dht::crypto Namespace Reference
Classes | |
| struct | Certificate |
| class | CertificateRequest |
| class | CryptoException |
| class | DecryptError |
| class | OcspRequest |
| class | OcspResponse |
| struct | PrivateKey |
| struct | PublicKey |
| class | RevocationList |
| class | secure_vector |
| struct | TrustList |
Typedefs | |
| using | Identity = std::pair<std::shared_ptr<PrivateKey>, std::shared_ptr<Certificate>> |
| using | SecureBlob = secure_vector<uint8_t> |
Enumerations | |
| enum class | NameType { UNKNOWN = 0 , RFC822 , DNS , URI , IP } |
Functions | |
| OPENDHT_PUBLIC Identity | generateIdentity (const std::string &name, const Identity &ca, unsigned key_length, bool is_ca) |
| OPENDHT_PUBLIC Identity | generateIdentity (const std::string &name="dhtnode", const Identity &ca={}, unsigned key_length=4096) |
| OPENDHT_PUBLIC Identity | generateEcIdentity (const std::string &name, const Identity &ca, bool is_ca) |
| OPENDHT_PUBLIC Identity | generateEcIdentity (const std::string &name="dhtnode", const Identity &ca={}) |
| OPENDHT_PUBLIC void | saveIdentity (const Identity &id, const std::string &path, const std::string &privkey_password={}) |
| OPENDHT_PUBLIC Identity | loadIdentity (const std::string &path, const std::string &privkey_password={}) |
| OPENDHT_PUBLIC Blob | hash (const Blob &data, size_t hash_length=512/8) |
| OPENDHT_PUBLIC void | hash (const uint8_t *data, size_t data_length, uint8_t *hash, size_t hash_length) |
| OPENDHT_PUBLIC Blob | stretchKey (std::string_view password, Blob &salt, size_t key_length=512/8) |
| OPENDHT_PUBLIC Blob | aesEncrypt (const uint8_t *data, size_t data_length, const Blob &key) |
| OPENDHT_PUBLIC Blob | aesEncrypt (const Blob &data, const Blob &key) |
| OPENDHT_PUBLIC Blob | aesEncrypt (const Blob &data, std::string_view password, const Blob &salt={}) |
| OPENDHT_PUBLIC Blob | aesDecrypt (const uint8_t *data, size_t data_length, const Blob &key) |
| OPENDHT_PUBLIC Blob | aesDecrypt (const Blob &data, const Blob &key) |
| OPENDHT_PUBLIC Blob | aesDecrypt (std::string_view data, const Blob &key) |
| OPENDHT_PUBLIC Blob | aesDecrypt (const uint8_t *data, size_t data_length, std::string_view password) |
| OPENDHT_PUBLIC Blob | aesDecrypt (const Blob &data, std::string_view password) |
| OPENDHT_PUBLIC Blob | aesDecrypt (std::string_view data, std::string_view password) |
| OPENDHT_PUBLIC Blob | aesGetKey (const uint8_t *data, size_t data_length, std::string_view password) |
| OPENDHT_PUBLIC Blob | aesGetKey (const Blob &data, std::string_view password) |
| OPENDHT_PUBLIC Blob | aesGetSalt (const uint8_t *data, size_t data_length) |
| OPENDHT_PUBLIC Blob | aesGetSalt (const Blob &data) |
| OPENDHT_PUBLIC std::string_view | aesGetEncrypted (const uint8_t *data, size_t data_length) |
| OPENDHT_PUBLIC std::string_view | aesGetEncrypted (const Blob &data) |
| OPENDHT_PUBLIC Blob | aesBuildEncrypted (const uint8_t *encryptedData, size_t data_length, const Blob &salt) |
| OPENDHT_PUBLIC Blob | aesBuildEncrypted (const Blob &encryptedData, const Blob &salt) |
| OPENDHT_PUBLIC Blob | aesBuildEncrypted (std::string_view encryptedData, const Blob &salt) |
| template<class T = std::mt19937, std::size_t N = T::state_size+1> | |
| auto | getSeededRandomEngine () -> typename std::enable_if<!!N, T >::type |
| template<class T = std::mt19937, std::size_t N = T::state_size+1> | |
| auto | getDerivedRandomEngine (T &source) -> typename std::enable_if<!!N, T >::type |
Detailed Description
Contains all crypto primitives
Typedef Documentation
◆ Identity
| using dht::crypto::Identity = std::pair<std::shared_ptr<PrivateKey>, std::shared_ptr<Certificate>> |
◆ SecureBlob
| using dht::crypto::SecureBlob = secure_vector<uint8_t> |
Definition at line 111 of file secure_vector.h.
