crypto

namespace crypto

Typedefs

using aes_t = std::array<std::uint8_t, 16>

using bignum_t = util::safe_ptr<BIGNUM, BN_free>

using bio_t = util::safe_ptr<BIO, BIO_free_all>

using cipher_ctx_t = util::safe_ptr<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free>

using md_ctx_t = util::safe_ptr<EVP_MD_CTX, md_ctx_destroy>

using pkey_ctx_t = util::safe_ptr<EVP_PKEY_CTX, EVP_PKEY_CTX_free>

using pkey_t = util::safe_ptr<EVP_PKEY, EVP_PKEY_free>

using sha256_t = std::array<std::uint8_t, SHA256_DIGEST_LENGTH>

using x509_store_ctx_t = util::safe_ptr<X509_STORE_CTX, X509_STORE_CTX_free>

using x509_store_t = util::safe_ptr<X509_STORE, X509_STORE_free>

using x509_t = util::safe_ptr<X509, X509_free>

Variables

constexpr std::size_t digest_size = 256

class cert_chain_t

Public Functions

void add(x509_t &&cert)

const char *verify(x509_t::element_type *cert)

Private Members

x509_store_ctx_t _cert_ctx

std::vector<std::pair<x509_t, x509_store_t>> _certs

struct creds_t

Public Members

std::string pkey

std::string x509

namespace cipher

Functions

constexpr std::size_t round_to_pkcs7_padded(std::size_t size)

Variables

constexpr std::size_t tag_size = 16

class cbc_t : public crypto::cipher::cipher_t

Public Functions

cbc_t() = default

cbc_t(cbc_t&&) noexcept = default

cbc_t(const crypto::aes_t &key, bool padding = true)

int encrypt(const std::string_view &plaintext, std::uint8_t *cipher, aes_t *iv)

length of cipher must be at least: round_to_pkcs7_padded(plaintext.size())

return -1 on error return bytes written on success

cbc_t &operator=(cbc_t&&) noexcept = default

class cipher_t

Subclassed by crypto::cipher::cbc_t, crypto::cipher::ecb_t, crypto::cipher::gcm_t

Public Members

cipher_ctx_t decrypt_ctx

cipher_ctx_t encrypt_ctx

aes_t key

bool padding

class ecb_t : public crypto::cipher::cipher_t

Public Functions

int decrypt(const std::string_view &cipher, std::vector<std::uint8_t> &plaintext)

ecb_t() = default

ecb_t(const aes_t &key, bool padding = true)

ecb_t(ecb_t&&) noexcept = default

int encrypt(const std::string_view &plaintext, std::vector<std::uint8_t> &cipher)

ecb_t &operator=(ecb_t&&) noexcept = default

class gcm_t : public crypto::cipher::cipher_t

Public Functions

int decrypt(const std::string_view &cipher, std::vector<std::uint8_t> &plaintext, aes_t *iv)

int encrypt(const std::string_view &plaintext, std::uint8_t *tagged_cipher, aes_t *iv)

length of cipher must be at least: round_to_pkcs7_padded(plaintext.size()) + crypto::cipher::tag_size

return -1 on error return bytes written on success

gcm_t() = default

gcm_t(const crypto::aes_t &key, bool padding = true)

gcm_t(gcm_t&&) noexcept = default

gcm_t &operator=(gcm_t&&) noexcept = default