From 2ca24b61bdadf583b52d9eaa8edf55ca25833b9d Mon Sep 17 00:00:00 2001 From: Gerardo Ganis Date: Thu, 1 Jun 2017 13:09:30 +0200 Subject: [PATCH] crypto: remove unused crypto code The 'local' stuff for introduced for testing and should not be used for anything. --- src/XrdCrypto.cmake | 6 +- src/XrdCrypto/PC1.cc | 355 -------------------- src/XrdCrypto/PC1.hh | 33 -- src/XrdCrypto/PC3.cc | 413 ----------------------- src/XrdCrypto/PC3.hh | 36 -- src/XrdCrypto/XrdCryptoFactory.cc | 11 - src/XrdCrypto/XrdCryptolocalCipher.cc | 434 ------------------------- src/XrdCrypto/XrdCryptolocalCipher.hh | 80 ----- src/XrdCrypto/XrdCryptolocalFactory.cc | 245 -------------- src/XrdCrypto/XrdCryptolocalFactory.hh | 72 ---- 10 files changed, 1 insertion(+), 1684 deletions(-) delete mode 100644 src/XrdCrypto/PC1.cc delete mode 100644 src/XrdCrypto/PC1.hh delete mode 100644 src/XrdCrypto/PC3.cc delete mode 100644 src/XrdCrypto/PC3.hh delete mode 100644 src/XrdCrypto/XrdCryptolocalCipher.cc delete mode 100644 src/XrdCrypto/XrdCryptolocalCipher.hh delete mode 100644 src/XrdCrypto/XrdCryptolocalFactory.cc delete mode 100644 src/XrdCrypto/XrdCryptolocalFactory.hh diff --git a/src/XrdCrypto.cmake b/src/XrdCrypto.cmake index 72e23559099..24045fdecfe 100644 --- a/src/XrdCrypto.cmake +++ b/src/XrdCrypto.cmake @@ -20,8 +20,6 @@ set( XRD_CRYPTO_LITE_SOVERSION 1 ) add_library( XrdCrypto SHARED - XrdCrypto/PC1.cc XrdCrypto/PC1.hh - XrdCrypto/PC3.cc XrdCrypto/PC3.hh XrdCrypto/XrdCryptoAux.cc XrdCrypto/XrdCryptoAux.hh XrdCrypto/XrdCryptoTrace.hh XrdCrypto/XrdCryptoBasic.cc XrdCrypto/XrdCryptoBasic.hh @@ -33,9 +31,7 @@ add_library( XrdCrypto/XrdCryptoX509Chain.cc XrdCrypto/XrdCryptoX509Chain.hh XrdCrypto/XrdCryptoX509Crl.cc XrdCrypto/XrdCryptoX509Crl.hh XrdCrypto/XrdCryptoX509Req.cc XrdCrypto/XrdCryptoX509Req.hh - XrdCrypto/XrdCryptogsiX509Chain.cc XrdCrypto/XrdCryptogsiX509Chain.hh - XrdCrypto/XrdCryptolocalCipher.cc XrdCrypto/XrdCryptolocalCipher.hh - XrdCrypto/XrdCryptolocalFactory.cc XrdCrypto/XrdCryptolocalFactory.hh ) + XrdCrypto/XrdCryptogsiX509Chain.cc XrdCrypto/XrdCryptogsiX509Chain.hh ) target_link_libraries( XrdCrypto diff --git a/src/XrdCrypto/PC1.cc b/src/XrdCrypto/PC1.cc deleted file mode 100644 index 680d9b24a1e..00000000000 --- a/src/XrdCrypto/PC1.cc +++ /dev/null @@ -1,355 +0,0 @@ -/* ----------------------------------------------------------------------- * - * * - * PC1.cc * - * * - * C++ adaptation of PC1 implementation written by Alexander PUKALL 1991. * - * * - * Reference: http://membres.lycos.fr/pc1/ * - * * - * Description: * - * PC1 Cipher Algorithm (Pukall Cipher 1) for encryption/decryption. * - * One-way hash for password encryption also provided. * - * * - * Key length is 256 bits * - * * - * Free code no restriction to use please include the name of the Author * - * in the final software * - * Tested with Turbo C 2.0 for DOS and Microsoft Visual C++ 5.0 for Win 32 * - * * - * Adapted by G. Ganis (g.ganis@cern.ch), January 2005 * - * ----------------------------------------------------------------------- */ -#include -#include -#include -#include -#include "PC1.hh" - -typedef unsigned short ushort; - -// The following string is not a password nor a key, only a random data input -// used if the user password or key is too short -static unsigned char cleref[kPC1LENGTH] = - {'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p', - 'q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5'}; - -namespace PC1 { - -/* ------------------------------------------------------------------- * - * Local static auxilliary functions * - * ------------------------------------------------------------------- */ -//____________________________________________________________________ -static ushort code(ushort &ind, ushort &si, ushort &x1a2, ushort *x1a0) -{ - // Encoding - ushort ax, bx, cx, dx; - ushort tmp; - - dx = x1a2 + ind; - ax = x1a0[ind]; - cx = 0x015a; - bx = 0x4e35; - - tmp = ax; - ax = si; - si = tmp; - - tmp = ax; - ax = dx; - dx = tmp; - - if (ax != 0) { - ax=ax*bx; - } - - tmp = ax; - ax = cx; - cx = tmp; - - if (ax != 0) { - ax = ax*si; - cx = ax+cx; - } - - tmp = ax; - ax = si; - si = tmp; - ax = ax*bx; - dx = cx+dx; - - ax += 1; - - x1a2 = dx; - x1a0[ind] = ax; - - ushort res = ax^dx; - ind += 1; - return res; -} - -//____________________________________________________________________ -static void assemble(unsigned char *cle, ushort &inter, - ushort &si, ushort &x1a2) -{ - // Assembling - ushort ind = 0; - ushort x1a0[kPC1LENGTH/2]; - - x1a0[0] = cle[0]*256 + cle[1]; - ushort res = code(ind,si,x1a2,x1a0); - inter = res; - - int j; - for (j = 0; j < 15; j++) { - x1a0[j+1] = x1a0[j]^(cle[2*(j+1)]*256 + cle[2*(j+1)+1]); - res = code(ind,si,x1a2,x1a0); - inter = inter^res; - } -} - -} // namespace PC1 - -/* ------------------------------------------------------------------- * - * Public functions * - * ------------------------------------------------------------------- */ - -//______________________________________________________________________ -int PC1HashFun(const char *in, int lin, const char *sa, int lsa, - int it, char *out) -{ - // One-way hash function. - // Calculate hash of lin bytes at in (max kPC1LENGTH), using salt - // sa (max length kPC1LENGTH bytes). - // Number of iterations to finalize is 'it'. - // If the salt is not given, the buffer in is used as salt. - // The output buffer must be allocated by the caller to contain at - // least 2*kPC1LENGTH+1 bytes. - // Return length of hash in bytes or -1 in case of wrong / incomplete - // input arguments - - // Check inputs - if (!in || lin <= 0 || !out) - return -1; - - // - // Declarations and initializations - unsigned char bin[kPC1LENGTH]; - unsigned char cle[kPC1LENGTH]; - unsigned char tab[kPC1LENGTH] = {0}; - unsigned int ix = 0; - int j = 0; - memset((void *)&bin[0],0,kPC1LENGTH); - memset((void *)&tab[0],0,kPC1LENGTH); - - // - // Fill bin with the first lin bytes of in - int lbin = (lin > kPC1LENGTH) ? kPC1LENGTH : lin; - memcpy(&bin[0],in,lbin); - - // - // Fill cle ... - int lcle = 0; - if (sa && lsa > 0) { - // ... with the salt - for( j = 0; j < lsa; j++) { - cle[j] = sa[j]; - } - lcle = lsa; - } else { - // salt not given: use the password itself - for( j = 0; j < lin; j++) { - cle[j] = in[j]; - } - lcle = lin; - } - // - // If too short, complete cle with the ref string - for( j = lcle; j < kPC1LENGTH; j++) { - cle[j] = cleref[j]; - } - - // - // First round - ushort si = 0; - ushort inter = 0; - ushort x1a2= 0; - for (j = 0; j < kPC1LENGTH; j++) { - short c = bin[j]; - PC1::assemble(cle,inter,si,x1a2); - ushort cfc = inter >> 8; - ushort cfd = inter & 0xFF; // cfc^cfd = random byte - int k = 0; - for( ; k < kPC1LENGTH; k++) { - cle[k] = cle[k]^c; - } - c = c^(cfc^cfd); - tab[ix] = tab[ix]^c; - ix += 1; - if (ix >= kPC1LENGTH) ix = 0; - } - - // - // Second round - // to avoid dictionary attack on the passwords - // int it = 63254; - for (j = 1; j <= it; j++) { - short c = tab[ix]; - PC1::assemble(cle,inter,si,x1a2); - ushort cfc = inter >> 8; - ushort cfd = inter & 0xFF; // cfc^cfd = random byte - int k = 0; - for (; k < kPC1LENGTH; k++) { - cle[k] = cle[k]^c; - } - c = c^(cfc^cfd); - tab[ix] = tab[ix]^c; - ix += 1; - if (ix >= kPC1LENGTH) ix = 0; - } - - // - // Prepare output - int k = 0; - for( j = 0; j < kPC1LENGTH; j++) { - // we split the 'c' crypted byte into two 4 bits - // parts 'd' and 'e' - short d = (tab[j] >> 4); - short e = (tab[j] & 15); - // write the two 4 bits parts in the output buffer - // as text range from A to P - out[k++] = d + 0x61; - out[k++] = e + 0x61; - } - // Null terminated - out[k] = 0; - - // Return buffer length - return k; -} - -//______________________________________________________________________ -int PC1Encrypt(const char *in, int lin, const char *key, int lkey, char *out) -{ - // Encrypting routine. - // Encode lin bytes at in using key (max key length kPC1LENGTH). - // The output buffer must be allocated by the caller to contain at - // least 2*lin bytes. - // Return length of encrypted string in bytes or -1 in case of - // wrong / incomplete input arguments - - // Check inputs - if (!in || lin <= 0 || !key || lkey <= 0 || !out) - return -1; - - // - // Declarations and initializations - unsigned char cle[kPC1LENGTH]; - int j = 0; - - // - // Fill cle with the given key - int lk = (lkey > kPC1LENGTH) ? kPC1LENGTH : lkey; - for( j = 0; j < lk; j++) { - cle[j] = key[j]; - } - // - // If too short, complete with the ref string - for( j = lk; j < kPC1LENGTH; j++) { - cle[j] = cleref[j]; - } - - // - // Define internal variables - ushort si = 0; - ushort inter = 0; - ushort x1a2= 0; - // - // Encrypt - int n = 0; - for (j = 0; j < lin; j++) { - - short c = in[j]; - PC1::assemble(cle,inter,si,x1a2); - ushort cfc = inter >> 8; - ushort cfd = inter & 0xFF; // cfc^cfd = random byte - int k = 0; - for( ; k < kPC1LENGTH; k++) { - cle[k] = cle[k]^c; - } - c = c^(cfc^cfd); - - // we split the 'c' crypted byte into two 4 bits - // parts 'd' and 'e' - short d = (c >> 4); - short e = (c & 15); - - // write the two 4 bits parts in the output buffer - // as text range from A to P - out[n++] = d + 0x61; - out[n++] = e + 0x61; - } - - // Return buffer length - return n; -} - -//______________________________________________________________________ -int PC1Decrypt(const char *in, int lin, const char *key, int lkey, char *out) -{ - // Decrypting routine. - // Decrypt lin bytes at in using key (max key length kPC1LENGTH). - // The output buffer must be allocated by the caller to contain at - // least lin/2 bytes. - // Return length of decrypted string in bytes or -1 in case of - // wrong / incomplete input arguments - - // Check inputs - if (!in || lin <= 0 || !key || lkey <= 0 || !out) - return -1; - - // - // Declarations and initializations - unsigned char cle[kPC1LENGTH]; - int j = 0; - - // - // Fill cle with the given key - int lk = (lkey > kPC1LENGTH) ? kPC1LENGTH : lkey; - for( j = 0; j < lk; j++) { - cle[j] = key[j]; - } - // - // If too short, complete with the ref string - for( j = lk; j < kPC1LENGTH; j++) { - cle[j] = cleref[j]; - } - - // - // Define internal variables - ushort si = 0; - ushort inter = 0; - ushort x1a2= 0; - // - // Decrypt - int n = 0; - for (j = 0; j < lin; j += 2 ) { - - short d = in[j] - 0x61; - short e = in[j+1] - 0x61; - d = d << 4; - short c = d + e; - - PC1::assemble(cle,inter,si,x1a2); - ushort cfc = inter >> 8; - ushort cfd = inter & 0xFF; // cfc^cfd = random byte - - c = c^(cfc^cfd); - int k = 0; - for( ; k < kPC1LENGTH; k++) { - cle[k] = cle[k]^c; - } - out[n++] = c; - } - - // Return buffer length - return n; -} diff --git a/src/XrdCrypto/PC1.hh b/src/XrdCrypto/PC1.hh deleted file mode 100644 index 3610997ff6f..00000000000 --- a/src/XrdCrypto/PC1.hh +++ /dev/null @@ -1,33 +0,0 @@ -/* ----------------------------------------------------------------------- * - * * - * PC1.hh * - * * - * * - * C++ adaptation of PC1 implementation written by Alexander PUKALL 1991. * - * * - * Reference: http://membres.lycos.fr/pc1/ * - * * - * Description: * - * PC1 Cipher Algorithm (Pukall Cipher 1) for encryption/decryption. * - * One-way hash for password encryption also provided. * - * * - * Key length is 256 bits * - * * - * Free code no restriction to use please include the name of the Author * - * in the final software * - * Tested with Turbo C 2.0 for DOS and Microsoft Visual C++ 5.0 for Win 32 * - * * - * Adapted by G. Ganis (g.ganis@cern.ch), January 2005 * - * ----------------------------------------------------------------------- */ - -// Basic length (of key, output hash, ...) in bytes -#define kPC1LENGTH 32 - -// -// Encode / Decode functions -int PC1Encrypt(const char *, int, const char *, int, char *); -int PC1Decrypt(const char *, int, const char *, int, char *); - -// -// One-way hash -int PC1HashFun(const char *, int, const char *, int, int, char *); diff --git a/src/XrdCrypto/PC3.cc b/src/XrdCrypto/PC3.cc deleted file mode 100644 index cac86fdf715..00000000000 --- a/src/XrdCrypto/PC3.cc +++ /dev/null @@ -1,413 +0,0 @@ -/* ----------------------------------------------------------------------- * - * * - * PC3.cc * - * * - * C++ adaptation of PKEP implementation written by Alexander PUKALL 1991. * - * * - * PKEP ( Pukall Key Exchange Protocol (c) Alexander PUKALL 1997 * - * * - * Reference: http://membres.lycos.fr/pc1/ * - * * - * Description: * - * Algorithm allowing the secure exchange of a random password using the * - * PC3 cipher for random number generation based on a 160-bit