AWS SDK for C++  1.9.129
AWS SDK for C++
CryptoImpl.h
Go to the documentation of this file.
1 
5 #pragma once
6 
12 #include <openssl/ossl_typ.h>
13 #include <openssl/evp.h>
14 #include <openssl/hmac.h>
15 #include <openssl/rand.h>
16 #include <atomic>
17 #include <mutex>
18 
19 namespace Aws
20 {
21  namespace Utils
22  {
23  namespace Crypto
24  {
25  namespace OpenSSL
26  {
28 
30 
32 
33  void locking_fn(int mode, int n, const char* file, int line);
34 
35  unsigned long id_fn();
36  }
37 
45  {
46  public:
48  { }
49 
51 
55  void GetBytes(unsigned char* buffer, size_t bufferSize) override;
56  };
57 
58  class MD5OpenSSLImpl : public Hash
59  {
60  public:
61 
63  { }
64 
65  virtual ~MD5OpenSSLImpl() = default;
66 
67  virtual HashResult Calculate(const Aws::String& str) override;
68 
69  virtual HashResult Calculate(Aws::IStream& stream) override;
70 
71  };
72 
73  class Sha1OpenSSLImpl : public Hash
74  {
75  public:
76 
78  virtual ~Sha1OpenSSLImpl() = default;
79 
80  virtual HashResult Calculate(const Aws::String& str) override;
81 
82  virtual HashResult Calculate(Aws::IStream& stream) override;
83  };
84 
85  class Sha256OpenSSLImpl : public Hash
86  {
87  public:
89  { }
90 
91  virtual ~Sha256OpenSSLImpl() = default;
92 
93  virtual HashResult Calculate(const Aws::String& str) override;
94 
95  virtual HashResult Calculate(Aws::IStream& stream) override;
96  };
97 
98  class Sha256HMACOpenSSLImpl : public HMAC
99  {
100  public:
101  virtual ~Sha256HMACOpenSSLImpl() = default;
102 
103  virtual HashResult Calculate(const ByteBuffer& toSign, const ByteBuffer& secret) override;
104  };
105 
110  {
111  public:
115  OpenSSLCipher(const CryptoBuffer& key, size_t ivSize, bool ctrMode = false);
116 
121  OpenSSLCipher(CryptoBuffer&& key, CryptoBuffer&& initializationVector,
122  CryptoBuffer&& tag = CryptoBuffer(0));
123 
128  OpenSSLCipher(const CryptoBuffer& key, const CryptoBuffer& initializationVector,
129  const CryptoBuffer& tag = CryptoBuffer(0));
130 
131  OpenSSLCipher(const OpenSSLCipher& other) = delete;
132 
133  OpenSSLCipher& operator=(const OpenSSLCipher& other) = delete;
134 
141 
147  OpenSSLCipher& operator=(OpenSSLCipher&& toMove) = default;
148 
149 
150  virtual ~OpenSSLCipher();
151 
157  CryptoBuffer EncryptBuffer(const CryptoBuffer& unEncryptedData) override;
158 
163 
169  CryptoBuffer DecryptBuffer(const CryptoBuffer& encryptedData) override;
170 
175 
176  void Reset() override;
177 
178  protected:
179  virtual size_t GetBlockSizeBytes() const = 0;
180  virtual size_t GetKeyLengthBits() const = 0;
181  bool CheckKeyAndIVLength(size_t expectedKeyLength, size_t expectedIVLength);
182 
183  EVP_CIPHER_CTX* m_encryptor_ctx;
184  EVP_CIPHER_CTX* m_decryptor_ctx;
185  private:
186  void Init();
187  void Cleanup();
188 
189  /* openssl has bug finalize decryption of an empty string */
190  bool m_emptyPlaintext;
191  };
192 
197  {
198  public:
203 
207  AES_CBC_Cipher_OpenSSL(CryptoBuffer&& key, CryptoBuffer&& initializationVector);
208 
212  AES_CBC_Cipher_OpenSSL(const CryptoBuffer& key, const CryptoBuffer& initializationVector);
213 
215 
217 
219 
220  void Reset() override;
221 
222  protected:
223  size_t GetBlockSizeBytes() const override;
224 
