2 * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
16 #include <openssl/md5.h>
17 #include <openssl/rand.h>
18 #include <openssl/crypto.h>
19 #include <openssl/hmac.h>
20 #include <openssl/aes.h>
21 #include <openssl/err.h>
22 #include <openssl/sha.h>
24 #include <klay/filesystem.h>
25 #include <klay/audit/logger.h>
27 #include "key-generator.h"
29 #define PBKDF_DEFAULT_ITERATION 1000
30 #define AES_256_CBC_IV "01234567890123456"
31 #define AES_256_KEY_LEN 32
32 #define AES_BLOCK_LEN 16
36 KeyGenerator::KeyGenerator(int size) :
39 ::OpenSSL_add_all_algorithms();
42 KeyGenerator::~KeyGenerator()
46 const KeyGenerator::data KeyGenerator::PBKDF(const KeyGenerator::data& pass, const KeyGenerator::data& salt)
49 std::string strPass(pass.begin(), pass.end());
50 std::string strSalt(salt.begin(), salt.end());
52 ::PKCS5_PBKDF2_HMAC((char*)strPass.c_str(), strPass.size(),
53 (unsigned char*)strSalt.c_str(), strSalt.size(), PBKDF_DEFAULT_ITERATION,
54 EVP_sha256(), keySize, reinterpret_cast<unsigned char*>(ret.data()));
59 const KeyGenerator::data KeyGenerator::AESEncrypt(const KeyGenerator::data& key, const KeyGenerator::data& in)
62 std::string strKey(key.begin(), key.end());
63 std::string strIn(in.begin(), in.end());
67 //if ((strKey.size() != AES_256_KEY_LEN) || (strIn.size() % AES_BLOCK_LEN != 0))
69 ctx = ::EVP_CIPHER_CTX_new();
71 ::EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, (unsigned char*)strKey.c_str(), (unsigned char*)AES_256_CBC_IV);
73 ::EVP_CIPHER_CTX_set_padding(ctx, 0);
74 ::EVP_EncryptUpdate(ctx, reinterpret_cast<unsigned char*>(ret.data()), &len, (unsigned char*)strIn.c_str(), strIn.size());
77 ::EVP_EncryptFinal_ex(ctx, &ret[len], &len);
80 ::EVP_CIPHER_CTX_free(ctx);
85 const KeyGenerator::data KeyGenerator::AESDecrypt(const KeyGenerator::data& key, const KeyGenerator::data& in)
88 std::string strKey(key.begin(), key.end());
89 std::string strIn(in.begin(), in.end());
94 //if ((strKey.size() != AES_256_KEY_LEN) || (strIn.size() % AES_BLOCK_LEN != 0))
96 ctx = ::EVP_CIPHER_CTX_new();
98 ::EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, (unsigned char*)strKey.c_str(), (unsigned char*)AES_256_CBC_IV);
99 ::EVP_CIPHER_CTX_set_padding(ctx, 0);
100 ::EVP_DecryptUpdate(ctx, reinterpret_cast<unsigned char*>(ret.data()), &len, (unsigned char*)strIn.c_str(), keySize);
104 ::EVP_DecryptFinal_ex(ctx, &ret[len], &len);
107 ::EVP_CIPHER_CTX_free(ctx);
112 const KeyGenerator::data KeyGenerator::HMAC(const KeyGenerator::data& original, const KeyGenerator::data& key)
114 data ret(keySize, 0);
117 std::string strOrigin(key.begin(), key.end());
118 std::string strKey(original.begin(), original.end());
121 ::HMAC(EVP_sha256(), (unsigned char*)strKey.c_str(), strKey.size(),
122 (unsigned char*)strOrigin.c_str(), strOrigin.size(),
123 reinterpret_cast<unsigned char*>(ret.data()), &md_len);
128 const KeyGenerator::data KeyGenerator::RNG()
132 ::RAND_bytes(reinterpret_cast<unsigned char*>(ret.data()), keySize);
137 const KeyGenerator::data KeyGenerator::MD5(const KeyGenerator::data& in)
139 data ret(MD5_DIGEST_LENGTH);
141 ::MD5((unsigned char*)in.data(), in.size(), (unsigned char*)ret.data());