seed. * - * Initialization creates private and public parts; exponentiation builds * - * the key using the received public part. * - * * - * Created Key length is 256 bits (32 bytes). Input random string can be * - * up to 256 bytes, but 32 or 64 should be typically enough. * - * Buffers for private and public parts should be of length kPC3SLEN * - * * - * Fro the author: * - * Free code no restriction to use please include the name of the Author * - * in the final software * - * * - * Adapted by G. Ganis (g.ganis@cern.ch), February 2005 * - * ----------------------------------------------------------------------- */ -#include -#include -#include - -#include "PC3.hh" - -#define kMASKLAST (0x80000000) -#define kMASKFIRST (0x00000001) - -namespace PC3 { - -/* ------------------------------------------------------------------- * - * Local static auxilliary functions * - * ------------------------------------------------------------------- */ -// -//____________________________________________________________________ -static unsigned int rotl(unsigned int n, unsigned int nl) -{ - // bit left rotation (VC++ _rotl) - unsigned int i = 0; - - for ( i = 0; i < nl; i++) { - bool bset = ((n & kMASKLAST) == kMASKLAST) ? 1 : 0; - n <<= 1; - if (bset) - n |= kMASKFIRST; - else - n &= ~kMASKFIRST; - } - return n; -} - -//____________________________________________________________________ -static unsigned long stream(unsigned int &r1, unsigned long b1) -{ - static unsigned long a1 = 0x015a4e35; - - b1 = ( b1 * a1 ) + 1; - r1 = rotl( (r1 + (( b1 >> 16 ) & 0x7fff)), (r1%16) ); - - return b1; -} - -//____________________________________________________________________ -static uchar pc3stream(uchar byte, unsigned long *b1, - unsigned int &r1, unsigned int key) -{ - unsigned short d; - - unsigned long i = 0; - for ( ; i<=(key-1); i++) - b1[i] = stream(r1,b1[i]); - - d = byte; - byte = byte^(r1 & 255); - r1 += d; - b1[key-1] = b1[key-1] + d; - - return byte; -} - -//____________________________________________________________________ -unsigned int pc3init(unsigned int lngkey, uchar *code, - unsigned long *b1, unsigned int &key) -{ - unsigned int z,y,x,i; - uchar tab[kPC3MAXRPWLEN],plain; - div_t reste; - unsigned int r1 = 0; - - if (lngkey > kPC3MAXRPWLEN) lngkey = kPC3MAXRPWLEN; - if (lngkey < 1) { - lngkey = 1; - strcpy((char *)code,"a"); - } - - x = lngkey; - - for ( i = 0; i < x; i++) { - tab[i] = code[i]; - } - - reste = div(lngkey,2); - key = reste.quot; - if (reste.rem != 0) key += 1; - - y=0; - for ( z = 0; z <= (key-1); z++) { - if ( (z == (key-1)) && (reste.rem != 0) ) { - b1[z]=code[y]*256; - } else { - b1[z] = (code[y]*256) + code[y+1]; - y = y+1; - } - y = y+1; - } - - unsigned long ii = 0; - for ( ; ii <= (key-1); ii++) { - for( z = 0; z <= ii; z++) - b1[ii] = stream(r1,b1[ii]); - } - - for ( i = 0; i < x; i++) { - plain = pc3stream(tab[i],b1,r1,key); - tab[i] = tab[i]^plain; - } - i=i-1; - for ( z = 1; z <= ((x+1)*10); z++) { - plain = pc3stream(tab[i],b1,r1,key); - tab[i] = tab[i]^plain; - i++; - if (i >= x) i = 0; - } - - reste = div(lngkey,2); - key = reste.quot; - if (reste.rem != 0) key += 1; - - for ( z = 0; z < 128; z++) { - b1[z]=0; - } - - y=0; - for (z=0;z<=(key-1);z++) - { - if ( (z==(key-1))&&(reste.rem!=0) ) - { - b1[z]=tab[y]*256; - } - else - { - b1[z]=(tab[y]*256)+tab[y+1]; - y=y+1; - } - y=y+1; - } - - for (z=0;z>8; - } -} - -//____________________________________________________________________ -static void funS(uchar *x, uchar *m) -{ - int v = 0; - for( ; (v < kPC3SLEN-1) && (x[v] == m[v]);) - v++; - if (x[v] >= m[v]) - funA(x,m,-1); -} - -//____________________________________________________________________ -static void funR(uchar *x) -{ - int d = 0; - int v = 0; - for ( ; v < kPC3SLEN; ) { - d |= x[v]; - x[v++] = d/2; - d = (d & 1) << 8; - } -} - -//____________________________________________________________________ -static void funM(uchar *x, uchar *y, uchar *m) -{ - uchar X[1024],Y[1024]; - - memcpy(X,x,kPC3SLEN); - memcpy(Y,y,kPC3SLEN); - memset(x,0,kPC3SLEN); - - int z = kPC3SLEN*8; - for( ; z--; ) { - if (X[kPC3SLEN-1] & 0x1) { - funA(x,Y,1); - funS(x,m); - } - funR(X); - funA(Y,Y,1); - funS(Y,m); - } -} - -//____________________________________________________________________ -static int createkey(uchar *rpwd, unsigned int lrpw, uchar *priv) -{ - // Create key - uchar inite[64]={0x94,0x05,0xF4,0x50,0x81,0x79,0x38,0xAB, - 0x39,0x81,0x05,0x8C,0xCD,0xE8,0x04,0xDF, - 0x6E,0x7C,0xAB,0x07,0x63,0xFE,0x4A,0xD7, - 0x47,0x05,0x9D,0x2D,0x73,0xA9,0x38,0xBA, - 0xB5,0x48,0x39,0x10,0x0A,0xD8,0xD1,0x5A, - 0x9D,0x64,0x74,0xF8,0x8B,0xC5,0x3E,0x9A, - 0xBF,0x27,0x55,0x9C,0x0C,0x6A,0x7E,0xD8, - 0xA4,0x78,0x96,0x4C,0x96,0xBB,0x3A,0xC3}; - unsigned long b1[128] = {0}; - uchar code[kPC3MAXRPWLEN]; - - // Check inputs - if (!rpwd || (lrpw <= 0) || !priv) { - return -1; - } - - // Check length - lrpw = (lrpw > (kPC3MAXRPWLEN-2)) ? (kPC3MAXRPWLEN-2) : lrpw; - unsigned int i = 0; - for ( ; i < lrpw; i++) - code[i] = rpwd[i]; - // - // The last two chars must be 0 - code[lrpw] = '\0'; - code[lrpw+1] = '\0'; - - unsigned int key = 0; - unsigned int r1 = pc3init(lrpw+2,code,b1,key); - - for ( i = 1; i < kPC3SLEN; i++) - priv[i-1] = pc3stream(inite[i-1],b1,r1,key); - - // We are done - return 0; -} - -} // namespace PC3 - -/* ------------------------------------------------------------------- * - * Public functions * - * ------------------------------------------------------------------- */ -//____________________________________________________________________ -int PC3InitDiPuk(uchar *rpwd, unsigned int lrpw, uchar *pub, uchar *priv) -{ - // Initialize public-private key computation (Phase 1). - // Input: - // rpwd buffer containing random bits - // (max size 256 bytes; advised >= 32) - // lrpw number of meaningful bytes in rpwd - // - // Output: - // priv buffer of size kPC3SLEN containing the - // information to keep locally secure - // pub buffer of size kPC3SLEN containing the - // information to send to the counterpart - // - // Return 0 if OK, -1 if buffers undefined - // - // nb: priv and pub buffers must be allocated by the caller. - // - - // Check inputs - if (!rpwd || (lrpw <= 0) || !pub || !priv) { - return -1; - } - - uchar prime512[64] = { - 0xF5, 0x2A, 0xFF, 