My Project 3.5.5
C++ Distributed Hash Table
Loading...
Searching...
No Matches
crypto.h
1/*
2 * Copyright (C) 2014-2025 Savoir-faire Linux Inc.
3 * Author : Adrien BĂ©raud <adrien.beraud@savoirfairelinux.com>
4 * Vsevolod Ivanov <vsevolod.ivanov@savoirfairelinux.com>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <https://www.gnu.org/licenses/>.
18 */
19
20#pragma once
21
22#include "infohash.h"
23#include "utils.h"
24#include "rng.h"
25
26extern "C" {
27#include <gnutls/gnutls.h>
28#include <gnutls/abstract.h>
29#include <gnutls/x509.h>
30#include <gnutls/ocsp.h>
31}
32
33#include <vector>
34#include <memory>
35#include <atomic>
36#include <mutex>
37#include <string_view>
38
39#ifdef _WIN32
40#include <iso646.h>
41#endif
42
43namespace dht {
44
48namespace crypto {
49
50class OPENDHT_PUBLIC CryptoException : public std::runtime_error {
51public:
52 explicit CryptoException(const std::string& str) : std::runtime_error(str) {};
53 explicit CryptoException(const char* str) : std::runtime_error(str) {};
54 CryptoException(const CryptoException& e) noexcept = default;
55 CryptoException& operator=(const CryptoException&) noexcept = default;
56};
57
61class OPENDHT_PUBLIC DecryptError : public CryptoException {
62public:
63 explicit DecryptError(const std::string& str) : CryptoException(str) {};
64 explicit DecryptError(const char* str) : CryptoException(str) {};
65 DecryptError(const DecryptError& e) noexcept = default;
66 DecryptError& operator=(const DecryptError&) noexcept = default;
67};
68
69struct PrivateKey;
70struct Certificate;
71class RevocationList;
72
73using Identity = std::pair<std::shared_ptr<PrivateKey>, std::shared_ptr<Certificate>>;
74
78struct OPENDHT_PUBLIC PublicKey
79{
80 PublicKey();
81
85 PublicKey(gnutls_pubkey_t k) : pk(k) {}
86
88 PublicKey(const uint8_t* dat, size_t dat_size);
89 PublicKey(const Blob& pk) : PublicKey(pk.data(), pk.size()) {}
90 PublicKey(std::string_view pk) : PublicKey((const uint8_t*)pk.data(), pk.size()) {}
91 PublicKey(PublicKey&& o) noexcept : pk(o.pk) { o.pk = nullptr; }
92
93 ~PublicKey();
94 explicit operator bool() const { return pk; }
95 bool operator ==(const PublicKey& o) const {
96 return pk == o.pk || getLongId() == o.getLongId();
97 }
98 bool operator !=(const PublicKey& o) const {
99 return !(*this == o);
100 }
101
102 PublicKey& operator=(PublicKey&& o) noexcept;
103
107 const InfoHash& getId() const;
108
112 const PkId& getLongId() const;
113
114 bool checkSignature(const uint8_t* data, size_t data_len, const uint8_t* signature, size_t signature_len) const;
115 inline bool checkSignature(const Blob& data, const Blob& signature) const {
116 return checkSignature(data.data(), data.size(), signature.data(), signature.size());
117 }
118
119 Blob encrypt(const uint8_t* data, size_t data_len) const;
120 inline Blob encrypt(const Blob& data) const {
121 return encrypt(data.data(), data.size());
122 }
123 inline Blob encrypt(std::string_view data) const {
124 return encrypt((const uint8_t*)data.data(), data.size());
125 }
126 void pack(Blob& b) const;
127 int pack(uint8_t* out, size_t* out_len) const;
128 void unpack(const uint8_t* dat, size_t dat_size);
129
130 std::string toString() const;
131
132 template <typename Packer>
133 void msgpack_pack(Packer& p) const
134 {
135 Blob b;
136 pack(b);
137 p.pack_bin(b.size());
138 p.pack_bin_body((const char*)b.data(), b.size());
139 }
140
