1 files changed, 119 insertions, 0 deletions
diff --git a/task1/security.h b/task1/security.h
new file mode 100644
index 0000000..b85266c
--- /dev/null
+++ b/task1/security.h
@@ -0,0 +1,119 @@
+/**
+ * Wrapper for OpenSSL cryptographic functions.
+ * @author SE/Linux Team <se-linux@inso.tuwien.ac.at>
+ *
+ * NOTE: you need to link with -lcrypto when using this class!
+ */
+#ifndef _SECURITY_H
+#define _SECURITY_H
+#include <string>
+#include <vector>
+#include <exception>
+#include <Ice/Config.h> // For Ice::Byte
+//! Exception thrown by security class
+class SecurityException : public std::exception {
+        public:
+                //! Construtor.
+                //! @param what Error message.
+                SecurityException(const std::string& what);
+                //! Returns the error message
+                virtual const char *what() const throw() { return _what.c_str(); }
+                virtual ~SecurityException() throw() {}
+        private:
+                std::string _what;
+};
+//! Interface of the Security class.
+//! Use the instance() member to get the singleton instance.
+class Security {
+        public:
+    virtual ~Security()
+    {};
+                //! Definition of Byte, for compatibility with ICE.
+                typedef Ice::Byte Byte;
+                //! Vector (sequence) of Bytes.
+                typedef std::vector<Byte> ByteStream;
+                //! Returns the singleton Security instance.
+                static Security& instance();
+        
+                //! Encrypts binary data using envelope encryption (RSA + aes_256_cbc).
+                //! See the man page for EVP_SealInit(3SSL) for an explenation of envelope
+                //! ecnryption.
+                //! @param certificateFile Path to certificate in PEM format used for
+                //!     encryption.
+                //! @param data Data to encrypt.
+                //! @param iv Output parameter. Randoml initia vector for AES. 
+                //! @param ek Output parameter. Ramdom AES key encrypted with RSA.
+                //! @param output Output paramenter. Encrypted data.
+                //! @throws SecurityException on error.
+                virtual void encryptPublic(
+                        const std::string& certificateFile,
+                        const ByteStream& data,
+                        ByteStream& iv,
+                        ByteStream& ek,
+                        ByteStream& output
+                ) = 0;
+                //! Decrypts binary data using envelope encryption (RSA + aes_256_cbc)
+                //! See the man page for EVP_SealInit(3SSL) for an expenation of envelope
+                //! ecnryption.
+                //! @param privateKeyFile Path to private key in PEM format used for 
+                //!     decryption.
+                //! @param data Data to decrypt.
+                //! @param iv Initial vector for AES.
+                //! @param ek Key for AES encrypted with RSA.
+                //! @param output. Output parameter. Decrypted data.
+                //! @throws SecurityException on error.
+                virtual void decryptPrivate(
+                        const std::string& privateKeyFile,
+                        const ByteStream& data,
+                        const ByteStream& iv,
+                        const ByteStream& ek,
+                        ByteStream& output
+                ) = 0;
+                //! Signs binary data using SHA1 + RSA.
+                //! @param privateKeyFile Path to private key in PEM format used for
+                //!     encryption.
+                //! @param data Data to sign.
+                //! @param output Output parameter. The signature.
+                //! @throws SecurityException on error.
+                virtual void sign(
+                        const std::string& privateKeyFile,
+                        const ByteStream& data,
+                        ByteStream& output
+                ) = 0;
+                //! Verifies a signature using SHA1 + RSA.
+                //! @param certificateFile Path to certificate file in PEM format used for
+                //!     decryption.
+                //! @param data Data to verify.
+                //! @param signature Signature to verify.
+                //! @throws SecurityException On error or if the signature could not be verified.
+                virtual void verifySignature(
+                        const std::string& certificateFile,
+                        const ByteStream& data,
+                        const ByteStream& signature
+                ) = 0;
+                //! Returns the common name (CN) field of a certificate.
+                //! @param certificateFile Path to certificate in PEM format.
+                //! @throws SecurityException on error.
+                virtual std::string getCommonName(
+                        const std::string& certificateFile
+                ) = 0;
+        private:
+                static Security *_instance;
+};
+#endif

diff --git a/task1/security.h b/task1/security.h new file mode 100644 index 0000000..b85266c --- /dev/null +++ b/task1/security.h
@@ -0,0 +1,119 @@
	1	/**
	2	* Wrapper for OpenSSL cryptographic functions.