0x3C, 0xE1, 0xB1, 0x29, 0x40, - 0x18, 0x11, 0x8D, 0x7C, 0x84, 0xA7, 0x0A, 0x72, - 0xD6, 0x86, 0xC4, 0x03, 0x19, 0xC8, 0x07, 0x29, - 0x7A, 0xCA, 0x95, 0x0C, 0xD9, 0x96, 0x9F, 0xAB, - 0xD0, 0x0A, 0x50, 0x9B, 0x02, 0x46, 0xD3, 0x08, - 0x3D, 0x66, 0xA4, 0x5D, 0x41, 0x9F, 0x9C, 0x7C, - 0xBD, 0x89, 0x4B, 0x22, 0x19, 0x26, 0xBA, 0xAB, - 0xA2, 0x5E, 0xC3, 0x55, 0xE9, 0x2A, 0x05, 0x5F - }; - uchar e[kPC3SLEN+1] = {0}; - uchar m[kPC3SLEN+1] = {0}; - uchar g[kPC3SLEN+1] = {0}; - - g[kPC3SLEN-1] = 3; - unsigned int pr = 1; - for ( ; pr < kPC3SLEN; pr++) - m[pr] = prime512[pr-1]; - - if (PC3::createkey(rpwd,lrpw,priv) < 0) - return -1; - - for ( pr = 1; pr < kPC3SLEN; pr++) - e[pr] = priv[pr-1]; - - uchar b[kPC3SLEN] = {0}; - b[kPC3SLEN-1] = 1; - int n = kPC3SLEN*8; - for( ; n--; ) { - if ((e[kPC3SLEN-1] & 0x1)) - PC3::funM(b,g,m); - PC3::funM(g,g,m); - PC3::funR(e); - } - - // Fill the public part - int i = 1; - for ( ; i < kPC3SLEN; i++) - pub[i-1] = b[i]; - pub[kPC3SLEN-1] = 0; - - // We are done - return 0; -} - -//____________________________________________________________________ -int PC3DiPukExp(uchar *pub, uchar *priv, uchar *key) -{ - // Compute key using buffer received from counterpart(Phase 2). - // Input: - // priv buffer of size kPC3SLEN generated by a - // previous call to PC3InitDiPuk. - // pub buffer of size kPC3SLEN containing the - // public information of the counterpart - // - // Output: - // key buffer of size kPC3KEYLEN containing the - // computed random key - // - // Return 0 if OK, -1 if buffers undefined - // - // nb: all buffers must be allocated by the caller. - // - - // Check inputs - if (!key || !pub || !priv) { - return -1; - } - - uchar prime512[64] = { - 0xF5, 0x2A, 0xFF, 0x3C, 0xE1, 0xB1, 0x29, 0x40, - 0x18, 0x11, 0x8D, 0x7C, 0x84, 0xA7, 0x0A, 0x72, - 0xD6, 0x86, 0xC4, 0x03, 0x19, 0xC8, 0x07, 0x29, - 0x7A, 0xCA, 0x95, 0x0C, 0xD9, 0x96, 0x9F, 0xAB, - 0xD0, 0x0A, 0x50, 0x9B, 0x02, 0x46, 0xD3, 0x08, - 0x3D, 0x66, 0xA4, 0x5D, 0x41, 0x9F, 0x9C, 0x7C, - 0xBD, 0x89, 0x4B, 0x22, 0x19, 0x26, 0xBA, 0xAB, - 0xA2, 0x5E, 0xC3, 0x55, 0xE9, 0x2A, 0x05, 0x5F - }; - uchar e[kPC3SLEN+1] = {0}; - uchar m[kPC3SLEN+1] = {0}; - uchar g[kPC3SLEN+1] = {0}; - uchar b[kPC3SLEN+1] = {0}; - - unsigned int pr = 1; - for ( ; pr < kPC3SLEN; pr++) { - g[pr] = pub[pr-1]; - e[pr] = priv[pr-1]; - m[pr] = prime512[pr-1]; - } - b[kPC3SLEN-1] = 1; - int n = kPC3SLEN*8; - for ( ; n--;) { - if ((e[kPC3SLEN-1] & 0x1)) - PC3::funM(b,g,m); - PC3::funM(g,g,m); - PC3::funR(e); - } - - // Fill the key - int i = 0; - for ( ; i < kPC3KEYLEN; i++) - key[i] = 0; - for ( i = 1; i < kPC3SLEN; i++) { - key[i%kPC3KEYLEN] = key[i%kPC3KEYLEN]^b[i]; - } - - // We are done - return 0; -} diff --git a/src/XrdCrypto/PC3.hh b/src/XrdCrypto/PC3.hh deleted file mode 100644 index 17393785f39..00000000000 --- a/src/XrdCrypto/PC3.hh +++ /dev/null @@ -1,36 +0,0 @@ -/* ----------------------------------------------------------------------- * - * * - * PC3.cc * - * * - * C++ adaptation of PKEP implementation written by Alexander PUKALL 1991. * - * * - * PKEP ( Pukall Key Exchange Protocol (c) Alexander PUKALL 1997 * - * * - * Reference: http://membres.lycos.fr/pc1/ * - * * - * Description: * - * Algorithm allowing the secure exchange of a random password using the * - * PC3 cipher for random number generation based on a 160-bit seed. * - * Initialization creates private and public parts; exponentiation builds * - * the key using the received public part. * - * * - * Created Key length is 256 bits (32 bytes). Input random string can be * - * up to 256 bytes, but 32 or 64 should be typically enough. * - * Buffers for private and public parts should be of length kPC3SLEN * - * * - * Fro the author: * - * Free code no restriction to use please include the name of the Author * - * in the final software * - * * - * Adapted by G. Ganis (g.ganis@cern.ch), February 2005 * - * ----------------------------------------------------------------------- */ - -typedef unsigned char uchar; - -#define kPC3SLEN 33 -#define kPC3MAXRPWLEN 256 -#define kPC3MINBITS 128 -#define kPC3KEYLEN 32 - -int PC3InitDiPuk(uchar *rpwd, unsigned int lrpw, uchar *pub, uchar *priv); -int PC3DiPukExp(uchar *pub, uchar *priv, uchar *key); diff --git a/src/XrdCrypto/XrdCryptoFactory.cc b/src/XrdCrypto/XrdCryptoFactory.cc index 9a44e4ea5cf..ba972e9ab6f 100644 --- a/src/XrdCrypto/XrdCryptoFactory.cc +++ b/src/XrdCrypto/XrdCryptoFactory.cc @@ -39,7 +39,6 @@ #include "XrdCrypto/XrdCryptoAux.hh" #include "XrdCrypto/XrdCryptoTrace.hh" #include "XrdCrypto/XrdCryptoFactory.hh" -#include "XrdCrypto/XrdCryptolocalFactory.hh" #include "XrdOuc/XrdOucHash.hh" #include "XrdOuc/XrdOucPinLoader.hh" @@ -51,9 +50,6 @@ // For error logging static XrdSysError eDest(0,"cryptofactory_"); -// We have always an instance of the simple RSA implementation -static XrdCryptolocalFactory localCryptoFactory; - //____________________________________________________________________________ XrdCryptoFactory::XrdCryptoFactory(const char *n, int id) { @@ -409,13 +405,6 @@ XrdCryptoFactory *XrdCryptoFactory::GetCryptoFactory(const char *factoryid) return 0; } - // - // If the local simple implementation is required return the related pointer - if (!strcmp(factoryid,"local")) { - PRINT("local crypto factory requested"); - return &localCryptoFactory; - } - // // Check if already loaded if (factorynum) { diff --git a/src/XrdCrypto/XrdCryptolocalCipher.cc b/src/XrdCrypto/XrdCryptolocalCipher.cc deleted file mode 100644 index 4c1d9788efe..00000000000 --- a/src/XrdCrypto/XrdCryptolocalCipher.cc +++ /dev/null @@ -1,434 +0,0 @@ -/******************************************************************************/ -/* */ -/* X r d C r y p t o L o c a l C i p h e r . c c */ -/* */ -/* (c) 2005 by the Board of Trustees of the Leland Stanford, Jr., University */ -/* Produced by Gerri Ganis for CERN */ -/* */ -/* This file is part of the XRootD software suite. */ -/* */ -/* XRootD is free software: you can redistribute it and/or modify it under */ -/* the terms of the GNU Lesser General Public License as published by the */ -/* Free Software Foundation, either version 3 of the License, or (at your */ -/* option) any later version. */ -/* */ -/* XRootD is distributed in the hope that it will be