141 void msgpack_unpack(const msgpack::object& o);
142
143 gnutls_digest_algorithm_t getPreferredDigest() const;
144
145 gnutls_pubkey_t pk {nullptr};
146private:
147 mutable InfoHash cachedId_ {};
148 mutable PkId cachedLongId_ {};
149 mutable std::atomic_bool idCached_ {false};
150 mutable std::atomic_bool longIdCached_ {false};
151
152 PublicKey(const PublicKey&) = delete;
153 PublicKey& operator=(const PublicKey&) = delete;
154 void encryptBloc(const uint8_t* src, size_t src_size, uint8_t* dst, size_t dst_size) const;
155};
156
160struct OPENDHT_PUBLIC PrivateKey
161{
162 PrivateKey();
163 //PrivateKey(gnutls_privkey_t k) : key(k) {}
164
168 PrivateKey(gnutls_x509_privkey_t k);
169
170 PrivateKey(PrivateKey&& o) noexcept;
171 PrivateKey& operator=(PrivateKey&& o) noexcept;
172
173 PrivateKey(const uint8_t* src, size_t src_size, const char* password = nullptr);
174 PrivateKey(const Blob& src, const std::string& password = {}) : PrivateKey(src.data(), src.size(), password.c_str()) {}
175 PrivateKey(std::string_view src, const std::string& password = {}) : PrivateKey((const uint8_t*)src.data(), src.size(), password.c_str()) {}
176
177 ~PrivateKey();
178 explicit operator bool() const { return key; }
179
180 const PublicKey& getPublicKey() const;
181 const std::shared_ptr<PublicKey>& getSharedPublicKey() const;
182
183 int serialize(uint8_t* out, size_t* out_len, const std::string& password = {}) const;
184 Blob serialize(const std::string& password = {}) const;
185
190 Blob sign(const uint8_t* data, size_t data_len) const;
191 inline Blob sign(std::string_view dat) const { return sign((const uint8_t*)dat.data(), dat.size()); }
192 inline Blob sign(const Blob& dat) const { return sign(dat.data(), dat.size()); }
193
199 Blob decrypt(const uint8_t* cypher, size_t cypher_len) const;
200 Blob decrypt(const Blob& cypher) const { return decrypt(cypher.data(), cypher.size()); }
201
209 static PrivateKey generate(unsigned key_length = 4096, gnutls_pk_algorithm_t algo = GNUTLS_PK_RSA);
210 static PrivateKey generateEC();
211
212 gnutls_privkey_t key {};
213 gnutls_x509_privkey_t x509_key {};
214private:
215 PrivateKey(const PrivateKey&) = delete;
216 PrivateKey& operator=(const PrivateKey&) = delete;
217 Blob decryptBloc(const uint8_t* src, size_t src_size) const;
218
219 mutable std::mutex publicKeyMutex_ {};
220 mutable std::shared_ptr<PublicKey> publicKey_ {};
221};
222
223class OPENDHT_PUBLIC RevocationList
224{
225 using clock = std::chrono::system_clock;
226 using time_point = clock::time_point;
227 using duration = clock::duration;
228public:
229 RevocationList();
230 RevocationList(const Blob& b);
231 RevocationList(RevocationList&& o) noexcept : crl(o.crl) { o.crl = nullptr; }
232 ~RevocationList();
233
234 RevocationList& operator=(RevocationList&& o) { crl = o.crl; o.crl = nullptr; return *this; }
235
236 void pack(Blob& b) const;
237 void unpack(const uint8_t* dat, size_t dat_size);
238 Blob getPacked() const {
239 Blob b;
240 pack(b);
241 return b;
242 }
243
244 template <typename Packer>
245 void msgpack_pack(Packer& p) const
246 {
247 Blob b = getPacked();
248 p.pack_bin(b.size());
249 p.pack_bin_body((const char*)b.data(), b.size());
250 }
251
252 void msgpack_unpack(const msgpack::object& o);
253
254 void revoke(const Certificate& crt, time_point t = time_point::min());
255
256 bool isRevoked(const Certificate& crt) const;
257