	3	* @author SE/Linux Team <se-linux@inso.tuwien.ac.at>
	4	*
	5	* NOTE: you need to link with -lcrypto when using this class!
	6	*/
	7
	8	#ifndef _SECURITY_H
	9	#define _SECURITY_H
	10
	11	#include <string>
	12	#include <vector>
	13	#include <exception>
	14
	15	#include <Ice/Config.h> // For Ice::Byte
	16
	17	//! Exception thrown by security class
	18	class SecurityException : public std::exception {
	19	public:
	20	//! Construtor.
	21	//! @param what Error message.
	22	SecurityException(const std::string& what);
	23	//! Returns the error message
	24	virtual const char *what() const throw() { return _what.c_str(); }
	25	virtual ~SecurityException() throw() {}
	26	private:
	27	std::string _what;
	28	};
	29
	30	//! Interface of the Security class.
	31	//! Use the instance() member to get the singleton instance.
	32	class Security {
	33
	34	public:
	35	virtual ~Security()
	36	{};
	37
	38	//! Definition of Byte, for compatibility with ICE.
	39	typedef Ice::Byte Byte;
	40
	41	//! Vector (sequence) of Bytes.
	42	typedef std::vector<Byte> ByteStream;
	43
	44	//! Returns the singleton Security instance.
	45	static Security& instance();
	46
	47	//! Encrypts binary data using envelope encryption (RSA + aes_256_cbc).
	48	//! See the man page for EVP_SealInit(3SSL) for an explenation of envelope
	49	//! ecnryption.
	50	//! @param certificateFile Path to certificate in PEM format used for
	51	//! encryption.
	52	//! @param data Data to encrypt.
	53	//! @param iv Output parameter. Randoml initia vector for AES.
	54	//! @param ek Output parameter. Ramdom AES key encrypted with RSA.
	55	//! @param output Output paramenter. Encrypted data.
	56	//! @throws SecurityException on error.
	57	virtual void encryptPublic(
	58	const std::string& certificateFile,
	59	const ByteStream& data,
	60	ByteStream& iv,
	61	ByteStream& ek,
	62	ByteStream& output
	63	) = 0;
	64
	65	//! Decrypts binary data using envelope encryption (RSA + aes_256_cbc)
	66	//! See the man page for EVP_SealInit(3SSL) for an expenation of envelope
	67	//! ecnryption.
	68	//! @param privateKeyFile Path to private key in PEM format used for
	69	//! decryption.
	70	//! @param data Data to decrypt.
	71	//! @param iv Initial vector for AES.
	72	//! @param ek Key for AES encrypted with RSA.
	73	//! @param output. Output parameter. Decrypted data.
	74	//! @throws SecurityException on error.
	75	virtual void decryptPrivate(
	76	const std::string& privateKeyFile,
	77	const ByteStream& data,
	78	const ByteStream& iv,
	79	const ByteStream& ek,
	80	ByteStream& output
	81	) = 0;
	82
	83	//! Signs binary data using SHA1 + RSA.
	84	//! @param privateKeyFile Path to private key in PEM format used for
	85	//! encryption.
	86	//! @param data Data to sign.
	87	//! @param output Output parameter. The signature.
	88	//! @throws SecurityException on error.
	89	virtual void sign(
	90	const std::string& privateKeyFile,
	91	const ByteStream& data,
	92	ByteStream& output
	93	) = 0;
	94
	95	//! Verifies a signature using SHA1 + RSA.
	96	//! @param certificateFile Path to certificate file in PEM format used for
	97	//! decryption.
	98	//! @param data Data to verify.
	99	//! @param signature Signature to verify.
	100	//! @throws SecurityException On error or if the signature could not be verified.
	101	virtual void verifySignature(
	102	const std::string& certificateFile,
	103	const ByteStream& data,
	104	const ByteStream& signature
	105	) = 0;
	106
	107	//! Returns the common name (CN) field of a certificate.
	108	//! @param certificateFile Path to certificate in PEM format.
	109	//! @throws SecurityException on error.
	110	virtual std::string getCommonName(
	111	const std::string& certificateFile
	112	) = 0;
	113
	114	private:
	115
	116	static Security *_instance;
	117	};
	118
	119	#endif