Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
godotengine
GitHub Repository: godotengine/godot
 Path: blob/master/modules/mbedtls/crypto_mbedtls.h
10277 views
1
/**************************************************************************/

2
/*  crypto_mbedtls.h                                                      */

3
/**************************************************************************/

4
/*                         This file is part of:                          */

5
/*                             GODOT ENGINE                               */

6
/*                        https://godotengine.org                         */

7
/**************************************************************************/

8
/* Copyright (c) 2014-present Godot Engine contributors (see AUTHORS.md). */

9
/* Copyright (c) 2007-2014 Juan Linietsky, Ariel Manzur.                  */

10
/*                                                                        */

11
/* Permission is hereby granted, free of charge, to any person obtaining  */

12
/* a copy of this software and associated documentation files (the        */

13
/* "Software"), to deal in the Software without restriction, including    */

14
/* without limitation the rights to use, copy, modify, merge, publish,    */

15
/* distribute, sublicense, and/or sell copies of the Software, and to     */

16
/* permit persons to whom the Software is furnished to do so, subject to  */

17
/* the following conditions:                                              */

18
/*                                                                        */

19
/* The above copyright notice and this permission notice shall be         */

20
/* included in all copies or substantial portions of the Software.        */

21
/*                                                                        */

22
/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,        */

23
/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF     */

24
/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. */

25
/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY   */

26
/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,   */

27
/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE      */

28
/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.                 */

29
/**************************************************************************/

30


31
#pragma once

32


33
#include "core/crypto/crypto.h"

34


35
#include <mbedtls/ctr_drbg.h>

36
#include <mbedtls/entropy.h>

37
#include <mbedtls/ssl.h>

38


39
class CryptoMbedTLS;

40
class TLSContextMbedTLS;

41
class CryptoKeyMbedTLS : public CryptoKey {

42
	GDSOFTCLASS(CryptoKeyMbedTLS, CryptoKey);

43


44
private:

45
	mbedtls_pk_context pkey;

46
	int locks = 0;

47
	bool public_only = true;

48


49
	int _parse_key(const uint8_t *p_buf, int p_size);

50


51
public:

52
	static CryptoKey *create(bool p_notify_postinitialize = true);

53
	static void make_default() { CryptoKey::_create = create; }

54
	static void finalize() { CryptoKey::_create = nullptr; }

55


56
	Error load(const String &p_path, bool p_public_only) override;

57
	Error save(const String &p_path, bool p_public_only) override;

58
	String save_to_string(bool p_public_only) override;

59
	Error load_from_string(const String &p_string_key, bool p_public_only) override;

60
	bool is_public_only() const override { return public_only; }

61


62
	CryptoKeyMbedTLS() {

63
		mbedtls_pk_init(&pkey);

64
		locks = 0;

65
	}

66
	~CryptoKeyMbedTLS() override {

67
		mbedtls_pk_free(&pkey);

68
	}

69


70
	_FORCE_INLINE_ void lock() { locks++; }

71
	_FORCE_INLINE_ void unlock() { locks--; }

72


73
	friend class CryptoMbedTLS;

74
	friend class TLSContextMbedTLS;

75
};

76


77
class X509CertificateMbedTLS : public X509Certificate {

78
	GDSOFTCLASS(X509CertificateMbedTLS, X509Certificate);

79


80
private:

81
	mbedtls_x509_crt cert;

82
	int locks;

83


84
public:

85
	static X509Certificate *create(bool p_notify_postinitialize = true);

86
	static void make_default() { X509Certificate::_create = create; }

87
	static void finalize() { X509Certificate::_create = nullptr; }

88


89
	Error load(const String &p_path) override;

90
	Error load_from_memory(const uint8_t *p_buffer, int p_len) override;

91
	Error save(const String &p_path) override;

92
	String save_to_string() override;

93
	Error load_from_string(const String &p_string_key) override;

94


95
	X509CertificateMbedTLS() {

96
		mbedtls_x509_crt_init(&cert);

97
		locks = 0;

98
	}

99
	~X509CertificateMbedTLS() override {

100
		mbedtls_x509_crt_free(&cert);

101
	}

102


103
	_FORCE_INLINE_ void lock() { locks++; }

104
	_FORCE_INLINE_ void unlock() { locks--; }

105


106
	friend class CryptoMbedTLS;

107
	friend class TLSContextMbedTLS;

108
};

109


110
class HMACContextMbedTLS : public HMACContext {

111
private:

112
	HashingContext::HashType hash_type;

113
	int hash_len = 0;

114
	void *ctx = nullptr;

115


116
public:

117
	static HMACContext *create(bool p_notify_postinitialize = true);

118
	static void make_default() { HMACContext::_create = create; }

119
	static void finalize() { HMACContext::_create = nullptr; }

120


121
	static bool is_md_type_allowed(mbedtls_md_type_t p_md_type);

122


123
	Error start(HashingContext::HashType p_hash_type, const PackedByteArray &p_key) override;

124
	Error update(const PackedByteArray &p_data) override;

125
	PackedByteArray finish() override;

126


127
	HMACContextMbedTLS() {}

128
	~HMACContextMbedTLS() override;

129
};

130


131
class CryptoMbedTLS : public Crypto {

132
private:

133
	mbedtls_entropy_context entropy;

134
	mbedtls_ctr_drbg_context ctr_drbg;

135
	static X509CertificateMbedTLS *default_certs;

136


137
public:

138
	static Crypto *create(bool p_notify_postinitialize = true);

139
	static void initialize_crypto();

140
	static void finalize_crypto();

141
	static X509CertificateMbedTLS *get_default_certificates();

142
	static void load_default_certificates(const String &p_path);

143
	static mbedtls_md_type_t md_type_from_hashtype(HashingContext::HashType p_hash_type, int &r_size);

144


145
	PackedByteArray generate_random_bytes(int p_bytes) override;

146
	Ref<CryptoKey> generate_rsa(int p_bytes) override;

147
	Ref<X509Certificate> generate_self_signed_certificate(Ref<CryptoKey> p_key, const String &p_issuer_name, const String &p_not_before, const String &p_not_after) override;

148
	Vector<uint8_t> sign(HashingContext::HashType p_hash_type, const Vector<uint8_t> &p_hash, Ref<CryptoKey> p_key) override;

149
	bool verify(HashingContext::HashType p_hash_type, const Vector<uint8_t> &p_hash, const Vector<uint8_t> &p_signature, Ref<CryptoKey> p_key) override;

150
	Vector<uint8_t> encrypt(Ref<CryptoKey> p_key, const Vector<uint8_t> &p_plaintext) override;

151
	Vector<uint8_t> decrypt(Ref<CryptoKey> p_key, const Vector<uint8_t> &p_ciphertext) override;

152


153
	CryptoMbedTLS();

154
	~CryptoMbedTLS() override;

155
};

156


157