Declarations for cryptography functions.
More...
#include <array>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/sha.h>
#include <openssl/x509.h>
#include "utility.h"
Go to the source code of this file.
|
|
using | crypto::aes_t = std::vector<std::uint8_t> |
| | Byte buffer containing AES key material.
|
| |
|
using | crypto::bignum_t = util::safe_ptr<BIGNUM, BN_free> |
| | Owning pointer for an OpenSSL BIGNUM.
|
| |
|
using | crypto::bio_t = util::safe_ptr<BIO, BIO_free_all> |
| | Owning pointer for an OpenSSL BIO chain.
|
| |
|
using | crypto::cipher_ctx_t = util::safe_ptr<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free> |
| | Owning pointer for an OpenSSL cipher context.
|
| |
|
using | crypto::md_ctx_t = util::safe_ptr<EVP_MD_CTX, md_ctx_destroy> |
| | Owning pointer for an OpenSSL message digest context.
|
| |
|
using | crypto::pkey_ctx_t = util::safe_ptr<EVP_PKEY_CTX, EVP_PKEY_CTX_free> |
| | Owning pointer for an OpenSSL key-generation context.
|
| |
|
using | crypto::pkey_t = util::safe_ptr<EVP_PKEY, EVP_PKEY_free> |
| | Owning pointer for an OpenSSL public or private key.
|
| |
|
using | crypto::sha256_t = std::array<std::uint8_t, SHA256_DIGEST_LENGTH> |
| | Fixed-size SHA-256 digest byte array.
|
| |
|
using | crypto::x509_store_ctx_t = util::safe_ptr<X509_STORE_CTX, X509_STORE_CTX_free> |
| | Owning pointer for an OpenSSL certificate verification context.
|
| |
|
using | crypto::x509_store_t = util::safe_ptr<X509_STORE, X509_STORE_free> |
| | Owning pointer for an OpenSSL certificate store.
|
| |
|
using | crypto::x509_t = util::safe_ptr<X509, X509_free> |
| | Owning pointer for an OpenSSL X.509 certificate.
|
| |
|
|
constexpr std::size_t | crypto::cipher::tag_size = 16 |
| | Tag size.
|
| |
Declarations for cryptography functions.
◆ gen_aes_key()
| aes_t crypto::gen_aes_key |
( |
const std::array< uint8_t, 16 > & | salt, |
|
|
const std::string_view & | pin ) |
Derive the AES key used by the pairing protocol.
- Parameters
-
| salt | Random salt used when deriving the pairing secret. |
| pin | PIN supplied by the client during pairing. |
- Returns
- Parsed or generated OpenSSL object or PEM data.
◆ gen_creds()
| creds_t crypto::gen_creds |
( |
const std::string_view & | cn, |
|
|
std::uint32_t | key_bits ) |
Generate a self-signed certificate and private key for Sunshine pairing.
- Parameters
-
| cn | Common name to place in the generated certificate. |
| key_bits | Size in bits of the generated RSA key. |
- Returns
- Parsed or generated OpenSSL object or PEM data.
◆ hash()
| sha256_t crypto::hash |
( |
const std::string_view & | plaintext | ) |
|
Hashes the given plaintext using SHA-256.
- Parameters
-
- Returns
- The SHA-256 hash of the plaintext.
◆ md_ctx_destroy()
| void crypto::md_ctx_destroy |
( |
EVP_MD_CTX * | ctx | ) |
|
Destroy an OpenSSL message digest context.
- Parameters
-
| ctx | Message digest context. |
◆ pem() [1/2]
| std::string crypto::pem |
( |
pkey_t & | pkey | ) |
|
Serialize an OpenSSL object to PEM text.
- Parameters
-
| pkey | Private key PEM data or private key file path. |
- Returns
- Parsed or generated OpenSSL object or PEM data.
◆ pem() [2/2]
| std::string crypto::pem |
( |
x509_t & | x509 | ) |
|
Serialize an OpenSSL object to PEM text.
- Parameters
-
| x509 | X.509 certificate object or PEM data. |
- Returns
- Parsed or generated OpenSSL object or PEM data.
◆ pkey()
| pkey_t crypto::pkey |
( |
const std::string_view & | k | ) |
|
Parse PEM text into an OpenSSL private key object.
- Parameters
-
| k | PEM text containing a private key. |
- Returns
- Parsed or generated OpenSSL object or PEM data.
◆ rand()
| std::string crypto::rand |
( |
std::size_t | bytes | ) |
|
Generate cryptographically secure random bytes.
- Parameters
-
| bytes | Number of random bytes to generate. |
- Returns
- Random bytes or text generated by OpenSSL.
◆ rand_alphabet()
| std::string crypto::rand_alphabet |
( |
std::size_t | bytes, |
|
|
const std::string_view & | alphabet = std::string_view {"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!%&()=-"} ) |
Generate random text from the supplied alphabet.
- Parameters
-
| bytes | Number of random bytes to generate. |
| alphabet | Allowed characters used for random string generation. |
- Returns
- Random bytes or text generated by OpenSSL.
◆ round_to_pkcs7_padded()
| std::size_t crypto::cipher::round_to_pkcs7_padded |
( |
std::size_t | size | ) |
|
|
constexpr |
Round a byte count up to the next PKCS#7 padding boundary.
- Parameters
-
| size | Number of bytes or elements requested. |
- Returns
size rounded up to the next PKCS#7 block boundary.
◆ sign256()
| std::vector< uint8_t > crypto::sign256 |
( |
const pkey_t & | pkey, |
|
|
const std::string_view & | data ) |
Sign data with SHA-256.
- Parameters
-
| pkey | Private key PEM data or private key file path. |
| data | Payload or state data to serialize, deserialize, or forward. |
- Returns
- Number of bytes written, signature bytes, or an error status depending on the overload.
◆ signature()
| std::string_view crypto::signature |
( |
const x509_t & | x | ) |
|
Return the certificate signature bytes.
- Parameters
-
| x | Certificate object or PEM text, depending on the overload. |
- Returns
- Parsed or generated OpenSSL object or PEM data.
◆ verify256()
| bool crypto::verify256 |
( |
const x509_t & | x509, |
|
|
const std::string_view & | data, |
|
|
const std::string_view & | signature ) |
Verify a SHA-256 signature with the certificate public key.
- Parameters
-
| x509 | X.509 certificate object or PEM data. |
| data | Payload or state data to serialize, deserialize, or forward. |
| signature | Signature bytes to verify or encode. |
- Returns
- True when the signature is valid for the supplied data.
◆ x509()
| x509_t crypto::x509 |
( |
const std::string_view & | x | ) |
|
Parse PEM text into an X.509 certificate object.
- Parameters
-
| x | Certificate object or PEM text, depending on the overload. |
- Returns
- Parsed or generated OpenSSL object or PEM data.