
338  valid = 0;
339  cur += lp;
340  }
341  // g
342  if (lg > 0) {
343  buf = new char[lg+1];
344  if (buf) {
345  memcpy(buf,bp+cur,lg);
346  buf[lg] = 0;
347  BN_hex2bn(&g,buf);
348  delete[] buf;
349  } else
350  valid = 0;
351  cur += lg;
352  }
353  // pub_key
354  if (lpub > 0) {
355  buf = new char[lpub+1];
356  if (buf) {
357  memcpy(buf,bp+cur,lpub);
358  buf[lpub] = 0;
359  BN_hex2bn(&pub,buf);
360  delete[] buf;
361  } else
362  valid = 0;
363  cur += lpub;
364  }
365  // priv_key
366  if (lpri > 0) {
367  buf = new char[lpri+1];
368  if (buf) {
369  memcpy(buf,bp+cur,lpri);
370  buf[lpri] = 0;
371  BN_hex2bn(&pri,buf);
372  delete[] buf;
373  } else
374  valid = 0;
375  cur += lpri;
376  }
377 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
378  OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
379  if (p) OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p);
380  if (g) OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g);
381  if (pub) OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub);
382  if (pri) OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, pri);
383  OSSL_PARAM *params = OSSL_PARAM_BLD_to_param(bld);
384  OSSL_PARAM_BLD_free(bld);
385  if (p) BN_free(p);
386  if (g) BN_free(g);
387  if (pub) BN_free(pub);
388  if (pri) BN_free(pri);
389  EVP_PKEY_CTX *pkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, 0);
390  EVP_PKEY_fromdata_init(pkctx);
391  EVP_PKEY_fromdata(pkctx, &fDH, EVP_PKEY_KEYPAIR, params);
392  EVP_PKEY_CTX_free(pkctx);
393  OSSL_PARAM_free(params);
394 #else
395  DH* dh = DH_new();
396  DH_set0_pqg(dh, p, NULL, g);
397  DH_set0_key(dh, pub, pri);
398  fDH = EVP_PKEY_new();
399  EVP_PKEY_assign_DH(fDH, dh);
400 #endif
401  if (XrdCheckDH(fDH) != 1)
402  valid = 0;
403  }
404  }
405  //
406  // Init cipher
407  if (valid) {
408  // Init context
409  ctx = EVP_CIPHER_CTX_new();
410  if (ctx) {
411  if (deflength) {
412  EVP_CipherInit_ex(ctx, cipher, 0, (unsigned char *)Buffer(), 0, 1);
413  } else {
414  EVP_CipherInit_ex(ctx, cipher, 0, 0, 0, 1);
415  EVP_CIPHER_CTX_set_key_length(ctx,Length());
416  EVP_CipherInit_ex(ctx, 0, 0, (unsigned char *)Buffer(), 0, 1);
417  }
418  } else
419  valid = 0;
420  }
421  if (!valid) {
422  Cleanup();
423  }
424 }
425 
426 //____________________________________________________________________________
427 XrdCryptosslCipher::XrdCryptosslCipher(bool padded, int bits, char *pub,
428  int lpub, const char *t)
429 {
430  // Constructor for key agreement.
431  // If pub is not defined, generates a DH full key,
432  // the public part and parameters can be retrieved using Public().
433  // 'bits' is ignored (DH key is generated once)
434  // If pub is defined with the public part and parameters of the
435  // counterpart fully initialize a cipher with that information.
436  // Sets also the name to 't', if different from the default one.
437  // Used for key agreement.
438  EPNAME("sslCipher::XrdCryptosslCipher");
439 
440  valid = 0;
441  ctx = 0;
442  fIV = 0;
443  lIV = 0;
444  fDH = 0;
445  cipher = 0;
446  deflength = 1;
447 
448  if (!pub) {
449 
450  DEBUG("generate DH parameters");
451  EVP_PKEY *dhparms = getFixedDHParams();
452 //
453 // Important historical context:
454 // - We used to generate DH params on every server startup (commented
455 // out below). This was prohibitively costly to do on startup for
456 // DH parameters large enough to be considered secure.
457 // - OpenSSL 3.0 improved the DH parameter generation to avoid leaking
458 // the first bit of the session key (see https://github.com/openssl/openssl/issues/9792
459 // for more information). However, a side-effect is that the new
460 // parameters are not recognized as valid in OpenSSL 1.0.2.
461 // - Since we can't control old client versions and new servers can't
462 // generate compatible DH parameters, we switch to a fixed, much stronger
463 // set of DH parameters (3072 bits).
464 //
465 // The impact is that we continue leaking the first bit of the session key
466 // (meaning it's effectively 127 bits not 128 bits -- still plenty secure)
467 // but upgrade the DH parameters to something more modern (3072; previously,
468 // it was 512 bits which was not considered secure). The downside
469 // of fixed DH parameters is that if a nation-state attacked our selected
470 // parameters (using technology not currently available), we would have
471 // to upgrade all servers with a new set of DH parameters.