262 void sign(const PrivateKey&, const Certificate&, duration validity_period = {});
263 void sign(const Identity& id) { sign(*id.first, *id.second); }
264
265 bool isSignedBy(const Certificate& issuer) const;
266
267 std::string toString() const;
268
272 Blob getNumber() const;
273
275 std::string getIssuerName() const;
276
278 std::string getIssuerUID() const;
279
280 time_point getUpdateTime() const;
281 time_point getNextUpdateTime() const;
282
283 gnutls_x509_crl_t get() { return crl; }
284 gnutls_x509_crl_t getCopy() const {
285 if (not crl)
286 return nullptr;
287 auto copy = RevocationList(getPacked());
288 gnutls_x509_crl_t ret = copy.crl;
289 copy.crl = nullptr;
290 return ret;
291 }
292
293private:
294 gnutls_x509_crl_t crl {};
295 RevocationList(const RevocationList&) = delete;
296 RevocationList& operator=(const RevocationList&) = delete;
297};
298
299enum class NameType { UNKNOWN = 0, RFC822, DNS, URI, IP };
300
301class OPENDHT_PUBLIC CertificateRequest {
302public:
303 CertificateRequest();
304 CertificateRequest(const uint8_t* data, size_t size);
305 CertificateRequest(std::string_view src) : CertificateRequest((const uint8_t*)src.data(), src.size()) {}
306 CertificateRequest(const Blob& data) : CertificateRequest(data.data(), data.size()) {}
307
308 CertificateRequest(CertificateRequest&& o) noexcept : request(std::move(o.request)) {
309 o.request = nullptr;
310 }
311 CertificateRequest& operator=(CertificateRequest&& o) noexcept;
312
313 ~CertificateRequest();
314
315 void setName(const std::string& name);
316 void setUID(const std::string& name);
317 void setAltName(NameType type, const std::string& name);
318
319 std::string getName() const;
320 std::string getUID() const;
321
322 void sign(const PrivateKey& key, const std::string& password = {});
323
324 bool verify() const;
325
326 Blob pack() const;
327 std::string toString() const;
328
329 gnutls_x509_crq_t get() const { return request; }
330private:
331 CertificateRequest(const CertificateRequest& o) = delete;
332 CertificateRequest& operator=(const CertificateRequest& o) = delete;
333 gnutls_x509_crq_t request {nullptr};
334};
335
336class OPENDHT_PUBLIC OcspRequest
337{
338public:
339 OcspRequest(gnutls_ocsp_req_t r) : request(r) {}
340 OcspRequest(const uint8_t* dat_ptr, size_t dat_size);
341 OcspRequest(std::string_view dat): OcspRequest((const uint8_t*)dat.data(), dat.size()) {}
342 ~OcspRequest();
343
344 /*
345 * Get OCSP Request in readable format.
346 */
347 std::string toString(const bool compact = true) const;
348
349 Blob pack() const;
350 Blob getNonce() const;
351private:
352 gnutls_ocsp_req_t request;
353};
354
355class OPENDHT_PUBLIC OcspResponse
356{
357public:
358 OcspResponse(const uint8_t* dat_ptr, size_t dat_size);
359 OcspResponse(std::string_view response) : OcspResponse((const uint8_t*)response.data(), response.size()) {}
360 ~OcspResponse();
361
362 Blob pack() const;
363 /*
364 * Get OCSP Response in readable format.
365 */
366 std::string toString(const bool compact = true) const;
367
368 /*
369 * Get OCSP response certificate status.
370 * Return certificate status.
371 * http://www.gnu.org/software/gnutls/reference/gnutls-ocsp.html#gnutls-ocsp-cert-status-t
372 */
373 gnutls_ocsp_cert_status_t getCertificateStatus() const;
374
375 /*
376 * Verify OCSP response and return OCSP status.
377 * Throws CryptoException in case of error in the response.
