00001 /* 00002 * Distributed under the OpenDDS License. 00003 * See: http://www.OpenDDS.org/license.html 00004 */ 00005 00006 #ifndef OPENDDS_SECURITY_SSL_DIFFIE_HELLMAN_H 00007 #define OPENDDS_SECURITY_SSL_DIFFIE_HELLMAN_H 00008 00009 #include "dds/DCPS/security/DdsSecurity_Export.h" 00010 #include "dds/DCPS/unique_ptr.h" 00011 #include "dds/DdsDcpsCoreC.h" 00012 #include <openssl/evp.h> 00013 00014 namespace OpenDDS { 00015 namespace Security { 00016 namespace SSL { 00017 00018 class DdsSecurity_Export DHAlgorithm 00019 { 00020 public: 00021 typedef DCPS::unique_ptr<DHAlgorithm> unique_ptr; 00022 00023 DHAlgorithm() : k_(NULL) {} 00024 00025 virtual ~DHAlgorithm(); 00026 00027 virtual int init() = 0; 00028 virtual int pub_key(DDS::OctetSeq& dst) = 0; 00029 virtual int gen_shared_secret(const DDS::OctetSeq& pub_key) 00030 { 00031 int err = compute_shared_secret(pub_key) || hash_shared_secret(); 00032 return err; 00033 } 00034 virtual const DDS::OctetSeq& get_shared_secret() const 00035 { 00036 return shared_secret_; 00037 } 00038 virtual bool cmp_shared_secret(const DHAlgorithm& other) const; 00039 virtual const char* kagree_algo() const = 0; 00040 00041 protected: 00042 virtual int compute_shared_secret(const DDS::OctetSeq& pub_key) = 0; 00043 int hash_shared_secret(); 00044 00045 EVP_PKEY* k_; 00046 DDS::OctetSeq shared_secret_; 00047 }; 00048 00049 class DdsSecurity_Export DH_2048_MODP_256_PRIME : public DHAlgorithm 00050 { 00051 public: 00052 DH_2048_MODP_256_PRIME(); 00053 ~DH_2048_MODP_256_PRIME(); 00054 00055 /** 00056 * @return int 0 on success; 1 on failure. 00057 */ 00058 int init(); 00059 00060 /** 00061 * @return int 0 on success; 1 on failure. 00062 */ 00063 int pub_key(DDS::OctetSeq& dst); 00064 00065 /** 00066 * @return int 0 on success; 1 on failure. 00067 */ 00068 int compute_shared_secret(const DDS::OctetSeq& pub_key); 00069 00070 const char* kagree_algo() const { return "DH+MODP-2048-256"; } 00071 }; 00072 00073 class DdsSecurity_Export ECDH_PRIME_256_V1_CEUM : public DHAlgorithm 00074 { 00075 public: 00076 ECDH_PRIME_256_V1_CEUM(); 00077 ~ECDH_PRIME_256_V1_CEUM(); 00078 00079 /** 00080 * @return int 0 on success; 1 on failure. 00081 */ 00082 int init(); 00083 00084 /** 00085 * @return int 0 on success; 1 on failure. 00086 */ 00087 int pub_key(DDS::OctetSeq& dst); 00088 00089 /** 00090 * @return int 0 on success; 1 on failure. 00091 */ 00092 int compute_shared_secret(const DDS::OctetSeq& pub_key); 00093 00094 const char* kagree_algo() const { return "ECDH+prime256v1-CEUM"; } 00095 }; 00096 00097 class DdsSecurity_Export DiffieHellman 00098 { 00099 public: 00100 typedef DCPS::unique_ptr<DiffieHellman> unique_ptr; 00101 00102 static DiffieHellman* factory(const DDS::OctetSeq& kagree_algo); 00103 00104 DiffieHellman(DHAlgorithm* algorithm) : algo_(algorithm) {} 00105 00106 ~DiffieHellman() {} 00107 00108 void load() 00109 { 00110 if (algo_) algo_->init(); 00111 } 00112 00113 /** 00114 * @return int 0 on success; 1 on failure. 00115 */ 00116 int pub_key(DDS::OctetSeq& dst) { return algo_->pub_key(dst); } 00117 00118 /** 00119 * @return int 0 on success; 1 on failure. 00120 */ 00121 int gen_shared_secret(const DDS::OctetSeq& pub_key) 00122 { 00123 return algo_->gen_shared_secret(pub_key); 00124 } 00125 00126 const DDS::OctetSeq& get_shared_secret() 00127 { 00128 return algo_->get_shared_secret(); 00129 } 00130 00131 bool cmp_shared_secret(const DiffieHellman& other) 00132 { 00133 return algo_->cmp_shared_secret(*other.algo_); 00134 } 00135 00136 const char* kagree_algo() const { return algo_->kagree_algo(); } 00137 00138 private: 00139 DHAlgorithm::unique_ptr algo_; 00140 }; 00141 00142 } // namespace SSL 00143 } // namespace Security 00144 } // namespace OpenDDS 00145 00146 #endif
1.6.1