472 //
473 
474 /*
475  EVP_PKEY_CTX *pkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, 0);
476  EVP_PKEY_paramgen_init(pkctx);
477  EVP_PKEY_CTX_set_dh_paramgen_prime_len(pkctx, kDHMINBITS);
478  EVP_PKEY_CTX_set_dh_paramgen_generator(pkctx, 5);
479  EVP_PKEY_paramgen(pkctx, &dhParam);
480  EVP_PKEY_CTX_free(pkctx);
481 */
482 
483  DEBUG("configure DH parameters");
484  //
485  // Set params for DH object
486  EVP_PKEY_CTX *pkctx = EVP_PKEY_CTX_new(dhparms, 0);
487  EVP_PKEY_keygen_init(pkctx);
488  EVP_PKEY_keygen(pkctx, &fDH);
489  EVP_PKEY_CTX_free(pkctx);
490  if (fDH) {
491  // Init context
492  ctx = EVP_CIPHER_CTX_new();
493  if (ctx)
494  valid = 1;
495  }
496 
497  } else {
498  DEBUG("initialize cipher from key-agreement buffer");
499  //
500  char *ktmp = 0;
501  size_t ltmp = 0;
502  // Extract string with bignumber
503  BIGNUM *bnpub = 0;
504  char *pb = strstr(pub,"---BPUB---");
505  char *pe = strstr(pub,"---EPUB--"); // one less (pub not null-terminated)
506  if (pb && pe) {
507  lpub = (int)(pb-pub);
508  pb += 10;
509  *pe = 0;
510  BN_hex2bn(&bnpub, pb);
511  *pe = '-';
512  }
513  if (bnpub) {
514  //
515  // Prepare to decode the input buffer
516  BIO *biop = BIO_new(BIO_s_mem());
517  if (biop) {
518  //
519  // Write buffer into BIO
520  BIO_write(biop,pub,lpub);
521  //
522  // Read params from BIO
523  EVP_PKEY *dhParam = 0;
524  PEM_read_bio_Parameters(biop, &dhParam);
525  if (dhParam) {
526  if (XrdCheckDH(dhParam) == 1) {
527  //
528  // generate DH key
529  EVP_PKEY_CTX *pkctx = EVP_PKEY_CTX_new(dhParam, 0);
530  EVP_PKEY_keygen_init(pkctx);
531  EVP_PKEY_keygen(pkctx, &fDH);
532  EVP_PKEY_CTX_free(pkctx);
533  if (fDH) {
534  // Now we can compute the cipher
535  ltmp = EVP_PKEY_size(fDH);
536  ktmp = new char[ltmp];
537  memset(ktmp, 0, ltmp);
538  if (ktmp) {
539  // Create peer public key
540 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
541  EVP_PKEY *peer = 0;
542  OSSL_PARAM *params1 = 0;
543  EVP_PKEY_todata( dhParam, EVP_PKEY_KEY_PARAMETERS, &params1 );
544  OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
545  OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, bnpub);
546  OSSL_PARAM *params2 = OSSL_PARAM_BLD_to_param(bld);
547  OSSL_PARAM_BLD_free(bld);
548  OSSL_PARAM *params = OSSL_PARAM_merge( params1, params2 );
549  pkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, 0);
550  EVP_PKEY_fromdata_init(pkctx);
551  EVP_PKEY_fromdata(pkctx, &peer, EVP_PKEY_KEYPAIR, params);
552  EVP_PKEY_CTX_free(pkctx);
553  OSSL_PARAM_free(params);
554  OSSL_PARAM_free(params1);
555  OSSL_PARAM_free(params2);
556 #else
557  DH* dh = DH_new();
558  DH_set0_key(dh, BN_dup(bnpub), NULL);
559  EVP_PKEY *peer = EVP_PKEY_new();
560  EVP_PKEY_assign_DH(peer, dh);
561 #endif
562  // Derive shared secret
563  pkctx = EVP_PKEY_CTX_new(fDH, 0);
564  EVP_PKEY_derive_init(pkctx);
565  EVP_PKEY_CTX_set_dh_pad(pkctx, padded);
566  EVP_PKEY_derive_set_peer(pkctx, peer);
567  EVP_PKEY_derive(pkctx, (unsigned char *)ktmp, &ltmp);
568  EVP_PKEY_CTX_free(pkctx);
569  EVP_PKEY_free(peer);
570  if (ltmp > 0) {
571  valid = 1;
572  }
573  }
574  }
575  }
576  EVP_PKEY_free(dhParam);
577  }
578  BIO_free(biop);
579  }
580  BN_free( bnpub );
581  }
582  //
583  // If a valid key has been computed, set the cipher
584  if (valid) {
585  // Init context
586  ctx = EVP_CIPHER_CTX_new();
587  if (ctx) {
588  // Check and set type
589  char cipnam[64] = {"bf-cbc"};
590  if (t && strcmp(t,"default")) {
591  strcpy(cipnam,t);
592  cipnam[63] = 0;
593  }
