1 /*
2 BAREOS® - Backup Archiving REcovery Open Sourced
3
4 Copyright (C) 2013-2013 Bareos GmbH & Co. KG
5
6 This program is Free Software; you can redistribute it and/or
7 modify it under the terms of version three of the GNU Affero General Public
8 License as published by the Free Software Foundation and included
9 in the file LICENSE.
10
11 This program is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Affero General Public License for more details.
15
16 You should have received a copy of the GNU Affero General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19 02110-1301, USA.
20 */
21 /*
22 * crypto_nss.c Encryption support functions when Mozilla NSS backend.
23 *
24 * Author: Marco van Wieringen <marco.van.wieringen@bareos.com>
25 */
26
27 #include "include/bareos.h"
28
29 #if defined(HAVE_NSS)
30
31 #if defined(HAVE_CRYPTO)
32
33 #include "jcr.h"
34 #include <assert.h>
35
36 /* Message Digest Structure */
37 struct Digest {
38 crypto_digest_t type;
39 JobControlRecord* jcr;
40 union {
41 SHA1_CTX sha1;
42 MD5_CTX md5;
43 };
44 };
45
46 /* Dummy Signature Structure */
47 struct Signature {
48 JobControlRecord* jcr;
49 };
50
crypto_digest_new(JobControlRecord * jcr,crypto_digest_t type)51 DIGEST* crypto_digest_new(JobControlRecord* jcr, crypto_digest_t type)
52 {
53 DIGEST* digest;
54
55 digest = (DIGEST*)malloc(sizeof(DIGEST));
56 digest->type = type;
57 digest->jcr = jcr;
58
59 switch (type) {
60 case CRYPTO_DIGEST_MD5:
61 MD5_Init(&digest->md5);
62 break;
63 case CRYPTO_DIGEST_SHA1:
64 SHA1Init(&digest->sha1);
65 break;
66 default:
67 Jmsg1(jcr, M_ERROR, 0, _("Unsupported digest type=%d specified\n"), type);
68 free(digest);
69 return NULL;
70 }
71
72 return (digest);
73 }
74
CryptoDigestUpdate(DIGEST * digest,const uint8_t * data,uint32_t length)75 bool CryptoDigestUpdate(DIGEST* digest, const uint8_t* data, uint32_t length)
76 {
77 switch (digest->type) {
78 case CRYPTO_DIGEST_MD5:
79 /* Doesn't return anything ... */
80 MD5_Update(&digest->md5, (unsigned char*)data, length);
81 return true;
82 case CRYPTO_DIGEST_SHA1:
83 /* Doesn't return anything ... */
84 SHA1Update(&digest->sha1, (const u_int8_t*)data, (unsigned int)length);
85 return true;
86 default:
87 return false;
88 }
89 }
90
CryptoDigestFinalize(DIGEST * digest,uint8_t * dest,uint32_t * length)91 bool CryptoDigestFinalize(DIGEST* digest, uint8_t* dest, uint32_t* length)
92 {
93 switch (digest->type) {
94 case CRYPTO_DIGEST_MD5:
95 /* Guard against programmer error by either the API client or
96 * an out-of-sync CRYPTO_DIGEST_MAX_SIZE */
97 assert(*length >= CRYPTO_DIGEST_MD5_SIZE);
98 *length = CRYPTO_DIGEST_MD5_SIZE;
99 /* Doesn't return anything ... */
100 MD5_Final((unsigned char*)dest, &digest->md5);
101 return true;
102 case CRYPTO_DIGEST_SHA1:
103 /* Guard against programmer error by either the API client or
104 * an out-of-sync CRYPTO_DIGEST_MAX_SIZE */
105 assert(*length >= CRYPTO_DIGEST_SHA1_SIZE);
106 *length = CRYPTO_DIGEST_SHA1_SIZE;
107 SHA1Final((u_int8_t*)dest, &digest->sha1);
108 return true;
109 default:
110 return false;
111 }
112
113 return false;
114 }
115
CryptoDigestFree(DIGEST * digest)116 void CryptoDigestFree(DIGEST* digest) { free(digest); }
117
crypto_sign_new(JobControlRecord * jcr)118 SIGNATURE* crypto_sign_new(JobControlRecord* jcr) { return NULL; }
119
CryptoSignGetDigest(SIGNATURE * sig,X509_KEYPAIR * keypair,crypto_digest_t & type,DIGEST ** digest)120 crypto_error_t CryptoSignGetDigest(SIGNATURE* sig,
121 X509_KEYPAIR* keypair,
122 crypto_digest_t& type,
123 DIGEST** digest)
124 {
125 return CRYPTO_ERROR_INTERNAL;
126 }
127