225  size_t GetKeyLengthBits() const override;
226 
227  private:
228  void InitCipher();
229 
230  static size_t BlockSizeBytes;
231  static size_t KeyLengthBits;
232  };
233 
238  {
239  public:
245 
249  AES_CTR_Cipher_OpenSSL(CryptoBuffer&& key, CryptoBuffer&& initializationVector);
250 
254  AES_CTR_Cipher_OpenSSL(const CryptoBuffer& key, const CryptoBuffer& initializationVector);
255 
257 
259 
261 
262  void Reset() override;
263 
264  protected:
265  size_t GetBlockSizeBytes() const override;
266 
267  size_t GetKeyLengthBits() const override;
268 
269  private:
270  void InitCipher();
271 
272  static size_t BlockSizeBytes;
273  static size_t KeyLengthBits;
274  };
275 
280  {
281  public:
286 
291 
297  AES_GCM_Cipher_OpenSSL(CryptoBuffer&& key, CryptoBuffer&& initializationVector,
298  CryptoBuffer&& tag = CryptoBuffer(0), CryptoBuffer&& aad = CryptoBuffer(0));
299 
305  AES_GCM_Cipher_OpenSSL(const CryptoBuffer& key, const CryptoBuffer& initializationVector,
306  const CryptoBuffer& tag = CryptoBuffer(0), const CryptoBuffer& aad = CryptoBuffer(0));
307 
309 
311 
313 
320 
321  void Reset() override;
322 
323  protected:
324  size_t GetBlockSizeBytes() const override;
325 
326  size_t GetKeyLengthBits() const override;
327 
328  size_t GetTagLengthBytes() const;
329 
330  private:
331  void InitCipher();
332 
333  CryptoBuffer m_aad;
334  static size_t BlockSizeBytes;
335  static size_t IVLengthBytes;
336  static size_t KeyLengthBits;
337  static size_t TagLengthBytes;
338  };
339 
345  {
346  public:
347 
352 
354 
356 
358 
361 
364 
365  void Reset() override;
366 
367  protected:
368  inline size_t GetBlockSizeBytes() const override { return BlockSizeBytes; }
369 
370  inline size_t GetKeyLengthBits() const override { return KeyLengthBits; }
371 
372  private:
373  void InitCipher();
374 
375  static size_t BlockSizeBytes;
376  static size_t KeyLengthBits;
377 
378  CryptoBuffer m_workingKeyBuffer;
379  };
380 
381  } // namespace Crypto
382  } // namespace Utils
383 } // namespace Aws
Aws::Utils::Crypto::AES_CTR_Cipher_OpenSSL::GetKeyLengthBits
size_t GetKeyLengthBits() const override
Aws::Utils::Crypto::AES_KeyWrap_Cipher_OpenSSL::AES_KeyWrap_Cipher_OpenSSL
AES_KeyWrap_Cipher_OpenSSL(const CryptoBuffer &key)
Aws::Utils::Crypto::OpenSSLCipher::OpenSSLCipher
OpenSSLCipher(OpenSSLCipher &&toMove)
Aws::Utils::Crypto::SecureRandomBytes
Definition: SecureRandom.h:21
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL::Reset
void Reset() override
Aws::Utils::Crypto::OpenSSLCipher::m_encryptor_ctx
EVP_CIPHER_CTX * m_encryptor_ctx
Definition: CryptoImpl.h:183
Cipher.h
Aws::Utils::Crypto::OpenSSLCipher::EncryptBuffer
CryptoBuffer EncryptBuffer(const CryptoBuffer &unEncryptedData) override
Aws::Utils::Crypto::AES_KeyWrap_Cipher_OpenSSL::GetBlockSizeBytes
size_t GetBlockSizeBytes() const override
Definition: CryptoImpl.h:368
Aws::Utils::Crypto::OpenSSLCipher::DecryptBuffer
CryptoBuffer DecryptBuffer(const CryptoBuffer &encryptedData) override
buffer
char * buffer
Definition: cJSON.h:174
Aws::Utils::Crypto::AES_CTR_Cipher_OpenSSL
Definition: CryptoImpl.h:238
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL::AES_GCM_Cipher_OpenSSL
AES_GCM_Cipher_OpenSSL(const CryptoBuffer &key)