594  if ((cipher = EVP_get_cipherbyname(cipnam))) {
595  // At most EVP_MAX_KEY_LENGTH bytes
596  ltmp = (ltmp > EVP_MAX_KEY_LENGTH) ? EVP_MAX_KEY_LENGTH : ltmp;
597  int ldef = EVP_CIPHER_key_length(cipher);
598  // Try setting the key length
599  if ((int)ltmp != ldef) {
600  EVP_CipherInit_ex(ctx, cipher, 0, 0, 0, 1);
601  EVP_CIPHER_CTX_set_key_length(ctx,ltmp);
602  EVP_CipherInit_ex(ctx, 0, 0, (unsigned char *)ktmp, 0, 1);
603  if ((int)ltmp == EVP_CIPHER_CTX_key_length(ctx)) {
604  // Use the ltmp bytes at ktmp
605  SetBuffer(ltmp,ktmp);
606  deflength = 0;
607  }
608  }
609  if (!Length()) {
610  EVP_CipherInit_ex(ctx, cipher, 0, (unsigned char *)ktmp, 0, 1);
611  SetBuffer(ldef,ktmp);
612  }
613  // Set also the type
614  SetType(cipnam);
615  }
616  } else
617  valid = 0;
618  }
619  // Cleanup
620  if (ktmp) {delete[] ktmp; ktmp = 0;}
621  }
622 
623  // Cleanup, if invalid
624  if (!valid)
625  Cleanup();
626 }
627 
628 //____________________________________________________________________________
629 XrdCryptosslCipher::XrdCryptosslCipher(const XrdCryptosslCipher &c)
630  : XrdCryptoCipher()
631 {
632  // Copy Constructor
633 
634  // Basics
635  deflength = c.deflength;
636  valid = c.valid;
637  ctx = 0;
638  // IV
639  lIV = 0;
640  fIV = 0;
641  SetIV(c.lIV,c.fIV);
642 
643  // Cipher
644  cipher = c.cipher;
645  // Set the key
646  SetBuffer(c.Length(),c.Buffer());
647  // Set also the type
648  SetType(c.Type());
649  // DH
650  fDH = 0;
651  if (valid && c.fDH) {
652  valid = 0;
653 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
654  BIGNUM *p = BN_new();
655  BIGNUM *g = BN_new();
656  BIGNUM *pub = BN_new();
657  BIGNUM *pri = BN_new();
658  OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
659  if (EVP_PKEY_get_bn_param(c.fDH, OSSL_PKEY_PARAM_FFC_P, &p) == 1)
660  OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p);
661  if (EVP_PKEY_get_bn_param(c.fDH, OSSL_PKEY_PARAM_FFC_G, &g) == 1)
662  OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g);
663  if (EVP_PKEY_get_bn_param(c.fDH, OSSL_PKEY_PARAM_PUB_KEY, &pub) == 1)
664  OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub);
665  if (EVP_PKEY_get_bn_param(c.fDH, OSSL_PKEY_PARAM_PRIV_KEY, &pri) == 1)
666  OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, pri);
667  OSSL_PARAM *params = OSSL_PARAM_BLD_to_param(bld);
668  OSSL_PARAM_BLD_free(bld);
669  BN_free(p);
670  BN_free(g);
671  BN_free(pub);
672  BN_free(pri);
673  EVP_PKEY_CTX *pkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, 0);
674  EVP_PKEY_fromdata_init(pkctx);
675  EVP_PKEY_fromdata(pkctx, &fDH, EVP_PKEY_KEYPAIR, params);
676  EVP_PKEY_CTX_free(pkctx);
677  OSSL_PARAM_free(params);
678 #else
679  DH* dh = DH_new();
680  if (dh) {
681  const BIGNUM *p, *g;
682  DH_get0_pqg(EVP_PKEY_get0_DH(c.fDH), &p, NULL, &g);
683  DH_set0_pqg(dh, p ? BN_dup(p) : NULL, NULL, g ? BN_dup(g) : NULL);
684  const BIGNUM *pub, *pri;
685  DH_get0_key(EVP_PKEY_get0_DH(c.fDH), &pub, &pri);
686  DH_set0_key(dh, pub ? BN_dup(pub) : NULL, pri ? BN_dup(pri) : NULL);
687  fDH = EVP_PKEY_new();
688  EVP_PKEY_assign_DH(fDH, dh);
689  }
690 #endif
691  if (fDH) {
692  if (XrdCheckDH(fDH) == 1)
693  valid = 1;
694  }
695  }
696  if (valid) {
697  // Init context
698  ctx = EVP_CIPHER_CTX_new();
699  if (!ctx)
700  valid = 0;
701  }
702  if (!valid) {
703  Cleanup();
704  }
705 }
706 
707 //____________________________________________________________________________
708 XrdCryptosslCipher::~XrdCryptosslCipher()
709 {
710  // Destructor.