Enumeration Type Documentation
◆ NameType
Function Documentation
◆ aesBuildEncrypted() [1/3]
◆ aesBuildEncrypted() [2/3]
| OPENDHT_PUBLIC Blob dht::crypto::aesBuildEncrypted | ( | const uint8_t * | encryptedData, |
| size_t | data_length, | ||
| const Blob & | salt ) |
Build an encrypted bundle that can be decrypted with aesDecrypt(data, password).
- Parameters
-
encryptedData result of aesEncrypt(data, key) or aesGetEncrypted salt should match the encryption key and password so that stretchKey(password, salk) == key. Can be obtained from an existing bundle with aesGetSalt.
◆ aesBuildEncrypted() [3/3]
◆ aesDecrypt() [1/5]
◆ aesDecrypt() [2/5]
◆ aesDecrypt() [3/5]
| OPENDHT_PUBLIC Blob dht::crypto::aesDecrypt | ( | const uint8_t * | data, |
| size_t | data_length, | ||
| const Blob & | key ) |
AES-GCM decryption.
◆ aesDecrypt() [4/5]
◆ aesDecrypt() [5/5]
|
inline |
◆ aesEncrypt() [1/3]
◆ aesEncrypt() [2/3]
| OPENDHT_PUBLIC Blob dht::crypto::aesEncrypt | ( | const Blob & | data, |
| std::string_view | password, | ||
| const Blob & | salt = {} ) |
AES-GCM encryption with argon2 key derivation. This function uses stretchKey to generate an AES key from the password and a random salt. The result is a bundle including the salt that can be decrypted with aesDecrypt(data, password). If needed, the salt or encrypted data can be individually extracted from the bundle with aesGetSalt and aesGetEncrypted.
- Parameters
-
data data to encrypt password password to encrypt the data with salt optional salt to use for key derivation. If not provided, a random salt will be generated.
◆ aesEncrypt() [3/3]
| OPENDHT_PUBLIC Blob dht::crypto::aesEncrypt | ( | const uint8_t * | data, |
| size_t | data_length, | ||
| const Blob & | key ) |
AES-GCM encryption. Key must be 128, 192 or 256 bits long (16, 24 or 32 bytes).
◆ aesGetEncrypted() [1/2]
|
inline |
◆ aesGetEncrypted() [2/2]
| OPENDHT_PUBLIC std::string_view dht::crypto::aesGetEncrypted | ( | const uint8_t * | data, |
| size_t | data_length ) |
Get the encrypted data (ciphertext) part of data password-encrypted with aesEncrypt(data, password)
◆ aesGetKey() [1/2]
◆ aesGetKey() [2/2]
| OPENDHT_PUBLIC Blob dht::crypto::aesGetKey | ( | const uint8_t * | data, |
| size_t | data_length, | ||
| std::string_view | password ) |
Get raw AES key from password and salt stored with the encrypted data.
◆ aesGetSalt() [1/2]
◆ aesGetSalt() [2/2]
| OPENDHT_PUBLIC Blob dht::crypto::aesGetSalt | ( | const uint8_t * | data, |
| size_t | data_length ) |
Get the salt part of data password-encrypted with aesEncrypt(data, password)
◆ generateIdentity()
| OPENDHT_PUBLIC Identity dht::crypto::generateIdentity | ( | const std::string & | name, |
| const Identity & | ca, | ||
| unsigned | key_length, | ||
| bool | is_ca ) |
Generate an RSA key pair (4096 bits) and a certificate.
- Parameters
-
name the name used in the generated certificate ca if set, the certificate authority that will sign the generated certificate. If not set, the generated certificate will be a self-signed CA. key_length stength of the generated private key (bits).
◆ getDerivedRandomEngine()
template<class T = std::mt19937, std::size_t N = T::state_size+1>
| auto dht::crypto::getDerivedRandomEngine | ( | T & | source | ) | -> typename std::enable_if<!!N, T>::type |
◆ getSeededRandomEngine()
template<class T = std::mt19937, std::size_t N = T::state_size+1>
| auto dht::crypto::getSeededRandomEngine | ( | ) | -> typename std::enable_if<!!N, T>::type |
◆ hash()
Performs SHA512, SHA256 or SHA1, depending on hash_length. Attempts to choose an hash function with output size of at least hash_length bytes, Current implementation will use SHA1 for hash_length up to 20 bytes, will use SHA256 for hash_length up to 32 bytes, will use SHA512 for hash_length of 33 bytes and more.
◆ stretchKey()
| OPENDHT_PUBLIC Blob dht::crypto::stretchKey | ( | std::string_view | password, |
| Blob & | salt, | ||
| size_t | key_length = 512/8 ) |
Generates an encryption key from a text password, making the key longer to bruteforce. The generated key also depends on a unique salt value of any size, that can be transmitted in clear, and will be generated if not provided (32 bytes).
Generated on for My Project by
1.14.0