[ceph.git] / ceph / src / auth / Crypto.h

// -*- mode:C; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
// vim: ts=8 sw=2 smarttab
/*
 * Ceph - scalable distributed file system
 *
 * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
 *
 * This is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License version 2.1, as published by the Free Software 
 * Foundation.  See file COPYING.
 * 
 */

#ifndef CEPH_AUTH_CRYPTO_H
#define CEPH_AUTH_CRYPTO_H

#include "include/types.h"
#include "include/utime.h"
#include "include/memory.h"
#include "include/buffer.h"

#include <string>

class CephContext;
class CryptoKeyContext;
namespace ceph { class Formatter; }


/*
 * some per-key context that is specific to a particular crypto backend
 */
class CryptoKeyHandler {
public:
  bufferptr secret;

  virtual ~CryptoKeyHandler() {}

  virtual int encrypt(const bufferlist& in,
		       bufferlist& out, std::string *error) const = 0;
  virtual int decrypt(const bufferlist& in,
		       bufferlist& out, std::string *error) const = 0;
};

/*
 * match encoding of struct ceph_secret
 */
class CryptoKey {
protected:
  __u16 type;
  utime_t created;
  bufferptr secret;   // must set this via set_secret()!

  // cache a pointer to the implementation-specific key handler, so we
  // don't have to create it for every crypto operation.
  mutable ceph::shared_ptr<CryptoKeyHandler> ckh;

  int _set_secret(int type, const bufferptr& s);

public:
  CryptoKey() : type(0) { }
  CryptoKey(int t, utime_t c, bufferptr& s)
    : created(c) {
    _set_secret(t, s);
  }
  ~CryptoKey() {
  }

  void encode(bufferlist& bl) const;
  void decode(bufferlist::iterator& bl);

  int get_type() const { return type; }
  utime_t get_created() const { return created; }
  void print(std::ostream& out) const;

  int set_secret(int type, const bufferptr& s, utime_t created);
  const bufferptr& get_secret() { return secret; }
  const bufferptr& get_secret() const { return secret; }

  void encode_base64(string& s) const {
    bufferlist bl;
    encode(bl);
    bufferlist e;
    bl.encode_base64(e);
    e.append('\0');
    s = e.c_str();
  }
  string encode_base64() const {
    string s;
    encode_base64(s);
    return s;
  }
  void decode_base64(const string& s) {
    bufferlist e;
    e.append(s);
    bufferlist bl;
    bl.decode_base64(e);
    bufferlist::iterator p = bl.begin();
    decode(p);
  }

  void encode_formatted(string label, Formatter *f, bufferlist &bl);
  void encode_plaintext(bufferlist &bl);

  // --
  int create(CephContext *cct, int type);
  int encrypt(CephContext *cct, const bufferlist& in, bufferlist& out,
	       std::string *error) const {
    assert(ckh); // Bad key?
    return ckh->encrypt(in, out, error);
  }
  int decrypt(CephContext *cct, const bufferlist& in, bufferlist& out,
	       std::string *error) const {
    assert(ckh); // Bad key?
    return ckh->decrypt(in, out, error);
  }

  void to_str(std::string& s) const;
};
WRITE_CLASS_ENCODER(CryptoKey)

static inline ostream& operator<<(ostream& out, const CryptoKey& k)
{
  k.print(out);
  return out;
}


/*
 * Driver for a particular algorithm
 *
 * To use these functions, you need to call ceph::crypto::init(), see
 * common/ceph_crypto.h. common_init_finish does this for you.
 */
class CryptoHandler {
public:
  virtual ~CryptoHandler() {}
  virtual int get_type() const = 0;
  virtual int create(bufferptr& secret) = 0;
  virtual int validate_secret(const bufferptr& secret) = 0;
  virtual CryptoKeyHandler *get_key_handler(const bufferptr& secret,
					    string& error) = 0;

  static CryptoHandler *create(int type);
};

extern int get_random_bytes(char *buf, int len);
extern uint64_t get_random(uint64_t min_val, uint64_t max_val);