711 
712  // Cleanup IV
713  if (fIV)
714  delete[] fIV;
715 
716  // Cleanups
717  if (valid)
718  EVP_CIPHER_CTX_free(ctx);
719  Cleanup();
720 }
721 
722 //____________________________________________________________________________
723 void XrdCryptosslCipher::Cleanup()
724 {
725  // Cleanup temporary memory
726 
727  // Cleanup IV
728  if (fDH) {
729  EVP_PKEY_free(fDH);
730  fDH = 0;
731  }
732 }
733 
734 //____________________________________________________________________________
735 bool XrdCryptosslCipher::Finalize(bool padded,
736  char *pub, int lpub, const char *t)
737 {
738  // Finalize cipher during key agreement. Should be called
739  // for a cipher build with special constructor defining member fDH.
740  // The buffer pub should contain the public part of the counterpart.
741  // Sets also the name to 't', if different from the default one.
742  // Used for key agreement.
743  EPNAME("sslCipher::Finalize");
744 
745  if (!fDH) {
746  DEBUG("DH undefined: this cipher cannot be finalized"
747  " by this method");
748  return 0;
749  }
750 
751  char *ktmp = 0;
752  size_t ltmp = 0;
753  valid = 0;
754  if (pub) {
755  //
756  // Extract string with bignumber
757  BIGNUM *bnpub = 0;
758  char *pb = static_cast<char*>(memmem(pub, lpub, "---BPUB---", 10));
759  char *pe = static_cast<char*>(memmem(pub, lpub, "---EPUB--", 9));
760  if (pb && pe) {
761  //lpub = (int)(pb-pub);
762  pb += 10;
763  *pe = 0;
764  BN_hex2bn(&bnpub, pb);
765  *pe = '-';
766  }
767  if (bnpub) {
768  // Now we can compute the cipher
769  ltmp = EVP_PKEY_size(fDH);
770  ktmp = new char[ltmp];
771  if (ktmp) {
772  memset(ktmp, 0, ltmp);
773  // Create peer public key
774  EVP_PKEY_CTX *pkctx;
775 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
776  EVP_PKEY *peer = nullptr;
777  OSSL_PARAM *params1 = nullptr;
778  EVP_PKEY_todata(fDH, EVP_PKEY_KEY_PARAMETERS, &params1);
779  OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
780  OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, bnpub);
781  OSSL_PARAM *params2 = OSSL_PARAM_BLD_to_param(bld);
782  OSSL_PARAM_BLD_free(bld);
783  OSSL_PARAM *params = OSSL_PARAM_merge(params1, params2);
784  pkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, 0);
785  EVP_PKEY_fromdata_init(pkctx);
786  EVP_PKEY_fromdata(pkctx, &peer, EVP_PKEY_PUBLIC_KEY, params);
787  OSSL_PARAM_free(params1);
788  OSSL_PARAM_free(params2);
789  OSSL_PARAM_free(params);
790  EVP_PKEY_CTX_free(pkctx);
791 #else
792  DH* dh = DH_new();
793  DH_set0_key(dh, BN_dup(bnpub), NULL);
794  EVP_PKEY *peer = EVP_PKEY_new();
795  EVP_PKEY_assign_DH(peer, dh);
796 #endif
797  // Derive shared secret
798  pkctx = EVP_PKEY_CTX_new(fDH, 0);
799  EVP_PKEY_derive_init(pkctx);
800  EVP_PKEY_CTX_set_dh_pad(pkctx, padded);
801  EVP_PKEY_derive_set_peer(pkctx, peer);
802  EVP_PKEY_derive(pkctx, (unsigned char *)ktmp, &ltmp);
803  EVP_PKEY_CTX_free(pkctx);
804  EVP_PKEY_free(peer);
805  if (ltmp > 0) {
806  valid = 1;
807  }
808  }
809  BN_free(bnpub);
810  bnpub=0;
811  }
812  //
813  // If a valid key has been computed, set the cipher
814  if (valid) {
815  // Check and set type
816  char cipnam[64] = {"bf-cbc"};
817  if (t && strcmp(t,"default")) {
818  strcpy(cipnam,t);
819  cipnam[63] = 0;
820  }
821  if ((cipher = EVP_get_cipherbyname(cipnam))) {
822  // At most EVP_MAX_KEY_LENGTH bytes
823  ltmp = (ltmp > EVP_MAX_KEY_LENGTH) ? EVP_MAX_KEY_LENGTH : ltmp;
824  int ldef = EVP_CIPHER_key_length(cipher);
825  // Try setting the key length
826  if ((int)ltmp != ldef) {
827  EVP_CipherInit_ex(ctx, cipher, 0, 0, 0, 1);
828  EVP_CIPHER_CTX_set_key_length(ctx,ltmp);
829  EVP_CipherInit_ex(ctx, 0, 0, (unsigned char *)ktmp, 0, 1);
830  if ((int)ltmp == EVP_CIPHER_CTX_key_length(ctx)) {
831  // Use the ltmp bytes at ktmp
832  SetBuffer(ltmp,ktmp);