CryptoSignVerify(SIGNATURE * sig,X509_KEYPAIR * keypair,DIGEST * digest)128 crypto_error_t CryptoSignVerify(SIGNATURE* sig,
129 X509_KEYPAIR* keypair,
130 DIGEST* digest)
131 {
132 return CRYPTO_ERROR_INTERNAL;
133 }
134
CryptoSignAddSigner(SIGNATURE * sig,DIGEST * digest,X509_KEYPAIR * keypair)135 int CryptoSignAddSigner(SIGNATURE* sig, DIGEST* digest, X509_KEYPAIR* keypair)
136 {
137 return false;
138 }
139
CryptoSignEncode(SIGNATURE * sig,uint8_t * dest,uint32_t * length)140 int CryptoSignEncode(SIGNATURE* sig, uint8_t* dest, uint32_t* length)
141 {
142 return false;
143 }
144
crypto_sign_decode(JobControlRecord * jcr,const uint8_t * sigData,uint32_t length)145 SIGNATURE* crypto_sign_decode(JobControlRecord* jcr,
146 const uint8_t* sigData,
147 uint32_t length)
148 {
149 return NULL;
150 }
151
CryptoSignFree(SIGNATURE * sig)152 void CryptoSignFree(SIGNATURE* sig) {}
153
crypto_keypair_new(void)154 X509_KEYPAIR* crypto_keypair_new(void) { return NULL; }
155
crypto_keypair_dup(X509_KEYPAIR * keypair)156 X509_KEYPAIR* crypto_keypair_dup(X509_KEYPAIR* keypair) { return NULL; }
157
CryptoKeypairLoadCert(X509_KEYPAIR * keypair,const char * file)158 int CryptoKeypairLoadCert(X509_KEYPAIR* keypair, const char* file)
159 {
160 return false;
161 }
162
CryptoKeypairHasKey(const char * file)163 bool CryptoKeypairHasKey(const char* file) { return false; }
164
CryptoKeypairLoadKey(X509_KEYPAIR * keypair,const char * file,CRYPTO_PEM_PASSWD_CB * pem_callback,const void * pem_userdata)165 int CryptoKeypairLoadKey(X509_KEYPAIR* keypair,
166 const char* file,
167 CRYPTO_PEM_PASSWD_CB* pem_callback,
168 const void* pem_userdata)
169 {
170 return false;
171 }
172
CryptoKeypairFree(X509_KEYPAIR * keypair)173 void CryptoKeypairFree(X509_KEYPAIR* keypair) {}
174
crypto_session_new(crypto_cipher_t cipher,alist * pubkeys)175 CRYPTO_SESSION* crypto_session_new(crypto_cipher_t cipher, alist* pubkeys)
176 {
177 return NULL;
178 }
179
CryptoSessionFree(CRYPTO_SESSION * cs)180 void CryptoSessionFree(CRYPTO_SESSION* cs) {}
181
CryptoSessionEncode(CRYPTO_SESSION * cs,uint8_t * dest,uint32_t * length)182 bool CryptoSessionEncode(CRYPTO_SESSION* cs, uint8_t* dest, uint32_t* length)
183 {
184 return false;
185 }
186
CryptoSessionDecode(const uint8_t * data,uint32_t length,alist * keypairs,CRYPTO_SESSION ** session)187 crypto_error_t CryptoSessionDecode(const uint8_t* data,
188 uint32_t length,
189 alist* keypairs,
190 CRYPTO_SESSION** session)
191 {
192 return CRYPTO_ERROR_INTERNAL;
193 }
194
crypto_cipher_new(CRYPTO_SESSION * cs,bool encrypt,uint32_t * blocksize)195 CIPHER_CONTEXT* crypto_cipher_new(CRYPTO_SESSION* cs,
196 bool encrypt,
197 uint32_t* blocksize)
198 {
199 return NULL;
200 }
201
CryptoCipherUpdate(CIPHER_CONTEXT * cipher_ctx,const uint8_t * data,uint32_t length,const uint8_t * dest,uint32_t * written)202 bool CryptoCipherUpdate(CIPHER_CONTEXT* cipher_ctx,
203 const uint8_t* data,
204 uint32_t length,
205 const uint8_t* dest,
206 uint32_t* written)
207 {
208 return false;
209 }
210
CryptoCipherFinalize(CIPHER_CONTEXT * cipher_ctx,uint8_t * dest,uint32_t * written)211 bool CryptoCipherFinalize(CIPHER_CONTEXT* cipher_ctx,
212 uint8_t* dest,
213 uint32_t* written)
214 {
215 return false;
216 }
217
CryptoCipherFree(CIPHER_CONTEXT * cipher_ctx)218 void CryptoCipherFree(CIPHER_CONTEXT* cipher_ctx) {}
219
crypto_digest_name(DIGEST * digest)220 const char* crypto_digest_name(DIGEST* digest)
221 {
222 return crypto_digest_name(digest->type);
223 }
224 #endif /* HAVE_CRYPTO */
225
InitCrypto(void)226 int InitCrypto(void) { return 0; }
227
CleanupCrypto(void)228 int CleanupCrypto(void) { return 0; }
229 #endif /* HAVE_NSS */
230