378 * http://www.gnu.org/software/gnutls/reference/gnutls-ocsp.html#gnutls-ocsp-verify-reason-t
379 */
380 gnutls_ocsp_cert_status_t verifyDirect(const Certificate& crt, const Blob& nonce);
381
382private:
383 gnutls_ocsp_resp_t response;
384};
385
386struct OPENDHT_PUBLIC Certificate {
387 Certificate() noexcept {}
388
392 Certificate(gnutls_x509_crt_t crt) noexcept : cert(crt) {}
393
394 Certificate(Certificate&& o) noexcept
395 : cert(o.cert)
396 , issuer(std::move(o.issuer))
397 , publicKey_(std::move(o.publicKey_))
398 { o.cert = nullptr; };
399
404 Certificate(const Blob& crt);
405 Certificate(const uint8_t* dat, size_t dat_size) : cert(nullptr) {
406 unpack(dat, dat_size);
407 }
408 Certificate(std::string_view pem) : Certificate((const uint8_t*)pem.data(), pem.size()) {}
409
414 template<typename Iterator>
415 Certificate(const Iterator& begin, const Iterator& end) {
416 unpack(begin, end);
417 }
418
423 template<typename Iterator>
424 Certificate(const std::vector<std::pair<Iterator, Iterator>>& certs) {
425 unpack(certs);
426 }
427
428 Certificate& operator=(Certificate&& o) noexcept;
429 ~Certificate();
430
431 void pack(Blob& b) const;
432 void unpack(const uint8_t* dat, size_t dat_size);
433 Blob getPacked() const {
434 Blob b;
435 pack(b);
436 return b;
437 }
438
447 template<typename Iterator>
448 void unpack(const Iterator& begin, const Iterator& end)
449 {
450 std::shared_ptr<Certificate> tmp_subject {};
451 std::shared_ptr<Certificate> first {};
452 for (Iterator icrt = begin; icrt < end; ++icrt) {
453 auto tmp_crt = std::make_shared<Certificate>(*icrt);
454 if (tmp_subject)
455 tmp_subject->issuer = tmp_crt;
456 tmp_subject = std::move(tmp_crt);
457 if (!first)
458 first = tmp_subject;
459 }
460 *this = first ? std::move(*first) : Certificate();
461 }
462
474 template<typename Iterator>
475 void unpack(const std::vector<std::pair<Iterator, Iterator>>& certs)
476 {
477 std::shared_ptr<Certificate> tmp_issuer;
478 // reverse iteration
479 for (auto li = certs.rbegin(); li != certs.rend(); ++li) {
480 Certificate tmp_crt;
481 gnutls_x509_crt_init(&tmp_crt.cert);
482 const gnutls_datum_t crt_dt {(uint8_t*)&(*li->first), (unsigned)(li->second-li->first)};
483 int err = gnutls_x509_crt_import(tmp_crt.cert, &crt_dt, GNUTLS_X509_FMT_PEM);
484 if (err != GNUTLS_E_SUCCESS)
485 err = gnutls_x509_crt_import(tmp_crt.cert, &crt_dt, GNUTLS_X509_FMT_DER);
486 if (err != GNUTLS_E_SUCCESS)
487 throw CryptoException(std::string("Could not read certificate - ") + gnutls_strerror(err));
488 tmp_crt.issuer = tmp_issuer;
489 tmp_issuer = std::make_shared<Certificate>(std::move(tmp_crt));
490 }
491 *this = tmp_issuer ? std::move(*tmp_issuer) : Certificate();
492 }
493
494 template <typename Packer>
495 void msgpack_pack(Packer& p) const
496 {
497 Blob b;
498 pack(b);
499 p.pack_bin(b.size());
500 p.pack_bin_body((const char*)b.data(), b.size());
501 }
502
503 void msgpack_unpack(const msgpack::object& o);
504
505 explicit operator bool() const { return cert; }
506 const PublicKey& getPublicKey() const;
507 const std::shared_ptr<PublicKey>& getSharedPublicKey() const;
508
510 const InfoHash& getId() const;
512 const PkId& getLongId() const;
513
514 Blob getSerialNumber() const;
515
517 std::string getDN() const;
518
520 std::string getName() const;
521
523 std::string getUID() const;
524
526 std::string getIssuerDN() const;
527
529 std::string getIssuerName() const;
530
532 std::string getIssuerUID() const;
533
535 std::vector<std::pair<NameType, std::string>> getAltNames() const;
536
537 std::chrono::system_clock::time_point getActivation() const;
538 std::chrono::system_clock::time_point getExpiration() const;
539
544 bool isCA() const;