833  deflength = 0;
834  }
835  }
836  if (!Length()) {
837  EVP_CipherInit_ex(ctx, cipher, 0, (unsigned char *)ktmp, 0, 1);
838  SetBuffer(ldef,ktmp);
839  }
840  // Set also the type
841  SetType(cipnam);
842  }
843  }
844  // Cleanup
845  if (ktmp) {delete[] ktmp; ktmp = 0;}
846  }
847 
848  // Cleanup, if invalid
849  if (!valid) {
850  EVP_CIPHER_CTX_free(ctx);
851  Cleanup();
852  }
853 
854  // We are done
855  return valid;
856 }
857 
858 //_____________________________________________________________________________
859 int XrdCryptosslCipher::Publen()
860 {
861  // Minimum length of export format of public key
862  static int lhdr = strlen("-----BEGIN DH PARAMETERS-----"
863  "-----END DH PARAMETERS-----") + 3;
864  if (fDH) {
865  // minimum length of the core is 22 bytes
866  int l = 2 * EVP_PKEY_size(fDH);
867  if (l < 22) l = 22;
868  // for headers
869  l += lhdr;
870  // some margin
871  return (l+20);
872  } else
873  return 0;
874 }
875 
876 //_____________________________________________________________________________
877 char *XrdCryptosslCipher::Public(int &lpub)
878 {
879  // Return buffer with the public part of the DH key and the shared
880  // parameters; lpub contains the length of the meaningful bytes.
881  // Buffer should be deleted by the caller.
882  static int lhend = strlen("-----END DH PARAMETERS-----");
883 
884  if (fDH) {
885  //
886  // Calculate and write public key hex
887 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
888  BIGNUM *pub = BN_new();
889  EVP_PKEY_get_bn_param(fDH, OSSL_PKEY_PARAM_PUB_KEY, &pub);
890  char *phex = BN_bn2hex(pub);
891  BN_free(pub);
892 #else
893  const BIGNUM *pub;
894  DH_get0_key(EVP_PKEY_get0_DH(fDH), &pub, NULL);
895  char *phex = BN_bn2hex(pub);
896 #endif
897  int lhex = strlen(phex);
898  //
899  // Prepare bio to export info buffer
900  BIO *biop = BIO_new(BIO_s_mem());
901  if (biop) {
902  int ltmp = Publen() + lhex + 20;
903  char *pub = new char[ltmp];
904  if (pub) {
905  // Write parms first
906  PEM_write_bio_Parameters(biop, fDH);
907  // Read key from BIO to buf
908  BIO_read(biop,(void *)pub,ltmp);
909  BIO_free(biop);
910  // Add public key
911  char *p = strstr(pub,"-----END DH PARAMETERS-----");
912  // Buffer length up to now
913  lpub = (int)(p - pub) + lhend + 1;
914  if (phex && p) {
915  // position at the end
916  p += (lhend+1);
917  // Begin of public key hex
918  memcpy(p,"---BPUB---",10);
919  p += 10;
920  // Calculate and write public key hex
921  memcpy(p,phex,lhex);
922  OPENSSL_free(phex);
923  // End of public key hex
924  p += lhex;
925  memcpy(p,"---EPUB---",10);
926  // Calculate total length
927  lpub += (20 + lhex);
928  } else {
929  if (phex) OPENSSL_free(phex);
930  }
931  // return
932  return pub;
933  }
934  } else {
935  if (phex) OPENSSL_free(phex);
936  }
937  }
938 
939  lpub = 0;
940  return (char *)0;
941 }
942 
943 //_____________________________________________________________________________
944 void XrdCryptosslCipher::PrintPublic(BIGNUM *pub)
945 {
946  // Print public part
947 
948  //
949  // Prepare bio to export info buffer
950  BIO *biop = BIO_new(BIO_s_mem());
951  if (biop) {
952  // Use a DSA structure to export the public part
953 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
954  EVP_PKEY *dsa = 0;
955  OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
956  OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub);
957  OSSL_PARAM *params = OSSL_PARAM_BLD_to_param(bld);
958  OSSL_PARAM_BLD_free(bld);
959  EVP_PKEY_CTX *pkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DSA, 0);
960  EVP_PKEY_fromdata_init(pkctx);
961  EVP_PKEY_fromdata(pkctx, &dsa, EVP_PKEY_PUBLIC_KEY, params);
962  EVP_PKEY_CTX_free(pkctx);
963  OSSL_PARAM_free(params);
964 #else
965  EVP_PKEY *dsa = EVP_PKEY_new();
