XRootD
Loading...
Searching...
No Matches
XrdCryptosslCipher.cc File Reference
#include <cstring>
#include <cassert>
#include "XrdSut/XrdSutRndm.hh"
#include "XrdCrypto/XrdCryptosslTrace.hh"
#include "XrdCrypto/XrdCryptosslCipher.hh"
#include <openssl/bio.h>
#include <openssl/pem.h>
#include <openssl/dh.h>
+ Include dependency graph for XrdCryptosslCipher.cc:

Go to the source code of this file.

Functions

static void DH_get0_key (const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
 
static void DH_get0_pqg (const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
 
static int DH_set0_key (DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
 
static int DH_set0_pqg (DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
 
static int DSA_set0_key (DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
 
static DH * EVP_PKEY_get0_DH (EVP_PKEY *pkey)
 
static EVP_PKEY * getFixedDHParams ()
 
static int XrdCheckDH (EVP_PKEY *pkey)
 

Variables

static const char dh_param_enc []
 

Function Documentation

◆ DH_get0_key()

static void DH_get0_key ( const DH *  dh,
const BIGNUM **  pub_key,
const BIGNUM **  priv_key 
)
static

Definition at line 121 of file XrdCryptosslCipher.cc.

123{
124 if (pub_key != NULL)
125 *pub_key = dh->pub_key;
126 if (priv_key != NULL)
127 *priv_key = dh->priv_key;
128}

Referenced by XrdCryptosslCipher::XrdCryptosslCipher(), XrdCryptosslCipher::AsBucket(), and XrdCryptosslCipher::Public().

+ Here is the caller graph for this function:

◆ DH_get0_pqg()

static void DH_get0_pqg ( const DH *  dh,
const BIGNUM **  p,
const BIGNUM **  q,
const BIGNUM **  g 
)
static

Definition at line 85 of file XrdCryptosslCipher.cc.

87{
88 if (p != NULL)
89 *p = dh->p;
90 if (q != NULL)
91 *q = dh->q;
92 if (g != NULL)
93 *g = dh->g;
94}

Referenced by XrdCryptosslCipher::XrdCryptosslCipher(), and XrdCryptosslCipher::AsBucket().

+ Here is the caller graph for this function:

◆ DH_set0_key()

static int DH_set0_key ( DH *  dh,
BIGNUM *  pub_key,
BIGNUM *  priv_key 
)
static

Definition at line 130 of file XrdCryptosslCipher.cc.

131{
132 /* If the field pub_key in dh is NULL, the corresponding input
133 * parameters MUST be non-NULL. The priv_key field may
134 * be left NULL.
135 */
136 if (dh->pub_key == NULL && pub_key == NULL)
137 return 0;
138 if (pub_key != NULL) {
139 BN_free(dh->pub_key);
140 dh->pub_key = pub_key;
141 }
142 if (priv_key != NULL) {
143 BN_free(dh->priv_key);
144 dh->priv_key = priv_key;
145 }
146 return 1;
147}

Referenced by XrdCryptosslCipher::XrdCryptosslCipher(), XrdCryptosslCipher::XrdCryptosslCipher(), XrdCryptosslCipher::XrdCryptosslCipher(), and XrdCryptosslCipher::Finalize().

+ Here is the caller graph for this function:

◆ DH_set0_pqg()

static int DH_set0_pqg ( DH *  dh,
BIGNUM *  p,
BIGNUM *  q,
BIGNUM *  g 
)
static

Definition at line 96 of file XrdCryptosslCipher.cc.

97{
98 /* If the fields p and g in d are NULL, the corresponding input
99 * parameters MUST be non-NULL. q may remain NULL.
100 */
101 if ((dh->p == NULL && p == NULL) || (dh->g == NULL && g == NULL))
102 return 0;
103 if (p != NULL) {
104 BN_free(dh->p);
105 dh->p = p;
106 }
107 if (q != NULL) {
108 BN_free(dh->q);
109 dh->q = q;
110 }
111 if (g != NULL) {
112 BN_free(dh->g);
113 dh->g = g;
114 }
115 if (q != NULL) {
116 dh->length = BN_num_bits(q);
117 }
118 return 1;
119}

Referenced by XrdCryptosslCipher::XrdCryptosslCipher(), and XrdCryptosslCipher::XrdCryptosslCipher().

+ Here is the caller graph for this function:

◆ DSA_set0_key()

static int DSA_set0_key ( DSA *  d,
BIGNUM *  pub_key,
BIGNUM *  priv_key 
)
static

Definition at line 149 of file XrdCryptosslCipher.cc.