Aws::Utils::Crypto::SecureRandomBytes_OpenSSLImpl::SecureRandomBytes_OpenSSLImpl
SecureRandomBytes_OpenSSLImpl()
Definition: CryptoImpl.h:47
Aws::Utils::Crypto::AES_CBC_Cipher_OpenSSL::AES_CBC_Cipher_OpenSSL
AES_CBC_Cipher_OpenSSL(const AES_CBC_Cipher_OpenSSL &other)=delete
Aws::Utils::Crypto::AES_CTR_Cipher_OpenSSL::GetBlockSizeBytes
size_t GetBlockSizeBytes() const override
Aws::Utils::Crypto::AES_KeyWrap_Cipher_OpenSSL::AES_KeyWrap_Cipher_OpenSSL
AES_KeyWrap_Cipher_OpenSSL(AES_KeyWrap_Cipher_OpenSSL &&)=default
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL::AES_GCM_Cipher_OpenSSL
AES_GCM_Cipher_OpenSSL(const CryptoBuffer &key, const CryptoBuffer &initializationVector, const CryptoBuffer &tag=CryptoBuffer(0), const CryptoBuffer &aad=CryptoBuffer(0))
Aws::Utils::Crypto::OpenSSLCipher::OpenSSLCipher
OpenSSLCipher(const CryptoBuffer &key, const CryptoBuffer &initializationVector, const CryptoBuffer &tag=CryptoBuffer(0))
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL::AES_GCM_Cipher_OpenSSL
AES_GCM_Cipher_OpenSSL(const CryptoBuffer &key, const CryptoBuffer *aad)
Aws::Utils::Crypto::MD5OpenSSLImpl
Definition: CryptoImpl.h:59
Aws::Utils::Crypto::AES_CBC_Cipher_OpenSSL::AES_CBC_Cipher_OpenSSL
AES_CBC_Cipher_OpenSSL(CryptoBuffer &&key, CryptoBuffer &&initializationVector)
Aws::Utils::Crypto::OpenSSL::id_fn
unsigned long id_fn()
Aws::Utils::Crypto::AES_CBC_Cipher_OpenSSL::AES_CBC_Cipher_OpenSSL
AES_CBC_Cipher_OpenSSL(AES_CBC_Cipher_OpenSSL &&toMove)=default
Aws::Utils::Crypto::Sha256OpenSSLImpl
Definition: CryptoImpl.h:86
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL::GetKeyLengthBits
size_t GetKeyLengthBits() const override
Aws::Utils::Crypto::OpenSSLCipher::FinalizeEncryption
CryptoBuffer FinalizeEncryption() override
Aws::Utils::Crypto::Hash
Definition: Hash.h:23
HMAC.h
GetTheLights.h
Aws::Utils::Crypto::AES_CTR_Cipher_OpenSSL::AES_CTR_Cipher_OpenSSL
AES_CTR_Cipher_OpenSSL(CryptoBuffer &&key, CryptoBuffer &&initializationVector)
Aws::IStream
std::basic_istream< char, std::char_traits< char > > IStream
Definition: AWSStreamFwd.h:20
Aws::Utils::Crypto::AES_CTR_Cipher_OpenSSL::AES_CTR_Cipher_OpenSSL
AES_CTR_Cipher_OpenSSL(const AES_CTR_Cipher_OpenSSL &other)=delete
Aws::Utils::Crypto::Sha1OpenSSLImpl::~Sha1OpenSSLImpl
virtual ~Sha1OpenSSLImpl()=default
Aws::Utils::Crypto::Sha1OpenSSLImpl::Sha1OpenSSLImpl
Sha1OpenSSLImpl()
Definition: CryptoImpl.h:77
Aws::Utils::Crypto::Sha256HMACOpenSSLImpl::Calculate
virtual HashResult Calculate(const ByteBuffer &toSign, const ByteBuffer &secret) override
Aws::Utils::Crypto::HMAC
Definition: HMAC.h:26
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL::AES_GCM_Cipher_OpenSSL
AES_GCM_Cipher_OpenSSL(CryptoBuffer &&key, CryptoBuffer &&initializationVector, CryptoBuffer &&tag=CryptoBuffer(0), CryptoBuffer &&aad=CryptoBuffer(0))
Aws::Utils::Crypto::AES_KeyWrap_Cipher_OpenSSL::Reset
void Reset() override
Aws::Utils::Crypto::SymmetricCipher
Definition: Cipher.h:28
Aws::Utils::Crypto::AES_CTR_Cipher_OpenSSL::operator=
AES_CTR_Cipher_OpenSSL & operator=(const AES_CTR_Cipher_OpenSSL &other)=delete
SecureRandom.h
Aws::Utils::Crypto::AES_KeyWrap_Cipher_OpenSSL::operator=
AES_KeyWrap_Cipher_OpenSSL & operator=(const AES_KeyWrap_Cipher_OpenSSL &)=delete