966  DSA *fdsa = DSA_new();
967  DSA_set0_key(fdsa, BN_dup(pub), NULL);
968  EVP_PKEY_assign_DSA(dsa, fdsa);
969 #endif
970  if (dsa) {
971  // Write public key to BIO
972  PEM_write_bio_PUBKEY(biop, dsa);
973  // Read key from BIO to buf
974  int lpub = Publen();
975  char *bpub = new char[lpub];
976  if (bpub) {
977  BIO_read(biop,(void *)bpub,lpub);
978  std::cerr << bpub << std::endl;
979  delete[] bpub;
980  }
981  EVP_PKEY_free(dsa);
982  }
983  BIO_free(biop);
984  }
985 }
986 
987 //_____________________________________________________________________________
988 XrdSutBucket *XrdCryptosslCipher::AsBucket()
989 {
990  // Return pointer to a bucket created using the internal information
991  // serialized
992  // The bucket is responsible for the allocated memory
993 
994  XrdSutBucket *buck = (XrdSutBucket *)0;
995 
996  if (valid) {
997 
998  // Serialize .. total length
999  kXR_int32 lbuf = Length();
1000  kXR_int32 ltyp = Type() ? strlen(Type()) : 0;
1001  kXR_int32 livc = lIV;
1002 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
1003  BIGNUM *p = BN_new();
1004  BIGNUM *g = BN_new();
1005  BIGNUM *pub = BN_new();
1006  BIGNUM *pri = BN_new();
1007  EVP_PKEY_get_bn_param(fDH, OSSL_PKEY_PARAM_FFC_P, &p);
1008  EVP_PKEY_get_bn_param(fDH, OSSL_PKEY_PARAM_FFC_G, &g);
1009  EVP_PKEY_get_bn_param(fDH, OSSL_PKEY_PARAM_PUB_KEY, &pub);
1010  EVP_PKEY_get_bn_param(fDH, OSSL_PKEY_PARAM_PRIV_KEY, &pri);
1011 #else
1012  const BIGNUM *p, *g;
1013  const BIGNUM *pub, *pri;
1014  DH_get0_pqg(EVP_PKEY_get0_DH(fDH), &p, NULL, &g);
1015  DH_get0_key(EVP_PKEY_get0_DH(fDH), &pub, &pri);
1016 #endif
1017  char *cp = BN_bn2hex(p);
1018  char *cg = BN_bn2hex(g);
1019  char *cpub = BN_bn2hex(pub);
1020  char *cpri = BN_bn2hex(pri);
1021 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
1022  BN_free(p);
1023  BN_free(g);
1024  BN_free(pub);
1025  BN_free(pri);
1026 #endif
1027  kXR_int32 lp = cp ? strlen(cp) : 0;
1028  kXR_int32 lg = cg ? strlen(cg) : 0;
1029  kXR_int32 lpub = cpub ? strlen(cpub) : 0;
1030  kXR_int32 lpri = cpri ? strlen(cpri) : 0;
1031  int ltot = 7*sizeof(kXR_int32) + ltyp + Length() + livc +
1032  lp + lg + lpub + lpri;
1033  char *newbuf = new char[ltot];
1034  if (newbuf) {
1035  int cur = 0;
1036  memcpy(newbuf+cur,&ltyp,sizeof(kXR_int32));
1037  cur += sizeof(kXR_int32);
1038  memcpy(newbuf+cur,&livc,sizeof(kXR_int32));
1039  cur += sizeof(kXR_int32);
1040  memcpy(newbuf+cur,&lbuf,sizeof(kXR_int32));
1041  cur += sizeof(kXR_int32);
1042  memcpy(newbuf+cur,&lp,sizeof(kXR_int32));
1043  cur += sizeof(kXR_int32);
1044  memcpy(newbuf+cur,&lg,sizeof(kXR_int32));
1045  cur += sizeof(kXR_int32);
1046  memcpy(newbuf+cur,&lpub,sizeof(kXR_int32));
1047  cur += sizeof(kXR_int32);
1048  memcpy(newbuf+cur,&lpri,sizeof(kXR_int32));
1049  cur += sizeof(kXR_int32);
1050  if (Type()) {
1051  memcpy(newbuf+cur,Type(),ltyp);
1052  cur += ltyp;
1053  }
1054  if (fIV) {
1055  memcpy(newbuf+cur,fIV,livc);
1056  cur += livc;
1057  }
1058  if (Buffer()) {
1059  memcpy(newbuf+cur,Buffer(),lbuf);
1060  cur += lbuf;
1061  }
1062  if (cp) {
1063  memcpy(newbuf+cur,cp,lp);
1064  cur += lp;
1065  OPENSSL_free(cp);
1066  }
1067  if (cg) {
1068  memcpy(newbuf+cur,cg,lg);
1069  cur += lg;
1070  OPENSSL_free(cg);
1071  }
1072  if (cpub) {
1073  memcpy(newbuf+cur,cpub,lpub);
1074  cur += lpub;
1075  OPENSSL_free(cpub);
1076  }
1077  if (cpri) {
1078  memcpy(newbuf+cur,cpri,lpri);
1079  cur += lpri;
1080  OPENSSL_free(cpri);
1081  }
1082  // The bucket now
1083  buck = new XrdSutBucket(newbuf,ltot,kXRS_cipher);
1084  }
1085  }
1086 
1087  return buck;
1088 }
1089 
1090 //____________________________________________________________________________
1091 void XrdCryptosslCipher::SetIV(int l, const char *iv)
1092 {
1093  // Set IV from l bytes at iv. If !iv, sets the IV length.