#endif
Commit	Line	Data
7c673cae FG	1	// -- mode:C; tab-width:8; c-basic-offset:2; indent-tabs-mode:t --
	2	// vim: ts=8 sw=2 smarttab
	3	/*
	4	* Ceph - scalable distributed file system
	5	*
	6	* Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
	7	*
	8	* This is free software; you can redistribute it and/or
	9	* modify it under the terms of the GNU Lesser General Public
	10	* License version 2.1, as published by the Free Software
	11	* Foundation. See file COPYING.
	12	*
	13	*/
	14
	15	#ifndef CEPH_AUTH_CRYPTO_H
	16	#define CEPH_AUTH_CRYPTO_H
	17
	18	#include "include/types.h"
	19	#include "include/utime.h"
	20	#include "include/memory.h"
	21	#include "include/buffer.h"
	22
	23	#include <string>
	24
	25	class CephContext;
	26	class CryptoKeyContext;
	27	namespace ceph { class Formatter; }
	28
	29
	30	/*
	31	* some per-key context that is specific to a particular crypto backend
	32	*/
	33	class CryptoKeyHandler {
	34	public:
	35	bufferptr secret;
	36
	37	virtual ~CryptoKeyHandler() {}
	38
	39	virtual int encrypt(const bufferlist& in,
	40	bufferlist& out, std::string *error) const = 0;
	41	virtual int decrypt(const bufferlist& in,
	42	bufferlist& out, std::string *error) const = 0;
	43	};
	44
	45	/*
	46	* match encoding of struct ceph_secret
	47	*/
	48	class CryptoKey {
	49	protected:
	50	__u16 type;
	51	utime_t created;
	52	bufferptr secret; // must set this via set_secret()!
	53
	54	// cache a pointer to the implementation-specific key handler, so we
	55	// don't have to create it for every crypto operation.
	56	mutable ceph::shared_ptr<CryptoKeyHandler> ckh;
	57
	58	int _set_secret(int type, const bufferptr& s);
	59
	60	public:
	61	CryptoKey() : type(0) { }
	62	CryptoKey(int t, utime_t c, bufferptr& s)
	63	: created(c) {
	64	_set_secret(t, s);
65	}
66	~CryptoKey() {
67	}
68
69	void encode(bufferlist& bl) const;
70	void decode(bufferlist::iterator& bl);
71
72	int get_type() const { return type; }
73	utime_t get_created() const { return created; }
74	void print(std::ostream& out) const;
75
76	int set_secret(int type, const bufferptr& s, utime_t created);
77	const bufferptr& get_secret() { return secret; }
78	const bufferptr& get_secret() const { return secret; }
79
80	void encode_base64(string& s) const {
81	bufferlist bl;
82	encode(bl);
83	bufferlist e;
84	bl.encode_base64(e);
85	e.append('\0');
86	s = e.c_str();
87	}
88	string encode_base64() const {
89	string s;
90	encode_base64(s);
91	return s;
92	}
93	void decode_base64(const string& s) {
94	bufferlist e;
95	e.append(s);
96	bufferlist bl;
97	bl.decode_base64(e);
98	bufferlist::iterator p = bl.begin();
99	decode(p);
100	}
101
102	void encode_formatted(string label, Formatter *f, bufferlist &bl);
103	void encode_plaintext(bufferlist &bl);
104
105	// --
106	int create(CephContext *cct, int type);
107	int encrypt(CephContext *cct, const bufferlist& in, bufferlist& out,
108	std::string *error) const {
109	assert(ckh); // Bad key?
110	return ckh->encrypt(in, out, error);
111	}
112	int decrypt(CephContext *cct, const bufferlist& in, bufferlist& out,
113	std::string *error) const {
114	assert(ckh); // Bad key?
115	return ckh->decrypt(in, out, error);
116	}
117
118	void to_str(std::string& s) const;
119	};
120	WRITE_CLASS_ENCODER(CryptoKey)
121
122	static inline ostream& operator<<(ostream& out, const CryptoKey& k)
123	{
124	k.print(out);
125	return out;
126	}
127
128
129	/*
130	* Driver for a particular algorithm
131	*
132	* To use these functions, you need to call ceph::crypto::init(), see
133	* common/ceph_crypto.h. common_init_finish does this for you.
134	*/
135	class CryptoHandler {
136	public:
137	virtual ~CryptoHandler() {}
138	virtual int get_type() const = 0;
139	virtual int create(bufferptr& secret) = 0;
140	virtual int validate_secret(const bufferptr& secret) = 0;
141	virtual CryptoKeyHandler *get_key_handler(const bufferptr& secret,
142	string& error) = 0;
143
144	static CryptoHandler *create(int type);
145	};
146
147	extern int get_random_bytes(char *buf, int len);
148	extern uint64_t get_random(uint64_t min_val, uint64_t max_val);
149
150	#endif