545
550 std::string toString(bool chain = true) const;
551
552 std::string print() const;
553
558 void revoke(const PrivateKey&, const Certificate&);
559
563 std::vector<std::shared_ptr<RevocationList>> getRevocationLists() const;
564
568 void addRevocationList(RevocationList&&);
569 void addRevocationList(std::shared_ptr<RevocationList>);
570
571 static Certificate generate(const PrivateKey& key, const std::string& name = "dhtnode", const Identity& ca = {}, bool is_ca = false, int64_t validity = 0);
572 static Certificate generate(const CertificateRequest& request, const Identity& ca, int64_t validity = 0);
573
574 gnutls_x509_crt_t getCopy() const {
575 if (not cert)
576 return nullptr;
577 auto copy = Certificate(getPacked());
578 gnutls_x509_crt_t ret = copy.cert;
579 copy.cert = nullptr;
580 return ret;
581 }
582
583 std::vector<gnutls_x509_crt_t>
584 getChain(bool copy = false) const
585 {
586 if (not cert)
587 return {};
588 std::vector<gnutls_x509_crt_t> crts;
589 for (auto c = this; c; c = c->issuer.get())
590 crts.emplace_back(copy ? c->getCopy() : c->cert);
591 return crts;
592 }
593
594 std::pair<
595 std::vector<gnutls_x509_crt_t>,
596 std::vector<gnutls_x509_crl_t>
597 >
598 getChainWithRevocations(bool copy = false) const
599 {
600 if (not cert)
601 return {};
602 std::vector<gnutls_x509_crt_t> crts;
603 std::vector<gnutls_x509_crl_t> crls;
604 for (auto c = this; c; c = c->issuer.get()) {
605 crts.emplace_back(copy ? c->getCopy() : c->cert);
606 crls.reserve(crls.size() + c->revocation_lists.size());
607 for (const auto& crl : c->revocation_lists)
608 crls.emplace_back(copy ? crl->getCopy() : crl->get());
609 }
610 return {crts, crls};
611 }
612
613 gnutls_digest_algorithm_t getPreferredDigest() const;
614
615 /*
616 * Generate OCSP request.
617 * Return GnuTLS error code.
618 * https://www.gnutls.org/manual/html_node/Error-codes.html
619 */
620 std::pair<std::string, Blob> generateOcspRequest(gnutls_x509_crt_t& issuer);
621
625 void setValidity(const Identity& ca, int64_t validity);
626 void setValidity(const PrivateKey& key, int64_t validity);
627
628 gnutls_x509_crt_t cert {nullptr};
629 std::shared_ptr<Certificate> issuer {};
630 std::shared_ptr<OcspResponse> ocspResponse;
631private:
632 Certificate(const Certificate&) = delete;
633 Certificate& operator=(const Certificate&) = delete;
634 mutable InfoHash cachedId_ {};
635 mutable PkId cachedLongId_ {};
636 mutable std::atomic_bool idCached_ {false};
637 mutable std::atomic_bool longIdCached_ {false};
638
639 struct crlNumberCmp {
640 bool operator() (const std::shared_ptr<RevocationList>& lhs, const std::shared_ptr<RevocationList>& rhs) const {
641 return lhs->getNumber() < rhs->getNumber();
642 }
643 };
644
645 std::set<std::shared_ptr<RevocationList>, crlNumberCmp> revocation_lists;
646
647 mutable std::mutex publicKeyMutex_ {};
648 mutable std::shared_ptr<PublicKey> publicKey_ {};
649};
650
651struct OPENDHT_PUBLIC TrustList
652{
653 struct VerifyResult {
654 int ret;
655 unsigned result;
656 bool hasError() const { return ret < 0; }
657 bool isValid() const { return !hasError() and !(result & GNUTLS_CERT_INVALID); }
658 explicit operator bool() const { return isValid(); }
659 OPENDHT_PUBLIC std::string toString() const;
660 OPENDHT_PUBLIC friend std::ostream& operator<< (std::ostream& s, const VerifyResult& h);
661 };
662
663 TrustList();
664 TrustList(TrustList&& o) noexcept : trust(std::move(o.trust)) {
665 o.trust = nullptr;
666 }
667 TrustList& operator=(TrustList&& o) noexcept;
668 ~TrustList();
669 void add(const Certificate& crt);
670 void add(const RevocationList& crl);
671 void remove(const Certificate& crt, bool parents = true);
