#include <XrdCryptoLite_BFecb.hh>

Collaboration diagram for XrdCryptoLite_BFecb:

Public Member Functions
	XrdCryptoLite_BFecb (bool &aOK, const unsigned char *key=0, unsigned int keylen=0)
	~XrdCryptoLite_BFecb ()
void	Decrypt (const unsigned char in8, unsigned char out8)
void	Encrypt (const unsigned char in8, unsigned char out8)

Static Public Member Functions
static XrdCryptoLite_BFecb *	Instance (const unsigned char *key=0, unsigned int klen=0)

Detailed Description

Definition at line 46 of file XrdCryptoLite_BFecb.hh.

Constructor & Destructor Documentation

◆ XrdCryptoLite_BFecb()

XrdCryptoLite_BFecb::XrdCryptoLite_BFecb	(	bool &	aOK,
		const unsigned char *	key = 0,
		unsigned int	keylen = 0 )

Construct an ECB encryption/decryption object.

Parameters

aOK	Upon return must be true if all went well. It will be false otherwise and this object will not be safely usable.
key	Pointer to the encryption key which should be 128 bits. When null, a random 128 bit key is generated for use.
keylen	The length of the key in bytes if key is specified.

Note: When initializing a static pointer you may wish to use the Instance() method that automatically returns a null pointer on a failure.

Definition at line 42 of file XrdCryptoLite_BFecb.cc.

                    : decCTX(0), encCTX(0)
{
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
// With openssl v3 the blowfish cipher is only available via the "legacy"
// provider. Legacy is typically not enabled by default (but can be via
// openssl.cnf) so it is loaded here. Explicitly loading a provider will
// disable the automatic loading of the "default" one. The default might
// not have already been loaded, or standard algorithms might be available
// via another configured provider, such as FIPS. So an attempt is made to
// fetch a common default algorithm, possibly automaticlly loading the
// default provider. Afterwards the legacy provider is loaded.
//
   static struct loadProviders {
      loadProviders() {
         EVP_MD *mdp = EVP_MD_fetch(NULL, "SHA2-256", NULL);
         if (mdp) EVP_MD_free(mdp);
         // Load legacy provider into the default (NULL) library context
         (void) OSSL_PROVIDER_load(NULL, "legacy");
      }
   } lp;
#endif
 
// Handle auto generation of a random key
//
   unsigned char bfKey[16];
   if (!key || !keylen)
      {XrdOucUtils::Random(bfKey, sizeof(bfKey));
       key    = bfKey;
       keylen = sizeof(bfKey);
      }
 
// The legacy openssl EVP is rather outdated, cumbersome, non thread-safe,
// and badly documented. Unfortunately, it is the only one generally availabe
// on all platforms (modern versions like CryptoPP need manual installation).
// So, we need to construct a decryption context and an encryption context
// because the context can only do one type of action at a time and resetting
// the key when switching actions is CPU intensive. What a pain in the but!
//
   aOK = false;
   if (!(decCTX = EVP_CIPHER_CTX_new())) return;
   if (1 != EVP_DecryptInit_ex(decCTX, EVP_bf_ecb(), NULL, NULL, NULL)) return;
   EVP_CIPHER_CTX_set_padding(decCTX, 0);
   EVP_CIPHER_CTX_set_key_length(decCTX, keylen);
   if (1 != EVP_DecryptInit_ex(decCTX, NULL, NULL, key, NULL)) return;
 
   if (!(encCTX = EVP_CIPHER_CTX_new())) return;
   if (1 != EVP_EncryptInit_ex(encCTX, EVP_bf_ecb(), NULL, NULL, NULL)) return;
   EVP_CIPHER_CTX_set_padding(encCTX, 0);
   EVP_CIPHER_CTX_set_key_length(encCTX, keylen);
   if (1 != EVP_EncryptInit_ex(encCTX, NULL, NULL, key, NULL)) return;
   aOK = true;
}

References XrdOucUtils::Random().

Referenced by Instance().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ ~XrdCryptoLite_BFecb()

XrdCryptoLite_BFecb::~XrdCryptoLite_BFecb ( )

Definition at line 102 of file XrdCryptoLite_BFecb.cc.

{
   EVP_CIPHER_CTX_free(decCTX);
   EVP_CIPHER_CTX_free(encCTX);
}

Member Function Documentation

◆ Decrypt()

void XrdCryptoLite_BFecb::Decrypt	(	const unsigned char *	in8,
		unsigned char *	out8 )

Decrypt exactly one blowfish block of 8 bytes (64 bits)

Parameters

in8	Pointer to exactly 8 bytes of data to be decrypted.
out8	Pointer to a 8 bytes or more buffer to hold the result.

Definition at line 112 of file XrdCryptoLite_BFecb.cc.

{
   int dlen;
 
// Perform the action. Since we said padding is zero and the input must be
// 8 bytes, and we are using blowfish ECB when we decrypt the result will
// not be buffered but placed in the output buffer upon return.
//
   evpMutex.Lock();
   EVP_DecryptUpdate(decCTX, out8, &dlen, in8, 8);
   evpMutex.UnLock();
}

◆ Encrypt()

void XrdCryptoLite_BFecb::Encrypt	(	const unsigned char *	in8,
		unsigned char *	out8 )

Encrypt exactly one blowfish block of 8 bytes (64 bits)

Parameters

in8	Pointer to exactly 8 bytes of data to be encrypted.
out8	Pointer to a 8 bytes or more buffer to hold the result.

Definition at line 130 of file XrdCryptoLite_BFecb.cc.

{
   int dlen;
 
// Perform the action
//
// Perform the action. Since we said padding is zero and the input must be
// 8 bytes, and we are using blowfish ECB when we encrypt the result will
// not be buffered but placed in the output buffer upon return.
//
   evpMutex.Lock();
   EVP_EncryptUpdate(encCTX, out8, &dlen, in8, 8);
   evpMutex.UnLock();
}

◆ Instance()

XrdCryptoLite_BFecb * XrdCryptoLite_BFecb::Instance	(	const unsigned char *	key = 0,
		unsigned int	klen = 0 )

static

Return an instance of an ECB encryption/decryption object upon success.

Parameters

key	Pointer to the encryption key which should be 128 bits. When null, a random 128 bit key is generated for use.
keylen	The length of the key in bytes if key is specified.

Returns: A pointer to the crypto object or a null pointer upon failure.

Definition at line 150 of file XrdCryptoLite_BFecb.cc.

{
   XrdCryptoLite_BFecb* obj;
   bool isOK;
 
// Get an instance or return a nil pointer
//
   obj = new XrdCryptoLite_BFecb(isOK, key, klen);
   if (!isOK) {delete obj; obj = 0;}
   return obj;
}

References XrdCryptoLite_BFecb().

Here is the call graph for this function:

The documentation for this class was generated from the following files:

	XRootD

Public Member Functions

Static Public Member Functions

Detailed Description

Constructor & Destructor Documentation

◆ XrdCryptoLite_BFecb()

◆ ~XrdCryptoLite_BFecb()

Member Function Documentation

◆ Decrypt()

◆ Encrypt()

◆ Instance()