useful, but WITHOUT */ -/* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */ -/* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */ -/* License for more details. */ -/* */ -/* You should have received a copy of the GNU Lesser General Public License */ -/* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */ -/* COPYING (GPL license). If not, see . */ -/* */ -/* The copyright holder's institutional names and contributor's names may not */ -/* be used to endorse or promote products derived from this software without */ -/* specific prior written permission of the institution or contributor. */ -/******************************************************************************/ - -/* ************************************************************************** */ -/* */ -/* Local implementation of XrdCryptoCipher based on PC1 */ -/* */ -/* ************************************************************************** */ -#include - -#include "XrdSut/XrdSutRndm.hh" -#include "XrdCrypto/XrdCryptolocalCipher.hh" -#include "XrdCrypto/PC1.hh" -#include "XrdCrypto/PC3.hh" - -// ---------------------------------------------------------------------------// -// -// Cipher interface -// -// ---------------------------------------------------------------------------// - -//____________________________________________________________________________ -XrdCryptolocalCipher::XrdCryptolocalCipher(const char *t, int l) -{ - // Main Constructor - // Complete initialization of a cipher of type t and length l - // The initialization vector is also created - // Used to create ciphers - - valid = 0; - bpub = 0; - bpriv = 0; - - // Check and set type - int len = (l > 0 && l <= kPC1LENGTH) ? l : kPC1LENGTH ; - - // Generate and set a new key - char *ktmp = XrdSutRndm::GetBuffer(len); - if (ktmp) { - // Store the key - SetBuffer(len,ktmp); - valid = 1; - - // Set also the key type (should be "PC1") - if (!t || (t && !strcmp(t,"default"))) - SetType("PC1"); - else - SetType(t); - } -} - -//____________________________________________________________________________ -XrdCryptolocalCipher::XrdCryptolocalCipher(const char *t, int l, const char *k) -{ - // Constructor. - // Initialize a cipher of type t and length l using the key at k - // Used to import ciphers. - - valid = 0; - bpub = 0; - bpriv = 0; - - // Check and set type - int len = (l <= kPC1LENGTH) ? l : kPC1LENGTH ; - - if (k && len > 0) { - // Set the key - SetBuffer(len,k); - - valid = 1; - - // Set also the type - if (!t || (t && !strcmp(t,"default"))) - SetType("PC1"); - else - SetType(t); - } -} - -//____________________________________________________________________________ -XrdCryptolocalCipher::XrdCryptolocalCipher(XrdSutBucket *bck) -{ - // Constructor from bucket. - // Initialize a cipher of type t and length l using the key at k - // Used to import ciphers. - - valid = 0; - bpub = 0; - bpriv = 0; - - if (bck && bck->size > 0) { - valid = 1; - char *pr = bck->buffer; - kXR_int32 lbuf = 0; - kXR_int32 ltyp = 0; - kXR_int32 lpub = 0; - kXR_int32 lpri = 0; - memcpy(&lbuf,pr,sizeof(kXR_int32)); - pr += sizeof(kXR_int32); - memcpy(<yp,pr,sizeof(kXR_int32)); - pr += sizeof(kXR_int32); - memcpy(&lpub,pr,sizeof(kXR_int32)); - pr += sizeof(kXR_int32); - memcpy(&lpri,pr,sizeof(kXR_int32)); - pr += sizeof(kXR_int32); - // main buffer - if (lbuf > 0) { - char *buf = new char[lbuf]; - if (buf) { - memcpy(buf,pr,lbuf); - // Set the key - SetBuffer(lbuf,buf); - delete[] buf; - } else - valid = 0; - pr += lbuf; - } - // type - if (ltyp > 0) { - char *buf = new char[ltyp+1]; - if (buf) { - memcpy(buf,pr,ltyp); - pr[ltyp] = 0; - // Set the key - SetType(buf); - delete[] buf; - } else - valid = 0; - pr += ltyp; - } - // bpub - if (lpub > 0) { - bpub = new uchar[lpub]; - if (bpub) { - memcpy(bpub,pr,lpub); - } else - valid = 0; - pr += lpub; - } - // bpriv - if (lpri > 0) { - bpriv = new uchar[lpri]; - if (bpriv) { - memcpy(bpriv,pr,lpri); - } else - valid = 0; - pr += lpri; - } - } -} - -//____________________________________________________________________________ -XrdCryptolocalCipher::XrdCryptolocalCipher(int bits, char *pub, - int /*lpub*/, const char *t) -{ - // Constructor for key agreement. - // Generates private + public parts. The public can be retrieved - // using Public() to send to the counterpart. - // The number of random bits to be used in 'bits'. - // If pub is defined (with the public info of the counterpart) - // finalizes the initialization by computing the cipher. - // Sets also the name to 't', if defined (should be always 'PC1'). - // Used for key agreement. - - valid = 0; - bpub = 0; - bpriv = 0; - // lpub = kPC3SLEN; - - // - // Generate local info - bpub = new uchar[kPC3SLEN]; - if (bpub) { - bpriv = new uchar[kPC3SLEN]; - if (bpriv) { - // at least 128 bits - bits = (bits < kPC3MINBITS) ? kPC3MINBITS : bits; - // Generate the random passwd - unsigned int lrpw = bits / 8 ; - uchar *rpwd = (uchar *)XrdSutRndm::GetBuffer((int)lrpw); - if (rpwd) { - if (PC3InitDiPuk(rpwd, lrpw, bpub, bpriv) == 0) - valid = 1; - bpriv[kPC3SLEN-1] = 0; - delete[] rpwd; rpwd = 0; - } - } - } - if (!valid) - Cleanup(); - // - // If we are given already the counter part, we finalize - // the operations - if (valid && pub) { - - // Convert back from hex - char *tpub = new char[strlen(pub)/2+2]; - int tlen = 0; - if (tpub) - XrdSutFromHex((const char *)pub, tpub, tlen); - - uchar *ktmp = new uchar[kPC3KEYLEN]; - if (PC3DiPukExp((uchar *)tpub, bpriv, ktmp) == 0) { - // Store the key - SetBuffer(kPC3KEYLEN,(char *)ktmp); - // Set also the key type (should be "PC1") - if (!t || (t && !strcmp(t,"default"))) - SetType("PC1"); - else - SetType(t); - } else { - valid = 0; - } - } -} - -//____________________________________________________________________________ -XrdCryptolocalCipher::XrdCryptolocalCipher(const XrdCryptolocalCipher &c) - : XrdCryptoCipher() -{ - // Copy Constructor - - valid = c.valid; - // Copy buffer - SetBuffer(c.Length(),c.Buffer()); - // Copy Type - SetType(c.Type()); - // Copy Buffers for key agreement - if (c.bpub) { - bpub = new uchar[kPC3SLEN]; - if (bpub) - memcpy(bpub,c.bpub,kPC3SLEN); - else - valid = 0; - } - if (c.bpriv) { - bpriv = new uchar[kPC3SLEN]; - if (bpriv) - memcpy(bpriv,c.bpriv,kPC3SLEN); - else - valid = 