X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=src%2Fceph%2Fsrc%2Fauth%2FCrypto.h;fp=src%2Fceph%2Fsrc%2Fauth%2FCrypto.h;h=1c47f6efad195c1bc46b1ae0842110a4c07d55d0;hb=812ff6ca9fcd3e629e49d4328905f33eee8ca3f5;hp=0000000000000000000000000000000000000000;hpb=15280273faafb77777eab341909a3f495cf248d9;p=stor4nfv.git diff --git a/src/ceph/src/auth/Crypto.h b/src/ceph/src/auth/Crypto.h new file mode 100644 index 0000000..1c47f6e --- /dev/null +++ b/src/ceph/src/auth/Crypto.h @@ -0,0 +1,150 @@ +// -*- mode:C; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab +/* + * Ceph - scalable distributed file system + * + * Copyright (C) 2004-2009 Sage Weil + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ + +#ifndef CEPH_AUTH_CRYPTO_H +#define CEPH_AUTH_CRYPTO_H + +#include "include/types.h" +#include "include/utime.h" +#include "include/memory.h" +#include "include/buffer.h" + +#include + +class CephContext; +class CryptoKeyContext; +namespace ceph { class Formatter; } + + +/* + * some per-key context that is specific to a particular crypto backend + */ +class CryptoKeyHandler { +public: + bufferptr secret; + + virtual ~CryptoKeyHandler() {} + + virtual int encrypt(const bufferlist& in, + bufferlist& out, std::string *error) const = 0; + virtual int decrypt(const bufferlist& in, + bufferlist& out, std::string *error) const = 0; +}; + +/* + * match encoding of struct ceph_secret + */ +class CryptoKey { +protected: + __u16 type; + utime_t created; + bufferptr secret; // must set this via set_secret()! + + // cache a pointer to the implementation-specific key handler, so we + // don't have to create it for every crypto operation. + mutable ceph::shared_ptr ckh; + + int _set_secret(int type, const bufferptr& s); + +public: + CryptoKey() : type(0) { } + CryptoKey(int t, utime_t c, bufferptr& s) + : created(c) { + _set_secret(t, s); + } + ~CryptoKey() { + } + + void encode(bufferlist& bl) const; + void decode(bufferlist::iterator& bl); + + int get_type() const { return type; } + utime_t get_created() const { return created; } + void print(std::ostream& out) const; + + int set_secret(int type, const bufferptr& s, utime_t created); + const bufferptr& get_secret() { return secret; } + const bufferptr& get_secret() const { return secret; } + + void encode_base64(string& s) const { + bufferlist bl; + encode(bl); + bufferlist e; + bl.encode_base64(e); + e.append('\0'); + s = e.c_str(); + } + string encode_base64() const { + string s; + encode_base64(s); + return s; + } + void decode_base64(const string& s) { + bufferlist e; + e.append(s); + bufferlist bl; + bl.decode_base64(e); + bufferlist::iterator p = bl.begin(); + decode(p); + } + + void encode_formatted(string label, Formatter *f, bufferlist &bl); + void encode_plaintext(bufferlist &bl); + + // -- + int create(CephContext *cct, int type); + int encrypt(CephContext *cct, const bufferlist& in, bufferlist& out, + std::string *error) const { + assert(ckh); // Bad key? + return ckh->encrypt(in, out, error); + } + int decrypt(CephContext *cct, const bufferlist& in, bufferlist& out, + std::string *error) const { + assert(ckh); // Bad key? + return ckh->decrypt(in, out, error); + } + + void to_str(std::string& s) const; +}; +WRITE_CLASS_ENCODER(CryptoKey) + +static inline ostream& operator<<(ostream& out, const CryptoKey& k) +{ + k.print(out); + return out; +} + + +/* + * Driver for a particular algorithm + * + * To use these functions, you need to call ceph::crypto::init(), see + * common/ceph_crypto.h. common_init_finish does this for you. + */ +class CryptoHandler { +public: + virtual ~CryptoHandler() {} + virtual int get_type() const = 0; + virtual int create(bufferptr& secret) = 0; + virtual int validate_secret(const bufferptr& secret) = 0; + virtual CryptoKeyHandler *get_key_handler(const bufferptr& secret, + string& error) = 0; + + static CryptoHandler *create(int type); +}; + +extern int get_random_bytes(char *buf, int len); +extern uint64_t get_random(uint64_t min_val, uint64_t max_val); + +#endif