1094 
1095  if (fIV) {
1096  delete[] fIV;
1097  fIV = 0;
1098  lIV = 0;
1099  }
1100 
1101  if (l > 0) {
1102  if (iv) {
1103  fIV = new char[l];
1104  if (fIV) memcpy(fIV,iv,l);
1105  }
1106  lIV = l;
1107  }
1108 }
1109 
1110 //____________________________________________________________________________
1111 char *XrdCryptosslCipher::RefreshIV(int &l)
1112 {
1113  // Regenerate IV and return it
1114 
1115  // Generate a new IV
1116  GenerateIV();
1117 
1118  // Set output
1119  l = lIV;
1120  return fIV;
1121 }
1122 
1123 //____________________________________________________________________________
1124 void XrdCryptosslCipher::GenerateIV()
1125 {
1126  // Generate IV
1127 
1128  // Cleanup existing one, if any
1129  if (fIV) {
1130  delete[] fIV;
1131  fIV = 0;
1132  lIV = 0;
1133  }
1134 
1135  // Generate a new one, using crypt-like chars
1136  fIV = XrdSutRndm::GetBuffer(EVP_MAX_IV_LENGTH, 3);
1137  if (fIV)
1138  lIV = EVP_MAX_IV_LENGTH;
1139 }
1140 
1141 //____________________________________________________________________________
1142 int XrdCryptosslCipher::Encrypt(const char *in, int lin, char *out)
1143 {
1144  // Encrypt lin bytes at in with local cipher.
1145  // The outbut buffer must be provided by the caller for at least
1146  // EncOutLength(lin) bytes.
1147  // Returns number of meaningful bytes in out, or 0 in case of problems
1148 
1149  return EncDec(1, in, lin, out);
1150 }
1151 
1152 //____________________________________________________________________________
1153 int XrdCryptosslCipher::Decrypt(const char *in, int lin, char *out)
1154 {
1155  // Decrypt lin bytes at in with local cipher.
1156  // The outbut buffer must be provided by the caller for at least
1157  // DecOutLength(lin) bytes.
1158  // Returns number of meaningful bytes in out, or 0 in case of problems
1159 
1160  return EncDec(0, in, lin, out);
1161 }
1162 
1163 //____________________________________________________________________________
1164 int XrdCryptosslCipher::EncDec(int enc, const char *in, int lin, char *out)
1165 {
1166  // Encrypt (enc = 1)/ Decrypt (enc = 0) lin bytes at in with local cipher.
1167  // The outbut buffer must be provided by the caller for at least
1168  // EncOutLength(lin) or DecOutLength(lin) bytes.