Aws::Utils::Crypto::OpenSSLCipher::~OpenSSLCipher
virtual ~OpenSSLCipher()
Aws::Utils::Crypto::OpenSSLCipher::FinalizeDecryption
CryptoBuffer FinalizeDecryption() override
Aws::Utils::Crypto::Sha256OpenSSLImpl::Sha256OpenSSLImpl
Sha256OpenSSLImpl()
Definition: CryptoImpl.h:88
Aws::Utils::Crypto::AES_KeyWrap_Cipher_OpenSSL::DecryptBuffer
CryptoBuffer DecryptBuffer(const CryptoBuffer &) override
Aws::Utils::Crypto::OpenSSL::init_static_state
void init_static_state()
Aws::Utils::Crypto::OpenSSLCipher::GetBlockSizeBytes
virtual size_t GetBlockSizeBytes() const =0
Aws::Utils::Crypto::Sha256OpenSSLImpl::Calculate
virtual HashResult Calculate(const Aws::String &str) override
Aws::Utils::Crypto::AES_KeyWrap_Cipher_OpenSSL::EncryptBuffer
CryptoBuffer EncryptBuffer(const CryptoBuffer &) override
Aws::Utils::Crypto::OpenSSLCipher::OpenSSLCipher
OpenSSLCipher(CryptoBuffer &&key, CryptoBuffer &&initializationVector, CryptoBuffer &&tag=CryptoBuffer(0))
Aws::Utils::Crypto::AES_CBC_Cipher_OpenSSL::Reset
void Reset() override
Aws::Utils::Crypto::AES_CBC_Cipher_OpenSSL::GetKeyLengthBits
size_t GetKeyLengthBits() const override
Aws::Utils::Crypto::AES_CBC_Cipher_OpenSSL::AES_CBC_Cipher_OpenSSL
AES_CBC_Cipher_OpenSSL(const CryptoBuffer &key)
Aws::Utils::Crypto::AES_CTR_Cipher_OpenSSL::AES_CTR_Cipher_OpenSSL
AES_CTR_Cipher_OpenSSL(const CryptoBuffer &key)
Aws::Utils::Crypto::OpenSSLCipher::Reset
void Reset() override
Aws::Utils::Crypto::MD5OpenSSLImpl::Calculate
virtual HashResult Calculate(const Aws::String &str) override
Aws::Utils::Crypto::AES_CBC_Cipher_OpenSSL::AES_CBC_Cipher_OpenSSL
AES_CBC_Cipher_OpenSSL(const CryptoBuffer &key, const CryptoBuffer &initializationVector)
Aws::Utils::GetTheLights
Definition: GetTheLights.h:26
Aws::Utils::Crypto::SecureRandomBytes_OpenSSLImpl::GetBytes
void GetBytes(unsigned char *buffer, size_t bufferSize) override
Aws::Utils::Crypto::OpenSSLCipher::OpenSSLCipher
OpenSSLCipher(const CryptoBuffer &key, size_t ivSize, bool ctrMode=false)
Aws::Utils::Crypto::Sha1OpenSSLImpl::Calculate
virtual HashResult Calculate(const Aws::String &str) override
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL::AES_GCM_Cipher_OpenSSL
AES_GCM_Cipher_OpenSSL(const AES_GCM_Cipher_OpenSSL &other)=delete
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL::operator=
AES_GCM_Cipher_OpenSSL & operator=(const AES_GCM_Cipher_OpenSSL &other)=delete
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL::GetTagLengthBytes
size_t GetTagLengthBytes() const
Aws::Utils::Crypto::Sha256OpenSSLImpl::Calculate
virtual HashResult Calculate(Aws::IStream &stream) override
Aws::Utils::Crypto::MD5OpenSSLImpl::Calculate
virtual HashResult Calculate(Aws::IStream &stream) override
Aws::Utils::Array< unsigned char >
Aws::Utils::Crypto::AES_KeyWrap_Cipher_OpenSSL::FinalizeEncryption
CryptoBuffer FinalizeEncryption() override
Aws::Utils::Crypto::Sha256OpenSSLImpl::~Sha256OpenSSLImpl
virtual ~Sha256OpenSSLImpl()=default
Aws::Utils::Crypto::OpenSSLCipher::operator=
OpenSSLCipher & operator=(OpenSSLCipher &&toMove)=default
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL::GetBlockSizeBytes
size_t GetBlockSizeBytes() const override
Aws::Utils::Crypto::AES_KeyWrap_Cipher_OpenSSL::AES_KeyWrap_Cipher_OpenSSL