672 VerifyResult verify(const Certificate& crt) const;
673
674private:
675 TrustList(const TrustList& o) = delete;
676 TrustList& operator=(const TrustList& o) = delete;
677 gnutls_x509_trust_list_t trust {nullptr};
678};
679
687OPENDHT_PUBLIC Identity generateIdentity(const std::string& name, const Identity& ca, unsigned key_length, bool is_ca);
688OPENDHT_PUBLIC Identity generateIdentity(const std::string& name = "dhtnode", const Identity& ca = {}, unsigned key_length = 4096);
689
690OPENDHT_PUBLIC Identity generateEcIdentity(const std::string& name, const Identity& ca, bool is_ca);
691OPENDHT_PUBLIC Identity generateEcIdentity(const std::string& name = "dhtnode", const Identity& ca = {});
692
693OPENDHT_PUBLIC void saveIdentity(const Identity& id, const std::string& path, const std::string& privkey_password = {});
694OPENDHT_PUBLIC Identity loadIdentity(const std::string &path,const std::string &privkey_password = {});
695
704OPENDHT_PUBLIC Blob hash(const Blob& data, size_t hash_length = 512/8);
705
706OPENDHT_PUBLIC void hash(const uint8_t* data, size_t data_length, uint8_t* hash, size_t hash_length);
707
715OPENDHT_PUBLIC Blob stretchKey(std::string_view password, Blob& salt, size_t key_length = 512/8);
716
720OPENDHT_PUBLIC Blob aesEncrypt(const uint8_t* data, size_t data_length, const Blob& key);
721OPENDHT_PUBLIC inline Blob aesEncrypt(const Blob& data, const Blob& key) {
722 return aesEncrypt(data.data(), data.size(), key);
723}
733OPENDHT_PUBLIC Blob aesEncrypt(const Blob& data, std::string_view password, const Blob& salt = {});
734
738OPENDHT_PUBLIC Blob aesDecrypt(const uint8_t* data, size_t data_length, const Blob& key);
739OPENDHT_PUBLIC inline Blob aesDecrypt(const Blob& data, const Blob& key) { return aesDecrypt(data.data(), data.size(), key); }
740OPENDHT_PUBLIC inline Blob aesDecrypt(std::string_view data, const Blob& key) { return aesDecrypt((uint8_t*)data.data(), data.size(), key); }
741
742OPENDHT_PUBLIC Blob aesDecrypt(const uint8_t* data, size_t data_length, std::string_view password);
743OPENDHT_PUBLIC inline Blob aesDecrypt(const Blob& data, std::string_view password) { return aesDecrypt(data.data(), data.size(), password); }
744OPENDHT_PUBLIC inline Blob aesDecrypt(std::string_view data, std::string_view password) { return aesDecrypt((uint8_t*)data.data(), data.size(), password); }
745
749OPENDHT_PUBLIC Blob aesGetKey(const uint8_t* data, size_t data_length, std::string_view password);
750OPENDHT_PUBLIC Blob inline aesGetKey(const Blob& data, std::string_view password) {
751 return aesGetKey(data.data(), data.size(), password);
752}
754OPENDHT_PUBLIC Blob aesGetSalt(const uint8_t* data, size_t data_length);
755OPENDHT_PUBLIC Blob inline aesGetSalt(const Blob& data) {
756 return aesGetSalt(data.data(), data.size());
757}
759OPENDHT_PUBLIC std::string_view aesGetEncrypted(const uint8_t* data, size_t data_length);
760OPENDHT_PUBLIC std::string_view inline aesGetEncrypted(const Blob& data) {
761 return aesGetEncrypted(data.data(), data.size());
762}
763
769OPENDHT_PUBLIC Blob aesBuildEncrypted(const uint8_t* encryptedData, size_t data_length, const Blob& salt);
770OPENDHT_PUBLIC Blob inline aesBuildEncrypted(const Blob& encryptedData, const Blob& salt) {
771 return aesBuildEncrypted(encryptedData.data(), encryptedData.size(), salt);
772}
773OPENDHT_PUBLIC Blob inline aesBuildEncrypted(std::string_view encryptedData, const Blob& salt) {
774 return aesBuildEncrypted((const uint8_t*)encryptedData.data(), encryptedData.size(), salt);
775}
776
777}
778}
dht::crypto::RevocationList::getIssuerUID
std::string getIssuerUID() const
dht::crypto::RevocationList::sign
void sign(const PrivateKey &, const Certificate &, duration validity_period={})