1169  // Returns number of meaningful bytes in out, or 0 in case of problems
1170  EPNAME("Cipher::EncDec");
1171 
1172  int lout = 0;
1173 
1174  const char *action = (enc == 1) ? "encrypting" : "decrypting";
1175 
1176  // Check inputs
1177  if (!in || lin <= 0 || !out) {
1178  DEBUG("wrong inputs arguments");
1179  if (!in) DEBUG("in: NULL");
1180  if (lin <= 0) DEBUG("lin: "<<lin);
1181  if (!out) DEBUG("out: NULL");
1182  return 0;
1183  }
1184 
1185  // Set iv to the one in use
1186  unsigned char iv[EVP_MAX_IV_LENGTH];
1187  if (fIV) {
1188  memcpy((void *)iv,fIV,EVP_MAX_IV_LENGTH);
1189  } else {
1190  // We use 0's
1191  memset((void *)iv,0,EVP_MAX_IV_LENGTH);
1192  }
1193 
1194  // Action depend on the length of the key wrt default length
1195  if (deflength) {
1196  // Init ctx, set key (default length) and set IV
1197  if (!EVP_CipherInit_ex(ctx, cipher, 0, (unsigned char *)Buffer(), iv, enc)) {
1198  DEBUG("error initializing");
1199  return 0;
1200  }
1201  } else {
1202  // Init ctx
1203  if (!EVP_CipherInit_ex(ctx, cipher, 0, 0, 0, enc)) {
1204  DEBUG("error initializing - 1");
1205  return 0;
1206  }
1207  // Set key length
1208  EVP_CIPHER_CTX_set_key_length(ctx,Length());
1209  // Set key and IV
1210  if (!EVP_CipherInit_ex(ctx, 0, 0, (unsigned char *)Buffer(), iv, enc)) {
1211  DEBUG("error initializing - 2");
1212  return 0;
1213  }
1214  }
1215 
1216  // Encrypt / Decrypt
1217  int ltmp = 0;
1218  if (!EVP_CipherUpdate(ctx, (unsigned char *)&out[0], &ltmp,
1219  (unsigned char *)in, lin)) {
1220  DEBUG("error " << action);
1221  return 0;
1222  }
1223  lout = ltmp;
1224  if (!EVP_CipherFinal_ex(ctx, (unsigned char *)&out[lout], &ltmp)) {
1225  DEBUG("error finalizing");
1226  return 0;
1227  }
1228 
1229  // Results
1230  lout += ltmp;
1231  return lout;
1232 }
1233 
1234 //____________________________________________________________________________
1235 int XrdCryptosslCipher::EncOutLength(int l)
1236 {
1237  // Required buffer size for encrypting l bytes
1238 
1239  return (l+EVP_CIPHER_CTX_block_size(ctx));
1240 }
1241 
1242 //____________________________________________________________________________
1243 int XrdCryptosslCipher::DecOutLength(int l)
1244 {
1245  // Required buffer size for decrypting l bytes
1246 
1247  int lout = l+EVP_CIPHER_CTX_block_size(ctx)+1;
1248  lout = (lout <= 0) ? l : lout;
1249  return lout;
1250 }
1251 
1252 //____________________________________________________________________________
1253 int XrdCryptosslCipher::MaxIVLength() const
1254 {
1255  // Return the max cipher IV length
1256 
1257  return (lIV > 0) ? lIV : EVP_MAX_IV_LENGTH;
1258 }
kXR_int32
int kXR_int32
Definition: XPtypes.hh:89
DEBUG
#define DEBUG(x)
Definition: XrdBwmTrace.hh:54
EPNAME
#define EPNAME(x)
Definition: XrdBwmTrace.hh:56
getFixedDHParams
static EVP_PKEY * getFixedDHParams()
Definition: XrdCryptosslCipher.cc:76
dh_param_enc
static const char dh_param_enc[]
Definition: XrdCryptosslCipher.cc:55
XrdCheckDH
static int XrdCheckDH(EVP_PKEY *pkey)
Definition: XrdCryptosslCipher.cc:91
kXRS_cipher
@ kXRS_cipher
Definition: XrdSutAux.hh:62
XrdCryptoBasic::SetBuffer
virtual int SetBuffer(int l, const char *b)
Definition: XrdCryptoBasic.cc:188
XrdCryptoBasic::Length
virtual int Length() const
Definition: XrdCryptoBasic.hh:58
XrdCryptoBasic::Type
virtual char * Type() const
Definition: XrdCryptoBasic.hh:60
XrdCryptoBasic::Buffer
virtual char * Buffer() const
Definition: XrdCryptoBasic.hh:59
XrdCryptoBasic::SetType
virtual int SetType(const char *t)
Definition: XrdCryptoBasic.cc:221
XrdCryptoBasic::UseBuffer
virtual void UseBuffer(int l, const char *b)
Definition: XrdCryptoBasic.hh:67
XrdCryptosslCipher::SetIV
void SetIV(int l, const char *iv)
Definition: XrdCryptosslCipher.cc:1091
XrdCryptosslCipher::AsBucket
XrdSutBucket * AsBucket()
Definition: XrdCryptosslCipher.cc:988
XrdCryptosslCipher::Encrypt
int Encrypt(const char *bin, int lin, char *out)
Definition: XrdCryptosslCipher.cc:1142
XrdCryptosslCipher::XrdCryptosslCipher
XrdCryptosslCipher(const char *t, int l=0)
Definition: XrdCryptosslCipher.cc:119
XrdCryptosslCipher::IsSupported
static bool IsSupported(const char *cip)
Definition: XrdCryptosslCipher.cc:111
XrdCryptosslCipher::Decrypt
int Decrypt(const char *bin, int lin, char *out)
Definition: XrdCryptosslCipher.cc:1153
XrdCryptosslCipher::Public
char * Public(int &lpub)
Definition: XrdCryptosslCipher.cc:877
XrdCryptosslCipher::Finalize
bool Finalize(bool padded, char *pub, int lpub, const char *t)
Definition: XrdCryptosslCipher.cc:735
XrdSutBucket::size
kXR_int32 size
Definition: XrdSutBucket.hh:47
XrdSutRndm::GetBuffer
static char * GetBuffer(int len, int opt=-1)
Definition: XrdSutRndm.cc:179