xrootd
|
00001 // $Id$ 00002 #ifndef __CRYPTO_FACTORY_H__ 00003 #define __CRYPTO_FACTORY_H__ 00004 /******************************************************************************/ 00005 /* */ 00006 /* X r d C r y p t o F a c t o r y . h h */ 00007 /* */ 00008 /* (c) 2004 by the Board of Trustees of the Leland Stanford, Jr., University */ 00009 /* All Rights Reserved. See XrdInfo.cc for complete License Terms */ 00010 /* Produced by Andrew Hanushevsky for Stanford University under contract */ 00011 /* DE-AC03-76-SFO0515 with the Department of Energy */ 00012 /******************************************************************************/ 00013 00014 /* ************************************************************************** */ 00015 /* */ 00016 /* Abstract interface for a crypto factory */ 00017 /* Allows to plug-in modules based on different crypto implementation */ 00018 /* (OpenSSL, Botan, ...) */ 00019 /* */ 00020 /* ************************************************************************** */ 00021 00022 #include <XrdCrypto/XrdCryptoAux.hh> 00023 00024 #define MAXFACTORYNAMELEN 10 00025 // ---------------------------------------------------------------------------// 00026 // 00027 // Abstract Crypto Factory 00028 // 00029 // ---------------------------------------------------------------------------// 00030 00031 class XrdSutBucket; 00032 class XrdCryptoCipher; 00033 class XrdCryptoMsgDigest; 00034 class XrdCryptoRSA; 00035 class XrdCryptoX509; 00036 class XrdCryptoX509Chain; 00037 class XrdCryptoX509Crl; 00038 class XrdCryptoX509Req; 00039 00040 #if 1 00041 // 00042 // Prototypes for some Utility Functions 00043 00044 // Key derivation function 00045 typedef int (*XrdCryptoKDFunLen_t)(); 00046 typedef int (*XrdCryptoKDFun_t)(const char *pass, int plen, 00047 const char *salt, int slen, 00048 char *key, int klen); 00049 00050 // X509 manipulation: certificate verification 00051 typedef bool (*XrdCryptoX509VerifyCert_t)(XrdCryptoX509 *c, XrdCryptoX509 *r); 00052 // chain verification 00053 typedef bool (*XrdCryptoX509VerifyChain_t)(XrdCryptoX509Chain *chain, 00054 int &errcode); 00055 // chain export 00056 typedef XrdSutBucket *(*XrdCryptoX509ExportChain_t)(XrdCryptoX509Chain *, bool); 00057 00058 // chain to file 00059 typedef int (*XrdCryptoX509ChainToFile_t)(XrdCryptoX509Chain *, const char *); 00060 00061 // certificates from file parsing 00062 typedef int (*XrdCryptoX509ParseFile_t)(const char *fname, 00063 XrdCryptoX509Chain *); 00064 // certificates from bucket parsing 00065 typedef int (*XrdCryptoX509ParseBucket_t)(XrdSutBucket *, 00066 XrdCryptoX509Chain *); 00067 #endif 00068 00069 class XrdCryptoFactory 00070 { 00071 private: 00072 char name[MAXFACTORYNAMELEN]; 00073 int fID; 00074 public: 00075 XrdCryptoFactory(const char *n = "Unknown", int id = -1); 00076 virtual ~XrdCryptoFactory() { } 00077 00078 // Set trace flags 00079 virtual void SetTrace(kXR_int32 trace); 00080 00081 // Get the factory name 00082 char *Name() const { return (char *)&name[0]; } 00083 int ID() const { return fID; } 00084 00085 // Get the right factory 00086 static XrdCryptoFactory *GetCryptoFactory(const char *factoryname); 00087 00088 // Hook to a Key Derivation Function (PBKDF2 when possible) 00089 virtual XrdCryptoKDFunLen_t KDFunLen(); // Length of buffer 00090 virtual XrdCryptoKDFun_t KDFun(); 00091 00092 // Cipher constructors 00093 virtual bool SupportedCipher(const char *t); 00094 virtual XrdCryptoCipher *Cipher(const char *t, int l = 0); 00095 virtual XrdCryptoCipher *Cipher(const char *t, int l, const char *k, 00096 int liv, const char *iv); 00097 virtual XrdCryptoCipher *Cipher(XrdSutBucket *b); 00098 virtual XrdCryptoCipher *Cipher(int bits, char *pub, int lpub, const char *t = 0); 00099 virtual XrdCryptoCipher *Cipher(const XrdCryptoCipher &c); 00100 00101 // MsgDigest constructors 00102 virtual bool SupportedMsgDigest(const char *dgst); 00103 virtual XrdCryptoMsgDigest *MsgDigest(const char *dgst); 00104 00105 // RSA constructors 00106 virtual XrdCryptoRSA *RSA(int b = 0, int e = 0); 00107 virtual XrdCryptoRSA *RSA(const char *p, int l = 0); 00108 virtual XrdCryptoRSA *RSA(const XrdCryptoRSA &r); 00109 00110 // X509 constructors 00111 virtual XrdCryptoX509 *X509(const char *cf, const char *kf = 0); 00112 virtual XrdCryptoX509 *X509(XrdSutBucket *b); 00113 00114 // X509 CRL constructors 00115 virtual XrdCryptoX509Crl *X509Crl(const char *crlfile, int opt = 0); 00116 virtual XrdCryptoX509Crl *X509Crl(XrdCryptoX509 *cacert); 00117 00118 // X509 REQ constructors 00119 virtual XrdCryptoX509Req *X509Req(XrdSutBucket *bck); 00120 00121 // Hooks to handle X509 certificates 00122 virtual XrdCryptoX509VerifyCert_t X509VerifyCert(); 00123 virtual XrdCryptoX509VerifyChain_t X509VerifyChain(); 00124 virtual XrdCryptoX509ParseFile_t X509ParseFile(); 00125 virtual XrdCryptoX509ParseBucket_t X509ParseBucket(); 00126 virtual XrdCryptoX509ExportChain_t X509ExportChain(); 00127 virtual XrdCryptoX509ChainToFile_t X509ChainToFile(); 00128 00129 // Equality operator 00130 bool operator==(const XrdCryptoFactory factory); 00131 }; 00132 #endif