150{
151 /* If the field pub_key in d is NULL, the corresponding input
152 * parameters MUST be non-NULL. The priv_key field may
153 * be left NULL.
154 */
155 if (d->pub_key == NULL && pub_key == NULL)
156 return 0;
157 if (pub_key != NULL) {
158 BN_free(d->pub_key);
159 d->pub_key = pub_key;
160 }
161 if (priv_key != NULL) {
162 BN_free(d->priv_key);
163 d->priv_key = priv_key;
164 }
165 return 1;
166}

◆ EVP_PKEY_get0_DH()

static DH * EVP_PKEY_get0_DH ( EVP_PKEY *  pkey)
static

Definition at line 77 of file XrdCryptosslCipher.cc.

78{
79 if (pkey->type != EVP_PKEY_DH) {
80 return NULL;
81 }
82 return pkey->pkey.dh;
83}

Referenced by XrdCryptosslCipher::XrdCryptosslCipher(), XrdCryptosslCipher::AsBucket(), XrdCryptosslCipher::Public(), and XrdCheckDH().

+ Here is the caller graph for this function:

◆ getFixedDHParams()

static EVP_PKEY * getFixedDHParams ( )
static

Definition at line 169 of file XrdCryptosslCipher.cc.

169 {
170 static EVP_PKEY *dhparms = [] {
171 EVP_PKEY *dhParam = 0;
172
173 BIO *biop = BIO_new(BIO_s_mem());
174 BIO_write(biop, dh_param_enc, strlen(dh_param_enc));
175 PEM_read_bio_Parameters(biop, &dhParam);
176 BIO_free(biop);
177 return dhParam;
178 }();
179
180 assert(dhparms);
181 return dhparms;
182}
static const char dh_param_enc[]

References dh_param_enc.

Referenced by XrdCryptosslCipher::XrdCryptosslCipher(), and XrdCheckDH().

+ Here is the caller graph for this function:

◆ XrdCheckDH()

static int XrdCheckDH ( EVP_PKEY *  pkey)
static

Definition at line 184 of file XrdCryptosslCipher.cc.

184 {
185 // If the DH parameters we received are our fixed set we know they
186 // are acceptable. The parameter check requires computation and more
187 // with openssl 3 than previously. So skip if DH params are known.
188 const EVP_PKEY *dhparms = getFixedDHParams();
189#if OPENSSL_VERSION_NUMBER >= 0x30000000L
190 const bool skipcheck = EVP_PKEY_parameters_eq(pkey, dhparms);
191#else
192 const bool skipcheck = EVP_PKEY_cmp_parameters(pkey, dhparms);
193#endif
194 if (skipcheck) return 1;
195
196 int rc;
197#if OPENSSL_VERSION_NUMBER < 0x10101000L
198 DH *dh = EVP_PKEY_get0_DH(pkey);
199 if (dh) {
200 DH_check(dh, &rc);
201 rc = (rc == 0 ? 1 : 0);
202 }
203 else {
204 rc = -2;
205 }
206#else
207 EVP_PKEY_CTX *ckctx = EVP_PKEY_CTX_new(pkey, 0);
208 rc = EVP_PKEY_param_check(ckctx);
209 EVP_PKEY_CTX_free(ckctx);
210#endif
211 return rc;
212}
static EVP_PKEY * getFixedDHParams()
static DH * EVP_PKEY_get0_DH(EVP_PKEY *pkey)

References EVP_PKEY_get0_DH(), and getFixedDHParams().

Referenced by XrdCryptosslCipher::XrdCryptosslCipher(), XrdCryptosslCipher::XrdCryptosslCipher(), and XrdCryptosslCipher::XrdCryptosslCipher().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Variable Documentation

◆ dh_param_enc

const char dh_param_enc[]
static
Initial value:
=
R"(
-----BEGIN DH PARAMETERS-----
MIIBiAKCAYEAzcEAf3ZCkm0FxJLgKd1YoT16Hietl7QV8VgJNc5CYKmRu/gKylxT
MVZJqtUmoh2IvFHCfbTGEmZM5LdVaZfMLQf7yXjecg0nSGklYZeQQ3P0qshFLbI9
u3z1XhEeCbEZPq84WWwXacSAAxwwRRrN5nshgAavqvyDiGNi+GqYpqGPb9JE38R3
GJ51FTPutZlvQvEycjCbjyajhpItBB+XvIjWj2GQyvi+cqB0WrPQAsxCOPrBTCZL
OjM0NfJ7PQfllw3RDQev2u1Q+Rt8QyScJQCFUj/SWoxpw2ydpWdgAkrqTmdVYrev
x5AoXE52cVIC8wfOxaaJ4cBpnJui3Y0jZcOQj0FtC0wf4WcBpHnLLBzKSOQwbxts
WE8LkskPnwwrup/HqWimFFg40bC9F5Lm3CTDCb45mtlBxi3DydIbRLFhGAjlKzV3
s9G3opHwwfgXpFf3+zg7NPV3g1//HLgWCvooOvMqaO+X7+lXczJJLMafEaarcAya
Kyo8PGKIAORrAgEF
-----END DH PARAMETERS-----
)"

Definition at line 55 of file XrdCryptosslCipher.cc.

Referenced by getFixedDHParams().