dht::crypto::RevocationList::getIssuerName
std::string getIssuerName() const
dht::crypto::aesEncrypt
OPENDHT_PUBLIC Blob aesEncrypt(const uint8_t *data, size_t data_length, const Blob &key)
dht::crypto::hash
OPENDHT_PUBLIC Blob hash(const Blob &data, size_t hash_length=512/8)
dht::crypto::aesBuildEncrypted
OPENDHT_PUBLIC Blob aesBuildEncrypted(const uint8_t *encryptedData, size_t data_length, const Blob &salt)
dht::crypto::generateIdentity
OPENDHT_PUBLIC Identity generateIdentity(const std::string &name, const Identity &ca, unsigned key_length, bool is_ca)
dht::crypto::stretchKey
OPENDHT_PUBLIC Blob stretchKey(std::string_view password, Blob &salt, size_t key_length=512/8)
dht::crypto::aesGetEncrypted
OPENDHT_PUBLIC std::string_view aesGetEncrypted(const uint8_t *data, size_t data_length)
dht::crypto::aesGetKey
OPENDHT_PUBLIC Blob aesGetKey(const uint8_t *data, size_t data_length, std::string_view password)
dht::crypto::aesGetSalt
OPENDHT_PUBLIC Blob aesGetSalt(const uint8_t *data, size_t data_length)
dht::crypto::aesDecrypt
OPENDHT_PUBLIC Blob aesDecrypt(const uint8_t *data, size_t data_length, const Blob &key)
dht::Blob
std::vector< uint8_t > Blob
Definition utils.h:139
dht::crypto::Certificate::getIssuerUID
std::string getIssuerUID() const
dht::crypto::Certificate::Certificate
Certificate(const std::vector< std::pair< Iterator, Iterator > > &certs)
Definition crypto.h:424
dht::crypto::Certificate::unpack
void unpack(const Iterator &begin, const Iterator &end)
Definition crypto.h:448
dht::crypto::Certificate::setValidity
void setValidity(const Identity &ca, int64_t validity)
dht::crypto::Certificate::Certificate
Certificate(const Blob &crt)
dht::crypto::Certificate::revoke
void revoke(const PrivateKey &, const Certificate &)
dht::crypto::Certificate::getLongId
const PkId & getLongId() const
dht::crypto::Certificate::getId
const InfoHash & getId() const
dht::crypto::Certificate::Certificate
Certificate(const Iterator &begin, const Iterator &end)
Definition crypto.h:415
dht::crypto::Certificate::getIssuerDN
std::string getIssuerDN() const
dht::crypto::Certificate::getRevocationLists
std::vector< std::shared_ptr< RevocationList > > getRevocationLists() const
dht::crypto::Certificate::getIssuerName
std::string getIssuerName() const
dht::crypto::Certificate::getUID
std::string getUID() const
dht::crypto::Certificate::unpack
void unpack(const std::vector< std::pair< Iterator, Iterator > > &certs)
Definition crypto.h:475
dht::crypto::Certificate::toString
std::string toString(bool chain=true) const
dht::crypto::Certificate::getDN
std::string getDN() const
dht::crypto::Certificate::addRevocationList
void addRevocationList(RevocationList &&)
dht::crypto::Certificate::getName
std::string getName() const
dht::crypto::Certificate::getAltNames
std::vector< std::pair< NameType, std::string > > getAltNames() const
dht::crypto::Certificate::Certificate
Certificate(gnutls_x509_crt_t crt) noexcept
Definition crypto.h:392
dht::crypto::PrivateKey::sign
Blob sign(const uint8_t *data, size_t data_len) const
dht::crypto::PrivateKey::decrypt
Blob decrypt(const uint8_t *cypher, size_t cypher_len) const
dht::crypto::PrivateKey::PrivateKey
PrivateKey(gnutls_x509_privkey_t k)
dht::crypto::PrivateKey::generate
static PrivateKey generate(unsigned key_length=4096, gnutls_pk_algorithm_t algo=GNUTLS_PK_RSA)
dht::crypto::PublicKey::getId
const InfoHash & getId() const
dht::crypto::PublicKey::PublicKey
PublicKey(const uint8_t *dat, size_t dat_size)
dht::crypto::PublicKey::PublicKey
PublicKey(gnutls_pubkey_t k)
Definition crypto.h:85
dht::crypto::PublicKey::getLongId
const PkId & getLongId() const
Generated on for My Project by doxygen 1.14.0