0; - } -} - -//____________________________________________________________________________ -bool XrdCryptolocalCipher::Finalize(char *pub, int /*lpub*/, const char *t) -{ - // Final initialization for key agreement. - // 'pub' is the buffer sent by teh counterpart. - // The private part must be defined already. - - //lpub = kPC3SLEN; - if (valid && bpriv && pub) { - - // Convert back from hex - char *tpub = new char[strlen(pub)/2+2]; - int tlen = 0; - if (tpub) - XrdSutFromHex((const char *)pub, tpub, tlen); - - uchar *ktmp = new uchar[kPC3KEYLEN]; - if (PC3DiPukExp((uchar *)tpub, bpriv, ktmp) == 0) { - // Store the key - SetBuffer(kPC3KEYLEN,(char *)ktmp); - // Set also the key type (should be "PC1") - if (!t || (t && !strcmp(t,"default"))) - SetType("PC1"); - else - SetType(t); - return 1; - } else { - valid = 0; - } - } else { - valid = 0; - } - return 0; -} - -//____________________________________________________________________________ -void XrdCryptolocalCipher::Cleanup() -{ - // Cleanup temporary buffers used for key agreement - - if (bpub) {delete[] bpub; bpub = 0;} - if (bpriv) {delete[] bpriv; bpriv = 0;} -} - -//____________________________________________________________________________ -char *XrdCryptolocalCipher::Public(int &lpub) -{ - // Return pointer to information to be sent to the - // counterpart during key agreement. The allocated buffer, of size - // lpub, must be deleted by the caller. - - if (bpub) { - char *pub = new char[2*(kPC3SLEN-1)+1]; - if (pub) { - XrdSutToHex((const char *)bpub, kPC3SLEN-1, pub);; - lpub = 2*(kPC3SLEN-1); - return pub; - } - } - - // Not available - lpub = 0; - return (char *)0; -} - -//_____________________________________________________________________________ -XrdSutBucket *XrdCryptolocalCipher::AsBucket() -{ - // Return pointer to a bucket created using the internal information - // serialized - // The bucket is responsible for the allocated memory - - XrdSutBucket *buck = (XrdSutBucket *)0; - - if (valid) { - - // Serialize .. total length - kXR_int32 lbuf = Length(); - kXR_int32 ltyp = Type() ? strlen(Type()) : 0; - kXR_int32 lpub = bpub ? kPC3SLEN : 0; - kXR_int32 lpri = bpriv ? kPC3SLEN : 0; - int ltot = 4*sizeof(kXR_int32) + lpub + ltyp + lpub + lpri; - char *newbuf = new char[ltot]; - if (newbuf) { - int cur = 0; - memcpy(newbuf+cur,&lbuf,sizeof(kXR_int32)); - cur += sizeof(kXR_int32); - memcpy(newbuf+cur,<yp,sizeof(kXR_int32)); - cur += sizeof(kXR_int32); - memcpy(newbuf+cur,&lpub,sizeof(kXR_int32)); - cur += sizeof(kXR_int32); - memcpy(newbuf+cur,&lpri,sizeof(kXR_int32)); - cur += sizeof(kXR_int32); - if (Buffer()) { - memcpy(newbuf+cur,Buffer(),lbuf); - cur += lbuf; - } - if (Type()) { - memcpy(newbuf+cur,Type(),ltyp); - cur += ltyp; - } - if (bpub) { - memcpy(newbuf+cur,bpub,lpub); - cur += lpub; - } - if (bpriv) { - memcpy(newbuf+cur,bpriv,lpri); - cur += lpri; - } - // The bucket now - buck = new XrdSutBucket(newbuf,ltot,kXRS_cipher); - } - } - - return buck; -} - -//____________________________________________________________________________ -int XrdCryptolocalCipher::Encrypt(const char *in, int lin, char *out) -{ - // Encrypt lin bytes at in with local cipher. - // The outbut buffer must be provided by the caller for at least - // EncOutLength(lin) bytes. - // Returns number of meaningful bytes in out, or 0 in case of problems - - return PC1Encrypt((const char *)in, lin, - (const char *)Buffer(), Length(), out); -} - -//____________________________________________________________________________ -int XrdCryptolocalCipher::Decrypt(const char *in, int lin, char *out) -{ - // Decrypt lin bytes at in with local cipher. - // The outbut buffer must be provided by the caller for at least - // DecOutLength(lin) bytes. - // Returns number of meaningful bytes in out, or 0 in case of problems - - return PC1Decrypt((const char *)in, lin, - (const char *)Buffer(), Length(), out); -} - -//____________________________________________________________________________ -int XrdCryptolocalCipher::EncOutLength(int l) -{ - // Required buffer size for encrypting l bytes - - return (2*l); -} - -//____________________________________________________________________________ -int XrdCryptolocalCipher::DecOutLength(int l) -{ - // Required buffer size for decrypting l bytes - - return (l/2+1); -} - - -//____________________________________________________________________________ -bool XrdCryptolocalCipher::IsDefaultLength() const -{ - // Returns true if cipher has the default length - - return Length() == kPC1LENGTH; -} diff --git a/src/XrdCrypto/XrdCryptolocalCipher.hh b/src/XrdCrypto/XrdCryptolocalCipher.hh deleted file mode 100644 index 7d2f296d36a..00000000000 --- a/src/XrdCrypto/XrdCryptolocalCipher.hh +++ /dev/null @@ -1,80 +0,0 @@ -#ifndef __CRYPTO_LOCALCIPHER_H__ -#define __CRYPTO_LOCALCIPHER_H__ -/******************************************************************************/ -/* */ -/* X r d C r y p t o L o c a l C i p h e r . h h */ -/* */ -/* (c) 2004 by the Board of Trustees of the Leland Stanford, Jr., University */ -/* Produced by Gerri Ganis for CERN */ -/* */ -/* This file is part of the XRootD software suite. */ -/* */ -/* XRootD is free software: you can redistribute it and/or modify it under */ -/* the terms of the GNU Lesser General Public License as published by the */ -/* Free Software Foundation, either version 3 of the License, or (at your */ -/* option) any later version. */ -/* */ -/* XRootD is distributed in the hope that it will be useful, but WITHOUT */ -/* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */ -/* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */ -/* License for more details. */ -/* */ -/* You should have received a copy of the GNU Lesser General Public License */ -/* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */ -/* COPYING (GPL license). If not, see . */ -/* */ -/* The copyright holder's institutional names and contributor's names may not */ -/* be used to endorse or promote products derived from this software without */ -/* specific prior written permission of the institution or contributor. */ -/******************************************************************************/ - -/* ************************************************************************** */ -/* */ -/* Local implentation of XrdCryptoCipher based on PC1. */ -/* */ -/* ************************************************************************** */ - -#include "XrdCrypto/XrdCryptoCipher.hh" - -// ---------------------------------------------------------------------------// -// -// Cipher interface -// -// ---------------------------------------------------------------------------// -class XrdCryptolocalCipher : public XrdCryptoCipher -{ -private: - bool valid; - unsigned char *bpub; // Key agreement: temporary store local public info - unsigned char *bpriv; // Key agreement: temporary store local private info - -public: - XrdCryptolocalCipher(const char *t = "PC1", int l = 0); - XrdCryptolocalCipher(const char *t, int l, const char *k); - XrdCryptolocalCipher(XrdSutBucket *b); - XrdCryptolocalCipher(int len, char *pub, int lpub, const char *t = "PC1"); - XrdCryptolocalCipher(const XrdCryptolocalCipher &c); - virtual ~XrdCryptolocalCipher() { Cleanup(); } - - // Finalize key computation (key agreement) - bool Finalize(char *pub, int lpub, const char *t = "PC1"); - void Cleanup(); - - // Validity - bool IsValid() { return valid; } - - // Additional getters - XrdSutBucket *AsBucket(); - bool IsDefaultLength() const; - char *Public(int &lpub); - - // Required buffer size for encrypt / decrypt operations on l bytes - int EncOutLength(int l); - int DecOutLength(int l); - - // Additional methods - int Encrypt(const char *in, int lin, char *out); - int Decrypt(const char *in, int lin, char *out); -}; - -#endif diff --git a/src/XrdCrypto/XrdCryptolocalFactory.cc b/src/XrdCrypto/XrdCryptolocalFactory.cc deleted file mode 100644 index dc6d39c2de7..00000000000 --- a/src/XrdCrypto/XrdCryptolocalFactory.cc +++ /dev/null @@ -1,245 +0,0 @@ -/******************************************************************************/ -/* */ -/* X r d C r y p t o L o c a l F a c t o r y . c c */ -/* */ -/* (c) 2004 by the Board of Trustees of the Leland Stanford, Jr., University */ -/* Produced by Gerri Ganis for CERN */ -/* */ -/* This file is part of the XRootD software suite. */ -/* */ -/* XRootD is free software: you can redistribute it and/or modify it under */ -/* the terms of the GNU Lesser General Public License as published by the */ -/* Free Software Foundation, either version 3 of the License, or (at your */ -/* option) any later version. */ -/* */ -/* XRootD is distributed in the hope that it will be useful, but WITHOUT */ -/* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */ -/* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */ -/* License for more details. */ -/* */ -/* You should have received a copy of the GNU Lesser General Public License */ -/* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */ -/* COPYING (GPL license). If not, see . */ -/* */ -/* The copyright holder's institutional names and contributor's names may not */ -/* be used to endorse or promote products derived from this software without */ -/* specific prior written permission of the institution or contributor. */ -/******************************************************************************/ - -/* ************************************************************************** */ -/* */ -/* Implementation of the local crypto factory */ -/* */ -/* ************************************************************************** */ - -#include "XrdCrypto/PC1.hh" -#include "XrdCrypto/XrdCryptolocalCipher.hh" -#include "XrdCrypto/XrdCryptolocalFactory.hh" -#include "XrdCrypto/XrdCryptoTrace.hh" - -#include -#include -#include - -//____________________________________________________________________________ -static int XrdCryptolocalKDFunLen() -{ - // Length of buffer needed by XrdCryptolocalKDFun - - return (2*kPC1LENGTH + 1); -} -//____________________________________________________________________________ -static int XrdCryptolocalKDFun(const char *pass, int plen, - const char *salt, int slen, - char *key, int) -{ - // Wrapper to the PSC (Pukall Stream Cipher) Hash Function, returning - // a 256-bits hash (http://membres.lycos.fr/pc1/). - // Max length for pass and salt is 32 bytes (256 bits). - // Additional bytes are ignored. - // The output is a null-terminated human readable 64-byte string (65 bytes). - // The caller is responsible to allocate enough space to contain it. - // The length of the output string is returned or -1 in case of problems. - // The author sets the number of iterations to 63254; this will be - // the default. - // It can be specified at the beginning of the salt using a construct - // like this: salt = "$$$" - - // Defaults - char *realsalt = (char *)salt; - int realslen = slen; - int it = 63254; - // - // Extract iteration number from salt, if any - char *ibeg = (char *)memchr(salt+1,'$',slen-1); - if (ibeg) { - char *del = 0; - int newit = strtol(ibeg+1, &del, 10); - if (newit > 0 && del[0] == '$' && errno != ERANGE) { - // found iteration number - it = newit; - realsalt = del+1; - realslen = slen - (int)(realsalt-salt); - } - } - - // - // Calculate one-way hash - return PC1HashFun(pass, plen, realsalt, realslen, it, key); -} - -//______________________________________________________________________________ -XrdCryptolocalFactory::XrdCryptolocalFactory() : - XrdCryptoFactory("local",XrdCryptolocalFactoryID) -{ - // Constructor: -} - -//______________________________________________________________________________ -void XrdCryptolocalFactory::SetTrace(kXR_int32 trace) -{ - // Set trace flags according to 'trace' - - if (cryptoTrace) { - // Set debug mask - cryptoTrace->What = 0; - // Low level only - if ((trace & cryptoTRACE_Notify)) - cryptoTrace->What |= cryptoTRACE_Notify; - // Medium level - if ((trace & cryptoTRACE_Debug)) - cryptoTrace->What |= (cryptoTRACE_Notify | cryptoTRACE_Debug); - // High level - if ((trace & cryptoTRACE_Dump)) - cryptoTrace->What |= cryptoTRACE_ALL; - } -} - -//______________________________________________________________________________ -XrdCryptoKDFunLen_t XrdCryptolocalFactory::KDFunLen() -{ - // Return an instance of an implementation of the local KD fun length. - - return &XrdCryptolocalKDFunLen; -} - -//______________________________________________________________________________ -XrdCryptoKDFun_t XrdCryptolocalFactory::KDFun() -{ - // Return an instance of an implementation of the local KD function. - - return &XrdCryptolocalKDFun; -} - -//______________________________________________________________________________ -XrdCryptoCipher *XrdCryptolocalFactory::Cipher(const char *t, int l) -{ - // Return an instance of a local implementation of XrdCryptoCipher. - - XrdCryptoCipher *cip = new XrdCryptolocalCipher(t,l); - if (cip) { - if (cip->IsValid()) - return cip; - else - delete cip; - } - return (XrdCryptoCipher *)0; -} - -//______________________________________________________________________________ -XrdCryptoCipher *XrdCryptolocalFactory::Cipher(const char *t, int l, - const char *k, int, const char *) -{ - // Return an instance of a local implementation of XrdCryptoCipher. - - XrdCryptoCipher *cip = new XrdCryptolocalCipher(t,l,k); - if (cip) { - if (cip->IsValid()) - return cip; - else - delete cip; - } - return (XrdCryptoCipher *)0; -} - -//______________________________________________________________________________ -XrdCryptoCipher *XrdCryptolocalFactory::Cipher(XrdSutBucket *b) -{ - // Return an instance of a local implementation of XrdCryptoCipher. - - XrdCryptoCipher *cip = new XrdCryptolocalCipher(b); - if (cip) { - if (cip->IsValid()) - return cip; - else - delete cip; - } - return (XrdCryptoCipher *)0; -} - -//______________________________________________________________________________ -XrdCryptoCipher *XrdCryptolocalFactory::Cipher(int b, char *p, - int l, const char *t) -{ - // Return an instance of a local implementation of XrdCryptoCipher. - - XrdCryptoCipher *cip = new XrdCryptolocalCipher(b,p,l,t); - if (cip) { - if (cip->IsValid()) - return cip; - else - delete cip; - } - return (XrdCryptoCipher *)0; -} - -//______________________________________________________________________________ -XrdCryptoCipher *XrdCryptolocalFactory::Cipher(const XrdCryptoCipher &c) -{ - // Return an instance of a local implementation of XrdCryptoCipher. - - XrdCryptoCipher *cip = new XrdCryptolocalCipher(*((XrdCryptolocalCipher *)&c)); - if (cip) { - if (cip->IsValid()) - return cip; - else - delete cip; - } - return (XrdCryptoCipher *)0; -} - -//______________________________________________________________________________ -XrdCryptoMsgDigest *XrdCryptolocalFactory::MsgDigest(const char *) -{ - // Return an instance of a local implementation of XrdCryptoMsgDigest. - - ABSTRACTMETHOD("XrdCryptoFactory::MsgDigest"); - return 0; -} - -//______________________________________________________________________________ -XrdCryptoRSA *XrdCryptolocalFactory::RSA(int bits, int exp) -{ - // Return an instance of a local implementation of XrdCryptoRSA. - - ABSTRACTMETHOD("XrdCryptoFactory::RSA"); - return (XrdCryptoRSA *)0; -} - -//______________________________________________________________________________ -XrdCryptoRSA *XrdCryptolocalFactory::RSA(const char *pub, int lpub) -{ - // Return an instance of a local implementation of XrdCryptoRSA. - - ABSTRACTMETHOD("XrdCryptoFactory::RSA"); - return (XrdCryptoRSA *)0; -} - -//______________________________________________________________________________ -XrdCryptoRSA *XrdCryptolocalFactory::RSA(const XrdCryptoRSA &r) -{ - // Return an instance of a local implementation of XrdCryptoRSA. - - ABSTRACTMETHOD("XrdCryptoFactory::RSA"); - return (XrdCryptoRSA *)0; -} diff --git a/src/XrdCrypto/XrdCryptolocalFactory.hh b/src/XrdCrypto/XrdCryptolocalFactory.hh deleted file mode 100644 index b211bae00b5..00000000000 --- a/src/XrdCrypto/XrdCryptolocalFactory.hh +++ /dev/null @@ -1,72 +0,0 @@ -#ifndef __CRYPTO_LOCALFACTORY_H__ -#define __CRYPTO_LOCALFACTORY_H__ -/******************************************************************************/ -/* */ -/* X r d C r y p t o L o c a l F a c t o r y . h h */ -/* */ -/* (c) 2004 by the Board of Trustees of the Leland Stanford, Jr., University */ -/* Produced by Gerri Ganis for CERN */ -/* */ -/* This file is part of the XRootD software suite. */ -/* */ -/* XRootD is free software: you can redistribute it and/or modify it under */ -/* the terms of the GNU Lesser General Public License as published by the */ -/* Free Software Foundation, either version 3 of the License, or (at your */ -/* option) any later version. */ -/* */ -/* XRootD is distributed in the hope that it will be useful, but WITHOUT */ -/* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */ -/* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */ -/* License for more details. */ -/* */ -/* You should have received a copy of the GNU Lesser General Public License */ -/* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */ -/* COPYING (GPL license). If not, see . */ -/* */ -/* The copyright holder's institutional names and contributor's names may not */ -/* be used to endorse or promote products derived from this software without */ -/* specific prior written permission of the institution or contributor. */ -/******************************************************************************/ - -/* ************************************************************************** */ -/* */ -/* Implementation of the local crypto factory */ -/* */ -/* ************************************************************************** */ - -#include "XrdCrypto/XrdCryptoFactory.hh" - -// The ID must be a unique number -#define XrdCryptolocalFactoryID 0 - -class XrdCryptolocalFactory : public XrdCryptoFactory -{ -public: - XrdCryptolocalFactory(); - virtual ~XrdCryptolocalFactory() { } - - // Set trace flags - void SetTrace(kXR_int32 trace); - - // Hook to local KDFun - XrdCryptoKDFunLen_t KDFunLen(); // Length of buffer - XrdCryptoKDFun_t KDFun(); - - // Cipher constructors - XrdCryptoCipher *Cipher(const char *t, int l = 0); - XrdCryptoCipher *Cipher(const char *t, int l, const char *k, - int liv, const char *iv); - XrdCryptoCipher *Cipher(XrdSutBucket *b); - XrdCryptoCipher *Cipher(int bits, char *pub, int lpub, const char *t = 0); - XrdCryptoCipher *Cipher(const XrdCryptoCipher &c); - - // MsgDigest constructors - XrdCryptoMsgDigest *MsgDigest(const char *dgst); - - // RSA constructors - XrdCryptoRSA *RSA(int bits = XrdCryptoDefRSABits, int exp = XrdCryptoDefRSAExp); - XrdCryptoRSA *RSA(const char *pub, int lpub = 0); - XrdCryptoRSA *RSA(const XrdCryptoRSA &r); -}; - -#endif