AES_KeyWrap_Cipher_OpenSSL(const AES_KeyWrap_Cipher_OpenSSL &)=delete
Aws::Utils::Crypto::OpenSSL::cleanup_static_state
void cleanup_static_state()
Aws::Utils::Crypto::SecureRandomBytes_OpenSSLImpl::~SecureRandomBytes_OpenSSLImpl
~SecureRandomBytes_OpenSSLImpl()=default
Aws::Utils::Crypto::OpenSSLCipher::operator=
OpenSSLCipher & operator=(const OpenSSLCipher &other)=delete
Aws::Utils::Crypto::AES_CBC_Cipher_OpenSSL::operator=
AES_CBC_Cipher_OpenSSL & operator=(const AES_CBC_Cipher_OpenSSL &other)=delete
Aws::Utils::CryptoBuffer
Definition: Array.h:229
Aws::Utils::Crypto::OpenSSLCipher::m_decryptor_ctx
EVP_CIPHER_CTX * m_decryptor_ctx
Definition: CryptoImpl.h:184
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL::FinalizeEncryption
CryptoBuffer FinalizeEncryption() override
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL
Definition: CryptoImpl.h:280
Aws
Definition: AccessManagementClient.h:15
Aws::Utils::Crypto::OpenSSL::locking_fn
void locking_fn(int mode, int n, const char *file, int line)
Aws::Utils::Crypto::OpenSSLCipher::CheckKeyAndIVLength
bool CheckKeyAndIVLength(size_t expectedKeyLength, size_t expectedIVLength)
Aws::Utils::Crypto::OpenSSL::getTheLights
GetTheLights getTheLights
Aws::Utils::Crypto::AES_KeyWrap_Cipher_OpenSSL::GetKeyLengthBits
size_t GetKeyLengthBits() const override
Definition: CryptoImpl.h:370
Aws::Utils::Outcome
Definition: Outcome.h:26
Aws::Utils::Crypto::OpenSSLCipher
Definition: CryptoImpl.h:110
Aws::Utils::Crypto::SecureRandomBytes_OpenSSLImpl
Definition: CryptoImpl.h:45
Aws::Utils::Crypto::OpenSSLCipher::GetKeyLengthBits
virtual size_t GetKeyLengthBits() const =0
Aws::String
std::basic_string< char, std::char_traits< char >, Aws::Allocator< char > > String
Definition: AWSString.h:97
Aws::Utils::Crypto::AES_KeyWrap_Cipher_OpenSSL
Definition: CryptoImpl.h:345
Aws::Utils::Crypto::AES_CTR_Cipher_OpenSSL::Reset
void Reset() override
Aws::Utils::Crypto::Sha1OpenSSLImpl
Definition: CryptoImpl.h:74
Aws::Utils::Crypto::AES_GCM_Cipher_OpenSSL::AES_GCM_Cipher_OpenSSL
AES_GCM_Cipher_OpenSSL(AES_GCM_Cipher_OpenSSL &&toMove)=default
Aws::Utils::Crypto::AES_KeyWrap_Cipher_OpenSSL::FinalizeDecryption
CryptoBuffer FinalizeDecryption() override
Aws::Utils::Crypto::AES_CBC_Cipher_OpenSSL::GetBlockSizeBytes
size_t GetBlockSizeBytes() const override
Aws::Utils::Crypto::AES_CTR_Cipher_OpenSSL::AES_CTR_Cipher_OpenSSL
AES_CTR_Cipher_OpenSSL(const CryptoBuffer &key, const CryptoBuffer &initializationVector)
Aws::Utils::Crypto::MD5OpenSSLImpl::~MD5OpenSSLImpl
virtual ~MD5OpenSSLImpl()=default
Aws::Utils::Crypto::Sha256HMACOpenSSLImpl
Definition: CryptoImpl.h:99
Aws::Utils::Crypto::AES_CTR_Cipher_OpenSSL::AES_CTR_Cipher_OpenSSL
AES_CTR_Cipher_OpenSSL(AES_CTR_Cipher_OpenSSL &&toMove)=default
Aws::Utils::Crypto::AES_CBC_Cipher_OpenSSL
Definition: CryptoImpl.h:197
Aws::Utils::Crypto::OpenSSLCipher::OpenSSLCipher
OpenSSLCipher(const OpenSSLCipher &other)=delete
Aws::Utils::Crypto::Sha256HMACOpenSSLImpl::~Sha256HMACOpenSSLImpl
virtual ~Sha256HMACOpenSSLImpl()=default
Hash.h
Aws::Utils::Crypto::Sha1OpenSSLImpl::Calculate
virtual HashResult Calculate(Aws::IStream &stream) override
Aws::Utils::Crypto::MD5OpenSSLImpl::MD5OpenSSLImpl
MD5OpenSSLImpl()
Definition: CryptoImpl.h:62